* guix/scripts/substitute-binary.scm (<narinfo>): Add the 'signature'
and 'contents' fields.
(narinfo-signature->canonical-sexp): New function.
(narinfo-maker): Add the 'signature' argument and use it.
(assert-valid-signature): New function.
(read-narinfo): Support the Signature field.
(write-narinfo): Use 'narinfo-contents'.
(%allow-unauthenticated-substitutes?): New variable.
* guix/base64.scm, tests/base64.scm, tests/substitute-binary.scm: New files.
* Makefile.am (SCM_TESTS): Add tests/base64.scm and
tests/substitute-binary.scm.
(MODULES): Add guix/base64.scm.
* test-env.in: Set 'GUIX_ALLOW_UNAUTHENTICATED_SUBSTITUTES'.
* guix/utils.scm (call-with-decompressed-port,
call-with-compressed-output-port): New procedures.
* tests/utils.scm ("compressed-output-port + decompressed-port"):
Rewrite to use them.
* guix/scripts/authenticate.scm (guix-authenticate): Add clauses
for ("rsautl" "-sign" "-inkey" key) and ("rsautl" "-verify" "-inkey" _
"-pubin").
* tests/guix-authenticate.sh (hash): Add test using -sign and -verify in
a pipeline.
* guix/utils.scm (decompressed-port, compressed-port): New procedures.
* guix/scripts/substitute-binary.scm (decompressed-port): Remove.
(guix-substitute-binary): Pass a symbol or #f as the first argument to
'decompress-port'.
* tests/utils.scm ("compressed-port, decompressed-port, non-file"): New
test.
* guix/utils.scm (filtered-port): Make sure the 'execl' child process
always exits, and does (primitive-_exit 1) upon execution failure.
Use 'primitive-_exit' in the 'dump-port' child process.
* tests/utils.scm ("filtered-port, does not exist"): New test.
* guix/pk-crypto.scm (gcrypt-version): New procedure.
* guix/scripts/archive.scm (%key-generation-parameters): New variable.
(%options) <generate-key>: Use it.
* tests/pk-crypto.scm ("sign + verify, Ed25519"): Skip if using gcrypt < 1.6.0.
* guix/pk-crypto.scm (bytevector->hash-data): Add #:key-type parameter.
Use the 'pkcs1' flag when KEY-TYPE is 'rsa', and 'rfc6979' when
KEY-TYPE is 'ecc' or 'dsa'.
(key-type): New procedure.
* guix/scripts/authenticate.scm (read-hash-data): Add 'key-type'
parameter. Pass it to 'bytevector->hash-data'. Adjust caller
accordingly.
* tests/pk-crypto.scm (%ecc-key-pair): New variable.
("key-type"): New test.
("sign + verify"): Pass #:key-type to 'bytevector->hash-data'.
("sign + verify, Ed25519"): New test.
Reported by Nikita Karetnikov <nikita@karetnikov.org>
and Pierre-Antoine Rault <par@rigelk.eu>.
* test-env.in: Change 'NIX_LOG_DIR' in accordance with f5768af.
* tests/guix-register.sh: Likewise for 'NIX_LOG_DIR' and 'NIX_DB_DIR'.
* tests/utils.scm (temp-file): New variable.
("fcntl-flock"): Rewrite to actually test whether the child process
waits for the lock to be released. The previous test was wrong
because (1) it expected F_SETLK semantics, not F_SETLKW, and (2) it
got EBADF because of a mismatch between the open mode and the lock
style.
* guix/nar.scm (write-file) <directory>: Pass 'string<?' as the second
argument to 'scandir'.
* tests/nar.scm ("write-file puts file in C locale collation order"):
New test.
* guix/derivations.scm (<derivation-output>): Add 'recursive?' field.
Adjust 'make-derivation-output' callers.
(%read-derivation) <fixed-output>: When HASH-ALGO starts with 'r:',
set the 'recursive?' field and drop 'r:' from the hash algo name.
(write-derivation)[write-output]: Write the algo as 'r:HASH-ALGO' when
the RECURSIVE? field is set.
(derivation-hash) <fixed-output>: Prepend "r:" when RECURSIVE? is set.
(fixed-output-path): New procedure.
(derivation): Add #:recursive? parameter. Use 'fixed-output-path' to
compute the output file name of a fixed output derivation.
