Upgrade failing nvd-clojure-tool

See also: rm-hull/nvd-clojure#183
Basic-Data-Infrastructure · Feb 28, 2025 · d0d51ab · d0d51ab
1 parent a8cf7fb
commit d0d51ab
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/.github/workflows/dependency-vulnerabilities.yml b/.github/workflows/dependency-vulnerabilities.yml
@@ -33,7 +33,7 @@ jobs:
       run: .github/workflows/install-binaries.sh
 
     - name: Install NVD clojure
-      run: bin/clojure -Ttools install nvd-clojure/nvd-clojure '{:mvn/version "RELEASE"}' :as nvd
+      run: .github/workflows/install-nvd-clojure-tool.sh
 
     - name: Check that NVD Secret is set
       env:
@@ -44,4 +44,4 @@ jobs:
     - name: Check clojure dependencies with NVD
       env:
         NVD_API_TOKEN: ${{ secrets.NVD_API_TOKEN }}
-      run: bin/clojure -J-Dclojure.main.report=stderr -Sdeps '{:deps {org.owasp/dependency-check-maven {:mvn/version "10.0.2"}}}' -Tnvd nvd.task/check :config-filename '".nvd-config.edn"' :classpath "\"$(bin/clojure -Spath)\""
+      run: bin/clojure -J-Dclojure.main.report=stderr -Tnvd nvd.task/check :config-filename '".nvd-config.edn"' :classpath "\"$(bin/clojure -Spath)\""
diff --git a/.github/workflows/install-nvd-clojure-tool.sh b/.github/workflows/install-nvd-clojure-tool.sh
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+# SPDX-FileCopyrightText: 2024 Topsector Logistiek
+# SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl>
+# SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+set -ex
+
+# See also: https://github.com/rm-hull/nvd-clojure/pull/183
+NVD_CLOJURE_REPO=https://github.com/jomco/nvd-clojure.git
+NVD_CLOJURE_COMMIT=88b2150908fc42b5476ec5dddc7558457fa28d3e
+
+if clojure -Ttools show '{:tool nvd}' | grep -q $NVD_CLOJURE_COMMIT; then
+    :
+else
+    clojure -J-Dclojure.main.report=stderr \
+            -Ttools install \
+            nvd-clojure/nvd-clojure "{:git/url \"${NVD_CLOJURE_REPO}\" :git/sha \"${NVD_CLOJURE_COMMIT}\"}" :as nvd
+fi