Previously, we used to have a whole bunch of (guix build *-build-system)
modules in scope, which, for example, meant that '%standard-phases' was
clashing. This change clarifies it.
* guix/build-system/clojure.scm (%default-modules): New variable.
(clojure-build): Change the default value of #:modules and that of
#:phases.
The '*.fasl' files produced by SBCL contain the mtime of the source file (see
commit 72843d7ce32bd615f64a0326cf891658b5724ead of SBCL's code repository).
As asdf-build-system makes a copy of the source files before compiling them,
we must set the mtime of these copies to the same date as the originals for
the build to be reproducible.
* guix/build/asdf-build-system.scm (copy-files-to-output): Keep the
modification time of the original source files.
This fixes a regression introduced in
6a7c4636d4.
* guix/build/download.scm (load-gnutls): Call 'resolve-module' instead
of 'current-module'.
* guix/git.scm (load-git-submodules): Likewise.
In Guile < 2.9.7, autoloading a module would give you access to all its
bindings. In future versions, autoloading a module gives access only to
the listed bindings, as per #:select (see <https://bugs.gnu.org/38895>).
This commit adjusts autoloads to the new semantics, allowing Guix to be
built with Guile 2.9.7/2.9.8.
* guix/build/download.scm <top level>: Remove call to 'module-autoload!'.
(load-gnutls): New procedure.
(tls-wrap): Call it.
* guix/git.scm <top level>: Remove call to 'module-autoload!'.
(load-git-submodules): New procedure.
(update-submodules): Call it instead of 'resolve-interface'.
* gnu/bootloader/grub.scm: Replace #:autoload with #:use-module.
* gnu/packages.scm: Likewise.
* gnu/packages/ssh.scm: Likewise.
* gnu/packages/tex.scm: Likewise.
* gnu/services/cuirass.scm: Likewise.
* gnu/services/mcron.scm: Likewise.
* guix/lint.scm: Augment list of bindings in #:autoload.
* guix/scripts/build.scm: Likewise.
* guix/scripts/gc.scm: Likewise.
* guix/scripts/pack.scm: Likewise.
* guix/scripts/publish.scm: Likewise.
* guix/scripts/pull.scm: Likewise.
* guix/utils.scm: Remove unnecessary #:autoload clauses; replace one
of them with #:use-module.
* guix/gexp.scm (<raw-derivation-file>): New record type.
(raw-derivation-file-compiler): New gexp compiler.
* tests/gexp.scm ("lower-gexp, raw-derivation-file")
("raw-derivation-file"): New tests.
Fixes <https://bugs.gnu.org/38836>.
Reported by Ricardo Wurmus <rekado@elephly.net>.
* guix/import/cran.scm (bioconductor-packages-list): Close the port
returned by 'http-fetch/cached'.
(fetch-description): Likewise.
Fixes <https://bugs.gnu.org/20145>.
* guix/build/download.scm (%tls-ports, register-tls-record-port): Remove.
(tls-wrap): Remove call to 'register-tls-record-port'. Return a custom
binary input/output port instead. This is a backport of what Guile
2.2's (web client) module has been doing.
(close-connection): Define as an alias for 'close-port'.
* guix/http-client.scm (http-fetch): Remove #:keep-alive? parameter,
which was ignored and unused.
Pass #:keep-alive? #f to 'http-get'.
* guix/lint.scm (probe-uri): Use 'close-port' instead of 'close-connection'.
* guix/scripts/substitute.scm (http-multiple-get): Likewise.
This fixes the bug which prevented uglify-js from being defined properly, and
cascaded back to all Common Lisp packages.
* gnu/packages/bioinformatics.scm: Replace javascript module with lisp-xyz.
* gnu/packages/cran.scm: Use lisp-xyz module.
* gnu/packages/javascript.scm (uglify-js): Move from here...
* gnu/packages/lisp-xyz.scm: ... To here.
* gnu/packages/web.scm: Replace javascript module with lisp-xyz.
* guix/build-system/minify.scm: Find uglify-js in the lisp-xyz module.
Fixes <https://bugs.gnu.org/38709>.
Reported by Valentin Ignatev <valentignatev@gmail.com>.
* guix/import/crate.scm (crate-recursive-import): Add optional 'version'
parameter and honor it.
* guix/scripts/import/crate.scm (guix-import-crate): Pass VERSION as 2nd
argument to 'crate-recursive-import'.
