diff --git a/guix/lint.scm b/guix/lint.scm index 697bd24a1e..24fbf05202 100644 --- a/guix/lint.scm +++ b/guix/lint.scm @@ -1029,8 +1029,11 @@ the NIST server non-fatal." (package-version package)))) ((force lookup) name version))))) -(define (check-vulnerabilities package) - "Check for known vulnerabilities for PACKAGE." +(define* (check-vulnerabilities package + #:optional (package-vulnerabilities + package-vulnerabilities)) + "Check for known vulnerabilities for PACKAGE. Obtain the list of +vulnerability records for PACKAGE by calling PACKAGE-VULNERABILITIES." (let ((package (or (package-replacement package) package))) (match (package-vulnerabilities package) (() diff --git a/tests/lint.scm b/tests/lint.scm index 3a9b539a24..4ce45b4a70 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013 Cyril Roelandt ;;; Copyright © 2014, 2015, 2016 Eric Bavier -;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès ;;; Copyright © 2015, 2016 Mathieu Lirzin ;;; Copyright © 2016 Hartmut Goebel ;;; Copyright © 2017 Alex Kost @@ -756,14 +756,16 @@ (test-equal "cve: one vulnerability" "probably vulnerable to CVE-2015-1234" - (mock ((guix lint) package-vulnerabilities + (let ((dummy-vulnerabilities (lambda (package) - (list (make-struct/no-tail (@@ (guix cve) ) - "CVE-2015-1234" - (list (cons (package-name package) - (package-version package))))))) - (single-lint-warning-message - (check-vulnerabilities (dummy-package "pi" (version "3.14")))))) + (list (make-struct/no-tail + (@@ (guix cve) ) + "CVE-2015-1234" + (list (cons (package-name package) + (package-version package)))))))) + (single-lint-warning-message + (check-vulnerabilities (dummy-package "pi" (version "3.14")) + dummy-vulnerabilities)))) (test-equal "cve: one patched vulnerability" '()