Age | Commit message (Expand) | Author |
2020-11-21 | lint: Add 'check-haskell-stackage' checker.•••* guix/lint.scm (check-haskell-stackage): New procedure.
(%network-dependent-checkers): Add 'haskell-stackage' checker.
* guix/import/hackage.scm (%hackage-url): New variable.
(hackage-source-url, hackage-cabal-url): Use it in place of a
hard-coded string.
* guix/import/stackage.scm (%stackage-url): Make it a parameter.
(stackage-lts-info-fetch): Update accordingly.
* tests/lint.scm ("hackage-stackage"): New test.
| Timothy Sample |
2020-11-21 | lint: Add 'patch-headers' checker.•••* guix/lint.scm (check-patch-headers): New procedure.
(%local-checkers): Add 'patch-headers' checker.
* tests/lint.scm ("patch headers: no warnings")
("patch headers: missing comment", "patch headers: empty")
("patch headers: patch not found"): New tests.
| Ludovic Courtès |
2020-11-21 | store-database: Add test checking the directory mtime after 'register-path'.•••* tests/store-database.scm ("register-path, directory"): New test.
| Ludovic Courtès |
2020-11-16 | Properly deal with build directories containing '~'.•••Fixes <https://bugs.gnu.org/44626>.
Reported by Vagrant Cascadian <vagrant@debian.org>.
* tests/build-utils.scm ("wrap-script, simple case"): Pass
SCRIPT-CONTENTS to 'display' rather than 'format'.
* gnu/services/base.scm (file-system->shepherd-service-name)
[valid-characters, mount-point]: New variables.
Filter out invalid store file name characters from the mount point of
FILE-SYSTEM.
| Ludovic Courtès |
2020-11-09 | publish: Create files in the cache as #o644.•••Reported by Ricardo Wurmus <rekado@elephly.net>.
* guix/scripts/publish.scm (compress-nar): Add 'chmod' call to ensure
PORT is #o644, in the uncompressed case.
(bake-narinfo+nar): Likewise for the narinfo file.
* tests/publish.scm ("with cache"): Check permissions on CACHED and NAR.
| Ludovic Courtès |
2020-11-06 | tests: Test "guix system search .".•••This is a followup to 0c5d0c57d370b34f3ba677838deaa8baf7bca58a.
* tests/guix-system.sh: Run "guix system search .".
| Ludovic Courtès |
2020-11-05 | gexp: Warn when importing (guix config) or (ice-9 …).•••While importing those modules from the host system is valid, it is often
a mistake that introduces non-reproducibility. This patch prints a
warning when that happens.
* guix/gexp.scm (gexp-attribute): Add #:validate parameter and honor it.
(gexp-modules)[validate-modules]: New procedure.
Pass it to 'gexp-attribute'.
* tests/gexp.scm ("gexp-modules, warning"): New test.
| Ludovic Courtès |
2020-11-05 | gexp: Store the source code location in <gexp>.•••* guix/gexp.scm (<gexp>)[location]: New field.
(gexp-location): New procedure.
(write-gexp): Print the location of GEXP.
(gexp->derivation): Adjust call to 'make-gexp'.
(gexp): Likewise.
| Ludovic Courtès |
2020-11-04 | publish: Do not path the empty string to 'query-path-info'.•••Fixes <https://bugs.gnu.org/44442>.
Regression introduced in 2b2ab7796ac186d88060793b8873fc0e21462758.
* guix/scripts/publish.scm (render-nar/cached): Do not call
'bypass-cache?' when ITEM is the empty string.
* tests/publish.scm ("with cache, cache bypass, unmapped hash part"):
New test.
| Ludovic Courtès |
2020-11-01 | system: Add store-directory-prefix to boot-parameters.•••Fixes <http://issues.guix.gnu.org/44196>
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-directory-prefix.
* gnu/system.scm (define-module): Export
boot-parameters-store-directory-prefix.
