* guix/scripts/lint.scm (check-vulnerabilities): Also check for CVEs
listed as mitigated in the package properties.
* tests/lint.scm ("cve: known safe from vulnerability"): New test.
Reported at <https://bugs.gnu.org/27943>
by Danny Milosavljevic <dannym@scratchpost.org>.
* guix/scripts/lint.scm (%distro-directory): New variable.
(check-patch-file-names): Add check for the file name length.
* tests/lint.scm ("patches: file name too long"): New test.
* guix/scripts/lint.scm (call-with-networking-fail-safe): New procedure.
(with-networking-fail-safe): New macro.
(current-vulnerabilities*): Rewrite in terms of 'with-networking-fail-safe'.
* guix/scripts/lint.scm (check-for-updates): New procedure.
(%checkers): Add it.
* guix/scripts/refresh.scm (importer-modules, %updaters): Move
from here ...
* guix/upstream.scm: ... to here.
* guix/build/download.scm (http-fetch): Complete the hard-coded list of HTTP
redirection status codes.
* guix/http-client.scm (http-fetch): Likewise.
* guix/scripts/lint.scm (probe-uri): Likewise.
Reported by Mathieu Othacehe <m.othacehe@gmail.com>
at <http://bugs.gnu.org/26498>.
* guix/scripts/lint.scm (warn-if-package-has-input): Rename to...
(package-input-intersection): ... this. Remove 'linted' and 'message'
parameters. Return a list of inputs.
(check-inputs-should-be-native): Adjust accordingly.
(check-inputs-should-not-be-an-input-at-all): Likewise.
* guix/ui.scm (package-field-string): New procedure.
(package-description-string): Use it.
(package-synopsis-string): New procedure.
(package->recutils): Use it.
* guix/scripts/lint.scm (check-synopsis-style)[check-texinfo-markup]:
New procedure. Use it in checks.
* tests/lint.scm: Test it.
* gnu/packages/perl.scm (perl-try-tiny)[synopsis]: Adjust for the
Texinfo markup.
* guix/build/download.scm (open-connection-for-uri): Add note about
same-named binding in Guile 2.2.0.
* guix/http-client.scm: Use 'guix:open-connection-for-uri' for the
procedure coming from (guix build download).
* guix/scripts/lint.scm: Likewise.
* guix/scripts/substitute.scm: Likewise.
* guix/scripts/lint.scm (origin-uris): New procedure.
(check-source): Use it.
(check-mirror-url): New procedure.
(%checkers): Add 'mirror-url' checker.
* tests/lint.scm ("mirror-url")
("mirror-url: one suggestion"): New tests.
* doc/guix.texi (Invoking guix lint): Document it.
* guix/scripts/lint.scm (check-inputs-should-be-native package): Add python
packages which are typically used for testing or for building the
documentation.
Also refactor some common code into a new function.
Examples for these pacakges are python(2)-setuptools and python(2)-pip, which
are installed together with python itself.
* guix/scripts/lint.scm (warn-if-package-has-input): New procedure.
(check-inputs-should-be-native package): Use it; rename and clean-up
variables. (check-inputs-should-not-be-an-input-at-all): New procedure.
(%checkers) Add it.
* doc/guix.texi (Python Modules): Document it.
* tests/lint.scm: ("inputs: python-setuptools should not be an input at all
(input)", "inputs: python-setuptools should not be an input at all
(native-input)" "inputs: python-setuptools should not be an input at all
(propagated-input)"): Add tests.
Reported by Frederick Muriithi <fredmanglis@gmail.com>.
* guix/scripts/lint.scm (tls-certificate-error-string): New procedure.
(validate-uri): Use it.
(current-vulnerabilities*): Catch 'tls-certificate-error' and print a
warning.
* guix/scripts/lint.scm (%quoted-identifier-rx): New variable.
(check-description-style)[check-quotes]: New procedure.
Use it.
* tests/lint.scm ("description: suggest ornament instead of quotes"):
New test.
Before, 'guix lint -c cve' would report the vulnerabilities of the
original package while pretending they are the vulnerabilities of the
replacement.
* guix/scripts/lint.scm (check-vulnerabilities): Consider the package
replacement before calling 'package-vulnerabilities'.
* tests/lint.scm ("cve: vulnerability fixed in replacement version"):
New test.
* guix/scripts/lint.scm (check-description-style): Emit a warning if
trademark signs found in description.
* tests/lint.scm (description: may not contain trademark signs): Add
test.
* guix/scripts/lint.scm (validate-uri): Upon 200 http-response, check
the 'response-content-length' and emit a warning when it is <= 1000.
* tests/lint.scm (call-with-http-server): Add 'data' parameter.
(with-http-server): Likewise.
(%long-string): New variable.
("home-page: 200"): Pass %LONG-STRING to 'with-http-server'.
("home-page: 404", "source: 200", "source: 404"): Likewise.
("home-page: 200 but short length"): New test.
("source: 200 but short length"): New test.
* guix/scripts/lint.scm (check-vulnerabilities): Check the replacement
of PACKAGE.
* tests/lint.scm ("cve: patched vulnerability in replacement"): New test.
Suggested by John Darrington.
* guix/scripts/lint.scm (check-description-style): Emit a warning when
DESCRIPTION is not a string.
(check-synopsis-style): Likewise.
(check-gnu-synopsis+description): Likewise.
* tests/lint.scm ("description: not a string", "synopsis: not a
string"): New tests.
* guix/scripts/lint.scm (check-patch-file-names): Don't check if patches
start with the package full name since matching the package name (which
is a prefix of the full name) is sufficient.
* guix/scripts/lint.scm (patch-file-name): New procedure.
(check-vulnerabilities): Use it to filter out patched vulnerabilities.
* tests/lint.scm ("cve: one patched vulnerability"): New test.