* gnu/packages/bootstrap.scm (glibc-dynamic-linker): Update comment on where
to find shared linker name.
(make-raw-bag): Also use raw-build-guile3 when building for the 64bit Hurd.
* gnu/packages/cross-base.scm (cross-kernel-headers*): Use target-hurd?
instead of custom "i586..." matching to also use xhurd-core-headers for
target-hurd64.
* gnu/packages/make-bootstrap.scm (package-with-relocatable-glibc)
[native-inputs]: Move final-inputs before cross-packages.
(%binutils-static)[arguments]: When building for the 64bit Hurd, add
"lt_cv_prog_compiler_static_works=yes", "lt_cv_prog_compiler_static_works_CXX=yes"
to #:make-flags to convince to actually link the binaries statically.
(make-guile-static)[arguments]: When building for the 64bit Hurd, add
"lt_cv_prog_compiler_static_works=yes" to #:configure-flags to convince
libtool to actually link guile statically.
* guix/platforms/x86.scm (x86_64-gnu): New exported variable.
* guix/utils.scm (target-hurd64? system-hurd64?): New procedures.
* gnu/packages/hurd.scm (hurd-headers): Update to 0.9.git20240714.
(hurd)[arguments]: Remove rumpdisk build hack from "prepare-addons" stage.
Instead, when cross-compiling, add stage "fixup-cross-configure" to enable
rumpdisk.
* gnu/system.scm (hurd-multiboot-modules): Remove
"--x-xattr-translator-records" option that has been removed and is now the
default.
Change-Id: I4609b5a959c1ece98e2fe1aedbb1d31d6edadcca
* gnu/packages/patches/gnumach-version.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/hurd.scm (gnumach-headers): Update to v1.8+git20240714 and use
it.
* gnu/packages/commencement.scm (gnumach-headers-boot0)[origin]: Reset
patches.
Change-Id: I147c64021c2ee79dfc4cd4fd9a29529eef8890c5
* gnu/packages/python-web.scm (python-falcon)[native-inputs]: Add
python-orjson.
[arguments]: Do not patch test file; respect test-flags in custom 'check
phase; provide test-flags to ignore examples and benchmarks.
[build-system]: Use pyproject-build-system.
Change-Id: Ic173e2d940a2bb9c7f81ea3e70475f8bfff36dfb
Signed-off-by: Hilton Chain <hako@ultrarare.space>
[[PGP Signed Part:No public key for 3DECC105F5DD2382 created at 2024-10-23T14:00:24+0200 using RSA]]
The test render required pressing a key after it was done, which caused the
package build to get stuck. Also disable the render display window, which
did not cause issues but was pointless.
* gnu/packages/graphics.scm (povray)[args]: Patch test render not to pause nor
display a window.
Change-Id: Ia9527b3a67896972b399464b97dda464365d41ea
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Reset .dict file mtime to start of the epoch before compressing with dictzip.
* gnu/packages/patches/freedict-tools-fix-determinism.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/dictionaries.scm (freedict-tools): Use it.
Signed-off-by: Runciter <runciter@whispers-vpn.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes a bug introduced in 794e079437
whereby the grep patterns used in this test would also match
/gnu/store/…-rust-libgit2-sys-0.17.0+1.8.1.drv, thus getting 5 matches
instead of 4.
* tests/guix-build.sh: Refine grep patterns for ‘guix build -P1’ test.
Reported-by: Janneke Nieuwenhuizen <janneke@gnu.org>
Change-Id: Iae35e6ee44b8eca0ef66c1d8ab7f9ff65a59d8d0
* gnu/packages/bioinformatics.scm (homer)[arguments]: Update 'install phase to
also install "homer" to the bin directory.
Change-Id: Ia2d23fce493f9c10cc43ac126cd83956b4b9bb05
* gnu/packages/compression.scm (zstd)[arguments]: Adjust the custom
'adjust-library-locations phase to have separate logic for targeting
mingw32. Adjust the make-flags to add some extra flags when targeting
mingw32.
Change-Id: Ifd32a6bd9157af93c7338dacc96467e2756b9314
* gnu/packages/databases.scm (redis): Add a note with the package to be
aware of the upcoming non-free license change.