(<boot-parameters>)[store-directory-prefix]: New field. It is used to
generate the correct paths when /gnu/store is installed on a btrfs
subvolume whose name doesn't match the final runtime path, as the
bootloader doesn't have knowledge about the final mounting points.
[boot-parameters-store-directory-prefix]: New accessor.
(read-boot-parameters): Read directory-prefix from store field.
(operating-system-boot-parameters-file): Add directory-prefix to
store field.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-directory-prefix.
* test/boot-parameters.scm (%default-btrfs-subvolume,
%default-store-directory-prefix): New variables.
(%grub-boot-parameters): Use %default-store-directory-prefix.
(%default-operating-system): Use %default-btrfs-subvolume.
(test-boot-parameters): Add directory-prefix.
(test optional fields): Add test for directory-prefix.
(test os store-directory-prefix): New test.
| Miguel Ángel Arruga Vivas |
2020-10-31 | pack: Relocatable wrapper leaves root available to child processes.•••Fixes <https://bugs.gnu.org/44261>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
* gnu/packages/aux-files/run-in-namespace.c (exec_in_user_namespace):
Add call to 'prctl'. Call 'mount' for NEW_ROOT and define 'is_tmpfs'.
When IS_TMPFS is true, call 'umount' and 'rmdir' after 'waitpid';
otherwise, call 'rm_rf' only when 'waitpid' returns -1 the second time.
(exec_with_loader): Call 'prctl'. Remove NEW_ROOT only when 'waitpid'
returns -1 the second time, otherwise leave it behind.
* tests/guix-pack-relocatable.sh (wait_for_file): New function.
Add test.
| Ludovic Courtès |
2020-10-31 | guix build: Move transformation options to (guix transformations).•••* guix/transformations.scm: New file.
* tests/scripts-build.scm: Rename to...
* tests/transformations.scm: ... this.
* Makefile.am (MODULES): Add 'guix/transformations.scm'.
(SCM_TESTS): Adjust to rename.
* guix/scripts/build.scm (numeric-extension?)
(tarball-base-name, <downloaded-file>, download-to-store*)
(compile-downloaded-file, package-with-source)
(transform-package-source, evaluate-replacement-specs)
(transform-package-inputs, transform-package-inputs/graft)
(%not-equal, package-git-url, evaluate-git-replacement-specs)
(transform-package-source-branch, transform-package-source-commit)
(transform-package-source-git-url, package-dependents/spec)
(package-toolchain-rewriting, transform-package-toolchain)
(transform-package-with-debug-info, transform-package-tests)
(%transformations, transformation-procedure, %transformation-options)
(show-transformation-options-help, options->transformation)
(package-transformations): Move to (guix transformations).
* guix/scripts/environment.scm: Adjust accordingly.
* guix/scripts/graph.scm: Likewise.
* guix/scripts/install.scm: Likewise.
* guix/scripts/pack.scm: Likewise.
* guix/scripts/package.scm: Likewise.
* guix/scripts/upgrade.scm: Likewise.
* po/guix/POTFILES.in: Add 'guix/transformations.scm'.
| Ludovic Courtès |
2020-10-31 | guix build: 'options->transformation' no longer takes a 'store' parameter.•••* guix/scripts/build.scm (transform-package-source)
(transform-package-inputs, transform-package-inputs/graft)
(transform-package-source-branch, transform-package-source-commit)
(transform-package-source-git-url, transform-package-toolchain)
(transform-package-with-debug-info, transform-package-tests): Remove
'store' parameter.
(options->transformation, options->derivations): Adjust accordingly.
* guix/scripts/environment.scm (options/resolve-packages): Likewise.
* guix/scripts/graph.scm (guix-graph): Likewise.
* guix/scripts/pack.scm (guix-pack): Likewise.
* guix/scripts/package.scm (transaction-upgrade-entry): Likewise.
(process-actions): Likewise.
* tests/scripts-build.scm ("options->transformation, no transformations")
("options->transformation, with-source, replacement"):
Adjust tests.
("options->transformation, with-source")
("options->transformation, with-source, with version")
("options->transformation, with-source, PKG=URI"): Use 'lower-object' to
compute the store file name of the source.
