* guix/lzlib.scm (%compression-levels): Splice the rest of each element.
(dictionary-size+match-length-limit): New procedure.
(make-lzip-output-port, make-lzip-input-port/compressed): Use it.
* tests/lzlib.scm ("Bytevector of size relative to Lzip internal buffers (2 * dictionary)"):
Use 'dictionary-size+match-length-limit' instead of 'assoc-ref'.
Previously users would just see:
error: invalid field specifier
without source location or hints.
* guix/records.scm (expand): Add optional 'parent-form' parameter and
pass it to 'syntax-violation' when it is true.
(make-syntactic-constructor): Pass S as a third argument to
'report-invalid-field-specifier'.
* guix/ui.scm (report-load-error): For 'syntax-error', show SUBFORM or
FORM in the message.
* tests/records.scm ("define-record-type* & wrong field specifier"): Add
a 'subform' parameter and adjust test accordingly.
("define-record-type* & wrong field specifier, identifier"): New test.
* tests/guix-system.sh: Add test.
* guix/scripts/package.scm (transaction-upgrade-entry): Add 'store'
parameter and use it instead of (%store). Export.
* tests/packages.scm ("transaction-upgrade-entry, zero upgrades")
("transaction-upgrade-entry, one upgrade")
("transaction-upgrade-entry, superseded package"): Adjust accordingly.
* guix/import/cpan.scm (%metacpan-base-url): New variable.
(module->dist-name, cpan-fetch): Refer to it instead of the hard-coded URL.
* tests/cpan.scm ("cpan->guix-package"): Use 'with-http-server' instead
of 'mock'.
* guix/import/cpan.scm (<cpan-dependency>, <cpan-release>): New
JSON-mapped record types.
(metacpan-url->mirror-url): New procedure.
(cpan-source-url): Rewrite in terms of it.
(cpan-version): Remove.
(cpan-module->sexp): Rewrite to take a <cpan-release> instead of an
alist, and rename 'meta' to 'release'.
[convert-inputs]: Rewrite to use 'cpan-release-dependencies'.
Update calls to 'convert-inputs' to pass a list of symbols.
Replace 'assoc-ref' calls with the appropriate field accessors.
(cpan->guix-package): Rename 'module-meta' to 'release'.
(latest-release): Likewise, and use the appropriate accessors.
* tests/cpan.scm (test-json): Remove "prereqs" record; add "dependency"
list.
("source-url-http", "source-url-https"): Remove.
("metacpan-url->mirror-url, http")
("metacpan-url->mirror-url, https"): New tests.
* guix/gexp.scm (<raw-derivation-file>): New record type.
(raw-derivation-file-compiler): New gexp compiler.
* tests/gexp.scm ("lower-gexp, raw-derivation-file")
("raw-derivation-file"): New tests.
* guix/scripts/challenge.scm (call-with-nar): New procedure.
(narinfo-contents): Express in terms of 'call-with-nar'.
(call-with-mismatches, report-differing-files/external): New
procedures.
(%diffoscope-command): New variable.
(%options): Support "diffoscope" and a string starting with "/".
* tests/challenge.scm (call-mismatch-test): New procedure.
("differing-files"): Rewrite in terms of 'call-mismatch-test'.
("call-with-mismatches"): New test.
* doc/guix.texi (Invoking guix challenge): Document it.
* guix/scripts/archive.scm (show-help, %options): Add '--list'.
(list-contents): New procedure.
(guix-archive): Honor the '--list' option.
* tests/guix-archive.sh: Test it.
* doc/guix.texi (Invoking guix archive): Document it.
* guix/import/crate.scm (%dual-license-rx): Removed function.
(crate->guix-package): Handle most of the multi-licensing cases.
* tests/crate.scm (licenses): Add tests for some licenses.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* guix/derivations.scm (derivation-input-fold): New procedure.
(substitution-oracle)[closure]: Rewrite in terms of
'derivation-input-fold'.
* tests/derivations.scm ("derivation-input-fold"): New test.
* guix/gexp.scm (local-file): Distinguish the case where FILE is a
literal string and when it's not. Add a clause for when FILE is not a
literal string.
* tests/gexp.scm ("local-file, non-literal relative file name"): New test.
* doc/guix.texi (G-Expressions): Update accordingly.
Previously, there was a possibility that "guix install emacs" would grab
the lock before "guix package -m $module_dir/manifest.scm". When that
happened, the test would start building Emacs and all its dependencies,
which could take a while and some disk space.