* guix/store.scm (current-target-system): New exported monadic procedure.
* guix/profiles.scm (profile-derivation): Set target at bind time using the
above procedure.
* guix/scripts/pack.scm (guix-pack)[manifest-from-args]: Remove
'provenance', and add 'with-provenance' procedure. Wrap 'cond' form in
'with-provenance'.
Fixes <https://bugs.gnu.org/38673>.
Reported by zimoun <zimon.toutoune@gmail.com>.
* guix/describe.scm (manifest-entry-with-provenance): New procedure.
* guix/scripts/package.scm (process-actions): Use it when FILES is
non-empty.
When the qt-build-system was created, based on the cmake-build-system,
some references to cmake have been missed to be changed.
* guix/build-system/qt.scm (qt-build, qt-cross-build)[modules]:
Use qt-build-system, not cmake-build-system. [builder]: Call qt-build,
not cmake-build.
Coauthored-by: Ludovic Courtès <ludo@gnu.org>
* guix/gexp.scm (gexp->file): Add system and target arguments and pass them to
gexp->derivation and load-path-expression calls,
(scheme-file-compiler): adapt accordingly to pass system and target arguments.
Until now, 'guix system delete-generations' would ignore OPTS; for
example, it would not enable #:print-extended-build-trace? & co.,
leading to suboptimal output.
* guix/scripts/system.scm (process-command)[with-store*]: New macro.
Use it for 'delete-generations', 'switch-generation', and 'roll-back'.
This allows callers to distinguish between signature verification
failure and missing key.
* guix/gnupg.scm (gnupg-receive-keys): Return true on success.
(gnupg-verify*): Check return value of 'gnupg-receive-keys'. Return two
values, the first one being a symbol.
* guix/upstream.scm (download-tarball): Get the two return values of
'gnupg-verify*', and match on the first one.
* gnu/packages/bash.scm (download-patches): Check the first return value
of 'gnupg-verify*'.
This halves the run time on a large number of subsequent 'gnupg-verify'
calls.
* guix/gnupg.scm (sigid-rx, goodsig-rx, validsig-rx, expkeysig-rx)
(errsig-rx): New variables, lifted from...
(gnupg-verify)[status-line->sexp]: ... here.
Until then, 'gnupg-status-missing-key?' would return a key id. Its
user, 'gnupg-verify*', would then fetch a key with that ID from key
servers, thus possibly the wrong key (due to key ID collisions). If it
did fetch the wrong key, the effect would be a signature verification
failure down the path--e.g., in "guix refresh -u".
* guix/gnupg.scm (gnupg-verify)[maybe-fingerprint]: New procedure.
[status-line->sexp](errsig-rx): Add parenthetical expression at the end.
Fetch it and add it to the 'signature-error' sexp.
(gnupg-status-missing-key?): Match the whole 'signature-error' sexp and
return preferably the fingerprint rather than KEY-ID.
(gnupg-receive-keys): Rename 'key-id' parameter to 'fingerprint/key-id'.
Returning a key ID was inconsequential because the only user of
'gnupg-status-good-signature?', (guix upstream) (via 'gnupg-verify*'),
would not check the return value as long as it's true.
* guix/gnupg.scm (gnupg-status-good-signature?): Return a
fingerprint/user pair instead of key-id/user.
(gnupg-verify*): Mention it in docstring.
This is a one-character follow-up to
356a79becc
Reported by Jonathan Brielmaier <jonathan.brielmaier@web.de>.
* guix/swh.scm(<origin>): Remove a slash from example URI witin a comment.
When using the archival linter, git origins already in the archive where
not recognized due to an API change and where repeatedly asked for archival.
This is fixed here.
* guix/swh.scm (lookup-origin): Fix API URI for getting origin.
(<origin>): Fix comment with API URI example.
* guix/base64.scm: Remove #:use-module clauses for (rnrs) and (srfi
srfi-13). Add other #:use-module clauses.
(fxbit-field): Define as an alias for 'bit-field.
(fx=?, fx+, mod): New aliases.
(assert): New macro.
* guix/scripts/challenge.scm (call-with-mismatches)[narinfo1]: When
LOCAL-HASH is true, call 'narinfo-hash->sha256' and use 'bytevector=?'
instead of 'string=?'.
* guix/scripts/challenge.scm (call-with-nar): New procedure.
(narinfo-contents): Express in terms of 'call-with-nar'.
