In the end signing the commit/key pair does not buy us much. Someone
publishing a valid but different commit/key pair would effectively be
publishing a different channel, which could be a fork (made by a former
authorized developer) or simply a mirror. In the latter case, there's
nothing to be gained by publishing a different commit/key pair.
* guix/channels.scm (<channel-introduction>)[signature]: Remove.
(make-channel-introduction): Adjust accordingly.
* guix/channels.scm (<channel-introduction>): Rename constructor to
'%make-channel-introduction'.
(make-channel-introduction): New procedure.
* tests/channels.scm ("authenticate-channel, wrong first commit signer")
("authenticate-channel, .guix-authorizations"): Use
'make-channel-introduction' without '@@' and without third argument.
* doc/guix.texi (Channels)[Channel Authentication, Specifying Channel
Authorizations]: New subsections.
Fixes <https://bugs.gnu.org/42127>.
Reported by Andrius Štikonas <andrius@stikonas.eu>.
* guix/scripts/pack.scm (wrapped-package)[build]: Add trailing slash to
the arguments to 'find-files'.
* guix/channels.scm (latest-channel-instance): Raise an error instead of
warning when 'guix is unauthenticated.
* tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
New test.
* guix/ui.scm (with-paginated-output-port): Export.
* guix/scripts/processes.scm (guix-processes): Use it instead of writing
directly to (current-output-port).
Fixes <https://bugs.gnu.org/42047>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
* guix/store.scm (open-connection): Use '=' instead of 'eqv?'.
This works around <https://bugs.gnu.org/42060> while also being more
accurate since the arguments are known to be integers.
Suggested by Caleb Ristvedt <caleb.ristvedt@cune.org>.
* guix/store/deduplication.scm (call-with-writable-file): Call THUNK
directly when FILE is (%store-directory).
Suggested by Caleb Ristvedt <caleb.ristvedt@cune.org>.
* guix/store/deduplication.scm (call-with-writable-file): New procedure.
(with-writable-file): New macro.
(replace-with-link): Use it.
This gives an 18% speedup on the wall-clock time of:
guile -c '(use-modules (git) (guix git-authenticate)) (load-keyring-from-reference (repository-open ".") "keyring")'
* guix/openpgp.scm (crc24): Rewrite by calling out to 'bytevector-hash'.
The guix-translated-texinfo.drv execution time goes from 1mn42s with 1
core to 1mn8s with 4 cores.
* guix/self.scm (translate-texi-manuals)[build]: Use 'n-par-for-each'
instead of 'for-each' for translation.
This reduces the execution time of:
(call-with-input-file "po/doc/guix-manual.de.po" read-po-file)
from 4.7s to 4.0s.
* guix/build/po.scm (interpret-newline-escape): New procedure.
(parse-tree->assoc): Use it instead of 'regexp-substitute/global'.
Building guix-translated-texinfo.drv goes from 11mn to 1mn50s, most of
which is taken by po4a.
* guix/self.scm (translate-texi-manuals)[build](make-ref-regex): Remove.
(canonicalize-whitespace): New procedure.
(xref-regexp): New variable.
(translate-cross-references): Rewrite to iterate over the
cross-references rather than iterating over the msgids. Update caller.
Until now, we'd call (nar-sha256 file) unconditionally. Thus, if FILE
was a directory, we would traverse it for no reason, and then call
'deduplicate' on FILE, which would again traverse it.
This change also removes redundant (mkdir-p store) calls from the loop,
and avoids 'lstat' calls by using 'scandir*'.
* guix/store/deduplication.scm (deduplicate): Add named loop. Move
'mkdir-p' outside the loop. Use 'scandir*' instead of 'scandir'. Do
not call 'nar-sha256' when FILE has type 'directory.
Fixes <https://bugs.gnu.org/41908>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
The relation check imposed an extra restriction that was unnecessary:
it's enough to authenticate the set difference between the closure of
START-COMMIT and that of END-COMMIT. Any attempt to jump to an
unrelated commit would lead to the authentication failure of one commit
on the way.
* guix/channels.scm (authenticate-channel): Remove extra
'commit-relation' check when (null? commits).
Fixes <https://bugs.gnu.org/41775>.
* guix/build-system/gnu.scm (gnu-cross-build)[canonicalize-reference]:
Pass TARGET and SYSTEM to 'package-cross-derivation'.
This test was skipped since the switch to Guile 3 because
'assert-container-features' would be inlined and thus accessing it with
@@ would fail with an unbound-variable error.
* guix/scripts/environment.scm (assert-container-features): Export.
* tests/guix-environment-container.sh: Use single '@'.
* guix/build/lisp-utils.scm (make-asd-file): Ensure lib directory exists and
check if prebuilt bundle system was generated.
(generate-system-definition): Add :class and :components only if prebuilt
system was generated.
Fixes <https://bugs.gnu.org/41924>.
* guix/profiles.scm (linux-module-database)[build]: Arrange so
'directory-entries' always returns a list. Add 'match' clause for the
empty list.
Co-authored-by: Ivan Kozlov <kanichos@yandex.ru>
* guix/nar.scm (finalize-store-file): Call 'register-items' and pass it
DB. This avoids opening the database a second time and hopefully
reduces contention on 'db.sqlite-shm'.
* guix/channels.scm (<channel-metadata>)[url]: New field.
(read-channel-metadata): Initialize it.
(read-channel-metadata-from-source): Likewise.
(channel-instance-primary-url): New procedure.
(latest-channel-instances): Compare CHANNEL's URL against it.
* doc/guix.texi (Channels)[Primary URL]: New subsection.
This has become redundant with the standard 'unpack' phase since
17919a5801.
* guix/build/gnu-dist.scm (copy-source): Remove.
(%dist-phases): Remove 'unpack' phase.
This is useful when people run "guix time-machine -C channels.scm",
where 'channels.scm' misses channel introductions.
* guix/channels.scm (%default-channel-url): New variable.
(%default-channels): Use it.
(ensure-default-introduction): New procedure.
(latest-channel-instance): Call it.
This should come before patching, authentication, etc.
* guix/channels.scm (latest-channel-instance): Add #:validate-pull
parameter and honor it. Return a single value: the instance.
(ensure-forward-channel-update): Change 'instance' parameter to 'commit'
and adjust accordingly.
(latest-channel-instances): Adjust to 'latest-channel-instance' changes.
* guix/scripts/pull.scm (warn-about-backward-updates): Change 'instance'
parameter to 'commit' and adjust accordingly.
* tests/channels.scm ("latest-channel-instances #:validate-pull"):
Likewise.