* guix/scripts/lint.scm (check-vulnerabilities): Also check for CVEs
listed as mitigated in the package properties.
* tests/lint.scm ("cve: known safe from vulnerability"): New test.
Reported at <https://bugs.gnu.org/27943>
by Danny Milosavljevic <dannym@scratchpost.org>.
* guix/scripts/lint.scm (%distro-directory): New variable.
(check-patch-file-names): Add check for the file name length.
* tests/lint.scm ("patches: file name too long"): New test.
Fixes <https://bugs.gnu.org/29426>.
Reported by Adonay Felipe Nogueira <adfeno@hyperbola.info>.
* tests/syscalls.scm ("utmpx-entries"): Check the value
of (utmpx-entries entry) only for INIT_PROCESS, LOGIN_PROCESS, and
USER_PROCESS entries.
This is a follow-up to commit 40e89f5be6.
* tests/store.scm ("dead path can be explicitly collected"): Don't check
that (> freed 0).
* gnu/packages/package-management.scm (guix)[arguments]<#:phases>: Remove
workaround for the same problem.
This fixes a test failure exhibited by
fb17a89912 whereby assignments to 'out' in
guix-gc.sh would go to the 'out' environment variable, when it exists,
which in turn prevents garbage collection of $out.
* tests/guix-gc.sh: Add 'unset' invocations.
Suggested by Julien Lepiller and myglc2
at <https://lists.gnu.org/archive/html/guix-devel/2017-11/msg00106.html>.
* gnu.scm (%try-use-modules): New procedure.
(package-module-hint, service-module-hint): New procedures.
(try-use-modules): New macro.
(use-package-modules, use-service-modules, use-system-modules): Use it.
* tests/guix-system.sh: Test it.
This is most often the need for perl module dependencies.
* guix/import/cpan.scm (cpan-module->sexp): 'inputs -> 'propagated-inputs.
* tests/cpan.scm ("cpan->guix-package"): Adjust accordingly.
Fixes <https://bugs.gnu.org/28784>.
This mostly reverts 81a0f1cdf1, which
introduced a regression: revealed ports are *never* GC'd (contrary to
what Guile's manual suggests).
In addition to the revert, 'close-procedure' now explicitly swallows
EBADF errors when 'close-port' is called.
* guix/zlib.scm (close-procedure): New procedure.
(make-gzip-input-port)[gzfile]: Use 'fileno' instead of 'port->fdes'.
Use 'close-procedure' instead of 'gzclose'.
(make-gzip-output-port): Likewise.
* tests/zlib.scm ("compression/decompression pipe"): Use 'port-closed?'
to determine whether PARENT has been closed.
Suggested by Ricardo Wurmus.
Works around <https://bugs.gnu.org/28295>.
* guix/ui.scm (report-load-error): Add case for 'read-error'.
* tests/guix-system.sh: Test missing-closing-paren errors.
Fixes <https://bugs.gnu.org/28664>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.
* guix/scripts/publish.scm (bake-narinfo+nar): When COMPRESSION is
'none, write NAR instead of doing nothing.
(make-request-handler): Use 'render-nar/cached' for /nar URLs with no
compression.
* tests/publish.scm ("with cache", "with cache, uncompressed"): Adjust
expected result accordingly.
* gnu/system/uuid.scm (uuid=?): New procedure.
* tests/uuid.scm ("uuid=?"): New test.
* gnu/build/file-systems.scm (partition-uuid-predicate)
(luks-partition-uuid-predicate): Use it instead of 'bytevector=?'.
* gnu/system/uuid.scm (%fat32-uuid-rx): New variable.
(string->fat32-uuid): New procedure.
(%uuid-parsers): Add it.
* tests/uuid.scm ("uuid, FAT32, format preserved"): New test.
This is a followup to 9b336338cd.
* tests/file-systems.scm ("uuid"): Add call to 'uuid-bytevector'.
("uuid, syntax error"): Add 'dce to the expected form.
This allows substitutes to be downloaded from unauthorized servers, as
long as they advertise the same hash and references as one of the
authorized servers.
* guix/scripts/substitute.scm (assert-valid-narinfo): Remove.
(valid-narinfo?): Add #:verbose?. Handle each case of
'signature-case'.
(equivalent-narinfo?): New procedure.
(lookup-narinfos/diverse): Add 'authorized?' parameter and honor it.
[select-hit]: New procedure.
(lookup-narinfo): Add 'authorized?' parameter and pass it.
(process-query): Adjust callers accordingly.
(process-substitution): Remove call to 'assert-valid-narinfo'. Check
whether 'lookup-narinfo' returns true and call 'leave' if not.
* tests/substitute.scm (%main-substitute-directory)
(%alternate-substitute-directory): New variables.
(call-with-narinfo): Make 'narinfo-directory' a parameter. Call
'mkdir-p' to create it. Change unwind handler to check whether
CACHE-DIRECTORY exists before deleting it.
(with-narinfo*): New macro.
("substitute, no signature")
("substitute, invalid hash")
("substitute, unauthorized key"): Change expected error message to "no
valid substitute".
("substitute, unauthorized narinfo comes first")
("substitute, unsigned narinfo comes first")
("substitute, first narinfo is unsigned and has wrong hash")
("substitute, first narinfo is unsigned and has wrong refs")
("substitute, unsigned narinfo comes first")
("substitute, two invalid narinfos"): New tests.
* doc/guix.texi (Substitutes): Explain the new behavior.
* guix/scripts/substitute.scm (%cache-urls): Rename to...
(%default-substitute-urls): ... this.
(substitute-urls): New variable.
(guix-substitute): Use it instead of %CACHE-URLS.