("options->transformation, with-source, no matches"): Remove
'with-store' and adjust accordingly.
("options->transformation, with-input"): Likewise.
("options->transformation, with-graft"): Likewise.
("options->transformation, with-branch"): Likewise.
("options->transformation, with-commit"): Likewise.
("options->transformation, with-git-url"): Likewise.
("options->transformation, with-git-url + with-branch"): Likewise.
("options->transformation, with-c-toolchain"): Likewise.
("options->transformation, with-c-toolchain twice"): Likewise.
("options->transformation, with-c-toolchain, no effect"): Likewise.
("options->transformation, with-debug-info"): Likewise.
("options->transformation, without-tests"): Likewise.
| Ludovic Courtès |
2020-10-30 | guix: pack: Only wrap executable files.•••* guix/scripts/pack.scm (wrapped-package)<build>: Build wrappers for
executable files and symlink others.
* tests/guix-pack-relocatable.sh: Test relocatable example of mixed
executable and non-executable files.
| Eric Bavier |
2020-10-28 | publish: Add '--cache-bypass-threshold'.•••* guix/scripts/publish.scm (show-help, %options): Add
'--cache-bypass-threshold'.
(low-compression): New procedure.
(cache-bypass-threshold): New parameter.
(bypass-cache?): New procedure.
(render-narinfo/cached): Call 'render-narinfo' when 'bypass-cache?'
returns true.
(render-nar/cached): Call 'render-nar' when 'bypass-cache?' returns
true.
(guix-publish): Parameterize 'cache-bypass-threshold'.
* tests/publish.scm ("with cache", "with cache, lzip + gzip")
("with cache, uncompressed"): Pass '--cache-bypass-threshold=0'.
("with cache, vanishing item"): Expect 200 for RESPONSE.
("with cache, cache bypass"): New test.
| Ludovic Courtès |
2020-10-27 | publish: Provide server's signing key.•••* guix/scripts/publish.scm (render-signing-key): New procedure.
(render-home-page): Add link to it.
(make-request-handler): Handle it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Amar Singh |
2020-10-20 | guix build: Add '--with-debug-info'.•••* guix/scripts/build.scm (transform-package-with-debug-info): New
procedure.
(%transformations): Add 'with-debug-info'.
(%transformation-options, show-transformation-options-help): Add
'--with-debug-info'.
* tests/scripts-build.scm ("options->transformation, with-debug-info"):
New test.
* doc/guix.texi (Package Transformation Options): Document
'--with-debug-info'.
(Installing Debugging Files): Introduce sections. Remove bit about
eventual "opt-out" since this is not happening. Document
'--with-debug-info' under "Rebuilding with Debugging Info".
| Ludovic Courtès |
2020-10-20 | packages: Better preserve object identity when rewriting.•••Fixes a bug whereby the presence of propagated inputs could lead to two
non-eq? but actually equal packages in a bag's inputs. The problem
would manifest itself when running, for instance:
guix build inkscape -d --with-graft=glib=glib-networking --no-grafts
The resulting derivation would differ due from that without
'--with-graft'. This was due to the fact that glib propagates libffi;
this instance of libffi was not rewritten even though other instances in
the graph were rewritten. Thus, glib would end up with two non-eq?
libffi instances, which in turn would lead to duplicate entries in its
'%build-inputs' variable.
Fixes <https://bugs.gnu.org/43890>.
* guix/packages.scm (package-mapping)[rewrite]: Remove call to 'cut?'
and call 'replace' unconditionally.
[replace]: Add 'cut?' case.
* tests/guix-build.sh: Add test combining '--no-grafts' and
'--with-graft'.
* tests/packages.scm ("package-input-rewriting/spec, identity")
("package-input-rewriting, identity"): New tests.
| Ludovic Courtès |
2020-10-20 | graph: Adjust test for recent OCaml changes.•••This is a followup to 339177956affdc471832750a3805b74356487e93.