(build-expression->derivation): Add #:recursive? parameter. Pass it
to 'derivation'.
* tests/derivations.scm ("fixed-output derivation, recursive",
"build-expression->derivation produces recursive fixed-output",
"build-expression->derivation uses recursive fixed-output"): New
tests.
* doc/guix.texi (Derivations): Document #:recursive? for 'derivation'.
Add #:recursive? for 'build-expression->derivation'.
* guix/scripts/hash.scm (show-help): Add --recursive.
(%options): Likewise.
(guix-hash)[file-hash]: New procedure. Honor --recursive.
Use it.
* guix/nar.scm (write-file): Add missing field to the &nar-error
condition raised upon unsupported file type; change its message to be
more descriptive.
* tests/guix-hash.sh: Add tests with -r.
* doc/guix.texi (Invoking guix hash): Document --recursive.
* guix/monads.scm (text-file*): New procedure.
* tests/monads.scm ("text-file*"): New test.
* doc/guix.texi (The Store Monad): Change example since the previous one
would erroneously fail to retain a reference to Coreutils. Document
'text-file*'.
* guix/store.scm (topologically-sorted): New procedure.
* tests/store.scm ("topologically-sorted, one item",
"topologically-sorted, several items", "topologically-sorted, more
difficult"): New tests.
* nix/guix-register/guix-register.cc (register_validity): Leave
'info.path' unmodified when PREFIX is empty.
(main): Call 'settings.processEnvironment' early on.
Leave 'settings.nixStore' unmodified when PREFIX is empty.
* guix/scripts/package.scm (leave-on-EPIPE): New macro.
(guix-package): Use it for 'list-installed', 'list-available', and
'--list-generations'.
* tests/guix-package.sh: Add test.
* guix/scripts/archive.scm (authorize-key): New procedure.
(guix-archive): Call it when OPTS contains 'authorize-key'.
* tests/guix-archive.sh: Add test with invalid public key.
* guix/pki.scm: Export '%acl-file'.
* doc/guix.texi (Invoking guix archive): Make it clear that '--import'
works only with authorized keys. Document '--authorize'.
* guix/pk-crypto.scm (token-string?): New procedure.
(canonical-sexp-nth-data): Return a symbol when the element is a
"token", and a bytevector otherwise.
(latin1-string->bytevector): Remove.
(hash-data->bytevector): Adjust accordingly.
* tests/pk-crypto.scm ("canonical-sexp-nth"): Adjust accordingly. Add
octet string example.
* guix/scripts/authenticate.scm (signature-sexp): New procedure.
(guix-authenticate): Use it to produce the signature. Adjust
verification code accordingly.
* tests/store.scm ("import corrupt path"): Adjust test accordingly.
* guix/pk-crypto.scm: Rename procedures, variables, etc. from
'gcry-sexp' to 'canonical-sexp'. Add comment with references.
* guix/scripts/authenticate.scm, tests/pk-crypto.scm: Adjust
accordingly.
Reported by Andreas Enge <andreas@enge.fr>.
* tests/pk-crypto.scm ("string->gcry-sexp->string"): Remove "#C0FFEE#"
from SEXPS.
("gcry-sexp-nth"): Start at index 1.
* guix/scripts/package.scm (%options): Adapt option processors to accept and
return a second seed value: 'arg-handler', which handles bare arguments (if
not false). The install, remove, and upgrade option processors return an
arg-handler that repeat the same operation. All other option processors
return #f as the arg-handler. Make the arguments to install and remove
optional. The upgrade option processor deletes (upgrade . #f) from the
alist before adding a new entry.
(guix-package): Procedures passed to 'args-fold*' accept the new seed value
'arg-handler'. The 'operand-proc' uses 'arg-handler' (if not false).
* doc/guix.texi (Invoking guix package): Update docs.
* tests/guix-package.sh: Add test.
* guix/ui.scm (read/eval): New procedure.
(read/eval-package-expression): Use it.
* guix/scripts/build.scm (derivations-from-package-expressions): Rename to...
(derivation-from-expression): ... this. Accept procedures, under the
assumption that they are monadic thunk.
(show-help): Adjust accordingly.
(guix-build): Ditto.
* tests/guix-build.sh: Add test.
