* guix/inferior.scm (cached-channel-instance): Take an explicit 'store'
argument.
(inferior-for-channels): Wrap call to 'cached-channel-instance' in
'with-store'.
* guix/time-machine.scm (guix-time-machine): Wrap call to
'cached-channel-instance' in 'with-store'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/time-machine.scm: New file.
* Makefile.am: (MODULES): Add it.
* guix/scripts/pull.scm (channel-list): Export.
* guix/inferior.scm (cached-channel-instance): New procedure.
(inferior-for-channels): Use it.
* doc/guix.texi (Invoking guix time-machine): New section.
(Channels): Cross-reference it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This option had been ignored since commit
0d39a3b989 (August 2018).
* guix/scripts/pull.scm (show-help, %options): Remove "--verbose".
(build-and-install): Remove #:verbose?, which was unused.
(guix-pull): Adjust accordingly.
This affects the output of 'guix show', 'guix search', and 'guix system
search'.
* guix/ui.scm (hyperlink, supports-hyperlinks?, location->hyperlink):
New procedures.
(package->recutils): Add #:hyperlinks? and honor it.
(display-search-results): Pass #:hyperlinks? to PRINT.
* guix/scripts/system/search.scm (service-type->recutils): Add
#:hyperlinks? and honor it.
The hit rate of the 'add-data-to-store' cache goes from 10% to 4% on:
guix build -e '(@@ (gnu packages libreoffice) libreoffice)' -nd
* guix/derivations.scm (%module-cache): Turn into a regular hash table.
It didn't make sense to use a weak-value hash table given that values
are pairs.
Reported by Oleg Pykhalov <go.wigust@gmail.com>.
* guix/scripts/pull.scm (display-news-entry-title)
(display-news-entry): Catch 'parser-error' around call to
'texi->plain-text', and return Texinfo as-is when an exception is
caught.
This is a followup to d727a9343d, which
broke 'hydra-jobs' from (gnu ci).
* guix/derivations.scm (invalidate-derivation-caches!): Remove call to
'invalidate-memoization!' for 'derivation->bytevector'.
Its hit rate was only 8%. Removing it reduces heap size of "guix build
libreoffice -nd" from 69MiB to 61MiB and the wall-clock time is unchanged.
* guix/derivations.scm (derivation->bytevector): Change from 'mlambda'
to 'lambda'.
This reduces the number of 'add-data-to-store' cache lookups from 3329
to 2743 (hit rate: 27% to 11%) when running:
GUIX_PROFILING=add-data-to-store-cache guix build libreoffice -nd
Execution time of "guix build libreoffice -nd" goes from 1.86s to 1.80s.
* guix/gexp.scm (imported+compiled-modules): Wrap body in 'mcached'.
* guix/store.scm (cache-object-mapping): Add #:vhash-cons parameter and
honor it.
(lookup-cached-object): Add #:vhash-fold* parameter and honor it.
(%mcached): Add #:vhash-fold* and #:vhash-cons and honor them.
(mcached): Add clauses with 'eq?' and 'equal?' as the first argument.
* guix/gexp.scm (imported+compiled-modules): New procedure.
(lower-gexp): Use it instead of separate calls to 'imported-modules' and
'compiled-modules'.
This reduces the number of lookups in the 'add-data-to-store' cache from
7505 to 3329 (hit rate from 68% to 27%) when running:
GUIX_PROFILING=add-data-to-store-cache guix build libreoffice -nd
The execution time of "guix build libreoffice -nd" goes from 2.12s to 1.87s.
* guix/derivations.scm (%module-cache): New variable.
(imported+compiled-modules)[key]: New variable.
Lookup KEY in %MODULE-CACHE and populate %MODULE-CACHE upon cache miss.
* guix/derivations.scm (imported+compiled-modules): New procedure.
(build-expression->derivation): Use it instead of separate calls to
'%imported-modules' and '%compiled-modules'.
* guix/scripts/build.scm (set-build-options-from-command-line): When
OPTS has 'keep-failed?' set, check whether STORE is connected over
AF_UNIX and warn when it's not.
The XML feed was discontinued on Oct. 16th, 2019:
<https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>
* guix/cve.scm (string->date*): New procedure.
(<cve-item>, <cve>, <cve-reference>): New record types.
(cpe-match->cve-configuration, configuration-data->cve-configurations)
(json->cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe->product-alist, %parse-vulnerability-feed)
(xml->vulnerabilities): Remove.
(cve-configuration->package-list, merge-package-lists)
(cve-item->vulnerability, json->vulnerabilities): New procedures.
(write-cache): Use 'json->vulnerabilities' instead of
'xml->vulnerabilities', and remove 'parameterize'.
(vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json->cve-items", "cve-item-published-date")
("json->vulnerabilities"): New tests.
("xml->vulnerabilities"): Remove.
("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
* guix/build/download.scm (%x509-certificate-directory): Use
"/etc/ssl/certs" as a last resort. This ensures, for instance, that
'guix download' honors system-wide certificates when SSL_CERT_DIR is
unset.
This is a followup to 81c580c866.
* guix/scripts/pull.scm (guix-pull): Move 'ensure-default-profile' call after
'set-build-options-from-command-line' call. This ensures that the
'profiles/per-user/$USER' directory is created before
'ensure-default-profile' is called when 'GUIX_DAEMON_SOCKET' points to a
remote TCP daemon.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
This makes the behaviour more consistent.
* guix/inferior.scm (inferior-pipe): Wrap the second open-pipe* call with
with-error-to-port, to match the first call to open-pipe*.
Previously, stderr for the inferior process would always be sent to /dev/null
because the current-output-port when the process is launched is a void
port. This change means that it's possible to pass in a different port to use.
* guix/inferior.scm (inferior-pipe): Take the error-port as an argument.
(open-inferior): Add new error-port keyword argument, with a default
of (%make-void-port "w").
* guix/gexp.scm (load-path-expression): Use ungexp-splicing instead of
ungexp-native-splicing so that the cross extensions are used when target is
set.
* guix/build/syscalls.scm (RNDADDTOENTCNT): New variable.
(add-to-entropy-count): New procedure.
* tests/syscalls.scm ("add-to-entropy-count"): New test.
Fixes <https://bugs.gnu.org/37531>.
"herd eval root '(length %load-path)'" on a freshly-booted bare-bones
system now returns 8 instead of 119 before.
* guix/gexp.scm (load-path-expression): Rewrite expression to that it
deletes duplicates.
Fixes <https://bugs.gnu.org/37506>.
Reported by Marius Bakke <mbakke@fastmail.com>.
* guix/channels.scm (syscalls-reexports-local-variables?)
(guile-2.2.4, guile-for-source): New procedures.
(%quirks): New variable.
(build-from-source): Add calls to 'guile-for-source' and
'set-guile-for-build'.
* guix/import/crate.scm (crate-recursive-import): New procedure.
(crate->guix-package): Return dependencies as a second value.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