This is a followup to b1fb663404.
* tests/guix-package.sh: In profile locking test, emit
"$module_dir/ready" from the manifest and wait for it to exist before
running "guix install emacs".
* guix/scripts/substitute.scm (warn-about-missing-authentication): New
procedure.
(%allow-unauthenticated-substitutes?): Turn into a public parameter and
use 'warn-about-missing-authentication'.
(valid-narinfo?): Adjust accordingly.
* tests/substitute.scm (call-with-narinfo): Likewise.
* guix/scripts/pack.scm (guix-pack): Collect 'manifest' options, and
concatenate the resulting manifests.
* tests/guix-pack.sh: Test it.
* doc/guix.texi (Invoking guix pack): Document it.
* guix/scripts/package.scm (manifest-action): Remove.
(%actions): Remove it.
(load-manifest): New procedure.
(process-actions): Handle 'manifest' options. Define 'files' from
'manifest' options. Define 'manifest' based on FILES. Define 'trans'
to represent the final transaction.
* tests/guix-package.sh: Test it.
* doc/guix.texi (Invoking guix package): Mention
* tests/guix-environment.sh: Test 'guix environment' with two '-m' options.
* doc/guix.texi (Invoking guix environment): Explain that '-m' can be
passed multiple times.
* guix/scripts/pack.scm (%options, show-help): Add "--derivation".
(guix-pack): Honor it.
* tests/guix-pack.sh: Test it.
* doc/guix.texi (Invoking guix pack): Document it.
This lets the daemon substitute missing derivations, as in the example
at <https://bugs.gnu.org/38226>, instead of failing with ENOENT.
* guix/scripts/build.scm (options->things-to-build): In the
'derivation-path?' case, don't fail when 'read-derivation-from-file'
raises to ENOENT; return the empty list in that case.
(guix-build): Add non-existent '.drv' files to ITEMS.
Pass ITEMS in addition to DRV to 'build-derivations'.
* tests/guix-build.sh: Add test.
Fixes <https://bugs.gnu.org/38093>.
When running:
guix build --target=arm-linux-gnueabihf -e '(@ (gnu packages base) coreutils)'
the '%current-target-system' parameter is set by the time the top-level
of (gnu packages commencement) is evaluated. Consequently, we need to
ensure that the 'pkg-config' macro evaluates in a context where
'%current-target-system' is unset.
* gnu/packages/commencement.scm (gnu-make-final): Refer to '%pkg-config'
instead of 'pkg-config'.
* tests/guix-build.sh: Add test.
* gnu/services/networking.scm (ntp-server->string): Use the textual
representation of the values as printed by 'display' rather than 'write', to
avoid inserting double quotes in the generated config.
* tests/networking.scm (%ntp-server-sample): Add a comment and make one of the
options a string, to exercise the fix.
("ntp-server->string"): Move the expected value to the first argument.
("ntp configuration servers deprecated form"): Likewise.
("openntpd generated config string ends with a newline"): Likewise.
The XML feed was discontinued on Oct. 16th, 2019:
<https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>
* guix/cve.scm (string->date*): New procedure.
(<cve-item>, <cve>, <cve-reference>): New record types.
(cpe-match->cve-configuration, configuration-data->cve-configurations)
(json->cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe->product-alist, %parse-vulnerability-feed)
(xml->vulnerabilities): Remove.
(cve-configuration->package-list, merge-package-lists)
(cve-item->vulnerability, json->vulnerabilities): New procedures.
(write-cache): Use 'json->vulnerabilities' instead of
'xml->vulnerabilities', and remove 'parameterize'.
(vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json->cve-items", "cve-item-published-date")
("json->vulnerabilities"): New tests.
("xml->vulnerabilities"): Remove.
("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
* tests/cve.scm (vulnerability): Use 'make-struct/no-tail' instead of
'make-struct', which is deprecated.
* tests/lint.scm ("cve: one vulnerability")
("cve: one patched vulnerability")
("cve: known safe from vulnerability")
("cve: vulnerability fixed in replacement version")
("cve: patched vulnerability in replacement"): Likewise.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
* guix/build/syscalls.scm (RNDADDTOENTCNT): New variable.
(add-to-entropy-count): New procedure.
* tests/syscalls.scm ("add-to-entropy-count"): New test.