* guix/build/download.scm (%x509-certificate-directory): Use
"/etc/ssl/certs" as a last resort. This ensures, for instance, that
'guix download' honors system-wide certificates when SSL_CERT_DIR is
unset.
This is a followup to 81c580c866.
* guix/scripts/pull.scm (guix-pull): Move 'ensure-default-profile' call after
'set-build-options-from-command-line' call. This ensures that the
'profiles/per-user/$USER' directory is created before
'ensure-default-profile' is called when 'GUIX_DAEMON_SOCKET' points to a
remote TCP daemon.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
This makes the behaviour more consistent.
* guix/inferior.scm (inferior-pipe): Wrap the second open-pipe* call with
with-error-to-port, to match the first call to open-pipe*.
Previously, stderr for the inferior process would always be sent to /dev/null
because the current-output-port when the process is launched is a void
port. This change means that it's possible to pass in a different port to use.
* guix/inferior.scm (inferior-pipe): Take the error-port as an argument.
(open-inferior): Add new error-port keyword argument, with a default
of (%make-void-port "w").
* guix/gexp.scm (load-path-expression): Use ungexp-splicing instead of
ungexp-native-splicing so that the cross extensions are used when target is
set.
* guix/build/syscalls.scm (RNDADDTOENTCNT): New variable.
(add-to-entropy-count): New procedure.
* tests/syscalls.scm ("add-to-entropy-count"): New test.
Fixes <https://bugs.gnu.org/37531>.
"herd eval root '(length %load-path)'" on a freshly-booted bare-bones
system now returns 8 instead of 119 before.
* guix/gexp.scm (load-path-expression): Rewrite expression to that it
deletes duplicates.
Fixes <https://bugs.gnu.org/37506>.
Reported by Marius Bakke <mbakke@fastmail.com>.
* guix/channels.scm (syscalls-reexports-local-variables?)
(guile-2.2.4, guile-for-source): New procedures.
(%quirks): New variable.
(build-from-source): Add calls to 'guile-for-source' and
'set-guile-for-build'.
* guix/import/crate.scm (crate-recursive-import): New procedure.
(crate->guix-package): Return dependencies as a second value.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Really fixes <https://bugs.gnu.org/37505>.
This is a followup to f751b4646d3989d76dad9e33e39f9724c7c50be6.
* guix/scripts/pull.scm (display-channel-news): Remove second occurrence
of '~*' in a format string.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Rather than (guix scripts repl), from which the machine-repl procedure was
removed in [1].
1: 92a4087bf4
* guix/inferior.scm (inferior-pipe): Load (guix repl) rather than (guix
scripts repl).
Fixes <https://bugs.gnu.org/37505>.
Reported by Konrad Hinsen <konrad.hinsen@fastmail.net>.
* guix/scripts/pull.scm (display-channel-news): Use ~a instead of ~*
when reporting new channels.
Fixes <https://bugs.gnu.org/36723>.
Reported by Timothy Sample <samplet@ngyro.com>.
* guix/build/syscalls.scm (define-as-needed): Rewrite to use lower-level
module primitives; define VARIABLE only if it's not already defined to
avoid "re-exporting local variable" error.
This is useful when a single machine appears several time, with
different port numbers.
* guix/scripts/offload.scm (machine-slot-file): Add MACHINE's port to
the file name.
This prevent a race condition where multiple compilation threads could report
the same progress.
* guix/build/compile.scm (compile-files)<completed>: Rename to...
<progress>: ...this. Increment in same mutex region as the compilation is
reported.
The resulting nar takes ~500KiB and it's quicker to build it locally
than to download it.
* guix/self.scm (node-source+compiled): Pass #:options to
'computed-file'.
Avoid invalid store-file-name by explicitly passing the destination
name, replacing any character not allowed in the store-file-name by an
underscore.
Fixes <http://issues.guix.gnu.org/issue/26175>
* guix/scripts/download.scm (safe-naensure-valid-store-file-nameme):
New function. (download-to-store*): Use it to generate a "safe"
basename of URL.
* guix/colors.scm (coloring-procedure): New procedure.
(%highlight-color): Remove.
(highlight): Define in terms of 'coloring-procedure'.
(dim): New procedure.
Previously 'channel-news-for-commit' would use the former while 'guix
pull' would use the latter. Consequently, the first 'guix pull -N'
would clone the repository anew.
* guix/scripts/pull.scm (guix-pull): Remove 'cache', and leave
%REPOSITORY-CACHE-DIRECTORY to its default value.
Previously we would, for example, generate build scripts in the store;
when trying to run them, we'd get a 'read' error due to the presence
of #<foo> syntax in there.
* guix/gexp.scm (gexp->sexp)[self-quoting?]: New procedure.
[reference->sexp]: Check whether the argument in a <gexp-input> box is
self-quoting. Raise a '&gexp-input-error' condition if it's not.
* tests/gexp.scm ("lower-gexp, non-self-quoting input"): New test.
This is a followup to 91300526b7.
* guix/scripts/deploy.scm (show-help, %options): Add '--verbosity'.
