dragnpkgs/pkgs/ghidra-xenia-v2/build.nix

{
  stdenv,
  fetchFromGitHub,
  lib,
  callPackage,
  gradle,
  makeBinaryWrapper,
  openjdk21,
  unzip,
  makeDesktopItem,
  copyDesktopItems,
  desktopToDarwinBundle,
  xcbuild,
  protobuf,
  ghidra-extensions,
  python3,
  python3Packages,
}:

let
  pname = "ghidra";
  version = "11.2";

  releaseName = "NIX";
  distroPrefix = "ghidra_${version}_${releaseName}";
  src = fetchFromGitHub {
    owner = "NationalSecurityAgency";
    repo = "Ghidra";
    rev = "Ghidra_${version}_build";
    hash = "sha256-iO6g3t8JNdc/wAC+JG+6Y7aZCq7T9zYQC3KKZcr+wzc=";
    # populate values that require us to use git. By doing this in postFetch we
    # can delete .git afterwards and maintain better reproducibility of the src.
    leaveDotGit = true;
    postFetch = ''
      cd "$out"
      git rev-parse HEAD > $out/COMMIT
      # 1970-Jan-01
      date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%b-%d" > $out/SOURCE_DATE_EPOCH
      # 19700101
      date -u -d "@$(git log -1 --pretty=%ct)" "+%Y%m%d" > $out/SOURCE_DATE_EPOCH_SHORT
      find "$out" -name .git -print0 | xargs -0 rm -rf
    '';
  };

  patches = [
    # Use our own protoc binary instead of the prebuilt one
    ./0001-Use-protobuf-gradle-plugin.patch

    # Override installation directory to allow loading extensions
    ./0002-Load-nix-extensions.patch

    # Remove build dates from output filenames for easier reference
    ./0003-Remove-build-datestamp.patch
  ];

  postPatch = ''
    # Set name of release (eg. PUBLIC, DEV, etc.)
    sed -i -e 's/application\.release\.name=.*/application.release.name=${releaseName}/' Ghidra/application.properties

    # Set build date and git revision
    echo "application.build.date=$(cat SOURCE_DATE_EPOCH)" >> Ghidra/application.properties
    echo "application.build.date.short=$(cat SOURCE_DATE_EPOCH_SHORT)" >> Ghidra/application.properties
    echo "application.revision.ghidra=$(cat COMMIT)" >> Ghidra/application.properties

    # Tells ghidra to use our own protoc binary instead of the prebuilt one.
    cat >>Ghidra/Debug/Debugger-gadp/build.gradle <<HERE
    protobuf {
      protoc {
        path = '${protobuf}/bin/protoc'
      }
    }
    HERE
  '';

in
stdenv.mkDerivation (finalAttrs: {
  inherit
    pname
    version
    src
    patches
    postPatch
    ;

  outputs = [ "out" "lib" "doc" ];

  # Don't create .orig files if the patch isn't an exact match.
  patchFlags = [
    "--no-backup-if-mismatch"
    "-p1"
  ];

  desktopItems = [
    (makeDesktopItem {
      name = "ghidra";
      exec = "ghidra";
      icon = "ghidra";
      desktopName = "Ghidra";
      genericName = "Ghidra Software Reverse Engineering Suite";
      categories = [ "Development" ];
      terminal = false;
      startupWMClass = "ghidra-Ghidra";
    })
  ];

  nativeBuildInputs =
    [
      gradle
      unzip
      makeBinaryWrapper
      copyDesktopItems
      protobuf
      python3
      python3Packages.pip
    ]
    ++ lib.optionals stdenv.hostPlatform.isDarwin [
      xcbuild
      desktopToDarwinBundle
    ];

  dontStrip = true;

  __darwinAllowLocalNetworking = true;

  mitmCache = gradle.fetchDeps {
    inherit pname;
    data = ./deps.json;
  };

  gradleFlags = [ "-Dorg.gradle.java.home=${openjdk21}" ];

  preBuild = ''
    export JAVA_TOOL_OPTIONS="-Duser.home=$NIX_BUILD_TOP/home"
    gradle -I gradle/support/fetchDependencies.gradle
  '';

  gradleBuildTask = "buildGhidra";

  installPhase = ''
    runHook preInstall

    mkdir -p "$lib/lib/ghidra" "$out/share/applications" "$doc/share/doc"

