Previously, test cases could fail if some process was listening
at a hard-coded port. This patch eliminates most of these potential
failures, by automatically assigning an unbound port. This should
allow for building multiple guix trees in parallel outside a build
container, though this is currently untested.
The test "home-page: Connection refused" in tests/lint.scm still
hardcodes port 9999, however.
* guix/tests/http.scm
(http-server-can-listen?): remove now unused procedure.
(%http-server-port): default to port 0, meaning the OS
will automatically choose a port.
(open-http-server-socket): remove the false statement claiming
this procedure is exported and also return the allocated port
number.
(%local-url): raise an error if the port is obviously unbound.
(call-with-http-server): set %http-server-port to the allocated
port while the thunk is called.
* tests/derivations.scm: adjust test cases to use automatically
assign a port. As there is no risk of a port conflict now,
do not make any tests conditional upon 'http-server-can-listen?'
anymore.
* tests/elpa.scm: likewise.
* tests/lint.scm: likewise, and add a TODO comment about a port
that is still hard-coded.
* tests/texlive.scm: likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This reverts commit b1248016e0, which was
a mistake: the two '%derivation-cache' are two different things. It
broke tests that use 'call-with-external-store'.
Fixes CVE-2021-24031 and CVE-2021-24032.
* gnu/packages/compression.scm (zstd-1.4.9): New variable.
* gnu/packages/compression.scm (zstd): Update to 1.4.9.
[replacement]: Graft with 'zstd-1.4.9'.
* gnu/packages/patches/cgal-security-pr-5371.patch: New patch. Downloaded from
<https://patch-diff.githubusercontent.com/raw/CGAL/cgal/pull/5371.patch>, with
hunks on files matching pattern "*Convex_decomposition_3*" removed because
they don't exist in cgal's released sources.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/graphics.scm (cgal): Update to 5.2.
[source]: Apply patch.
This means there's a module for working with substitutes, rather than all the
code sitting in the script. The need for this can be seen with the weather and
challenge scripts, that now don't have to use code from the substitute script,
but can instead use the substitute module.
The separation here between the actual functionality of the substitute script
and the underlying functionality used both there and elsewhere should make
maintenance easier moving forward.
This commit just moves code, none of the code should have been changed
significantly.
* guix/scripts/substitute.scm (%narinfo-cache-directory, %narinfo-ttl,
%narinfo-negative-ttl, %narinfo-transient-error-ttl, %unreachable-hosts): Move
variables to guix/substitutes.scm.
(narinfo-cache-file, cached-narinfo, cache-narinfo!, narinfo-request,
read-to-eof, call-with-connection-error-handling, fetch-narinfos,
lookup-narinfos, lookup-narinfos/diverse): Move procedures to
guix/substitutes.scm.
* guix/substitutes.scm: New file.
* Makefile.am: Add it.
* guix/narinfo.scm: Remove redundant module.
* guix/scripts/challenge.scm: Change (guix scripts substitute) to (guix
substitutes).
* guix/scripts/weather.scm: Change (guix scripts substitute) to (guix
substitutes).
Without the wrap phase, Audacity crashes like this when trying to use the "Open
file" dialog:
(audacity:28276): GLib-GIO-ERROR **: 14:14:55.211: Settings schema 'org.gtk.Settings.FileChooser' is not installed
* gnu/packages/audio.scm (audacity)[arguments]: Add (guix build
glib-or-gtk-build-system) to #:imported-modules. Adjust #:modules accordingly.
Add phases 'glib-or-gtk-wrap'.