It's useful to see the link directives and other options passed to the
compiler when debugging build issues.
* guix/build/meson-build-system.scm (build): Invoke ninja with its --verbose
option.
Change-Id: Iab11eeb29351a1d6a954576e3a916e2d536058d9
(cherry picked from commit d9b9670b05)
Fixesguix/guix#1162.
This solves two issues: Not having to wait for the network timeout (same as the
nodownload) option and also disabling meson to fall back to predownloaded
subprojects.
If desired, this behaviour can be overridden by adding --wrap-mode=MODE to #:configure-flags.
* guix/build/meson-build-system.scm (configure): Add --wrap-mode=nofallback.
Change-Id: Ibf1d6ac60a4c47cd71574a96ceb8773e6d8cf60b
(cherry picked from commit fe8dded27f)
* guix/build-system/mix.scm (mix-build): Add test-flags keyword
argument and pass it on.
* guix/build/mix-build-system.scm (check): Add test-flags keyword
argument and pass it to Mix.
Change-Id: Ib8243aaaf7a7d02df993cee44f33b36566049e83
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Follow up of 66463356ce.
* guix/git.scm (update-cached-checkout)[symref?]: New procedure.
[ref->refspecs]: New procedure.
Use them.
Change-Id: Ia2cb7db45222d59d61a2349bec277fd06456844b
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Modified-by: Ludovic Courtès <ludo@gnu.org>
The current error is very uninformative, use a proper exception to
give more information when this happens:
`In procedure map: Wrong type argument: #f`
After this patch:
`In procedure raise-exception:
ERROR:
1. &no-wheels-found`
* guix/build/pyproject-build-system.scm (&no-wheels-found): Add exception.
(install): Handle exception.
Change-Id: Ie72d3b50dfededb2d598162672cdb4321c42b632
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
In some rare cases, the dest-path can be an elf-file, which are
unreadable by substitute*, leading to an error instead of just
continuing which makes more sense in this case.
* guix/build-system/pyproject.scm (check): Guard substitution attempt
with basic readability guarantees.
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
Using rename-file, the destination had to be empty otherwise it would error
out. This has been fixed by the use of copy-recursively, really merging them.
Changing this makes merge-directories mostly a duplicate of
copy-recursively, thus fully switch to copy-recursively.
* guix/build/pyproject-build-system.scm (install)
<python-hashbang>: Remove it, used only once.
<merge-directories>: Remove it, replace its calls by copy-recursively
and delete-file-recursively.
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
* guix/build/pyproject-build-system(check): Add python test-backend.
This will help in cases where a simple `python -m module args` call has
to be made instead of fully replacing the 'check phase, e.g. unittest
or django. This is never enabled unless #:test-backend 'python is set,
so it doesn't break anything.
As an example, the following snippet...
(arguments
(list #:phases #~(modify-phases %standard-phases
(replace 'check
(lambda* (#:key tests? #:allow-other-keys)
(when tests?
(invoke "python" "-m" "unittest"
"diff_match_patch.tests")))))))
...can be transformed like this:
(arguments
'(#:test-backend 'python
#:test-flags (list "-m" "unittest" "diff_match_patch.tests")))
Change-Id: I4919a3e01d64864e3c328609fbcce7df5b3dfe51
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
* guix/build/pyproject-build-system.scm: Hide the 'delete' symbol from
the imported (guix build utils) module to avoid a naming clash warning.
Change-Id: I48f97bf29b5282de1440c68d533c8300d4d11362
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
Using rename-file, the destination had to be empty otherwise it would
error out. By using copy-recursively, a directory can be copied onto a
pre-existing directory, really merging them. This problem manifested
itself attempting to build the python-pyre package.
Solving #596.
* guix/build/pyproject-build-system.scm (install)
<merge-directories>: Use copy-recursively instead of rename-file.
Change-Id: Iceb8609a86f29b17e5fbe6a9629339d0bc26e11f
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
* guix/import/utils.scm: (git-origin, git->origin): Add procedures.
* guix/import/elpa.scm
(download-git-repository): Remove function download-git-repository.
(git-repository->origin): Remove function git-repository->origin.
(ref): Add function ref.
(melpa-recipe->origin): Use functions git->origin and ref.
* guix/import/go.scm
(git-checkout-hash): Remove function git-checkout-hash.
(transform-version): Add function transform-version.
(vcs->origin): Use functions git->origin and transform-version. Add
optional argument transform-version.
* tests/import/go.scm
(go-module->guix-package): Adapt test case to changes in guix/import/go.scm.
* guix/import/luanti.scm
(download-git-repository): Remove function download-git-repository.
(make-luanti-sexp): Use function git->origin.
* tests/luanti.scm
(make-package-sexp): Refresh function accordingly.
* guix/import/composer.scm
(make-php-sexp): Use function git->origin.
