Before, 'guix lint -c cve' would report the vulnerabilities of the
original package while pretending they are the vulnerabilities of the
replacement.
* guix/scripts/lint.scm (check-vulnerabilities): Consider the package
replacement before calling 'package-vulnerabilities'.
* tests/lint.scm ("cve: vulnerability fixed in replacement version"):
New test.
* guix/build/graft.scm (replace-store-references): REPLACEMENT is now
the full string, not just the hash.
(rewrite-directory)[hash-mapping](valid-suffix?): Remove.
(hash+suffix): Rename to...
(hash+rest): ... this. Change to return the whole string as the second
element of the list. Adjust 'match-lambda' expression accordingly;
check whether the string length of the origin and replacement match.
* tests/grafts.scm ("graft-derivation, grafted item uses a different
name"): New test.
* doc/guix.texi (Security Updates): Update sentence on the name/version
restriction.
Fixes <http://bugs.gnu.org/24346>.
Reported by csanchezdll@gmail.com (Carlos Sánchez de La Lama).
* guix/scripts/system.scm (previous-grub-entries): Get the initrd file
name from PARAMS.
* gnu/system.scm (operating-system-grub.cfg): Use
'operating-system-initrd-file' to retrieve the initrd file name.
* gnu/system/grub.scm (strip-mount-point): New procedure.
(grub-configuration-file)[entry->gexp]: Call 'strip-mount-point' for
LINUX and INITRD.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This is a followup to 13a9feb5b64fd819eaed38a17da0284bbe2b8d9.
* guix/build/gnu-build-system.scm (patch-source-shebangs): Remove call
to 'remove'. Pass a second argument to 'find-files' to filter out
symlinks; pass #:stat lstat.
(patch-generated-file-shebangs): Likewise, and also filter out
non-executable files.
* guix/gexp.scm (<file-append>): New record type.
(file-append): New procedure.
(file-append-compiler): New gexp compiler.
* tests/gexp.scm ("file-append", "file-append, output")
("file-append, nested", "gexp->file + file-append"): New tests.
* doc/guix.texi (G-Expressions): Use it in 'nscd' and 'list-files'
examples. Document 'file-append'.
* guix/gexp.scm (<gexp-compiler>)[expand]: New field.
(default-expander, lookup-expander): New procedures.
(define-gexp-compiler): Add second pattern to allow for the definition
of both a compiler and an expander.
(gexp->sexp)[reference->sexp]: Call 'lookup-expander' and use its
result.
* guix/build/utils.scm (wrap-program)[wrapper-file-name]
[next-wrapper-number, wrapper-target]: Remove.
[wrapped-file, already-wrapped?]: New variables.
[last-line]: New procedure.
Use it to append to PROG when a wrapper already exists.
* tests/build-utils.scm ("wrap-program, one input, multiple calls"):
Adjust the list of files to delete.
This provides a way to mark a package as superseded by another one.
Upgrades replace superseded packages with their replacement.
* guix/packages.scm (package-superseded, deprecated-package): New
procedures.
* gnu/packages.scm (%find-package): Check for 'package-superseded'.
* guix/scripts/package.scm (transaction-upgrade-entry)[supersede]: New
procedure. Call it when 'package-superseded' is true.
* tests/guix-build.sh: Add test for a superseded package.
* tests/packages.scm ("package-superseded")
("transaction-upgrade-entry, superseded package"): New tests.
* guix/scripts/package.scm (upgraded-manifest-entry): Rename to...
(transaction-upgrade-entry): ... this. Add 'transaction' parameter and
return a transaction.
(options->installable): Likewise.
[to-upgrade]: Rename to...
[upgraded]: ... this, and change to be a transaction. Return a
transaction.
(options->removable): Likewise.
(process-actions): Adjust accordingly.
* tests/packages.scm ("transaction-upgrade-entry, zero upgrades")
("transaction-upgrade-entry, one upgrade"): New tests.
