From 11b7a304bf3b2ff9356ab784ec25719f5c3beddb Mon Sep 17 00:00:00 2001
From: Janez T <hey@dz0ny.dev>
Date: Tue, 3 Dec 2024 20:42:36 +0100
Subject: [PATCH] Enable nix-run command in devenv and update vendorHash in
 package.nix

---
 .gitignore       |  3 ++-
 .goreleaser.yaml | 37 ++++++++++++++++++++++---------------
 devenv.nix       |  8 ++++++++
 package.nix      |  2 +-
 4 files changed, 33 insertions(+), 17 deletions(-)

diff --git a/.gitignore b/.gitignore
index d712874..48e0f48 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,4 +13,5 @@ devenv.local.nix
 
 /target
 .DS_Store
-dist
\ No newline at end of file
+dist
+dist/
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 2fb22a7..b452000 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -1,35 +1,42 @@
-version: 2
-project_name: scorecard
-env:
-  - CGO_ENABLED=0
-  - COSIGN_YES=true
+# The lines below are called `modelines`. See `:help modeline`
+# Feel free to remove those if you don't want/need to use them.
+# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
+# vim: set ts=2 sw=2 tw=0 fo=cnqoj
+
+version: 1
+
 before:
   hooks:
-    - go mod download
-gomod:
-  proxy: true
+    - go mod tidy
 
 builds:
-  - main: .
-    binary: pareto
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
     goarch:
       - amd64
       - arm64
-    goos:
-      - linux
-      - darwin
     ldflags:
       - -s -w -X paretosecurity.com/auditor/shared.Version={{.Version}}
       - -trimpath
       - -tags=netgo
+
 archives:
   - builds: [pareto]
 
 nfpms:
   - vendor: niteo.co
     homepage: https://github.com/paretosecurity/pareto-linux
-    maintainer: NIteo
+    maintainer: Niteo
     description: Automatically audit your Linux machine for basic security hygiene.
     license: MIT
-    formats: [deb, rpm, apk]
+    formats: [deb, rpm]
     bindir: /usr/bin
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"
diff --git a/devenv.nix b/devenv.nix
index d4f45e2..5fccf0a 100644
--- a/devenv.nix
+++ b/devenv.nix
@@ -19,6 +19,7 @@ in {
     go mod verify
     go test ./...
     go build .
+    goreleaser check
   '';
 
   # https://devenv.sh/pre-commit-hooks/
@@ -27,6 +28,13 @@ in {
     gofmt.enable = true;
     golangci-lint.enable = true;
     govet.enable = true;
+    nix-run = {
+      name = "Verify package.nix hash";
+      enable = true;
+      pass_filenames = false;
+      files = "go.(mod|sum)$";
+      entry = "nix run .# -- --help";
+    };
   };
 
   # See full reference at https://devenv.sh/reference/options/
diff --git a/package.nix b/package.nix
index bad0009..8bae6e1 100644
--- a/package.nix
+++ b/package.nix
@@ -6,6 +6,6 @@ pkgs.buildGoModule rec {
   pname = "auditor";
   version = "${builtins.hashFile "sha256" "${toString ./go.sum}"}";
   src = ./.;
-  vendorHash = "sha256-g9dv0EaltGwdK9en1N2PEP0b+VzyCxK+Tu+TIXkkyBs";
+  vendorHash = "sha256-yItPRsonQNpVXSfvWIhsIVWVrLTAP40RdZCrdmjqydg=";
   subPackages = ["."];
 }