* doc/guix.texi (Invoking guix build): Augment description of '-e'.
Reported by Mark H. Weaver <mhw@netris.org>.
* tests/packages.scm ("package-source-derivation, snippet"): Change to
"guile-2.0.9.tar.xz".
* tests/union.scm ("union-build"): Check or include/c++ being a symlink.
* guix/derivations.scm (map-derivation)[input->output-paths]: Allow
non-derivation inputs.
Allow replacements to be store files. Replace in SOURCES too.
* tests/derivations.scm ("map-derivation, sources"): New test.
* guix/packages.scm (package-source-derivation): Don't let indirect
store paths pass through.
* tests/packages.scm ("package-source-derivation, indirect store path"):
New test.
* guix/packages.scm (<origin>): Add 'snippet', 'modules', and
'imported-modules' fields.
(patch-and-repack): Make 'inputs' a keyword parameter. Add 'snippet',
'modules', and 'imported-modules' parameters. Accept SOURCE as a raw
file name. Insert SNIPPET in BUILDER. Pass IMPORTED-MODULES to
'build-expression->derivation'.
(package-source-derivation): Pass the extra arguments to
'patch-and-repack'.
* tests/packages.scm ("package-source-derivation, snippet"): New test.
* doc/guix.texi (Defining Packages): Mention the 'patches' and 'snippet'
fields.
(Invoking guix build): Tell that --source has patches and snippets
applied.
(Software Freedom): Mention packages that contain non-free code.
* tests/derivations.scm ("build-expression->derivation and
max-silent-time"): Use STORE instead of %STORE. Change BUILDER to
succeed by default. Return #f when no exception is raised.
* tests/derivations.scm ("build derivation with 1 source",
"derivation with local file as input",
"derivation with a fixed-output input",
"multiple-output derivation",
"multiple-output derivation, non-alphabetic order",
"user of multiple-output derivation"): Add %BASH as an input, needed
in chroot builds.
Fixes <http://bugs.gnu.org/15756>.
* guix/profiles.scm (<manifest-pattern>): New record type.
(remove-manifest-entry): Remove.
(entry-predicate, manifest-matching-entries): New procedures.
(manifest-remove): Accept a list of <manifest-pattern>.
(manifest-installed?): Replace 'name' parameter by 'pattern', a
<manifest-pattern>.
* guix/scripts/package.scm (options->removable): Return a list of
<manifest-pattern>.
(guix-package)[process-action]: Use 'manifest-matching-entries' to
compute the list of packages to remove.
* tests/profiles.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
* guix/ui.scm (package-specification->name+version+output): New
procedure.
* guix/scripts/package.scm (specification->package+output): Use it.
* tests/ui.scm ("package-specification->name+version+output"): New test.
* guix/records.scm (define-record-type*): Wrap field bindings in a
'let*', not in a 'letrec*', which turned out to be pointlessly
inconvenient.
* tests/records.scm: Adjust test names accordingly.
* guix/monads.scm (<monad>): Turn in a raw SRFI-9 record type.
(define-monad): New macro.
(with-monad): Add a case for when MONAD is a macro.
(identity-return, identity-bind, store-return, store-bind): Inline.
(%identity-monad, %store-monad): Use 'define-monad'.
* tests/monads.scm ("monad?"): New test.
* guix/monads.scm: New file.
* tests/monads.scm: New file.
* Makefile.am (MODULES): Add guix/monads.scm.
(SCM_TESTS): Add tests/monads.scm.
* doc/guix.texi (The Store Monad): New node.
(The Store): Reference it.
* guix/build-system/trivial.scm (trivial-build): When SOURCE is true,
add it to INPUTS.
(trivial-cross-build): Likewise.
* tests/packages.scm ("trivial with source"): New test.
* guix/scripts/package.scm (switch-to-previous-generation): New function.
(roll-back): Use the new function instead of 'switch-link'.
(show-help): Add '--delete-generations'.
(%options): Likewise.
(guix-package)[process-actions]: Add 'current-generation-number',
'display-and-delete', and 'delete-generation'. Add support for
'--delete-generations', and reindent the code.
* tests/guix-package.sh: Test '--delete-generations'.
* doc/guix.texi (Invoking guix-package): Document '--delete-generations'.