(call-with-mismatches, report-differing-files/external): New
procedures.
(%diffoscope-command): New variable.
(%options): Support "diffoscope" and a string starting with "/".
* tests/challenge.scm (call-mismatch-test): New procedure.
("differing-files"): Rewrite in terms of 'call-mismatch-test'.
("call-with-mismatches"): New test.
* doc/guix.texi (Invoking guix challenge): Document it.
* guix/scripts/archive.scm (show-help, %options): Add '--list'.
(list-contents): New procedure.
(guix-archive): Honor the '--list' option.
* tests/guix-archive.sh: Test it.
* doc/guix.texi (Invoking guix archive): Document it.
* guix/import/crate.scm (%dual-license-rx): Removed function.
(crate->guix-package): Handle most of the multi-licensing cases.
* tests/crate.scm (licenses): Add tests for some licenses.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Reported by YOANN P <yoann_mac_donald@hotmail.com>.
* guix/profiles.scm (%profile-directory): Fall back to 'getpwuid' when
"USER" and "LOGNAME" are undefined.
* guix/scripts/pack.scm (squashfs-image)[symlinks*]: New variable.
[build]: Use it instead of SYMLINKS.
(guix-pack): Emit a warning and a hint when "bash" and "bash-minimal"
are missing and PACK-FORMAT is 'squashfs.
* doc/guix.texi (Invoking guix pack): Document the /bin/sh requirement
for Singularity.
Fixes issue #38479 (see: https://bugs.gnu.org/38479).
* guix/build/emacs-build-system.scm (add-source-to-load-path): Move the source
directory to the start of the EMACSLOADPATH environment variable.
Reported-by: Diego Nicola Barbato <dnbarbato@posteo.de>
* guix/build/syscalls.scm (MS_LAZYTIME): New variable.
* gnu/build/file-systems.scm (mount-flags->bit-mask): Add match rules for
'strict-atime' and 'lazy-time'.
* doc/guix.texi (File Systems): Add 'strict-atime' and 'lazy-time' to the list
of supported flags.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/pull.scm (channel-commit-hyperlink): Export.
* guix/scripts/system.scm (display-system-generation)
[display-channel]: New procedure.
Read the "provenance" file of GENERATION and display channel info and
the configuration file name when available.
* guix/scripts/system.scm (show-help, %options): Add "--save-provenance".
(process-action): Define 'save-provenance?' and 'transform'; call
'transform' on the OS.
* doc/guix.texi (Invoking guix system): Document it under 'reconfigure'.
(Service Reference): Mention that 'provenance-service-type' is
automatically added by 'reconfigure' & 'init'.
* guix/derivations.scm (derivation-input-fold): New procedure.
(substitution-oracle)[closure]: Rewrite in terms of
'derivation-input-fold'.
* tests/derivations.scm ("derivation-input-fold"): New test.
* gnu/local.mk: Include lisp-xyz.scm.
* gnu/packages/lisp-xyz.scm: New file.
* gnu/packages/lisp.scm: Move all lisp libraries to lisp-xyz.scm, uglify-js to
javascript.scm and stumpwm to wm.scm.
* gnu/packages/javascript.scm: Add uglify-js.
* gnu/packages/wm.scm: Add stumpwm.
* gnu/packages/bioinformatics.scm: Find uglify-js in javascript.scm.
* gnu/packages/machine-learning.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* gnu/packages/web.scm: Find uglify-js in javascript.scm.
* gnu/packages/web-browsers.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* guix/build-system/minify.scm (default-uglify-js): Find uglify-js in
javascript module instead of lisp.
* gnu/local.mk: Include lisp-xyz.scm.
* gnu/packages/lisp-xyz.scm: New file.
* gnu/packages/lisp.scm: Move all lisp libraries to lisp-xyz.scm, uglify-js to
javascript.scm and stumpwm to wm.scm.
* gnu/packages/javascript.scm: Add uglify-js.
* gnu/packages/wm.scm: Add stumpwm.
* gnu/packages/bioinformatics.scm: Find uglify-js in javascript.scm.
* gnu/packages/machine-learning.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* gnu/packages/web.scm: Find uglify-js in javascript.scm.
* gnu/packages/web-browsers.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* guix/build-system/minify.scm (default-uglify-js): Find uglify-js in
javascript module instead of lisp.
* guix/ssh.scm (open-ssh-session): Add #:host-key parameter.