* tests/substitute.scm: Likewise.
Fixes <http://bugs.gnu.org/28212>.
Reported by Leo Famulari <leo@famulari.name>.
* guix/build/graft.scm (replace-store-references): When I >= END, check
whether WRITTEN > END and call 'get-bytevector-n!' when it is.
* tests/grafts.scm (buffer-size): New variable.
("replace-store-references, <http://bugs.gnu.org/28212>"): New test.
* gnu/bootloader.scm (<bootloader-configuration>): Deprecate "device" field in
favor of "target" field. This is mostly a renaming but also a generalization
to support UEFI targets being paths to a mounted partition instead of a device
name.
* gnu/system/examples/bare-bones.tmpl:
* gnu/system/examples/desktop.tmpl:
* gnu/system/examples/lightweight-desktop.tmpl:
* gnu/system/examples/vm-image.tmpl:
* gnu/system/install.scm:
* gnu/tests.scm:
* gnu/tests/install.scm:
* gnu/tests/nfs.scm:
* tests/system.scm: Adapt all invocations of bootloader-configuration.
* guix/scripts/system.scm (perform-action): Rename device argument to
bootloader-target.
(process-action): Adapt caller.
* doc/guix.texi (Proceeding with the Installation):
* doc/guix.texi (Bootloader Configuration): Update documentation.
* guix/scripts/download.scm (guix-download): Treat the URL argument as a local
file path when it fails on 'string->uri'. Call 'fetch' with the processed
'uri' instead of the original URL argument.
* tests/guix-download.sh: Adjust accordingly.
Previously, (gexp-native-inputs #~#$@(list #~#+foo)) would return '().
This is a followup to 5b14a7902c.
* guix/gexp.scm (gexp-inputs)[add-reference-inputs]: In the list case,
remove 'if' around 'fold-right'. In 'map' lambda, always inherit N?.
* tests/gexp.scm ("gexp list splicing + ungexp-splicing"): New test.
* guix/build/syscalls.scm (network-interface-running?): New variable.
Export it.
* tests/syscalls.scm: Add test.
Co-authored-by: John Darrington <jmd@gnu.org>
Reported by Christopher Baines <mail@cbaines.net>
and Alex Kost <alezost@gmail.com>
at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00290.html>.
* guix/discovery.scm (scheme-files): When ENTRY is a symlink that
doesn't end in '.scm', call 'stat' and recurse if it points to a
directory.
* tests/discovery.scm ("scheme-modules recurses in symlinks to
directories"): New test.
Fixes <http://bugs.gnu.org/27262>.
Reported by Mark H Weaver <mhw@netris.org>.
* guix/scripts/package.scm (transaction-upgrade-entry): Check if ENTRY
matches 'manifest-transaction-removal-candidate?' and return TRANSACTION
if it does.
(process-actions): Move 'options->removable' from step 2 to step 1.
* guix/profiles.scm (manifest-transaction-removal-candidate?): New
procedure.
* tests/profiles.scm ("manifest-transaction-removal-candidate?"): New
test.
* nix/nix-daemon/guix-daemon.cc (DEFAULT_GUIX_PORT): New macro.
(listen_options): New variable.
(parse_opt): Push back '--listen' options to LISTEN_OPTIONS.
(open_unix_domain_socket, open_inet_socket)
(listening_sockets): New functions.
(main): Use it. Pass SOCKETS to 'run'.
* nix/nix-daemon/nix-daemon.cc (matchUser): Remove.
(SD_LISTEN_FDS_START): Remove.
(acceptConnection): New function.
(daemonLoop): Rewrite to take a vector of file descriptors, to select(2)
on them, and to call 'acceptConnection'.
(run): Change to take a vector of file descriptors.
* tests/guix-daemon.sh: Add test.
Reported by Efraim Flashner.
This is a followup to a654dc4bcf.
* guix/profiles.scm (profile-derivation): Add #:allow-collisions? and
honor it.
* guix/scripts/environment.scm (inputs->profile-derivation): Pass
#:allow-collisions? #f to 'profile-derivation'.
* tests/guix-environment.sh: Test "guix environment guix".
* guix/profiles.scm (<manifest-entry>)[parent]: New field.
(package->manifest-entry): Add #:parent parameter. Fill out the
'parent' field of <manifest-entry>; pass #:parent in recursive calls.
* guix/profiles.scm (sexp->manifest)[sexp->manifest-entry]: New
procedure. Use it for version 3.
* tests/profiles.scm ("manifest-entry-parent"): New procedure.
("read-manifest")[entry->sexp]: Add 'manifest-entry-parent' to the
result.
* guix/profiles.scm (package->manifest-entry): Turn DEPS into a list of
manifest entries.
(manifest->gexp)[entry->gexp]: Call 'entry->gexp' on DEPS.
Bump version to 3.
(sexp->manifest)[infer-dependency]: New procedure.
Use it for versions 1 and 2. Parse version 3.
(manifest-inputs)[entry->gexp]: New procedure.
Adjust to 'dependencies' being a list of <manifest-entry>.
* tests/profiles.scm ("packages->manifest, propagated inputs")
("read-manifest"): New fields.
This is a followup to d1e7ca2df8.
* tests/pypi.scm ("pypi->guix-package")
("pypi->guix-package, wheels"): Expect (pypi-uri "foo" version) for the
'uri' field.
Fixes a regression introduced in
d27cc3bfaa.
Reported by Ricardo Wurmus <rekado@elephly.net>.
* guix/discovery.scm (scheme-files): Catch 'scandir*' system errors.
Return '() and optionally raise a warning upon 'system-error'.
* tests/discovery.scm ("scheme-modules, non-existent directory"): New
test.