(guix-deploy): Wrap 'with-store' in 'with-status-verbosity'.
* guix/scripts/pull.scm (display-profile-news): Return true when there's
more to display.
(display-news-entry-title): New procedure.
(display-news-entry): Use it.
(display-channel-specific-news): Return true when there's more to
display.
(display-channel-news-headlines): New procedure.
(build-and-install): Call it. When 'display-channel-news-headlines' or
'display-profile-news' returns #t, print a hint to run "pull --news".
(display-new/upgraded-packages): Return true when there's more to display.
* guix/scripts/pull.scm (display-news-entry)
(display-channel-specific-news): New procedures.
(display-channel-news): Call it.
(display-new/upgraded-packages): Adjust hint message.
* doc/guix.texi (Invoking guix pull): Mention it.
Suggested by Ricardo Wurmus <rekado@elephly.net>.
* guix/channels.scm (<channel-news-entry>)[tag]: New field.
(sexp->channel-news-entry): Accept either 'commit' or 'tag' in 'entry'
forms.
(resolve-channel-news-entry-tag): New procedure.
(channel-news-for-commit): Move 'with-repository' form one level
higher. Call 'resolve-channel-news-entry-tag' on all the news entries.
* guix/tests/git.scm (populate-git-repository): Add clause for 'tag'.
* tests/channels.scm ("channel-news, one entry"): Create a tag and add
an entry with a tag. Check that the tag is resolved and also visible in
the <channel-news-entry> record.
* doc/guix.texi (Channels): Mention tags in news entries.
* guix/channels.scm (<channel-metadata>)[news-file]: New field.
(read-channel-metadata): Set the 'news-file' field.
(read-channel-metadata-from-source): Likewise.
(<channel-news>, <channel-news-entry>): New record types.
(sexp->channel-news-entry, read-channel-news)
(channel-news-for-commit): New procedures.
* guix/tests/git.scm (populate-git-repository): For 'add', allow
CONTENTS to be a procedure.
* tests/channels.scm ("channel-news, no news")
("channel-news, one entry"): New tests.
* doc/guix.texi (Channels): Document it.
* guix/scripts/show.scm: New file.
* Makefile.am (MODULES): Add it.
* po/guix/POTFILES.in: Add it.
* tests/guix-package-aliases.sh: Add test.
* doc/guix.texi (Invoking guix package): Document it and use it in a example.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Until now '&store-protocol-error' conditions raised in the inferior
would not be correctly propagated because SRFI-35 records lack a read
syntax.
Reported at <https://bugs.gnu.org/37449>
by Carl Dong <contact@carldong.me>.
* guix/inferior.scm (port->inferior): Import (srfi srfi-34) in the inferior.
(inferior-eval-with-store): Define 'error?' and 'error-message'. Wrap
call to PROC in 'guard'. Check the response of INFERIOR for a
'store-protocol-error' or a 'result' tag.
* tests/inferior.scm ("inferior-eval-with-store, &store-protocol-error"):
New test.
Fixes <https://bugs.gnu.org/36763>.
Previously, the logical and connecting the regexps did not output the expected
results (introduced in 8874faaaac).
* guix/ui.scm (relevance)
[score]: Change its arguments.
[regexp->score]: New procedure.
* tests/ui.scm ("package-relevance"): Add test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Partly fixes <https://bugs.gnu.org/36785>.
Reported by Julien Lepiller <julien@lepiller.eu>.
* guix/scripts/pull.scm (ensure-default-profile): Do not call
'migrate-generations' when "SUDO_USER" is set.
This is a followup to a537620054.
Since that commit, 'pypi-package?' would return false for most Python
packages, and thus "guix refresh python-xxx" would report that no
updaters apply to the package.
* guix/import/pypi.scm (pypi-package?)[pypi-url?]: Recognize
"files.pythonhosted.org" URLs.
Previously, images produced by 'guix pack -f docker' would always show
up as "profile" in the output of 'docker images'. With this change,
'docker images' shows a name constructed from the packages found in the
image--e.g., "bash-coreutils-grep-sed".
* guix/docker.scm (canonicalize-repository-name): New procedure.
(generate-tag): Remove.
(manifest): Add optional 'tag' parameter and honor it.
(repositories): Likewise.
(build-docker-image): Add #:repository parameter and pass it to
'manifest' and 'repositories'.
* guix/scripts/pack.scm (docker-image)[build]: Compute 'tag' and pass it
as #:repository to 'build-docker-image'.
This allows containers created by "guix environment -CN" or by
"guix system container -N" to talk to the host nscd.
* gnu/system/file-systems.scm (%network-file-mappings): Add
"/var/run/nscd".
* gnu/build/shepherd.scm (default-mounts)[nscd-socket]: Remove.
* gnu/system/linux-container.scm (container-script)[nscd-run-directory]
[nscd-mapping, nscd-os, nscd-specs]: Remove.
[script]: Filter out from SPECS bind-mounts where the device does not
exist.
* guix/scripts/environment.scm (launch-environment/container)
[optional-mapping->fs]: New procedure.