Pass #:knownhosts to 'make-session'. When HOST-KEY is true, call
'authenticate-server*' instead of 'authenticate-server'.
Until now, users of 'open-ssh-session', including "guix deploy" and
"GUIX_DAEMON_SOCKET=ssh://…" (but not "guix offload"), would not
authenticate the SSH server they're talking to.
* guix/ssh.scm (open-ssh-session): Call 'authenticate-server'.
* guix/scripts/offload.scm (host-key->type+key): Remove.
(open-ssh-session): Replace server authentication code with a call to
'authenticate-server*'.
* guix/ssh.scm (host-key->type+key, authenticate-server*): New
procedures.
This change aims to reduce the length of the EMACSLOADPATH environment
variable, which was found to cause issues such as
<https://bugs.gnu.org/38309>.
It should also enable discovery of newly installed packages without refreshing
the session's EMACSLOADPATH of the user profile (e.g., when launching Emacs
from the desktop manager application launcher), as discussed in
<https://bugs.gnu.org/38309>.
* guix/build/emacs-build-system.scm (%legacy-install-suffix): Rename to...
(%install-dir): ...this.
(%install-suffix): Remove variable.
(build): Adjust installation target directory.
(patch-el-files): Likewise.
(install): Likewise.
(move-doc): Likewise.
(make-autoloads): Likewise.
Signed-off-by: Clément Lassieur <clement@lassieur.org>
* guix/gexp.scm (local-file): Distinguish the case where FILE is a
literal string and when it's not. Add a clause for when FILE is not a
literal string.
* tests/gexp.scm ("local-file, non-literal relative file name"): New test.
* doc/guix.texi (G-Expressions): Update accordingly.
* guix/build/syscalls.scm (call-with-file-lock/no-wait): Really pass
ARGS to HANDLER. Return #f when HANDLER is called.
* guix/ui.scm (profile-lock-handler): Emit a mere warning upon ENOLCK.
* guix/ui.scm (supports-hyperlinks?): Make 'port' optional.
(display-generation): Use 'file-hyperlink' for the heading when
'supports-hyperlinks?' returns true.
Previously, in the unlikely case 'http-multiple-get' was passed more
than 1,000 requests, it could have dropped all those above 1,000.
* guix/scripts/substitute.scm (http-multiple-get): Define 'batch'. Use
that for the 'write-request' loop. Add 'processed' parameter to 'loop'
and use that to compute the remaining requests and call 'connect' in the
recursion base case.
* guix/scripts/substitute.scm (warn-about-missing-authentication): New
procedure.
(%allow-unauthenticated-substitutes?): Turn into a public parameter and
use 'warn-about-missing-authentication'.
(valid-narinfo?): Adjust accordingly.
* tests/substitute.scm (call-with-narinfo): Likewise.
* guix/ui.scm (report-load-error, warn-about-load-error)
(read/eval): Match (or 'srfi-34 '%exception) instead of just 'srfi-34 to
match what Guile 2.9.5 does.
Directory names added here need to match qtbase's native-search-path
specifications.
* guix/build/qt-utils.scm (wrap-qt-program): Change paths used for
QML2_IMPORT_PATH and QT_PLUGIN_PATH.
This is a followup to bc69ea2d60.
* guix/scripts/build.scm (show-build-options-help): Rename
"--no-build-hook" to "--no-offload".
(%standard-build-options): Likewise, and warn when "--no-build-hook" is
passed.
* nix/nix-daemon/guix-daemon.cc (options): Add "--no-offload" and mark
"--no-build-hook" as hidden.
* guix/scripts/offload.scm: Adjust comment.
* doc/guix.texi (Invoking guix-daemon, Common Build Options): Replace
"--no-build-hook" with "--no-offload".
* etc/completion/fish/guix.fish, etc/completion/zsh/_guix: Adjust
accordingly.
* guix/build/compile.scm (optimizations-for-level): New procedure.
Include '%lightweight-optimizations' and '%default-optimizations'.
(optimization-options): Use 'optimizations-for-level'.
* guix/scripts/pack.scm (guix-pack): Collect 'manifest' options, and
concatenate the resulting manifests.
* tests/guix-pack.sh: Test it.
* doc/guix.texi (Invoking guix pack): Document it.
* guix/scripts/package.scm (manifest-action): Remove.
(%actions): Remove it.
(load-manifest): New procedure.