Change-Id: Ied05a63bdd60fbafe26fbbb4e115ff6f0bb9db3c
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
Follow up of 66463356ce.
Because of the mentioned change, update-cached-checkout doesn't
update the checkout for branches, commits or tags.
This means `guix pull` with %default-channels no longer pulls
newer versions. `forward-update-check` no longer fetches the
commit to check relations for, leading to an error that
reference is not available.
* guix/git.scm (update-cached-checkout): Fetch remote even if symref-list is
empty.
Change-Id: Ia6bb1c669065cf19a6dd16c2a403e8590bc07613
Fixesguix/guix#2410.
Until now, ‘guix shell’ and ‘guix time-machine’ would store GC roots under
~/.cache/guix. However, this directory is unreadable to guix-daemon when it’s
running without root privileges. This commit changes ‘guix shell’ and ‘guix
time-machine’ so they store GC roots under /var/guix/profiles/per-user/$USER,
in a world-readable directory.
An added benefit is that, in cluster setups, user homes no longer need to be
mounted on the head node for GC to work (assuming ‘guix build -r’ and similar
are not used).
* guix/inferior.scm (%inferior-cache-directory): Change default value to be
under ‘%profile-directory’.
(%legacy-inferior-cache-directory): New variable.
(cached-channel-instance): Add ‘maybe-remove-expired-cache-entries’ call.
* guix/scripts/environment.scm (launch-environment/container)[nesting-mappings]:
Add /inferiors and /profiles sub-directories of ‘%profile-directory’. Call
‘mkdir-p’ for these two directories.
* guix/scripts/shell.scm (%profile-cache-directory): Change default value to
be under ‘%profile-directory’.
(%legacy-cache-directory): New variable.
(guix-shell): Add call to ‘maybe-remove-expired-cache-entries’.
Change-Id: Ie7d6c16a55b35c7beb18078c967d6fc902bf68d0
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This allows ‘update-cached-checkout’ to fetch symbolic references such as
those created by the AGit workflow with Forgejo instances.
* guix/git.scm (update-cached-checkout): Create/update remote references
locally.
Change-Id: Ice761d09eebc4f1275381a4eefbdd679d9b95127
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/inferior.scm (channel-full-commit): Use channel-reference to get a Git reference.
Change-Id: Ia07f8d202ba1df1497d2763d8d49d547c6955ca6
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixesguix/guix#2450.
This reverts commit b5745a327e, which introduced
discrepancies in how substitutes are served; in particular, narinfos of
non-substitutable items would still be served, and likewise for narinfos and
nars of dependents of non-substitutable items.
Fixesguix/guix#1901.
Previously, ‘guix gc --list-busy’ (which is invoked by ‘guix-daemon’) would
open a connection to the daemon, which in turn attempts to create
/var/guix/profiles/per-user/$USER. However, when ‘guix-daemon‘ is running as
an unprivileged user, creating that directory fails with EPERM. Because of
this, garbage collection would always fail when running the unprivileged
daemon on Guix System.
* guix/scripts/gc.scm (guix-gc): Remove upfront call to ‘open-connection’.
Instead, use ‘with-store’ only for operations that require it.
Change-Id: I1fbfd97cf7ba9e3087f7287b4776ea2f6623400d
This reverts commit a7db92d9b3, this time with
the more careful command, to avoid a world rebuild:
grep -rl --exclude-dir=build --exclude-dir=patches --exclude=ld-wrapper.in \
--exclude=sitecustomize.py --exclude=guix-emacs.el maxim.cournoyer@gmail.com |
xargs sed -i 's/maxim.cournoyer@gmail.com/maxim@guixotic.coop/g'
Change-Id: I0871f5cf9ace79e34e78e24154d0da6ea95a3a91
The change was automated via:
git grep -l maxim.cournoyer@gmail.com |
xargs sed -i 's/maxim.cournoyer@gmail.com/maxim@guixotic.coop/g'
* .mailmap: New entry.
Change-Id: Iaa88b1e51c94159c49138fb43910badb990eb169
* guix/scripts/home.scm (spawn-home-container): Add ‘options’ field to
the /run/user/$UID and ‘home-directory’ file systems.
Change-Id: Ic6d987fe186f9c49718f15c71867953a20f2fb68
Fixesguix/guix#1975.
When using ‘read’, ‘package-field-location’ would not get source location for
atoms such as symbols, typically making it impossible to get the location of
the value of a field list (build-system gnu-build-system). This fixes that.
* guix/packages.scm (field-value-location): New procedure.
(package-field-location): Use it instead of inline code.
* tests/packages.scm ("package-field-location"): Test the ‘build-system’
field.
Reported-by: Nicolas Graves <ngraves@ngraves.fr>
Change-Id: I98c694bb6f1999fa9ca80e145fa016640067af55
* guix/build/emacs-utils.scm (emacs-makeinfo): New variable.
