summaryrefslogtreecommitdiff
path: root/guix/scripts/lint.scm
AgeCommit message (Expand)Author
2020-03-24scripts: lint: Handle store connections for lint checkers.•••Rather than individual checkers opening up a connection to the store for each package to check, if any checker requires a store connection, open a connection and pass it to all checkers that would use it. This makes running the derivation checker much faster for multiple packages. * guix/scripts/lint.scm (run-checkers): Add a #:store argument, and pass the store to checkers if they require a store connection. (guix-lint): Establish a store connection if any checker requires one, and pass it through to run-checkers. Christopher Baines
2019-12-08lint: Add '--load-path' option.•••* guix/scripts/lint.scm (%options): Add '--load-path' option. * doc/guix.texi: Document it. * tests/guix-lint.sh: Test it. Signed-off-by: Ludovic Courtès <ludo@gnu.org> zimoun
2019-08-28lint: Log diagnostics with 'info', not 'warning'.•••* guix/scripts/lint.scm (emit-warnings): Use 'info', not 'warning'. This removes the unhelpful "warning:" prefix that commit 3d33c93cef67d88bdc9409959f3c1f3857af09cf introduced. Ludovic Courtès
2019-07-20lint: Use the 'warning' procedure for messages.•••* guix/scripts/lint.scm (emit-warnings): Use 'warning' instead of 'format'. Ludovic Courtès
2019-07-15lint: Separate checkers by dependence on the internet.•••I think there are a couple of potential uses for this. It's somewhat a separation in to what checkers are just checking the contents of the repository (line length for example), and other checkers which are bringing in external information which could change. I'm thinking particularly, about treating network dependent checkers differently when automatically running them, but this commit also adds a --no-network flag to guix lint, which selects the checkers that don't access the network, which could be useful if no network access is available. * guix/lint.scm (%checkers): Rename to %all-checkers. (%local-checkers, %network-dependent-checkers): New variables. * guix/scripts/lint.scm (run-checkers): Make the checkers argument mandatory. (list-checkers-and-exit): Handle the checkers as an argument. (%options): Adjust for changes to %checkers, add a --no-network option, and change how the --list-checkers option is handled. (guix-lint): Adjust indentation, and update how the checkers are handled. Christopher Baines
2019-07-15lint: Move the linting code to a different module.•••To try and move towards making programatic access to the linting code easier, this commit separates out the linting script, from the linting functionality that it uses. * guix/scripts/lint.scm (emit-warnings): Alter to to not use match-lambda, as <lint-warning> isn't accessible. (<lint-warning>, lint-warning, make-lint-warning, lint-warning?, lint-warning-message, lint-warning-message-text, lint-warning-message-data, lint-warning-location, package-file, %make-warning make-warning, <lint-checker>, lint-checker, make-lint-checker, lint-checker?, lint-checker-name, lint-checker-description, lint-checker-check, properly-starts-sentance?, starts-with-abbreviation?, %quoted-identifier-rx, check-description-style, package-input-intersection, check-inputs-should-be-native, check-inputs-should-not-be-an-input-at-all, package-name-regexp, check-synopsis-style, probe-uri, tls-certificate-error-string, validate-uri, check-home-page, %distro-directory, check-patch-file-names, escape-quotes, official-gnu-packages*, check-gnu-synopsis+description, origin-uris, check-source, check-source-file-name, check-source-unstable-tarball, check-mirror-url, check-github-url, check-derivation, check-license, call-with-networking-fail-safe, with-networking-fail-safe, current-vulnerabilities*, package-vulnerabilities, check-vulnerabilities, check-for-updates, report-tabulations, report-trailing-white-space, report-long-line, %hanging-paren-rx, report-lone-parantheses, %formatting-reporters, report-formatting-issues, check-formatting, %checkers): Move to… * guix/lint.scm: … here * po/guix/POTFILES.in: Add guix/lint.scm. * Makefile.am: Add guix/lint.scm. * tests/lint.scm: Change to import (guix lint), rather than (guix scripts lint). Christopher Baines