(process-actions): Handle 'manifest' options. Define 'files' from
'manifest' options. Define 'manifest' based on FILES. Define 'trans'
to represent the final transaction.
* tests/guix-package.sh: Test it.
* doc/guix.texi (Invoking guix package): Mention
This fixes "guix import texlive translator".
* guix/import/texlive.scm (sxml->package): Add clause for when 'license'
is a list of licences, as is the case with the "translator" package.
This avoids one GET request every time 'fetch-narinfos' is called.
The file itself was essentially useless.
* guix/scripts/substitute.scm (<cache-info>, download-cache-info):
Remove.
(%unreachable-hosts): New variable.
(open-connection-for-uri/maybe): New procedure.
(fetch-narinfos)[handle-narinfo-response]: Check whether NARINFO has its
'path' under (%store-prefix) and ignore it otherwise. Move
'update-progress!' call before 'if'.
[do-fetch]: Remove 'port' parameter. Use
'open-connection-for-uri/maybe'.
Remove call to 'download-cache-info'.
* guix/scripts/pack.scm (%options, show-help): Add "--derivation".
(guix-pack): Honor it.
* tests/guix-pack.sh: Test it.
* doc/guix.texi (Invoking guix pack): Document it.
Fixes <https://bugs.gnu.org/38254>.
* guix/build/download.scm (make-credendials-with-ca-trust-files): Look
for *.crt files under DIRECTORY when *.pem files cannot be found.
It is no longer necessary to search for the Elisp libraries manually, as Emacs
now include a search path specification serving that purpose.
* guix/build/emacs-build-system.scm (set-emacs-load-path): Replace by...
(add-source-to-load-path): ...this.
(%standard-phases): Adjust accordingly.
This lets the daemon substitute missing derivations, as in the example
at <https://bugs.gnu.org/38226>, instead of failing with ENOENT.
* guix/scripts/build.scm (options->things-to-build): In the
'derivation-path?' case, don't fail when 'read-derivation-from-file'
raises to ENOENT; return the empty list in that case.
(guix-build): Add non-existent '.drv' files to ITEMS.
Pass ITEMS in addition to DRV to 'build-derivations'.
* tests/guix-build.sh: Add test.
* guix/inferior.scm (cached-channel-instance): Take an explicit 'store'
argument.
(inferior-for-channels): Wrap call to 'cached-channel-instance' in
'with-store'.
* guix/time-machine.scm (guix-time-machine): Wrap call to
'cached-channel-instance' in 'with-store'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/time-machine.scm: New file.
* Makefile.am: (MODULES): Add it.
* guix/scripts/pull.scm (channel-list): Export.
* guix/inferior.scm (cached-channel-instance): New procedure.
(inferior-for-channels): Use it.
* doc/guix.texi (Invoking guix time-machine): New section.
(Channels): Cross-reference it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This option had been ignored since commit
0d39a3b989 (August 2018).
* guix/scripts/pull.scm (show-help, %options): Remove "--verbose".
(build-and-install): Remove #:verbose?, which was unused.
(guix-pull): Adjust accordingly.
This affects the output of 'guix show', 'guix search', and 'guix system
search'.
* guix/ui.scm (hyperlink, supports-hyperlinks?, location->hyperlink):
New procedures.
(package->recutils): Add #:hyperlinks? and honor it.
(display-search-results): Pass #:hyperlinks? to PRINT.
* guix/scripts/system/search.scm (service-type->recutils): Add
#:hyperlinks? and honor it.
The hit rate of the 'add-data-to-store' cache goes from 10% to 4% on:
guix build -e '(@@ (gnu packages libreoffice) libreoffice)' -nd
* guix/derivations.scm (%module-cache): Turn into a regular hash table.
It didn't make sense to use a weak-value hash table given that values
are pairs.
Reported by Oleg Pykhalov <go.wigust@gmail.com>.
* guix/scripts/pull.scm (display-news-entry-title)
(display-news-entry): Catch 'parser-error' around call to
'texi->plain-text', and return Texinfo as-is when an exception is
caught.
This is a followup to d727a9343d, which
broke 'hydra-jobs' from (gnu ci).
* guix/derivations.scm (invalidate-derivation-caches!): Remove call to
'invalidate-memoization!' for 'derivation->bytevector'.
Its hit rate was only 8%. Removing it reduces heap size of "guix build
libreoffice -nd" from 69MiB to 61MiB and the wall-clock time is unchanged.
