This reverts commit b1248016e0, which was
a mistake: the two '%derivation-cache' are two different things. It
broke tests that use 'call-with-external-store'.
Fixes CVE-2021-24031 and CVE-2021-24032.
* gnu/packages/compression.scm (zstd-1.4.9): New variable.
* gnu/packages/compression.scm (zstd): Update to 1.4.9.
[replacement]: Graft with 'zstd-1.4.9'.
* gnu/packages/patches/cgal-security-pr-5371.patch: New patch. Downloaded from
<https://patch-diff.githubusercontent.com/raw/CGAL/cgal/pull/5371.patch>, with
hunks on files matching pattern "*Convex_decomposition_3*" removed because
they don't exist in cgal's released sources.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/graphics.scm (cgal): Update to 5.2.
[source]: Apply patch.
This means there's a module for working with substitutes, rather than all the
code sitting in the script. The need for this can be seen with the weather and
challenge scripts, that now don't have to use code from the substitute script,
but can instead use the substitute module.
The separation here between the actual functionality of the substitute script
and the underlying functionality used both there and elsewhere should make
maintenance easier moving forward.
This commit just moves code, none of the code should have been changed
significantly.
* guix/scripts/substitute.scm (%narinfo-cache-directory, %narinfo-ttl,
%narinfo-negative-ttl, %narinfo-transient-error-ttl, %unreachable-hosts): Move
variables to guix/substitutes.scm.
(narinfo-cache-file, cached-narinfo, cache-narinfo!, narinfo-request,
read-to-eof, call-with-connection-error-handling, fetch-narinfos,
lookup-narinfos, lookup-narinfos/diverse): Move procedures to
guix/substitutes.scm.
* guix/substitutes.scm: New file.
* Makefile.am: Add it.
* guix/narinfo.scm: Remove redundant module.
* guix/scripts/challenge.scm: Change (guix scripts substitute) to (guix
substitutes).
* guix/scripts/weather.scm: Change (guix scripts substitute) to (guix
substitutes).
Without the wrap phase, Audacity crashes like this when trying to use the "Open
file" dialog:
(audacity:28276): GLib-GIO-ERROR **: 14:14:55.211: Settings schema 'org.gtk.Settings.FileChooser' is not installed
* gnu/packages/audio.scm (audacity)[arguments]: Add (guix build
glib-or-gtk-build-system) to #:imported-modules. Adjust #:modules accordingly.
Add phases 'glib-or-gtk-wrap'.
Previously, transformations applied from a manifest (rather than via
"guix install") would be lost. This change fixes that and simplifies
things.
Reported by zimoun at
<https://lists.gnu.org/archive/html/guix-devel/2021-02/msg00153.html>.
* guix/profiles.scm (default-properties): New procedure.
(package->manifest-entry): Use it for #:properties.
* guix/scripts/pack.scm (guix-pack)[with-transformations]: Remove.
Remove caller.
* guix/scripts/package.scm (transaction-upgrade-entry): Remove calls to
'manifest-entry-with-transformations'.
* tests/guix-package.sh: Add test.
* tests/transformations.scm ("options->transformation + package->manifest-entry"):
New test.
* gnu/services/guix.scm (guix-build-coordinator-agent-dynamic-auth-with-file,
guix-build-coordinator-agent-dynamic-auth-with-filen?,
guix-build-coordinator-agent-dynamic-auth-with-file-agent-name,
guix-build-coordinator-agent-dynamic-auth-with-file-token-file): New procedures.
(guix-build-coordinator-agent-shepherd-services): Handle new dynamic auth with
file record.
* doc/guix.texi (Guix Build Coordinator): Document the new dynamic auth with
file record.