2019-07-15scripts: lint: Separate the message warning text and data.•••So that translations can be handled more flexibly, rather than having to translate the message text within the checker. * guix/scripts/lint.scm (lint-warning-message-text, lint-warning-message-data): New procedures. (lint-warning-message): Remove record field accessor, replace with procedure that handles the lint warning data and translating the message. (make-warning): Rename to %make-warning. (make-warning): New macro. (emit-warnings): Handle the message-text and message-data fields. (check-description-style): Adjust for changes to make-warning. [check-trademarks, check-end-of-sentence-space): Adjust for changes to make-warning. (check-inputs-should-be-native, check-inputs-should-not-be-an-input-at-all, check-synopsis-style, validate-uri, check-home-page, check-patch-file-names, check-gnu-synopsis+description, check-mirror-url, check-github-url, check-derivation, check-vulnerabilities, check-for-updates, report-tabulations, report-trailing-white-space, report-long-line, report-lone-parentheses): Adjust for changes to make-warning. Christopher Baines
2019-07-15scripts: lint: Handle warnings with a record type.•••Rather than emiting warnings directly to a port, have the checkers return the warning or warnings. This makes it easier to use the warnings in different ways, for example, loading the data in to a database, as you can work with the <lint-warning> records directly, rather than having to parse the output to determine the package and location. * guix/scripts/lint.scm (<lint-warning>): New record type. (lint-warning): New macro. (lint-warning?, lint-warning-package, lint-warning-message, lint-warning-location, package-file, make-warning): New procedures. (call-with-accumulated-warnings, with-accumulated-warnings): Remove. (emit-warning): Rename to emit-warnings, and switch to displaying multiple warnings. (check-description-style)[check-not-empty-description, check-texinfo-markup, check-trademarks, check-quotes, check-proper-start, check-end-of-sentence-space]: Switch to generating a list of warnings, and using make-warning, rather than emit-warning. (check-inputs-should-be-native, check-inputs-should-not-be-an-input-at-all): Switch to generating a list of warnings, and using make-warning, rather than emit-warning. (check-synopsis): Switch to generating a list of warnings, and using make-warning, rather than emit-warning. [check-not-empty]: Remove, this is handled in the match clause to avoid other warnings being emitted. [check-final-period, check-start-article, check-synopsis-length, check-proper-start, check-start-with-package-name, check-texinfo-markup]: Switch to generating a list of warnings, and using make-warning, rather than emit-warning. [checks]: Remove check-not-empty. (validate-uri, check-home-page, check-patch-file-names, check-gnu-synopsis+description): Switch to generating a list of warnings, and using make-warning, rather than emit-warning. (check-source): Switch to generating a list of warnings, and using make-warning, rather than emit-warning. [try-uris]: Remove. [warnings-for-uris]: New procedure, replacing try-uris. (check-source-file-name, check-source-unstable-tarball, check-mirror-url, check-github-url, check-derivation, check-vulnerabilities, check-for-updates, report-tabulations, report-trailing-white-space, report-long-line, report-lone-parentheses, report-formatting-issues, check-formatting): Switch to generating a list of warnings, and using make-warning, rather than emit-warning. (run-checkers): Call emit-warnings on the warnings returned from the checker. * tests/lint.scm (string-match-or-error, single-lint-warning-message): New procedures. (call-with-warnings, with-warnings): Remove. ("description: not a string", "description: not empty", "description: invalid Texinfo markup", "description: does not start with an upper-case letter", "description: may start with a digit", "description: may start with lower-case package name", "description: two spaces after end of sentence", "description: end-of-sentence detection with abbreviations", "description: may not contain trademark signs: ™", "description: may not contain trademark signs: ®", "description: suggest ornament instead of quotes", "synopsis: not a string", "synopsis: not empty", "synopsis: valid Texinfo markup", "synopsis: does not start with an upper-case letter", "synopsis: may start with a digit", "synopsis: ends with a period", "synopsis: ends with 'etc.'", "synopsis: starts with 'A'", "synopsis: starts with 'a'", "synopsis: starts with 'an'", "synopsis: too long", "synopsis: start with package name", "synopsis: start with package name prefix", "synopsis: start with abbreviation", "inputs: pkg-config is probably a native input", "inputs: glib:bin is probably a native input", "inputs: python-setuptools should not be an input at all (input)", "inputs: python-setuptools should not be an input at all (native-input)", "inputs: python-setuptools should not be an input at all (propagated-input)", "patches: file names", "patches: file name too long", "patches: not found", "derivation: invalid arguments", "license: invalid license", "home-page: wrong home-page", "home-page: invalid URI", "home-page: host not found", "home-page: Connection refused", "home-page: 200", "home-page: 200 but short length", "home-page: 404", "home-page: 301, invalid", "home-page: 301 -> 200", "home-page: 301 -> 404", "source-file-name", "source-file-name: v prefix", "source-file-name: bad checkout", "source-file-name: good checkout", "source-file-name: valid", "source-unstable-tarball", "source-unstable-tarball: source #f", "source-unstable-tarball: valid", "source-unstable-tarball: package named archive", "source-unstable-tarball: not-github", "source-unstable-tarball: git-fetch", "source: 200", "source: 200 but short length", "source: 404", "source: 301 -> 200", "source: 301 -> 404", "mirror-url", "mirror-url: one suggestion", "github-url", "github-url: one suggestion", "github-url: already the correct github url", "cve", "cve: one vulnerability", "cve: one patched vulnerability", "cve: known safe from vulnerability", "cve: vulnerability fixed in replacement version", "cve: patched vulnerability in replacement", "formatting: lonely parentheses", "formatting: alright"): Change test-assert to test-equal, and adjust to work with the changes above. ("formatting: tabulation", "formatting: trailing white space", "formatting: long line"): Use string-match-or-error rather than string-contains. Christopher Baines
2019-04-18lint: 'check-github-url' uses our own 'open-connection-for-uri'.•••Fixes <https://bugs.gnu.org/35053>. Reported by Efraim Flashner <efraim@flashner.co.il>. Previously 'check-github-url' would let Guile 2.2's (web client) module take care of opening the connection. Consequently, it wouldn't use the TLS priority strings that we use in (guix build download), 'open-connection-for-uri'. In particular, it would not disable TLSv1.3, which would trigger <https://bugs.gnu.org/34102> for github.com. * guix/scripts/lint.scm (check-github-url): Add #:timeout parameter. [follow-redirect]: Change parameter name to 'url' and pass it to 'string->uri'. Call 'guix:open-connection-for-uri' to open the connection and pass it to 'http-head' via #:port. Ludovic Courtès