* guix/derivations.scm (derivation->bytevector): Change from 'mlambda'
to 'lambda'.
This reduces the number of 'add-data-to-store' cache lookups from 3329
to 2743 (hit rate: 27% to 11%) when running:
GUIX_PROFILING=add-data-to-store-cache guix build libreoffice -nd
Execution time of "guix build libreoffice -nd" goes from 1.86s to 1.80s.
* guix/gexp.scm (imported+compiled-modules): Wrap body in 'mcached'.
* guix/store.scm (cache-object-mapping): Add #:vhash-cons parameter and
honor it.
(lookup-cached-object): Add #:vhash-fold* parameter and honor it.
(%mcached): Add #:vhash-fold* and #:vhash-cons and honor them.
(mcached): Add clauses with 'eq?' and 'equal?' as the first argument.
* guix/gexp.scm (imported+compiled-modules): New procedure.
(lower-gexp): Use it instead of separate calls to 'imported-modules' and
'compiled-modules'.
This reduces the number of lookups in the 'add-data-to-store' cache from
7505 to 3329 (hit rate from 68% to 27%) when running:
GUIX_PROFILING=add-data-to-store-cache guix build libreoffice -nd
The execution time of "guix build libreoffice -nd" goes from 2.12s to 1.87s.
* guix/derivations.scm (%module-cache): New variable.
(imported+compiled-modules)[key]: New variable.
Lookup KEY in %MODULE-CACHE and populate %MODULE-CACHE upon cache miss.
* guix/derivations.scm (imported+compiled-modules): New procedure.
(build-expression->derivation): Use it instead of separate calls to
'%imported-modules' and '%compiled-modules'.
* guix/scripts/build.scm (set-build-options-from-command-line): When
OPTS has 'keep-failed?' set, check whether STORE is connected over
AF_UNIX and warn when it's not.
The XML feed was discontinued on Oct. 16th, 2019:
<https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>
* guix/cve.scm (string->date*): New procedure.
(<cve-item>, <cve>, <cve-reference>): New record types.
(cpe-match->cve-configuration, configuration-data->cve-configurations)
(json->cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe->product-alist, %parse-vulnerability-feed)
(xml->vulnerabilities): Remove.
(cve-configuration->package-list, merge-package-lists)
(cve-item->vulnerability, json->vulnerabilities): New procedures.
(write-cache): Use 'json->vulnerabilities' instead of
'xml->vulnerabilities', and remove 'parameterize'.
(vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json->cve-items", "cve-item-published-date")
("json->vulnerabilities"): New tests.
("xml->vulnerabilities"): Remove.
("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
* guix/build/download.scm (%x509-certificate-directory): Use
"/etc/ssl/certs" as a last resort. This ensures, for instance, that
'guix download' honors system-wide certificates when SSL_CERT_DIR is
unset.
This is a followup to 81c580c866.
* guix/scripts/pull.scm (guix-pull): Move 'ensure-default-profile' call after
'set-build-options-from-command-line' call. This ensures that the
'profiles/per-user/$USER' directory is created before
'ensure-default-profile' is called when 'GUIX_DAEMON_SOCKET' points to a
remote TCP daemon.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
This makes the behaviour more consistent.
* guix/inferior.scm (inferior-pipe): Wrap the second open-pipe* call with
with-error-to-port, to match the first call to open-pipe*.
Previously, stderr for the inferior process would always be sent to /dev/null
because the current-output-port when the process is launched is a void
port. This change means that it's possible to pass in a different port to use.
* guix/inferior.scm (inferior-pipe): Take the error-port as an argument.
(open-inferior): Add new error-port keyword argument, with a default
of (%make-void-port "w").
* guix/gexp.scm (load-path-expression): Use ungexp-splicing instead of
ungexp-native-splicing so that the cross extensions are used when target is
set.
When repacking jar-files, don't work on symlinks: Otherwise, they would be
overridden with the repacked jar-file.
* guix/build/ant-build-system.scm (regular-jar-file-predicate): New procedure.
(generate-jar-indices, strip-jar-timestamps): Use it.
* guix/build/syscalls.scm (RNDADDTOENTCNT): New variable.
(add-to-entropy-count): New procedure.
* tests/syscalls.scm ("add-to-entropy-count"): New test.
Fixes <https://bugs.gnu.org/37531>.
