* gnu/packages/patches/gnupg-1.4-CVE-2018-12020.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnupg.scm (gnupg-1)[source]: Use it.
* guix/scripts/pull.scm (derivation->manifest-entry): Turn COMMIT into a
keyword parameter; add #:url and #:branch. Add a 'source' property to
the manifest entry.
(build-and-install): Add #:url and #:branch and pass it to
'derivation->manifest-entry'.
(guix-pull): Adjust accordingly.
* guix/profiles.scm (<manifest-entry>)[properties]: New field.
(manifest->gexp)[entry->gexp]: Serialize it.
(sexp->manifest)[sexp->manifest-entry]: Deserialize it.
* guix/packages.scm (patch-file-name): New procedure.
(%vulnerability-regexp): New variable.
(package-patched-vulnerabilities): New procedure.
* guix/scripts/lint.scm (patch-file-name): Remove.
(check-vulnerabilities): Adjust to use
'package-patched-vulnerabilities'.
* tests/packages.scm ("package-patched-vulnerabilities"): New test.
* gnu/system.scm (operating-system-etc-service)[profile]: Add
~/.config/guix/current/share/info to INFOPATH. Treat ~/.guix-profile
and ~/.config/guix/current in the same way.
This should allow 'guix pull' to complete even when invoked from a Guix
that predates commit 5d669883ec.
* guix/ui.scm: Use #:hide instead of #:select. This is a followup to
5d669883ec.
* guix/self.scm (sub-directory, locale-data): New procedures.
(guix-command): Add SOURCE parameter. Call 'locale-data' when SOURCE is
true and use it in staged 'bindtextdomain' calls.
(whole-package): Add #:command and honor it.
(compiled-guix): Pass #:command to 'whole-package'.
* guix/scripts/pull.scm (%pull-version): New variable.
(build-from-source): Pass #:pull-version to BUILD.
(whole-package-for-legacy, derivation->manifest-entry): New procedure.
(build-and-install): Rewrite in terms of 'build-and-use-profile'.
* guix/scripts/system.scm (maybe-suggest-running-guix-pull)[latest]:
Switch to "/current".
* scripts/guix.in (augment-load-paths!): Remove use of
~/.config/guix/latest.
* build-aux/compile-as-derivation.scm: Replace "/guix/latest/" with
"/current/share/guile/site/X.Y"
* guix/scripts.scm (warn-about-old-distro)[age]: Check "/current"
instead of "/latest".
* doc/guix.texi (Invoking guix pull): Document it.
* doc/contributing.texi (Running Guix Before It Is Installed): Remove
footnote about abusing ~/.config/guix/latest.
* guix/self.scm (guix-command): New procedure.
(compiled-guix): Add #:pull-version parameter.
[command, package]: New variables.
Honor PULL-VERSION.
(guix-derivation): Add #:pull-version and pass it to 'compiled-guix'.
* build-aux/build-self.scm (build-program): Add #:pull-version
parameter. Pass it to 'guix-derivation'.
(build): Add #:pull-version and pass it to 'build-program'.
* build-aux/compile-as-derivation.scm: Pass #:pull-version to BUILD.
The 'no-negcache?' option is mapped to the '--no-negcache' command-line
argument directly, but we're in the scheme world, where the general guideline
is to avoid double-negations in identifiers.
* gnu/services/dns.scm <dnsmasq-configuration>: Replace the 'no-negcache?'
field with 'negative-cache?'.
* doc/guix.texi (DNS Services)[Dnsmasq Service]: Adjust accordingly.
Alex Vong