ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-11-07 07:26:13 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

lint: 'check-vulnerabilities' follows package replacements.

Browse source 
* guix/scripts/lint.scm (check-vulnerabilities): Check the replacement
of PACKAGE.
* tests/lint.scm ("cve: patched vulnerability in replacement"): New test.
This commit is contained in:
Ludovic Courtès 2016-04-28 17:48:47 +02:00
parent 158f5734cf
commit 5c6a062d48
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
2 changed files with 21 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
guix/scripts/lint.scm
View file

@ -644,7 +644,8 @@ (define (check-vulnerabilities package)
(()
#t)
((vulnerabilities ...)
(let* ((patches (filter-map patch-file-name
(let* ((package (or (package-replacement package) package))
(patches (filter-map patch-file-name
(or (and=> (package-source package)
origin-patches)
'())))

19
tests/lint.scm
View file

@ -559,6 +559,25 @@ (define-syntax-rule (with-warnings body ...)
(patches
(list "/a/b/pi-CVE-2015-1234.patch"))))))))))
(test-assert "cve: patched vulnerability in replacement"
(mock ((guix scripts lint) package-vulnerabilities
(lambda (package)
(list (make-struct (@@ (guix cve) <vulnerability>) 0
"CVE-2015-1234"
(list (cons (package-name package)
(package-version package)))))))
(string-null?
(with-warnings
(check-vulnerabilities
(dummy-package
"pi" (version "3.14") (source (dummy-origin))
(replacement (dummy-package
"pi" (version "3.14")
(source
(dummy-origin
(patches
(list "/a/b/pi-CVE-2015-1234.patch"))))))))))))
(test-assert "formatting: lonely parentheses"
(string-contains
(with-warnings