* tests/graph.scm ("reverse bag DAG"): Look for "ocaml4.07-dune" rather
than "dune".
| Ludovic Courtès |
2020-10-18 | system: Add locale to boot-parameters.•••* gnu/system.scm (define-module)[export]: Add boot-parameters-locale.
(<boot-parameters>)[locale]: New field.
[boot-parameters-locale]: New accessor.
(read-boot-parameters): Read locale field.
(operating-system-boot-parameters): Provide operating-system locale to
boot-parameters record.
(opeating-system-boot-parameters-file): Likewise.
* Makefile.am (SCM_TESTS): Add tests/boot-parameters.scm.
* tests/boot-parameters.scm: New test file.
| Miguel Ángel Arruga Vivas |
2020-10-15 | ui: Only suggest modules that export the unbound variable identifier.•••Fixes <https://bugs.gnu.org/43498>.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>.
* guix/ui.scm (known-variable-definition): Check for variables in the
public interface of HEAD, not in HEAD itself.
* tests/guix-build.sh: Add test.
| Ludovic Courtès |
2020-10-12 | guix build: Add '--with-c-toolchain'.•••* guix/scripts/build.scm (package-dependents/spec)
(package-toolchain-rewriting, transform-package-toolchain): New procedures.
(%transformations): Add it.
(%transformation-options, show-transformation-options-help): Add
'--with-c-toolchain'.
* tests/scripts-build.scm (depends-on-toolchain?): New procedure.
("options->transformation, with-c-toolchain")
("options->transformation, with-c-toolchain twice")
New test.
("options->transformation, with-c-toolchain, no effect"): New tests.
* doc/guix.texi (Package Transformation Options): Document it.
| Ludovic Courtès |
2020-10-12 | packages: Add 'package-with-c-toolchain'.•••* guix/build-system.scm (build-system-with-c-toolchain): New procedure.
* guix/packages.scm (package-with-c-toolchain): New procedure.
* tests/packages.scm ("package-with-c-toolchain"): New test.
* doc/guix.texi (package Reference): Document 'package-with-c-toolchain'.
(Build Systems): Mention it.
| Ludovic Courtès |
2020-10-12 | tests: Add missing copyright line.•••* tests/channels.scm: Add copyright line for past changes.
| Ludovic Courtès |
2020-10-12 | channels: Address test failure.•••Fixes <https://bugs.gnu.org/43940>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.
The "channel-instances->manifest" test would fail since
1d4ab335b22a93e01c2eb1eb3e93fc6534157040: 'quiet-guile' would be passed #f
as GUILE, and thus 'package-version' would fail with wrong-type-arg.
* guix/channels.scm (whole-package-for-legacy): Pass #:guile to
'whole-package'.
* tests/channels.scm ("channel-instances->manifest"): Remove 'test-expect-fail'.
| Ludovic Courtès |
2020-10-12 | tests: Mark the channel-instances->manifest as expected to fail.•••Allow the Guix package to be updated while awaiting resolution for
<https://issues.guix.gnu.org/43940>.
* tests/channels.scm (channel-instances->manifest): Mark test as expected to
fail.
| Maxim Cournoyer |
2020-10-05 | environment: Turn "lo" up in network-less containers.•••This is a followup to 0f53c801b91919380a924b402d1ff822bb1dc6ea.
* guix/scripts/environment.scm (launch-environment/container): Add call
to 'set-network-interface-up'.
* tests/guix-environment-container.sh: Add test.
| Ludovic Courtès |
2020-10-02 | environment: Provide /etc/hosts in containers without '--network'.•••Fixes <https://bugs.gnu.org/43762>.
* guix/scripts/environment.scm (launch-environment/container): Create
/etc/hosts when NETWORK? is false.
* tests/guix-environment-container.sh: Add "localhost" resolution test.
| Ludovic Courtès |
2020-10-02 | guix package: Re-apply package transformation when upgrading.•••* guix/scripts/package.scm (transaction-upgrade-entry)[upgrade]: Add
'transform' parameter. Pass PKG through it. Use
'manifest-entry-with-transformations'.
Call 'options->transformation' to get the transformation procedure.
* tests/guix-package.sh: Add 'guix package -u' test.
* tests/packages.scm ("transaction-upgrade-entry, transformation options preserved"):
New test.
* doc/guix.texi (Invoking guix package): Mention that transformations
are preserved across upgrades.
(Package Transformation Options): Likewise.
| Ludovic Courtès |
2020-10-02 | guix build: Record package transformations in manifest entries.•••With this change, package transformation options used while building a
manifest are saved in the metadata of the manifest entries.
* guix/scripts/build.scm (transformation-procedure): New procedure.
(options->transformation)[applicable]: Use it. Change to a list of
key/value/proc tuples instead of key/proc pairs.
[package-with-transformation-properties, tagged-object]: New
procedures. Use them.
(package-transformations, manifest-entry-with-transformations): New
procedures.
* guix/scripts/pack.scm (guix-pack)[with-transformations]: New
procedure.
Use it.
* guix/scripts/package.scm (process-actions)[transform-entry]: Use it.
* tests/guix-package-aliases.sh: Add test.
| Ludovic Courtès |
2020-10-02 | tests: Adjust to recent changes to the 'emacs' package.•••Test regression introduced in f88fea0eaa5796303790450ee4543a6d7e61a06e.
* tests/guix-package.sh: Add minor and patch levels in the version
numbers of 'emacs-foo-bar' and 'emacs-foo-bar-patched'.
| Ludovic Courtès |
2020-10-02 | gexp: 'local-file' warns when passed a non-literal relative file name.•••Fixes <https://bugs.gnu.org/43736>.
Reported by Vitaliy Shatrov <guix.vits@disroot.org>.
* guix/gexp.scm (%local-file): Add #:literal? and #:location.
Emit a warning when LITERAL? is false and FILE is not absolute.
(local-file): In the non-literal case, pass #:location and #:literal?.
* po/guix/POTFILES.in: Add guix/gexp.scm.
* tests/guix-system.sh: Add test for the warning.
| Ludovic Courtès |
2020-10-02 | tests: opam: Test additional syntax.•••* tests/opam.scm (test-comment): New test.
(test-lists): Add more tests for complex list patterns.
| Julien Lepiller |
2020-10-02 | tests: opam: Factorize tests.•••* tests/opam.scm: Remove duplicate code.
| Julien Lepiller |
2020-10-01 | linux-container: Reset jailed root permissions.•••* gnu/build/linux-container.scm (mount-file-systems): Add 'chmod' call.
* tests/containers.scm
("call-with-container, mnt namespace, root permissions"): New test.
| Jelle Licht |
2020-09-30 | scripts: system: Add support for image-type.•••* guix/scripts/system.scm (list-image-types): New procedure,
(%options): add "image-type" and "list-image-types" options, remove
"file-system-type" option,
(show-help): adapt accordingly,
(%default-options): also adapt, and set the default "image-type" to "raw",
(perform-action): add image-type argument and remove file-system-type argument,
(process-action): adapt perform-action call,
(system-derivation-for-action): remove base-image
argument, add image-type argument, and use it to create the image passed to
"system-image".
* tests/guix-system.sh: Adapt accordingly and add a test for
"--list-image-types" command.
* doc/guix.texi (Building the Installation Image,
Invoking guix system): Adapt accordingly.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
| Mathieu Othacehe |
2020-09-29 | openpgp: Fix argument order of 'fxbit-set?'.•••* guix/openpgp.scm (fxbit-set?): Change to swap arguments compared to
'bit-set?'.
* tests/openpgp.scm (%binary-sample): New test vector.
("port-ascii-armored?, #t"): Add test.
("port-ascii-armored?, #f"): Add another test.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
| Lars-Dominik Braun |
2020-09-28 | tests: Simplify shell exit status negation;•••* tests/guix-archive.sh, tests/guix-build-branch.sh, tests/guix-build.sh,
tests/guix-daemon.sh, tests/guix-download.sh, tests/guix-environment.sh,
tests/guix-gc.sh, tests/guix-git-authenticate.sh, tests/guix-graph.sh,
tests/guix-hash.sh, tests/guix-lint.sh, tests/guix-pack-relocatable.sh,
tests/guix-pack.sh, tests/guix-package-aliases.sh, tests/guix-package-net.sh,
tests/guix-package.sh: Use the shell '!' keyword to negate command exit status
in place of 'if ...; then false; else true; fi'
| Eric Bavier |
2020-09-27 | packages: 'package-input-rewriting' has a #:deep? parameter.•••* guix/packages.scm (package-input-rewriting): Add #:deep? and pass it
to 'package-mapping'.
[replacement-property]: New variable.
[rewrite]: Check it.
[cut?]: New procedure.
* tests/packages.scm ("package-input-rewriting"): Pass #:deep? #f and
ensure implicit inputs were not rewritten. Avoid 'eq?' comparisons.
("package-input-rewriting, deep"): New test.
* gnu/packages/guile.scm (package-for-guile-2.0, package-for-guile-3.0):
Pass #:deep? #f.
| Ludovic Courtès |
2020-09-27 | packages: 'package-mapping' correctly recurses into 'replacement'.•••Previously, something like:
guix build glib --with-graft=glibc=glibc@2.29
would produce a result showing that rewriting rules were not applied to
libx11@1.6.A (a replacement).
* guix/packages.scm (package-mapping): Call REPLACE instead of PROC to
'replacement'.
* tests/packages.scm ("package-input-rewriting/spec, graft"): New test.
| Ludovic Courtès |
2020-09-27 | packages: 'package-input-rewriting/spec' can rewrite implicit dependencies.•••With this change, '--with-input', '--with-graft', etc. also apply to
implicit dependencies. Thus, it's now possible to do:
guix build python-itsdangerous --with-input=python-wrapper=python@2
or:
guix build hello --with-graft=glibc=glibc@2.29
Additionally, before, implicit inputs were not rewritten, which could
lead to duplicates in the output of 'bag-transitive-inputs' (packages
that are not 'eq?' but lead to the same derivation). This in turn would
lead to unnecessary rebuilds when using '--with-input' & co. This
change fixes it by ensuring even implicit inputs are rewritten.
Fixes <https://bugs.gnu.org/42156>.
* guix/packages.scm (package-input-rewriting/spec): Add #:deep?
defaulting to #true, and pass it to 'package-mapping'.
[replacement-property]: New variable.
[rewrite]: Check that property and set it on the result of PROC.
[cut?]: New procedure.
* tests/packages.scm ("package-input-rewriting/spec"): Ensure implicit
inputs were unchanged.
("package-input-rewriting/spec, partial match"): Pass #:deep? #f.
("package-input-rewriting/spec, deep")
("package-input-rewriting/spec, no duplicates"): New tests.
(package/inherit): Move before use.
* tests/guix-build.sh: Add tests.
* tests/scripts-build.scm ("options->transformation, with-graft"):
Compare dependencies by package name or derivation file name.
* doc/guix.texi (Defining Packages): Adjust accordingly.
| Ludovic Courtès |
2020-09-27 | packages: 'package-mapping' can recurse on implicit inputs.•••* guix/packages.scm (build-system-with-package-mapping): New procedure.
(package-mapping): Add #:deep? and honor it.
* tests/packages.scm ("package-mapping"): Compare the direct inputs of
the bag of P0 and that of P1.
("package-mapping, deep"): New test.
| Ludovic Courtès |
2020-09-27 | guix build: Add '--without-tests'.•••* guix/scripts/build.scm (transform-package-tests): New procedure.
(%transformations, %transformation-options)
show-transformation-options-help): Add it.
* tests/scripts-build.scm ("options->transformation, without-tests"):
New test.
* doc/guix.texi (Package Transformation Options): Document it.
| Ludovic Courtès |
2020-09-21 | environment: '--link-profile' uses ~/.guix-profile for environment variables.•••Before this patch, we had:
$ guix environment -CP --ad-hoc coreutils
[env]$ echo $PATH
/gnu/store/…-profile/bin
[env]$ echo $GUIX_ENVIRONMENT
/gnu/store/…-profile
After this patch:
$ guix environment -CP --ad-hoc coreutils
[env]$ echo $PATH
/home/ludo/.guix-profile/bin
[env]$ echo $GUIX_ENVIRONMENT
/home/ludo/.guix-profile
* guix/scripts/environment.scm (launch-environment/container): When
LINK-PROFILE? is true, pass ~/.guix-profile as the second argument to
'launch-environment'.
* tests/guix-environment-container.sh: Adjust test accordingly.
* doc/guix.texi (Invoking guix environment): Update accordingly.
| Ludovic Courtès |
2020-09-16 | repl: Look for script files in (getcwd).•••Fixes <https://bugs.gnu.org/43331>.
* guix/scripts/repl.scm (guix-repl): Replace "." by (getcwd)
* tests/guix-repl.sh: Add test.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
| Konrad Hinsen |
2020-09-15 | authenticate: Encode strings as ISO-8859-1.•••Fixes <https://bugs.gnu.org/43421>.
* guix/scripts/authenticate.scm (read-command): Decode strings as
ISO-8859-1, not UTF-8.
(guix-authenticate)[send-reply]: Encode strings as ISO-8859-1, not
UTF-8.
* tests/guix-authenticate.sh: Add test.
| Ludovic Courtès |
2020-09-14 | tests: Remove one 'delete-paths' call in 'tests/store.scm'.•••This makes the test slightly less expensive.
* tests/store.scm ("add-text-to-store vs. delete-paths")
("add-to-store vs. delete-paths"): Delete and merge into...
("add-text-to-store/add-to-store vs. delete-paths"): ... this test.
| Ludovic Courtès |
2020-09-14 | daemon: Spawn 'guix authenticate' once for all.•••Previously, we'd spawn 'guix authenticate' once for each item that has
to be signed (when exporting) or authenticated (when importing). Now,
we spawn it once for all and then follow a request/reply protocol. This
reduces the wall-clock time of:
guix archive --export -r $(guix build coreutils -d)
from 30s to 2s.
* guix/scripts/authenticate.scm (sign-with-key): Return the signature
instead of displaying it. Raise a &formatted-message instead of calling
'leave'.
(validate-signature): Likewise.
(read-command): New procedure.
(define-enumerate-type, reply-code): New macros.
(guix-authenticate)[send-reply]: New procedure.
Change to read commands from current-input-port.
* nix/libstore/local-store.cc (runAuthenticationProgram): Remove.
(authenticationAgent, readInteger, readAuthenticateReply): New
functions.
(signHash, verifySignature): Rewrite in terms of the agent.
* tests/store.scm ("import not signed"): Remove 'pk' call.
("import signed by unauthorized key"): Check the error message of C.
* tests/guix-authenticate.sh: Rewrite using the new protocol.
fixlet
| Ludovic Courtès |
2020-09-11 | daemon: Simplify interface with 'guix authenticate'.•••There's no reason at this point to mimic the calling convention of the
'openssl' command.
* nix/libstore/local-store.cc (LocalStore::exportPath): Add only "sign"
and HASH to ARGS. Remove 'tmpDir' and 'hashFile'.
(LocalStore::importPath): Add only "verify" and SIGNATURE to
* guix/scripts/authenticate.scm (guix-authenticate): Adjust
accordingly; remove the OpenSSL-style clauses.
(read-hash-data): Remove.
(sign-with-key): Replace 'port' with 'sha256' and adjust accordingly.
(validate-signature): Export SIGNATURE to be a canonical sexp.
* tests/guix-authenticate.sh: Adjust tests accordingly.
| Ludovic Courtès |
2020-09-11 | store: Test 'import-paths' with unauthorized and unsigned nar bundles.•••* tests/store.scm ("import not signed")
("import signed by unauthorized key"): New tests.
| Ludovic Courtès |