[mappings]: Remove %NETWORK-FILE-MAPPINGS.
[file-systems]: Add %NETWORK-FILE-MAPPINGS here, filtered through
'optional-mapping->fs'.
Fixes <http://issues.guix.gnu.org/issue/30345> and
finally fixes <http://issues.guix.gnu.org/issue/25020>.
Formerly packages living in a path like
/stable/frameworks/5.60/portingAids/kross-5.60.0.tar.xz
have not been found.
* guix/import/kde.scm (uri->kde-path-pattern): New procedure.
(latest-kde-release): Use pattern to search for file.
As it was done for (guix import gnome).
* guix/import/kde.scm: New file.
* Makefile.am (MODULES): Add it.
* guix/gnu-maintenance.scm (%kde-updater) (%kde-file-list-uri)
(download.kde.org-files) (latest-kde-release): Remove.
Fetch the ls-lR.bz2 file list for download.kde.org, convert it into a list of
file paths and cache the list.
* guix/gnu-maintenance.scm (%kde-file-list-uri): New variable.
(download.kde.org-files): New procedure.
(latest-kde-release): Change to use DOWNLOAD.KDE.ORG-FILES and search
for files in this list.
* guix/import/crate.scm (crate->guix-package): Add optional 'version'
argument and honor it.
* guix/scripts/import/crate.scm (guix-import-crate): Assume the first
argument is a spec and destructure it with
'package-name->name+version'. Pass both to 'crate->guix-package'.
* doc/guix.texi (Invoking guix import): Document it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Previously, something like "guix refresh texmacs" would report "no
updater". Now, it reports that the 'gnu-ftp' updater failed to list
releases.
* guix/upstream.scm (lookup-updater): Use 'find' instead of 'any' to
return the <upstream-updater>.
(package-latest-release): Adjust accordingly.
* guix/scripts/refresh.scm (check-for-package-update): When
'package-latest-release' returns #f, distinguish between "no updater"
and "failing updater".
This is a followup to 81c3dc3224.
Since that commit, when /releases returned an empty JSON array, we would
not fall back to /tags because of the incorrect match.
* guix/import/github.scm (fetch-releases-or-tags): Match the empty
vector instead of the empty list.
Previously, (supported-package? coreutils "armhf-linux")
with (%current-system) = "x86_64-linux" would return false. That's
because 'supported-package?' would traverse the x86_64 dependency graph,
which contains 'tcc-boot0', which supports x86 only.
Consequently, 'supported-package?' would match only 53 packages for
"armhf-linux" when running on x86, as is the case during continuous
integration.
* guix/packages.scm (package-transitive-supported-systems): Add an
optional 'system' parameter. Use 'mlambda' instead of 'mlambdaq' for
memoization.
(supported-package?): Pass 'system' to 'package-transitive-supported-systems'.
* tests/packages.scm ("package-transitive-supported-systems, implicit inputs")
("package-transitive-supported-systems: reduced binary seed, implicit inputs"):
Remove calls to 'invalidate-memoization!', which no longer work and were
presumably introduced to work around the bug we're fixing (see commit
0db65c168f).
* tests/packages.scm ("supported-package?"): Rewrite test to use only
existing system name since otherwise 'bootstrap-executable' raises an
exception.
("supported-package? vs. system-dependent graph"): New test.
This allows 'git-fetch' etc. origins to honor the proxy and locale of
the daemon.
* guix/bzr-download.scm (bzr-fetch): Pass #:leaked-env-vars to
'gexp->derivation'.
* guix/cvs-download.scm (cvs-fetch): Likewise.
* guix/git-download.scm (git-fetch): Likewise.
* guix/hg-download.scm (hg-fetch): Likewise.
* guix/svn-download.scm (svn-multi-fetch): Likewise.
* guix/import/crate.scm (%dual-license-rx): New variable.
(crate->guix-package)[string->license]: Rewrite to match it.
* tests/crate.scm (test-crate): Adjust "license" field to current
practice.
This provides a clean separation between bindings to the
https://crates.io/api/v1 API and actual conversion to Guix package
sexps.
As a side-effect, it fixes things like "guix import blake2-rfc", "guix
refresh -t crates", etc.
* guix/import/crate.scm (<crate>, <crate-version>, <crate-dependency>):
New record types.
(lookup-crate, crate-version-dependencies): New procedures.
(crate-fetch): Remove.
(crate->guix-package): Rewrite to use the new API.
(latest-release): Likewise.
* guix/build-system/cargo.scm (%crate-base-url): New variable.
* tests/crate.scm (test-crate): Update accordingly.
fixlet
This is in part a followup to 81c3dc3224.
* guix/ci.scm (<build>, <checkout>, <evaluation>): Define using
'define-json-mapping'.
(json->build, json->checkout, json->evaluation): Remove.
(queued-builds, latest-builds, latest-evaluations): Pass JSON arrays
through 'vector->list' to adjust for Guile-JSON 3.x.
(evaluations-for-commit): Fix typo to really export.