Add nix flake using pyproject.nix

owasp-dep-scan / dep-scan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

https://owasp.org/www-project-dep-scan/

MIT License

986 stars 97 forks source link

Add nix flake using pyproject.nix #277

Closed Quince-Pie closed 6 months ago

Quince-Pie commented 6 months ago

closes: #270

This should add a devshell for nix develop, and a buildable/runnable package using nix build or nix run

prabhu commented 6 months ago

@Quince-Pie This is superb! Could you kindly create another PR for release/5.x as well?

prabhu commented 5 months ago

@Quince-Pie Should we do anything to keep these updated? Like when I tried to set this up, it was downloading cdxgen 10.2.3 which is not the latest. Should we publish cdxgen separately?

Quince-Pie commented 5 months ago

@prabhu this is due to the flake.lock file which pins the dependencies to make it fully reproducible.

running nix flake update will update lock file to point to the latest nixpkgs, which should update cdxgen to the version that is present in the channel