Change-Id: I60ef9bce81b6650d88f567e98c5bcf543a13082e
Commit eee95b5a87 changed package
rewriting to ignore hidden packages. This patch permits the previous use
by adding an option to rewrite hidden packages.
* guix/packages.scm (package-input-rewriting/spec)[rewrite]: When P is
hidden, return it as-is unless #:replace-hidden? has been enabled.
* tests/packages.scm ("package-input-rewriting/spec, replace hidden
package"): New test.
* doc/guix.texi (Defining Package Variants): Update.
Change-Id: I0a7988cac70e0c6b88b0fe6e27c1036fa723e030
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
New upstream version. Fixes CVEs:
CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL
CVE-2024-11700: Potential Tapjacking Exploit for Intent Confirmation
on Android
CVE-2024-11692: Select list elements could be shown over another site
CVE-2024-11701: Misleading Address Bar State During Navigation
Interruption
CVE-2024-11702: Inadequate Clipboard Protection in Private Browsing
Mode on Android
CVE-2024-11693: Download Protections were bypassed by .library-ms
files on Windows
CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility
Shims
CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and
Whitespace Characters
CVE-2024-11703: Password access without authentication via PIN bypass
on Android
CVE-2024-11696: Unhandled Exception in Add-on Signature Verification
CVE-2024-11697: Improper Keypress Handling in Executable File
Confirmation Dialog
CVE-2024-11704: Potential Double-Free Vulnerability in PKCS#7
Decryption Handling
CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts
Transition on macOS
CVE-2024-11705: Null Pointer Dereference in NSC_DeriveKey
CVE-2024-11706: Null Pointer Dereference in PKCS#12 Utility
CVE-2024-11708: Data race with PlaybackParams
CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR
128.5, and Thunderbird 128.5
* gnu/packages/librewolf.scm (librewolf): Update to 133.0-1.
Change-Id: I611505daf4d4f0940405190471f443d99102c2b9
Signed-off-by: Hilton Chain <hako@ultrarare.space>
* guix/transformations.scm (upstream-source-without-signatures): New
procedures.
(package-with-upstream-version): Add #:authenticate? and honor it.
Change-Id: Ib86feb765f57bc1b129e813780abc605c43ed97b
* guix/transformations.scm (upstream-fetch): New procedure.
(package-with-upstream-version): Add #:preserve-patches? and honor it.
Change-Id: Ib56b84957d8bdad2eebe2551e2a6e477506fc55e
This fixes updates of ‘curl’: <https://curl.se/download/> includes
<base href="…"> in its head and ignoring it would lead to incorrect
download URLs.
* guix/gnu-maintenance.scm (html-links): Keep track of <base href="…">
in ‘loop’. Rewrite relative links at the end.
Change-Id: I989da78df3431034c9a584f8e10cad87ae6dc920
Since ftp://ftp.gnupg.org no longer exists, another updater should be
used for packages with code fetched from mirror://gnupg.
* guix/gnu-maintenance.scm (gnupg-hosted?): New procedure.
(%gnu-ftp-updater): Exclude packages that match ‘gnupg-hosted?’.
* guix/download.scm (%mirrors): Remove ftp://ftp.gnupg.org.
Change-Id: I653877ad843da60281d3a234acc85743bee64856
* guix/import/gnome.scm (import-gnome-release): Do not re-raise
condition C, emit a warning instead.
Change-Id: I9a7c337a17d1f7ed4677398e7b0f383befca7d74
Previously these updaters would fail upon networking error, causing the
whole process to abort:
$ guix refresh coreutils libgcrypt
guix refresh: error: connect*: Connection refused
* guix/gnu-maintenance.scm (import-release*, import-xorg-release): Wrap
in ‘false-if-networking-error’.
Change-Id: I8d309bf8662e2d46460585b4a1b7da0a4f2e8907
Previously, updaters using ‘import-html-release’ would throw to 'quit
when the HTML page isn’t found, aborting the whole process:
$ guix refresh coreutils libchop
guix refresh: error: https://de.freedif.org/savannah//libchop/: HTTP download failed: 404 ("Not Found")
* guix/gnu-maintenance.scm (url->links): Guard against ‘http-get-error?’
and return the empty list when it is raised.
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Change-Id: I419ff96ddb424aa8c74d6bab3d66a5e85355c3dc
