This fixes CVE-2020-15999, CVE-2020-16000, CVE-2020-16001, CVE-2020-16002, and
CVE-2020-16003.
* gnu/packages/chromium.scm (ungoogled-chromium): Update to
86.0.4240.111-0.c34a56d.
Fixes <https://bugs.gnu.org/39260>.
This uses the API of the yet-to-be-released Guile-Git 0.4.0. Using an
older version is still possible, but progress report is disabled.
* guix/git.scm (show-progress, make-default-fetch-options): New
procedures.
(clone*, update-cached-checkout): Use it instead of
'make-fetch-options'.
* guix/git.scm (auth-supported?): Remove.
(clone*): Inline code that was dependent on AUTH-SUPPORTED?.
(update-cached-checkout): Likewise.
(resolve-reference): Remove check for 'object-lookup-prefix' and use it
unconditionally.
(load-git-submodules): Remove.
(update-submodules): Use 'repository-submodules', 'submodule-lookup',
etc. unconditionally.
(update-cached-checkout): Use 'repository-close!' unconditionally.
* m4/guix.m4 (GUIX_CHECK_GUILE_GIT): New macro.
* configure.ac: Use it and error out when it fails.
* doc/guix.texi (Requirements): Bump to Guile-Git 0.3.0.
Since the Cookbook is built from the 'master' branch, it should point to
the manual from that same branch.
* doc/build.scm (guix-mono-node-indexes, guix-split-node-indexes): Link
to /manual/devel when %MANUAL is not "guix".
* gnu/packages/networking.scm (czmq)[phases]{patch-tests}: Disable the zarmour
self test. Harmonize comments. Drop the FIXME comment; it is for upstream,
not Guix.
Currently, if the postgresql package major version changes, this is going to
break the service upon upgrade, because PostgreSQL will reject the data files
from the differing major version of the service.
Because it's important to either keep running a particular major version, or
intentionally upgrade, I think the configuration would be better with no
default. I think this is also going to be helpful when trying to assist users
upgrading PostgreSQL.
* gnu/services/databases.scm (<postgresql-configuration>): Remove default for
postgresql.
(postgresql-service-type): Remove the default value.
* gnu/tests/databases.scm (%postgresql-os): Update accordingly.
* gnu/tests/guix.scm (%guix-data-service-os): Update accordingly.
* gnu/tests/monitoring.scm (%zabbix-os): Update accordingly.
* gnu/tests/web.scm (patchwork-os): Update accordingly.
* doc/guix.texi (PostgreSQL): Update accordingly.
So that it can be used, rather than postgresql. Because the major version of
the package is important, as it relates to the compatability with the data
files used by the service, it's useful to have a stable name to refer to a
package for version 10 of PostgreSQL.
* gnu/packages/databases.scm (postgresql-10): New variable.
Using the service type directly is a better approach, making it easier to
configure the service.
* gnu/services/databases.scm (postgresql-service): Deprecate this procedure.
* doc/guix.texi (PostgreSQL): Update the documentation for the use of (service
postgresql-service-type).
As I'm looking at removing the procedure, in favour of always using the
service type.
* gnu/tests/monitoring.scm (%zabbix-os): Use (service postgresql-service-type)
rather than (postgresql-service).
Includes fixes for CVE-2020-15683 and CVE-2020-15969.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.