* guix/scripts/package.scm (guix-package)[process-query]: Show that a
generation is the current one if the profile points to it.
* tests/guix-package.sh: Test it.
* guix/scripts/package.scm (guix-package)[process-query]: Change
'list-generation' to not list the zeroth generation.
* tests/guix-package.sh: Test it.
* doc/guix.texi (Invoking guix package): Document it, and use the
right term when talking about generations.
* guix/scripts/package.scm (guix-package)[process-query]: Exit with 1
when a generation does not exist or the profile points to the zeroth
generation.
* tests/guix-package.sh: Test the former case.
* nix/guix-register/guix-register.cc (prefix): New variable.
(parse_opt): Use it.
(register_validity): Change 'info.path' to the final store name.
Hash the final under its real path.
* tests/guix-register.sh: Adjust the contents of $closure accordingly.
Rename 'NIX_LOCALSTATE_DIR' to 'NIX_STATE_DIR'. Don't try to call
'valid-path?'. Add test using 'sqlite3'.
* guix/derivations.scm (derivation->output-path,
derivation->output-paths): New procedures.
(derivation-path->output-path): Use 'derivation->output-path'.
(derivation-path->output-paths): Use 'derivation->output-paths'.
(derivation): Accept 'derivation?' objects as inputs. Return a single
value.
(build-derivations): New procedure.
(compiled-modules): Use 'derivation->output-paths'.
(build-expression->derivation)[source-path]: Add case for when the
input matches 'derivation?'.
[prologue]: Accept 'derivation?' objects in INPUTS.
[mod-dir, go-dir]: Use 'derivation->output-path'.
* guix/download.scm (url-fetch): Adjust to the single-value return.
* guix/packages.scm (package-output): Use 'derivation->output-path'.
* guix/scripts/build.scm (guix-build): When the argument is
'derivation-path?', pass it through 'read-derivation'.
Use 'derivation-file-name' to print out the .drv file names, and to
register them. Use 'derivation->output-path' instead of
'derivation-path->output-path'.
* guix/scripts/package.scm (roll-back): Adjust to the single-value
return.
(guix-package): Use 'derivation->output-path'.
* guix/ui.scm (show-what-to-build): Adjust to deal with 'derivation?'
objects instead of .drv file names.
* gnu/system/grub.scm (grub-configuration-file): Use
'derivation->output-path' instead of 'derivation-path->output-path'.
* gnu/system/vm.scm (qemu-image, system-qemu-image): Likewise.
* tests/builders.scm, tests/derivations.scm, tests/packages.scm,
tests/store.scm, tests/union.scm: Adjust to the new calling
convention.
* doc/guix.texi (Defining Packages, The Store, Derivations): Adjust
accordingly.
* guix/derivations.scm (<derivation>): Add 'file-name' field.
(%read-derivation): Use (port-filename DRV-PORT) as the file name for
the result.
(derivation): Set the 'file-name' field in the result.
* tests/derivations.scm ("build derivation with 1 source"): Assert that
'derivation-file-name' returns the right thing.
* guix/store.scm (add-text-to-store): Make 'references' optional.
* tests/store.scm ("dead-paths", "references"): Use 'add-text-to-store'
with no optional argument.
* doc/guix.texi (The Store): Adjust accordingly.
This significantly reduces I/O when building profiles, especially with
lots of package-specific sub-directories (such as 'share/emacs/24.3',
'texmf', etc.)
* guix/build/union.scm (union-build)[file-tree](others-have-it?): New
procedure. Use it in the 'enter?' parameter of 'file-system-fold';
change 'skip' parameter accordingly.
* tests/union.scm ("union-build"): Ensure that 'include' is a symlink
and 'bin' is a directory.
* guix/derivations.scm (derivation, build-expression->derivation):
Rename #:dependency-graphs to #:references-graphs, for consistency in
the terminology.
* tests/derivations.scm: Adjust accordingly.
* guix/derivations.scm (derivation): Add `dependency-graphs' keyword
parameter; honor it.
* tests/derivations.scm (bootstrap-binary): New procedure.
(%bash): Use it.
(%mkdir): New variable.
(directory-contents): Add `slurp' optional parameter.
("derivation with #:dependency-graphs"): New test.
* doc/guix.texi (Derivations): Update accordingly.