-
-
Notifications
You must be signed in to change notification settings - Fork 12.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
burpsuite: 2023.7.2 -> 2023.10.2.4, add Professional Edition #251397
Conversation
This comment was marked as outdated.
This comment was marked as outdated.
@Arcayr I believe that Playwright has some kind of embedded browser to be used as well and is packaged in Nixpkgs but I'm pretty sure it's not the same case as Burpsuite (it's not an embeded browser inside a .jar)
But, it might be helpful to give some ideas maybe. |
The embedded browser works for me. Has ever since #210155 |
Weird, 3 systems here with none of them working. Do you mind showing the contents of your |
That helped me find the problem - it's actually in my personal overlay that I'm using to grab the Professional edition instead of the Community edition. The overlay is nuking the FHS environment's buildCommand. No changes needed on this side. I'll bump the version to the latest upstream and mark the PR as RFR. Thanks @buckley310. :) |
On my side, I'm on ArchLinux whether on X11 or Wayland, Burpsuite installed via nix (nix-build or nix-shell -p burpsuite) never launches, I always get an error at startup, says :
If you have any idea to what this could be related @Arcayr, I will try to reproduce under NixOS using Sway in a VM but I haven't had the time to experiment yet. |
@AkechiShiro I can't replicate this on either this package or the pending @buckley310 apologies for the ping, but as you're already across burp on nix, do you mind testing the above to confirm? |
I fear that you are right @Arcayr I'm not sure exactly how to go around debugging this kinda of issue, maybe the Java installed on Arch is conflicting with the one used by BurpSuite |
I gave this PR a test and it works well. I ran burp, launched the integrated browser, captured a bunch of traffic and tested some items in the repeater. |
Cheers buckley. Happy to let this go forward and be merged now if acceptable. |
nix discord recommended i roll this into this pr, so support for professional edition has been added as an argument: i tried other methods but many of them clobber the fhsenv that is created, and i didn't want to go too heavy on obscure substitutions. ultimately the only thing that changes is the jarfile. everything else is the same - license activation happens at first-runtime. confirmed that the argument swapping switches versions correctly on my install. would supersede #168414, which would need updating anyway. |
Following, the NixCon 2023, using |
This can be documented in the NixOS wiki, but I am not sure if it has any place in nixpkgs. More generally, this seems to hint at the fact more purity is necessary in the wrapper or there's a polluting external environment in the non-NixOS system. It is hardly actionable on our side unless the pollution in question can be isolated. |
I will see if there is a way I can find out what is polluting the pureness of the impure |
9f19a00
to
347b6bd
Compare
Bumps burpsuite from 2023.9.4 to 2023.10.1.1; the latest stable version.
9f19a00 contained invalid hashes due to an early adopter release also being published upstream. Result of 1 package built:
|
stepech revoked their maintainership in the last 48h (#255533). The latest push is a rebase on top of those changes with their maintainership removed. |
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: |
Dropped the (clean) merge commit. And did a name cleanup which required a rebase because the changes required were recently merged. |
Edition can be installed by overriding the 'proEdition' arg.
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/prs-already-reviewed/2617/1200 |
1 similar comment
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/prs-already-reviewed/2617/1200 |
|
@@ -22,20 +22,20 @@ let | |||
hash = product.hash; | |||
}; | |||
|
|||
pname = "burpsuite"; | |||
name = "burpsuite-${version}"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why does this version bump commit revert the pname/version change from an earlier commit in this PR?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i... don't know actually. both of my local copies have the 'correct' version. i guess i rebased wrong somehow? force pushing shortly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remedied in 6ce7f67.
Description of changes
Bump Burp Suite from 2023.7.2 to 2023.10.2.4, and adds the ability to install the Professional Edition of Burp Suite by overriding the
proEdition
argument totrue
.Some of upstream's URLs now redirect from the word "free" to "community". They have been amended as part of this update.
A list of upstream changes since the last version in nixpkgs, from https://portswigger.net/burp/releases:
Things done
sandbox = true
set innix.conf
? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)Result of
nixpkgs-review
run on x86_64-linux 11 package built: