mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-26 22:38:07 -05:00
lint: cve: Catch host name lookup errors.
* guix/scripts/lint.scm (package-vulnerabilities): Catch 'getaddrinfo-error'.
This commit is contained in:
parent
7b78f359d1
commit
f888c0b120
1 changed files with 11 additions and 2 deletions
|
@ -1,7 +1,7 @@
|
||||||
;;; GNU Guix --- Functional package management for GNU
|
;;; GNU Guix --- Functional package management for GNU
|
||||||
;;; Copyright © 2014 Cyril Roelandt <tipecaml@gmail.com>
|
;;; Copyright © 2014 Cyril Roelandt <tipecaml@gmail.com>
|
||||||
;;; Copyright © 2014, 2015 Eric Bavier <bavier@member.fsf.org>
|
;;; Copyright © 2014, 2015 Eric Bavier <bavier@member.fsf.org>
|
||||||
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
|
;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||||
;;; Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org>
|
;;; Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org>
|
||||||
;;;
|
;;;
|
||||||
;;; This file is part of GNU Guix.
|
;;; This file is part of GNU Guix.
|
||||||
|
@ -593,7 +593,16 @@ (define (package-name->cpe-name name)
|
||||||
|
|
||||||
(define package-vulnerabilities
|
(define package-vulnerabilities
|
||||||
(let ((lookup (delay (vulnerabilities->lookup-proc
|
(let ((lookup (delay (vulnerabilities->lookup-proc
|
||||||
(current-vulnerabilities)))))
|
;; Catch networking errors to allow network-less
|
||||||
|
;; operation.
|
||||||
|
(catch 'getaddrinfo-error
|
||||||
|
(lambda ()
|
||||||
|
(current-vulnerabilities))
|
||||||
|
(lambda (key errcode)
|
||||||
|
(warn (_ "failed to lookup NIST host: ~a~%")
|
||||||
|
(gai-strerror errcode))
|
||||||
|
(warn (_ "assuming no CVE vulnerabilities~%"))
|
||||||
|
'()))))))
|
||||||
(lambda (package)
|
(lambda (package)
|
||||||
"Return a list of vulnerabilities affecting PACKAGE."
|
"Return a list of vulnerabilities affecting PACKAGE."
|
||||||
((force lookup)
|
((force lookup)
|
||||||
|
|
Loading…
Reference in a new issue