    ZIP=build/dist/$(ls build/dist)
    echo $ZIP
    unzip $ZIP -d "$lib/lib/ghidra"
    f=("$lib/lib/ghidra"/*)
    mv "$lib/lib/ghidra"/*/* "$lib/lib/ghidra"
    rmdir "''${f[@]}"
    mv "$lib/lib/ghidra/docs" "$doc/share/doc/ghidra"
    for path in server/svrREADME.html support/GhidraGo/ghidraGoREADME.html support/analyzeHeadlessREADME.html support/buildGhidraJarREADME.txt; do
      out_path="$(basename "$path")"
      mv "$lib/lib/ghidra/$path" "$doc/share/doc/ghidra/$out_path"
    done
    unzip "$doc/share/doc/ghidra/GhidraAPI_javadoc.zip" -d "$doc/share/doc/ghidra"
    rm "$doc/share/doc/ghidra/GhidraAPI_javadoc.zip"

    for f in Ghidra/Framework/Gui/src/main/resources/images/GhidraIcon*.png; do
      res=$(basename "$f" ".png" | cut -d"_" -f3 | cut -c11-)
      install -Dm444 "$f" "$out/share/icons/hicolor/''${res}x''${res}/apps/ghidra.png"
    done;
    # improved macOS icon support
    install -Dm444 Ghidra/Framework/Gui/src/main/resources/images/GhidraIcon64.png $out/share/icons/hicolor/32x32@2/apps/ghidra.png

    runHook postInstall
  '';

  postFixup =
    let
      javaArgs = [
        "-showversion"
        "-cp $lib/lib/ghidra/Ghidra/Framework/Utility/lib/Utility.jar"

        "-Djava.system.class.loader=ghidra.GhidraClassLoader"
        "-Xshare:off"

        "-Dfile.encoding=UTF8"
        "-Dpython.console.encoding=UTF-8"

        "-Duser.country=US"
        "-Duser.language=en"
        "-Duser.variant="

        "-Dsun.java2d.opengl=false"
        "-Dfont.size.override="

        "-Djdk.tls.client.protocols=TLSv1.2,TLSv1.3"

        "-Dcpu.core.limit="
        "-Dcpu.core.override="
      ] ++ (lib.optionals stdenv.hostPlatform.isDarwin [
        "-Xdock:name=$APPNAME"
        "-Declipse.filelock.disable=true"
        "-Dapple.laf.useScreenMenuBar=false"
        "-Dapple.awt.application.appearance=system"
      ]) ++ (lib.optionals stdenv.hostPlatform.isLinux [
        "-Dsun.java2d.pmoffscreen=false"
        "-Dsun.java2d.xrender=true"
        "-Dsun.java2d.uiScale=1"
        "-Dawt.useSystemAAFontSettings=on"
      ]);
    in ''
      mkdir -p "$out/bin"

      APPNAME=Ghidra
      makeWrapper "${openjdk21}/bin/java" "$out/bin/ghidra" \
        --set-default NIX_GHIDRAHOME "$lib/lib/ghidra/Ghidra" \
        --prefix PATH : ${lib.makeBinPath [ openjdk21 ]} \
        --add-flags "${lib.strings.concatStringsSep " " javaArgs}" \
        --add-flags "ghidra.Ghidra ghidra.GhidraRun"

      APPNAME=Ghidra-Headless
      makeWrapper "${openjdk21}/bin/java" "$out/bin/ghidra-analyzeHeadless" \
        --set-default NIX_GHIDRAHOME "$lib/lib/ghidra/Ghidra" \
        --prefix PATH : ${lib.makeBinPath [ openjdk21 ]} \
        --add-flags "${lib.strings.concatStringsSep " " javaArgs}" \
        --add-flags "-Xmx2G -XX:ParallelGCThreads=2 -XX:CICompilerCount=2" \
        --add-flags "ghidra.Ghidra ghidra.app.util.headless.AnalyzeHeadless"
    '';

  passthru = {
    inherit releaseName distroPrefix;
    inherit (ghidra-extensions.override { ghidra = finalAttrs.finalPackage; })
      buildGhidraExtension
      buildGhidraScripts
      ;

    withExtensions = callPackage ./with-extensions.nix { ghidra = finalAttrs.finalPackage; };
  };

  meta = with lib; {
    changelog = "https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_${finalAttrs.version}_build/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html";
    description = "Software reverse engineering (SRE) suite of tools";
    mainProgram = "ghidra";
    homepage = "https://ghidra-sre.org/";
    platforms = [
      "x86_64-linux"
      "aarch64-linux"
      "x86_64-darwin"
      "aarch64-darwin"
    ];
    sourceProvenance = with sourceTypes; [
      fromSource
      binaryBytecode # deps
    ];
    license = licenses.asl20;
    maintainers = with maintainers; [
      roblabla
      vringar
    ];
    broken = stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isx86_64;
  };
})