2019-01-21store: Rename '&nix-error' to '&store-error'.•••* guix/store.scm (&nix-error): Rename to... (&store-error): ... this, and adjust users. (&nix-connection-error): Rename to... (&store-connection-error): ... this, and adjust users. (&nix-protocol-error): Rename to... (&store-protocol-error): ... this, adjust users. (&nix-error, &nix-connection-error, &nix-protocol-error): Define these condition types and their getters as deprecrated aliases. * build-aux/run-system-tests.scm, guix/derivations.scm, guix/grafts.scm, guix/scripts/challenge.scm, guix/scripts/graph.scm, guix/scripts/lint.scm, guix/scripts/offload.scm, guix/serialization.scm, guix/ssh.scm, guix/tests.scm, guix/ui.scm, tests/derivations.scm, tests/gexp.scm, tests/guix-daemon.sh, tests/packages.scm, tests/store.scm, doc/guix.texi: Adjust to use the new names. Ludovic Courtès
2019-01-20lint: check-source-unstable-tarball: Don't assume uri length.•••* guix/scripts/lint.scm (check-source-unstable-tarball): Replace third with code to make sure there are enough elements to check. Efraim Flashner
2019-01-10guix: lint: Warn only if GitHub URI is not same as the package URI.•••* guix/scripts/lint.scm (check-github-url): Warn only if the GitHub URI obtained after following redirects is not same as the original URI. * tests/lint.scm ("github-url: already the correct github url"): New test. Arun Isaac
2019-01-07lint: Avoid 'dirname' call at the top level.•••* guix/scripts/lint.scm (%distro-directory): Wrap in 'mlambda'. (check-patch-file-names): Adjust accordingly. Ludovic Courtès
2019-01-06lint: Rename checker to 'github-url'.•••* guix/scripts/lint.scm (%checkers): Rename 'github-uri' to 'github-url' to match the documentation. Ludovic Courtès
2018-12-27lint: Check for unstable tarballs.•••* guix/scripts/lint.scm (check-source-unstable-tarball): New procedure. (%checkers): Add it. * tests/lint.scm ("source-unstable-tarball", "source-unstable-tarball: source #f", "source-unstable-tarball: valid", "source-unstable-tarball: package named archive", "source-unstable-tarball: not-github", "source-unstable-tarball: git-fetch"): New tests. * doc/guix.texi (Invoking guix lint): Document it. Efraim Flashner
2018-12-24guix: lint: Check for source URIs redirecting to GitHub.•••* guix/scripts/lint.scm (check-github-uri): New procedure. (%checkers): Add it. * doc/guix.texi (Invoking guix lint): Document it. * tests/lint.scm ("github-url", "github-url: one suggestion"): New tests. Arun Isaac
2018-11-20lint: 'check-derivation' fully disables grafts.•••Previously grafting could take place indirectly, for instance when lowering origins. * guix/scripts/lint.scm (check-derivation)[try]: Parameterize '%graft?'. Ludovic Courtès
2018-11-20lint: 'check-derivation' tries all the package's supported systems.•••This allows us to catch architecture-specific evaluation failures. * guix/scripts/lint.scm (check-derivation): Move body into... [try]: ... this. New procedure. Call 'try' for each supported system of PACKAGE. Ludovic Courtès
2018-06-09packages: Add 'package-patched-vulnerabilities'.•••* guix/packages.scm (patch-file-name): New procedure. (%vulnerability-regexp): New variable. (package-patched-vulnerabilities): New procedure. * guix/scripts/lint.scm (patch-file-name): Remove. (check-vulnerabilities): Adjust to use 'package-patched-vulnerabilities'. * tests/packages.scm ("package-patched-vulnerabilities"): New test. Ludovic Courtès
2018-05-11guix: Fix typo.•••* guix/scripts/lint.scm: Fix typo. Julien Lepiller