* gnu/packages/emacs-xyz.scm (emacs-show-font, emacs-mct, emacs-corfu)
(emacs-cape, emacs-embark, emacs-orderless, emacs-consult, emacs-marginalia)
(emacs-logos, emacs-tmr, emacs-beframe, emacs-tempel, emacs-lin, emacs-pulsar)
(emacs-dired-preview, emacs-modus-themes, emacs-org-glossary, emacs-vertico)
(emacs-org-margin, emacs-osm)[#:phases]<makeinfo>: Use it.
Move before ‘install’ if it was previously after ‘install’.
This hides these lines from codespell so it doesn't try to fix the
spelling of these intentional typos.
* guix/lint.scm (check-description-style)[check-description-typo]: Add
codespell hints to ignore some lines.
Change-Id: I002d2ba6079a5dcf9165d3821eda579f6dfa2ecf
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
Some arguments used for lower but not for the builder were passed as
arguments to the builders. Remove this ambiguity.
* guix/build-system/rakudo.scm (lower)[private-keywords]: Add keywords
with-prove6? and with-zed?,...
(rakudo-build): ... removed from here.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
An unused glibc package made its way into the copy-build-system.
It's confusing, so remove it.
* guix/build-system/copy.scm (default-glibc): Remove variable.
(lower): Remove glibc keyword.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/build/tree-sitter-build-system.scm (install): Switch to
building with -std=c11.
Fixes: guix/guix#2215
Change-Id: I04f3ede07aeaaa9cf95272611d6346295f603b69
Signed-off-by: Danny Milosavljevic <dannym@friendly-machines.com>
"guix perform-download" is used to implement the daemon's "download" and
"git-download" builtin builders. Because these are builtins, it runs without
any additional isolation beyond merely running as a build user. In such a
context, allowing arbitrary user-supplied code to be evaluated will easily
lead to the build user being taken over, which can then be used to corrupt
future builds, enable exploitation of certain vulnerabilities, and in the case
of the rootless daemon completely take over guix-daemon.
Use (ice-9 sandbox) to ensure that only safe bindings are available during the
evaluation of the content-addressed-mirrors file.
* guix/perform-download.scm (%safe-bindings, %sandbox-module): new variables.
(syntax-noop): new syntax.
(eval-content-addressed-mirrors, assert-store-file,
call-with-input-file/no-symlinks): new procedures.
(perform-download): use assert-store-file to ensure files are in the store
before being read. Use call-with-input-file/no-symlinks for opening
untrusted files. Use eval-content-addressed-mirrors to evaluate the
content-addressed-mirrors file.
Change-Id: I8ed27a95d84dbcc7d72d0d75f172d113f8be6c79
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/build/download.scm (url-fetch): don't pass the return value from a
content-addressed-mirror procedure to 'string->uri' if it is #f.
Change-Id: Ic4f94f86fcfebe6f2e60cb3c4330ce57886ab647
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Since this is used to implement the "download" and "git-download" builtins,
which are run outside of any chroot, this is trusted code with respect to the
user-supplied strings it reads.
* guix/scripts/perform-download.scm (read/safe): new procedure.
(perform-download, perform-git-download): use it.
(guix-perform-download): explicitly set 'read-eval?' to #f and
'read-hash-procedures' to '(). #f is the default value of 'read-eval?' on
startup, but set it anyway to be certain.
Change-Id: I93cb8e32607a6f9a559a26c1cbd6b88212ead884
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Mercurial currently has CVEs. IMHO, it's unsafe to carry them around
in a profile. However, updating mercurial potential leads to a lot of
rebuilds and I don't want to tackle this right now.
As for other packages, the way forward is to add a variant of the
package only used for hg-fetch, here mercurial/pinned.
* gnu/packages/version-control.scm
(mercurial-check-phase): Add helper variable.
(mercurial): Update to 7.1.
[arguments]: Use gexps.
<#:phases>: Refresh them. Add phase 'add-install-to-pythonpath for
running tests. Run tests after install. Add phase 'configure-check.
<#:imported-modules, #:modules>: Add them for
'add-install-for-pythonpath.k
[native-inputs]: Remove python-nose. Add python-setuptools-next,
python-setuptools-scm-next.
(mercurial/pinned): Inherit from mercurial, but build the exact same
derivation as the previous mercurial variable.
* guix/hg-download.scm (hg-package): Use mercurial/pinned.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Subversion currently has CVEs. IMHO, it's unsafe to carry them around
in a profile. However, updating subversion potential leads to a lot of
rebuilds and I don't want to tackle this right now.
As for other packages, the way forward is to add a variant of the
package only used for svn-fetch, here subversion/pinned.
* gnu/packages/version-control.scm (subversion): Update to 1.14.5.
(subversion/pinned): Inherit from subversion, but build the exact same
derivation as the previous subversion variable.
* guix/svn-download.scm (subversion-package): Use subversion/pinned.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