"herd eval root '(length %load-path)'" on a freshly-booted bare-bones
system now returns 8 instead of 119 before.
* guix/gexp.scm (load-path-expression): Rewrite expression to that it
deletes duplicates.
Fixes <https://bugs.gnu.org/37506>.
Reported by Marius Bakke <mbakke@fastmail.com>.
* guix/channels.scm (syscalls-reexports-local-variables?)
(guile-2.2.4, guile-for-source): New procedures.
(%quirks): New variable.
(build-from-source): Add calls to 'guile-for-source' and
'set-guile-for-build'.
* guix/import/crate.scm (crate-recursive-import): New procedure.
(crate->guix-package): Return dependencies as a second value.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Really fixes <https://bugs.gnu.org/37505>.
This is a followup to f751b4646d3989d76dad9e33e39f9724c7c50be6.
* guix/scripts/pull.scm (display-channel-news): Remove second occurrence
of '~*' in a format string.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Rather than (guix scripts repl), from which the machine-repl procedure was
removed in [1].
1: 92a4087bf4
* guix/inferior.scm (inferior-pipe): Load (guix repl) rather than (guix
scripts repl).
Fixes <https://bugs.gnu.org/37505>.
Reported by Konrad Hinsen <konrad.hinsen@fastmail.net>.
* guix/scripts/pull.scm (display-channel-news): Use ~a instead of ~*
when reporting new channels.
Fixes <https://bugs.gnu.org/36723>.
Reported by Timothy Sample <samplet@ngyro.com>.
* guix/build/syscalls.scm (define-as-needed): Rewrite to use lower-level
module primitives; define VARIABLE only if it's not already defined to
avoid "re-exporting local variable" error.
This is useful when a single machine appears several time, with
different port numbers.
* guix/scripts/offload.scm (machine-slot-file): Add MACHINE's port to
the file name.
This prevent a race condition where multiple compilation threads could report
the same progress.
* guix/build/compile.scm (compile-files)<completed>: Rename to...
<progress>: ...this. Increment in same mutex region as the compilation is
reported.
The resulting nar takes ~500KiB and it's quicker to build it locally
than to download it.
* guix/self.scm (node-source+compiled): Pass #:options to
'computed-file'.
Avoid invalid store-file-name by explicitly passing the destination
name, replacing any character not allowed in the store-file-name by an
underscore.
Fixes <http://issues.guix.gnu.org/issue/26175>
* guix/scripts/download.scm (safe-naensure-valid-store-file-nameme):
New function. (download-to-store*): Use it to generate a "safe"
basename of URL.
* guix/colors.scm (coloring-procedure): New procedure.
(%highlight-color): Remove.
(highlight): Define in terms of 'coloring-procedure'.
(dim): New procedure.
Previously 'channel-news-for-commit' would use the former while 'guix
pull' would use the latter. Consequently, the first 'guix pull -N'
would clone the repository anew.
* guix/scripts/pull.scm (guix-pull): Remove 'cache', and leave
%REPOSITORY-CACHE-DIRECTORY to its default value.
Previously we would, for example, generate build scripts in the store;
when trying to run them, we'd get a 'read' error due to the presence
of #<foo> syntax in there.
* guix/gexp.scm (gexp->sexp)[self-quoting?]: New procedure.
[reference->sexp]: Check whether the argument in a <gexp-input> box is
self-quoting. Raise a '&gexp-input-error' condition if it's not.
* tests/gexp.scm ("lower-gexp, non-self-quoting input"): New test.
This is a followup to 91300526b7.
* guix/scripts/deploy.scm (show-help, %options): Add '--verbosity'.
(guix-deploy): Wrap 'with-store' in 'with-status-verbosity'.
* guix/scripts/pull.scm (display-profile-news): Return true when there's
more to display.
(display-news-entry-title): New procedure.
(display-news-entry): Use it.
(display-channel-specific-news): Return true when there's more to
display.
(display-channel-news-headlines): New procedure.
(build-and-install): Call it. When 'display-channel-news-headlines' or
'display-profile-news' returns #t, print a hint to run "pull --news".
(display-new/upgraded-packages): Return true when there's more to display.
* guix/scripts/pull.scm (display-news-entry)
(display-channel-specific-news): New procedures.
(display-channel-news): Call it.
(display-new/upgraded-packages): Adjust hint message.
* doc/guix.texi (Invoking guix pull): Mention it.
