The previous recommendation, running ‘make authenticate’, was insecure
because it led users to run code from the very repository they want to
authenticate:
https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00252.html
* Makefile.am (commit_v1_0_0, channel_intro_commit)
(channel_intro_signer, GUIX_GIT_KEYRING, authenticate): Remove.
* Makefile.am (.git/hooks/%): New target, generalization of previous
‘.git/hooks/pre-push’ target.
(nodist_noinst_DATA): Add ‘.git/hooks/post-merge’.
* doc/contributing.texi (Building from Git): Suggest ‘guix git
authenticate’ instead of ‘make authenticate’.
* etc/git/post-merge: New file.
* etc/git/pre-push: Run ‘guix git authenticate’ instead of ‘make
authenticate’.
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Reported-by: Skyler Ferris <skyvine@protonmail.com>
Change-Id: Ia415aa8375013d0dd095e891116f6ce841d93efd
* doc/guix.texi (G-Expressions): Document the use of assume-valid-file-name with
local-file.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I132f78e198cbf3ba2e5a677d671563d753de534c
This commit allows for loading an OCI image tarball before running an
OCI backed Shepherd service. It does so by adding a one shot Shepherd
service to the dependencies of the OCI backed service that at boot runs
docker load on the tarball.
* gnu/services/docker.scm (oci-image): New record;
(lower-oci-image): new variable, lower it;
(string-or-oci-image?): sanitize it;
(oci-container-configuration)[image]: allow also for oci-image records;
(oci-container-shepherd-service): use it;
(%oci-image-loader): new variable.
Change-Id: Ie504f479ea0d47f74b0ec5df9085673ffd3f639d
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/docker.scm (exports): Add missing procedures;
(oci-container-service-type)[description]: Docker and OCI images should
mean the same thing;
(oci-container-configuration): clarify field types;
[extra-arguments]: new field;
(oci-sanitize-extra-arguments): sanitize it;
(oci-container-shepherd-service): use it.
* doc/guix.texi: Document it.
Change-Id: I64e9d82c8ae538d59d1c482f23070a880156ddf7
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes a bug with ‘guix shell -C …’ in cases where ‘getpwuid’
returns #f (for example because nscd isn’t running) and
‘user’ is #f.
* guix/scripts/environment.scm (launch-environment/container): Use
‘name’ when building the ‘directory’ value, not ‘user’ since it can be #f.
Change-Id: I5da807d982a1edbb4122ac29b5a1e5fc4b0ce1b7
This is a follow-up to 9901416233.
* gnu/packages/gnome.scm (gssdp-1.4)[arguments]: Override inherited
arguments to set the configure-flags specifically.
Change-Id: Ifbdaf278a402a26b344b6dcd7a5e3d4e22148561
* gnu/packages/accessibility.scm (libbraille)[arguments]: When building
with config as a native-input replace the config.guess and config.sub
files.
[native-inputs]: When building for aarch64-linux, powerpc64le-linux or
riscv64-linux add config.
Change-Id: I7e7953a2b91868fa3f2698d3cb82da134564c06b
* gnu/packages/gnome.scm (gtk-vnc)[native-inputs] Use gjs as an input on
architectures where it is supported.
Change-Id: I723f53be8e225732572ede81a03d712a946be528
* gnu/packages/gnome.scm (glade3)[inputs]: Use gjs as an input on
architectures where it is supported.
Change-Id: I6d6596045b7a3f0dc22207350b353fcd82961958
* gnu/packages/accessibility.scm (brltty)[native-inputs]: Only build
with icedtea on x86_64-linux, i686-linux and aarch64-linux.
Change-Id: I95e2cfa17c1f484677ad8f26e3a865eba83362dd
eog was removed because it required librsvg built with rust, but
gnome-shell also requires the same librsvg already, so there was no
reason to limit the architectures eog was installed on.
* gnu/packages/gnome.scm (gnome-meta-core-utilities)[propagated-inputs]:
Add eog unconditionally.
Change-Id: I333d1a712b1d04409f3deccc90aa5adb2a4fac1b
* gnu/packages/gnome.scm (gssdp)[arguments]: Adjust configure-flags to
only build the manpages when pandoc is an input.
[native-inputs]: Only add pandoc when on architectures where it is
supported.
Change-Id: I6e69833295fc19b311cdaf977b3b5cc7abc01589
* gnu/packages/ipfs.scm (kubo)
[inputs]: Remove go-golang-org-x-text. Add annotation for indirect
inputs where they are needed for.
Change-Id: I90eb26ab5d386a70f3581030ef4b3f9b35e05e88
* gnu/packages/cpp.scm (abseil-cpp)[arguments]: When building for
riscv64-linux adjust the configure-flags to link with latomic.
Change-Id: I12099d1a99b54f20f7ddbba2fbd495379a05476b
* gnu/packages/golang.scm (go-github-com-syndtr-goleveldb-leveldb): Move
from here ...
* gnu/packages/golang-xyz.scm: ... to here.
Change-Id: Ib457abe33612b371c33985c6b3b0e9372221e37d
* gnu/packages/golang.scm (go-github-com-go-task-slim-sprig): Move from
here ...
* gnu/packages/golang-xyz.scm: ... to here.
Change-Id: I540e4211e7e4006d654c7da40bba35e2bd577c78
Ludovic Courtès
Richard Sent
Giacomo Leidi
Guillaume Le Vaillant
Efraim Flashner
Sharlatan Hellseher
Timotej Lazar
Nicolas Graves via Guix-patches via
Tomas Volf
Artyom V. Poptsov
Andy Tai