In particular, silence the Guile-Git autoload warnings introduced by
c1940fde43.
* build-aux/build-self.scm (build-program): Wrap 'guix-derivation' call
in 'parameterize'.
This is a backport of Guile commit
076276c4f580368b4106316a77752d69c8f1494a.
* guix/build/download.scm (tls-wrap)[read!]: Wrap 'get-bytevector-n!'
call in 'catch' and handle 'error/premature-termination' GnuTLS errors.
In particular, this makes sure we don't add a trailing slash when the
user specified a 'release-monitoring-url' property for the
'generic-html' updater.
* guix/gnu-maintenance.scm (latest-html-release): When DIRECTORY is
empty, do not append it.
* gnu/packages/patches/busybox-CVE-2021-28831.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/busybox.scm (busybox): Apply it.
* gnu/packages/patches/ungoogled-chromium-system-opus.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 89.
(%chromium-version): Remove variable.
(%ungoogled-revision): Set to 89.0.4389.90-1.
(%ungoogled-origin): Conditionally set file name based on commit/tag.
(%guix-patches): Add the new file.
(libvpx/chromium): Update to 1.9.0-104-gb5d77a48d.
(ungoogled-chromium)[version]: Use %UNGOOGLED-REVISION.
[source]: Update hash.
[arguments]: Adjust #:configure-flags for build system changes. Don't build
with external WebRTC SSL library. Remove obsolete substitution.
[inputs]: Remove OPENSSL. Change from PIPEWIRE to PIPEWIRE-0.3.
For more context, see the discussion in <https://bugs.gnu.org/47111>.
* doc/contributing.texi (Commit Access): Add paragraph about removing
inactive committers.
Otherwise, the test crashes (not fails) when run in `guix environment --pure guix`.
Fixes <https://bugs.gnu.org/46445>.
* tests/store.scm (%shell): Fallback to "/bin/sh".
* gnu/packages/time.scm (countdown): New variable.
Also adds copyright, adds necessary module dependencies, and sorts them alphabetically.
Signed-off-by: Nicolas Goaziou <mail@nicolasgoaziou.fr>
This updates the 'guix' package so that it provides the fix
for <https://bugs.gnu.org/47229>.
* gnu/packages/package-management.scm (guix): Update to ec7fb66.
Fixes <https://bugs.gnu.org/47229>.
Reported by Nathan Nye of WhiteBeam Security.
* nix/libstore/build.cc (DerivationGoal::startBuilder): When 'useChroot'
is true, add "/top" to 'tmpDir'.
(DerivationGoal::deleteTmpDir): Adjust accordingly. When
'settings.keepFailed' is true, chown in two steps: first the "/top"
sub-directory, and then rename "/top" to its parent.
References:
https://sysctl-explorer.net/fs/protected_hardlinks/https://sysctl-explorer.net/fs/protected_symlinks/
* gnu/services/sysctl.scm (%default-sysctl-settings): New public variable.
(<sysctl-configuration>): Use %default-sysctl-settings as the default value.
* gnu/services/base.scm (%base-services): Add sysctl-service-type.
* doc/guix.texi (Miscellaneous Services): Document the new defaults.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/imagemagick.scm (imagemagick/fixed)[arguments]: Add
'fix-compat-cheat-rename-so phase to redirect old soname paths (expected
without grafting) to new sonames introduced by ImageMagick 6.9.12-0 and
later. These sonames are probably not forward compatible but most probably
backwards compatible so it should suffice until we remove the graft.
