Suggested by Ricardo Wurmus and Simon Tournier.
* guix/channels.scm (sexp->channel-introduction): New procedure.
(read-channel-metadata): Use it.
(profile-channels)[sexp->channel-introduction]: Remove.
* tests/channels.scm ("latest-channel-instances, authenticate dependency"):
New test.
* doc/guix.texi (Channels)[Declaring Channel Dependencies]: Augment example.
This fixes a style issue similar to that of
a18d02def9.
* tests/channels.scm ("authenticate-channel, .guix-authorizations"):
Change to 'test-equal' so that test failures are properly diagnosed.
* gnu/services.scm (channel->code): Include CHANNEL's introduction, if
any, unless CHANNEL is the singleton %DEFAULT-CHANNELS.
(channel->sexp): Add comment.
* guix/scripts/system.scm (sexp->channel): Change pattern to allow for
extensibility.
With this change, profiles created by 'guix pull' & co. include channel
introductions as part of the channel metadata of each manifest entry.
* guix/channels.scm (channel-instances->manifest)[instance->entry]: Add
'introduction' field when CHANNEL has an introduction.
(profile-channels)[sexp->channel-introduction]: New procedure.
Use it to initialize the 'introduction' field.
In the end signing the commit/key pair does not buy us much. Someone
publishing a valid but different commit/key pair would effectively be
publishing a different channel, which could be a fork (made by a former
authorized developer) or simply a mirror. In the latter case, there's
nothing to be gained by publishing a different commit/key pair.
* guix/channels.scm (<channel-introduction>)[signature]: Remove.
(make-channel-introduction): Adjust accordingly.
* guix/channels.scm (<channel-introduction>): Rename constructor to
'%make-channel-introduction'.
(make-channel-introduction): New procedure.
* tests/channels.scm ("authenticate-channel, wrong first commit signer")
("authenticate-channel, .guix-authorizations"): Use
'make-channel-introduction' without '@@' and without third argument.
* doc/guix.texi (Channels)[Channel Authentication, Specifying Channel
Authorizations]: New subsections.
Includes fixes for CVE-2020-12417, CVE-2020-12418, CVE-2020-12419,
CVE-2020-12420, and CVE-2020-12421.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes. Remove
code that deleted the Onion Browser Button extension, which is no longer
bundled upstream.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/admin.scm (solaar)[arguments]: Remove unnecessary custom ‘build’ phase.
Set PYTHONPATH earlier, before building.
Reported by Robin Templeton (terpri on #guix).
* gnu/packages/vim.scm (vim): Update to 8.2.1101. [arguments]: In
'patch-config-files patch more shell calls. Rename custom 'set-TZDIR
phase to 'set-environment-variables phase and also set TERM. Adjust
'skip-failing-tests to skip more tests.
Move the 3 lisp libraries that are not in lisp-xyz.scm with the others.
* gnu/packages/machine-learning.scm (sbcl-cl-libsvm-format, cl-libsvm-format,
ecl-cl-libsvm-format, sbcl-cl-online-learning, cl-online-learning,
ecl-cl-online-learning, sbcl-cl-random-forest, cl-random-forest,
ecl-cl-random-forest): Move to ...
* gnu/packages/lisp-xyz.scm (sbcl-cl-libsvm-format, cl-libsvm-format,
ecl-cl-libsvm-format, sbcl-cl-online-learning, cl-online-learning,
ecl-cl-online-learning, sbcl-cl-random-forest, cl-random-forest,
ecl-cl-random-forest): ... here.
This prevents a profile collision when installing the package.
* gnu/packages/dav.scm (vdirsyncer)[propagated-inputs]: Move
python-click-5 ...
[inputs]: ... to here.