From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp0 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id qIOLBkPGR1+KQwAA0tVLHw
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 27 Aug 2020 14:42:11 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0 with LMTPS
	id MKMWAkPGR1/QUgAA1q6Kng
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 27 Aug 2020 14:42:11 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id C4A7E940538
	for <larch@yhetil.org>; Thu, 27 Aug 2020 14:42:10 +0000 (UTC)
Received: from localhost ([::1]:39138 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	id 1kBJ6P-0003c4-Or
	for larch@yhetil.org; Thu, 27 Aug 2020 10:42:09 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:37228)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1kBJ6J-0003bH-6X
 for guix-patches@gnu.org; Thu, 27 Aug 2020 10:42:03 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:60293)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1kBJ6I-0006HK-U5
 for guix-patches@gnu.org; Thu, 27 Aug 2020 10:42:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1kBJ6I-0006kl-RO
 for guix-patches@gnu.org; Thu, 27 Aug 2020 10:42:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#43072] [PATCH 2/2] gnu: Add python-safety.
Resent-From: Tanguy Le Carrour <tanguy@bioneland.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 27 Aug 2020 14:42:02 +0000
Resent-Message-ID: <handler.43072.B43072.159853929825912@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 43072
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 43072@debbugs.gnu.org
Cc: Tanguy Le Carrour <tanguy@bioneland.org>
Received: via spool by 43072-submit@debbugs.gnu.org id=B43072.159853929825912
 (code B ref 43072); Thu, 27 Aug 2020 14:42:02 +0000
Received: (at 43072) by debbugs.gnu.org; 27 Aug 2020 14:41:38 +0000
Received: from localhost ([127.0.0.1]:43603 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1kBJ5t-0006js-Of
 for submit@debbugs.gnu.org; Thu, 27 Aug 2020 10:41:37 -0400
Received: from relay10.mail.gandi.net ([217.70.178.230]:53355)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <tanguy@bioneland.org>) id 1kBJ5r-0006jQ-0o
 for 43072@debbugs.gnu.org; Thu, 27 Aug 2020 10:41:35 -0400
Received: from localhost.localdomain
 (static-176-185-184-238.axione.abo.bbox.fr [176.185.184.238])
 (Authenticated sender: tanguy@bioneland.org)
 by relay10.mail.gandi.net (Postfix) with ESMTPSA id 4DEFF240008;
 Thu, 27 Aug 2020 14:41:29 +0000 (UTC)
From: Tanguy Le Carrour <tanguy@bioneland.org>
Date: Thu, 27 Aug 2020 16:41:15 +0200
Message-Id: <20200827144115.19792-2-tanguy@bioneland.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20200827144115.19792-1-tanguy@bioneland.org>
References: <20200827144115.19792-1-tanguy@bioneland.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-Spam-Score: -1.7 (-)
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+larch=yhetil.org@gnu.org>
X-Scanner: scn0
Authentication-Results: aspmx1.migadu.com;
	dkim=none;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org
X-Spam-Score: 3.99
X-TUID: HYT5840XSyq7

* gnu/packages/python-xyz.scm (python-safety): New variable.
---
 gnu/packages/python-xyz.scm | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/gnu/packages/python-xyz.scm b/gnu/packages/python-xyz.scm
index 49156ce6ee..088c709983 100644
--- a/gnu/packages/python-xyz.scm
+++ b/gnu/packages/python-xyz.scm
@@ -21774,3 +21774,35 @@ dates in almost any string formats commonly found on web pages.")
     (description
       "A parser for Python dependency files.")
     (license license:expat)))
+
+(define-public python-safety
+  (package
+    (name "python-safety")
+    (version "1.9.0")
+    (source
+      (origin
+        (method url-fetch)
+        (uri (pypi-uri "safety" version))
+        (sha256
+          (base32
+            "1j801xsxfzavjbzhhc934awvnk1b7jc0qsw3jp3ys0241mlj1gr3"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'disable-tests
+           (lambda _
+             (substitute* "tests/test_safety.py"
+               ;; requires network
+               (("def test_check_live") "def _test_check_live"))
+             #t)))))
+    (propagated-inputs
+      `(("python-click" ,python-click)
+        ("python-dparse" ,python-dparse)
+        ("python-packaging" ,python-packaging)
+        ("python-requests" ,python-requests)))
+    (home-page "https://github.com/pyupio/safety")
+    (synopsis "Check installed dependencies for known vulnerabilities")
+    (description "Safety checks installed dependencies for known vulnerabilities.
+By default it uses the open Python vulnerability database Safety DB.")
+  (license license:expat)))
-- 
2.28.0