2017-12-10lint: 'check-vulnerabilities' also checks package properties.•••* guix/scripts/lint.scm (check-vulnerabilities): Also check for CVEs listed as mitigated in the package properties. * tests/lint.scm ("cve: known safe from vulnerability"): New test. Efraim Flashner
2017-11-28lint: Adjust file-name length test for out-of-tree file names.•••* guix/scripts/lint.scm (check-patch-file-names): Adjust file-name-length calculation. Ludovic Courtès
2017-11-28lint: 'patch-file-names' checks for file name length.•••Reported at <https://bugs.gnu.org/27943> by Danny Milosavljevic <dannym@scratchpost.org>. * guix/scripts/lint.scm (%distro-directory): New variable. (check-patch-file-names): Add check for the file name length. * tests/lint.scm ("patches: file name too long"): New test. Ludovic Courtès
2017-10-28lint: 'refresh' gracefully handles lack of networking access.•••* guix/scripts/lint.scm (check-for-updates): Wrap 'package-latest-release*' call in 'with-networking-fail-safe'. Ludovic Courtès
2017-10-28lint: Extract network-related exception handling.•••* guix/scripts/lint.scm (call-with-networking-fail-safe): New procedure. (with-networking-fail-safe): New macro. (current-vulnerabilities*): Rewrite in terms of 'with-networking-fail-safe'. Ludovic Courtès
2017-10-28scripts: Factorize option parsing sans 'GUIX_BUILD_OPTIONS'.•••* guix/scripts.scm (parse-command-line): Add #:build-options? parameter and honor it. * guix/scripts/challenge.scm (guix-challenge): Use 'parse-command-line' with #:build-options? #f instead of 'args-fold*'. * guix/scripts/gc.scm (guix-gc): Likewise. * guix/scripts/graph.scm (guix-graph): Likewise. * guix/scripts/hash.scm (guix-hash): Likewise. * guix/scripts/lint.scm (guix-lint): Likewise. * guix/scripts/refresh.scm (guix-refresh): Likewise. * guix/scripts/size.scm (guix-size): Likewise. * guix/scripts/weather.scm (guix-weather): Likewise. Ludovic Courtès
2017-10-12lint: 'home-page' checker reports permanent redirects.•••* guix/scripts/lint.scm (probe-uri): Add special case for HTTP 301. (validate-uri): Likewise. * tests/lint.scm ("home-page: 301, invalid") ("home-page: 301 -> 200", "home-page: 301 -> 404") ("source: 301 -> 200", "source: 301 -> 404"): New tests. Ludovic Courtès
2017-10-09lint: Remove extra newline.•••* guix/scripts/lint.scm (check-for-updates): Remove trailing "~%". Ludovic Courtès
2017-10-09guix: lint: Add checker for new upstream versions.•••* guix/scripts/lint.scm (check-for-updates): New procedure. (%checkers): Add it. * guix/scripts/refresh.scm (importer-modules, %updaters): Move from here ... * guix/upstream.scm: ... to here. Efraim Flashner
2017-09-05Handle the same HTTP redirects everywhere.•••* guix/build/download.scm (http-fetch): Complete the hard-coded list of HTTP redirection status codes. * guix/http-client.scm (http-fetch): Likewise. * guix/scripts/lint.scm (probe-uri): Likewise. Tobias Geerinckx-Rice
2017-08-01lint: formatting: Detect sexp boundaries.•••* guix/scripts/lint.scm (report-formatting-issues)[last-line]: Remove. [sexp-last-line]: New procedure. Use it. Ludovic Courtès
2017-05-23guix: lint: Slightly simplify `check-source-file-name'.•••* guix/scripts/lint.scm (check-source-file-name): Implement file name matching with regular expression. Arun Isaac
2017-05-23gnu: lint: Fix typo.•••* guix/scripts/lint.scm (check-source-file-name): Fix wrong return value in docstring. Arun Isaac
2017-05-18lint: inputs-should-be-native: Add "cmake".•••Suggested by Nicolas Goaziou <mail@nicolasgoaziou.fr>. * guix/scripts/lint.scm (check-inputs-should-be-native)[input-names]: Add "cmake". Ludovic Courtès