* guix/scripts/package.scm (upgradeable?): Rename to...
(upgraded-manifest-entry): ... this. Change to take a <manifest-entry>
and to return a <manifest-entry>.
(options->installable)[to-upgrade]: Adjust accordingly.
* guix/build/syscalls.scm (errno): Do not export.
(syscall->procedure): Change to return a procedure that returns both the
value and errno. Use #:return-errno? where available.
(mount, umount, swapon, swapoff, mkdtemp!, fdatasync, statfs)
(clone, setns, pivot-root, fcntl-flock, network-interface-names)
(network-interface-flags, set-network-interface-flags)
(set-network-interface-address, network-interface-address):
(network-interfaces, tcgetattr, tcsetattr, terminal-window-size): Adjust
accordingly using 'let-values'.
* guix/modules.scm, tests/modules.scm: New files.
* Makefile.am (MODULES, SCM_TESTS): Add them.
* doc/guix.texi (G-Expressions): Add an example of
'source-module-closure'.
This avoids loads of needless 'stat' calls due to the default 'relative
setting and the 'canonicalize-path' calls it leads to. This was
especially visible when 'guix substitute' access files in
/var/guix/substitute/cache.
* guix/ui.scm (run-guix-command): Set %FILE-PORT-NAME-CANONICALIZATION
to #f.
The former pattern included the "jar" binary.
* guix/build/ant-build-system.scm (generate-classpath): Change pattern.
Suggested by: Ricardo Wurmus <rekado@elephly.net>
This fixes a bug whereby the choice between stripping 'libfoo.so.0.1.2'
and stripping 'libfoo.so' (the symlink) would be non-deterministic.
* guix/build/gnu-build-system.scm (strip)[strip-dir]: Use 'find-files'
instead of 'file-system-fold' so that files are picked in deterministic
order.
* guix/scripts/system.scm (service-upgrade): Move to...
* gnu/services/shepherd.scm (shepherd-service-upgrade): ... here.
* tests/system.scm ("service-upgrade: nothing to do", "service-upgrade:
one unchanged, one upgraded, one new", "service-upgrade: service
depended on is not unloaded", "service-upgrade: obsolete services that
depend on each other"): Move to...
* tests/services.scm: ... here. Adjust to 'service-upgrade' rename.
Reported by Mark H Weaver <mhw@netris.org>
at <https://lists.gnu.org/archive/html/guix-devel/2016-08/msg01470.html>.
* guix/scripts/system.scm (service-upgrade)[live-service-required?]: New
procedure.
[obsolete?]: Use it.
* tests/system.scm ("service-upgrade: service depended on is not
unloaded", "service-upgrade: obsolete services that depend on each
other"): New tests.
* guix/scripts/system.scm (service-upgrade)[essential?]: SERVICE is now
a <live-service>.
[lookup-target, lookup-live, running?, stopped, obsolete?]: New
procedures.
[to-load, to-unload]: Use them. TO-UNLOAD is now a list of
<live-service>.
(call-with-service-upgrade-info): Extract symbols from TO-UNLOAD.
* tests/system.scm ("service-upgrade: one unchanged, one upgraded, one
new"): Adjust accordingly.
* guix/scripts/system.scm (service-upgrade): New procedure, with code
from...
(call-with-service-upgrade-info): ... here. Use it.
* tests/system.scm (live-service, service-upgrade): New variables.
("service-upgrade: nothing to do", "service-upgrade: one unchanged, one
upgraded, one new"): New tests.
* gnu/services/herd.scm (<live-service>): New record type.
(current-services): Change to return a single value: #f or a list of
<live-service>.
* guix/scripts/system.scm (call-with-service-upgrade-info): Adjust
accordingly.
* gnu/tests/base.scm (run-basic-test)["shepherd services"]: Adjust
accordingly.
* guix/build/ruby-build-system.scm (log-file-deletion): New procedure.
(install): Remove files containing non-reproducible elements. Print when each
file is deleted.