2017-05-03ui: Rename '_' to 'G_'.•••This avoids collisions with '_' when the latter is used as a 'match' pattern for instance. See <https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00464.html>. * guix/ui.scm: Rename '_' to 'G_'. * po/guix/Makevars (XGETTEXT_OPTIONS): Adjust accordingly. * build-aux/compile-all.scm (warnings): Remove 'format'. * gnu/packages.scm, gnu/services.scm, gnu/services/shepherd.scm, gnu/system.scm, gnu/system/shadow.scm, guix/gnupg.scm, guix/http-client.scm, guix/import/cpan.scm, guix/import/elpa.scm, guix/import/pypi.scm, guix/nar.scm, guix/scripts.scm, guix/scripts/archive.scm, guix/scripts/authenticate.scm, guix/scripts/build.scm, guix/scripts/challenge.scm, guix/scripts/container.scm, guix/scripts/container/exec.scm, guix/scripts/copy.scm, guix/scripts/download.scm, guix/scripts/edit.scm, guix/scripts/environment.scm, guix/scripts/gc.scm, guix/scripts/graph.scm, guix/scripts/hash.scm, guix/scripts/import.scm, guix/scripts/import/cpan.scm, guix/scripts/import/cran.scm, guix/scripts/import/crate.scm, guix/scripts/import/elpa.scm, guix/scripts/import/gem.scm, guix/scripts/import/gnu.scm, guix/scripts/import/hackage.scm, guix/scripts/import/nix.scm, guix/scripts/import/pypi.scm, guix/scripts/import/stackage.scm, guix/scripts/lint.scm, guix/scripts/offload.scm, guix/scripts/pack.scm, guix/scripts/package.scm, guix/scripts/perform-download.scm, guix/scripts/publish.scm, guix/scripts/pull.scm, guix/scripts/refresh.scm, guix/scripts/size.scm, guix/scripts/substitute.scm, guix/scripts/system.scm, guix/ssh.scm, guix/upstream.scm: Use 'G_' instead of '_'. Most of this change was obtained by running: "sed -i -e's/(_ "/(G_ "/g' `find -name \*.scm`". Ludovic Courtès
2017-04-16lint: Avoid non-literal format strings.•••Reported by Mathieu Othacehe <m.othacehe@gmail.com> at <http://bugs.gnu.org/26498>. * guix/scripts/lint.scm (warn-if-package-has-input): Rename to... (package-input-intersection): ... this. Remove 'linted' and 'message' parameters. Return a list of inputs. (check-inputs-should-be-native): Adjust accordingly. (check-inputs-should-not-be-an-input-at-all): Likewise. Ludovic Courtès
2017-03-27ui: Support Texinfo markup in package synopses.•••* guix/ui.scm (package-field-string): New procedure. (package-description-string): Use it. (package-synopsis-string): New procedure. (package->recutils): Use it. * guix/scripts/lint.scm (check-synopsis-style)[check-texinfo-markup]: New procedure. Use it in checks. * tests/lint.scm: Test it. * gnu/packages/perl.scm (perl-try-tiny)[synopsis]: Adjust for the Texinfo markup. Alex Kost
2017-03-18http-client: Avoid name clash with 'open-connection-for-uri' in 2.2.0.•••* guix/build/download.scm (open-connection-for-uri): Add note about same-named binding in Guile 2.2.0. * guix/http-client.scm: Use 'guix:open-connection-for-uri' for the procedure coming from (guix build download). * guix/scripts/lint.scm: Likewise. * guix/scripts/substitute.scm: Likewise. Ludovic Courtès
2017-01-31lint: Use the "@" syntax for versioned packages in warnings.•••* guix/scripts/lint.scm (emit-warning): Use the "@" syntax. Ludovic Courtès
2017-01-28Use 'mlambda' instead of 'memoize'.•••* gnu/packages.scm (find-newest-available-packages): Use 'mlambda' instead of (memoize (lambda ...) ...). * gnu/packages/bootstrap.scm (package-with-bootstrap-guile): Likewise. * guix/build-system/gnu.scm (package-with-explicit-inputs)[rewritten-input]: Likewise. * guix/build-system/python.scm (package-with-explicit-python)[transform]: Likewise. * guix/derivations.scm (derivation->string): Likewise. * guix/gnu-maintenance.scm (gnu-package?): Likewise. * guix/modules.scm (module-file-dependencies): Likewise. * guix/scripts/graph.scm (standard-package-set): Likewise. * guix/scripts/lint.scm (official-gnu-packages*): Likewise. * guix/store.scm (store-regexp*): Likewise. * guix/utils.scm (location): Likewise. Ludovic Courtès
2017-01-28Add (guix memoization).•••* guix/combinators.scm (memoize): Remove. * guix/memoization.scm: New file. * Makefile.am (MODULES): Add it. * gnu/packages.scm, gnu/packages/bootstrap.scm, guix/build-system/gnu.scm, guix/build-system/python.scm, guix/derivations.scm, guix/gnu-maintenance.scm, guix/import/cran.scm, guix/import/elpa.scm, guix/modules.scm, guix/scripts/build.scm, guix/scripts/graph.scm, guix/scripts/lint.scm, guix/store.scm, guix/utils.scm: Adjust imports accordingly. Ludovic Courtès
2017-01-21lint: Display PACKAGE@VERSION.•••* guix/scripts/lint.scm (run-checkers): Remove 'name' variable. Display PACKAGE@VERSION instead of PACKAGE-VERSION. Ludovic Courtès
2016-11-25Merge branch 'master' into python-build-systemLeo Famulari
2016-11-19lint: Add 'mirror-url' checker.•••* guix/scripts/lint.scm (origin-uris): New procedure. (check-source): Use it. (check-mirror-url): New procedure. (%checkers): Add 'mirror-url' checker. * tests/lint.scm ("mirror-url") ("mirror-url: one suggestion"): New tests. * doc/guix.texi (Invoking guix lint): Document it. Ludovic Courtès
2016-11-15lint: more packages to probably be a native input.•••* guix/scripts/lint.scm (check-inputs-should-be-native package): Add python packages which are typically used for testing or for building the documentation. Hartmut Goebel
2016-11-15guix: Add lint-checker for packages which should be no inputs at all.•••Also refactor some common code into a new function. Examples for these pacakges are python(2)-setuptools and python(2)-pip, which are installed together with python itself. * guix/scripts/lint.scm (warn-if-package-has-input): New procedure. (check-inputs-should-be-native package): Use it; rename and clean-up variables. (check-inputs-should-not-be-an-input-at-all): New procedure. (%checkers) Add it. * doc/guix.texi (Python Modules): Document it. * tests/lint.scm: ("inputs: python-setuptools should not be an input at all (input)", "inputs: python-setuptools should not be an input at all (native-input)" "inputs: python-setuptools should not be an input at all (propagated-input)"): Add tests. Hartmut Goebel
2016-11-09lint: 'cve' checker catches 'tls-certificate-error'.•••Reported by Frederick Muriithi <fredmanglis@gmail.com>. * guix/scripts/lint.scm (tls-certificate-error-string): New procedure. (validate-uri): Use it. (current-vulnerabilities*): Catch 'tls-certificate-error' and print a warning. Ludovic Courtès
2016-11-07download: Verify TLS certificates unless asked not to.•••Fixes <http://bugs.gnu.org/24466>. Reported by Leo Famulari <leo@famulari.name>. * guix/build/download.scm (%x509-certificate-directory): New variable. (make-credendials-with-ca-trust-files, peer-certificate) (assert-valid-server-certificate, print-tls-certificate-error): New procedures. Add 'print-tls-certificate-error' as an exception printer for 'tls-certificate-error'. (tls-wrap): Add #:verify-certificate? parameter and honor it. (open-connection-for-uri): Likewise. (http-fetch): Likewise. (url-fetch): Likewise. * guix/download.scm (url-fetch)[builder]: Pass #:verify-certificate? #f. * guix/scripts/lint.scm (probe-uri): Add case for 'tls-certificate-error'. (validate-uri): Likewise. * doc/guix.texi (Invoking guix download): Mention 'SSL_CERT_DIR'. Ludovic Courtès
2016-10-19lint: Suggest @code instead of quotes.•••* guix/scripts/lint.scm (%quoted-identifier-rx): New variable. (check-description-style)[check-quotes]: New procedure. Use it. * tests/lint.scm ("description: suggest ornament instead of quotes"): New test. Ludovic Courtès
2016-10-03lint: 'cve' checker reports the replacement's vulnerabilities.•••Before, 'guix lint -c cve' would report the vulnerabilities of the original package while pretending they are the vulnerabilities of the replacement. * guix/scripts/lint.scm (check-vulnerabilities): Consider the package replacement before calling 'package-vulnerabilities'. * tests/lint.scm ("cve: vulnerability fixed in replacement version"): New test. Ludovic Courtès