Fixes <https://bugs.gnu.org/42286>.
Regression introduced with the switch to Guile 3.0 in commit
b6bee63bed.
* guix/git-download.scm (git-fetch): Parameterize %VERIFY-SWH-CERTIFICATE.
* guix/swh.scm (%verify-swh-certificate?): New parameter.
(http-get*, http-post*): New procedures.
(request-rate-limit-reached?): Use 'http-post*' instead of 'http-post'.
(update-rate-limit-reset-time!): Likewise.
(request-cooking): Likewise.
(call): Method defaults to 'http-get*' instead of 'http-get'. Pass
#:verify-certificate? to METHOD.
(vault-fetch): Likewise.
* guix/discovery.scm (fold-module-public-variables*): In the docstring,
replace (PROC MODULE SYMBOL VARIABLE) with (PROC MODULE SYMBOL VARIABLE
RESULT).
Suggested by Ricardo Wurmus and Simon Tournier.
* guix/channels.scm (sexp->channel-introduction): New procedure.
(read-channel-metadata): Use it.
(profile-channels)[sexp->channel-introduction]: Remove.
* tests/channels.scm ("latest-channel-instances, authenticate dependency"):
New test.
* doc/guix.texi (Channels)[Declaring Channel Dependencies]: Augment example.
* gnu/services.scm (channel->code): Include CHANNEL's introduction, if
any, unless CHANNEL is the singleton %DEFAULT-CHANNELS.
(channel->sexp): Add comment.
* guix/scripts/system.scm (sexp->channel): Change pattern to allow for
extensibility.
With this change, profiles created by 'guix pull' & co. include channel
introductions as part of the channel metadata of each manifest entry.
* guix/channels.scm (channel-instances->manifest)[instance->entry]: Add
'introduction' field when CHANNEL has an introduction.
(profile-channels)[sexp->channel-introduction]: New procedure.
Use it to initialize the 'introduction' field.
In the end signing the commit/key pair does not buy us much. Someone
publishing a valid but different commit/key pair would effectively be
publishing a different channel, which could be a fork (made by a former
authorized developer) or simply a mirror. In the latter case, there's
nothing to be gained by publishing a different commit/key pair.
* guix/channels.scm (<channel-introduction>)[signature]: Remove.
(make-channel-introduction): Adjust accordingly.
* guix/channels.scm (<channel-introduction>): Rename constructor to
'%make-channel-introduction'.
(make-channel-introduction): New procedure.
* tests/channels.scm ("authenticate-channel, wrong first commit signer")
("authenticate-channel, .guix-authorizations"): Use
'make-channel-introduction' without '@@' and without third argument.
* doc/guix.texi (Channels)[Channel Authentication, Specifying Channel
Authorizations]: New subsections.
Fixes <https://bugs.gnu.org/42127>.
Reported by Andrius Štikonas <andrius@stikonas.eu>.
* guix/scripts/pack.scm (wrapped-package)[build]: Add trailing slash to
the arguments to 'find-files'.
* guix/channels.scm (latest-channel-instance): Raise an error instead of
warning when 'guix is unauthenticated.
* tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
New test.
* guix/ui.scm (with-paginated-output-port): Export.
* guix/scripts/processes.scm (guix-processes): Use it instead of writing
directly to (current-output-port).
Fixes <https://bugs.gnu.org/42047>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
* guix/store.scm (open-connection): Use '=' instead of 'eqv?'.
This works around <https://bugs.gnu.org/42060> while also being more
accurate since the arguments are known to be integers.
Suggested by Caleb Ristvedt <caleb.ristvedt@cune.org>.
* guix/store/deduplication.scm (call-with-writable-file): Call THUNK
directly when FILE is (%store-directory).
Suggested by Caleb Ristvedt <caleb.ristvedt@cune.org>.
* guix/store/deduplication.scm (call-with-writable-file): New procedure.
(with-writable-file): New macro.
(replace-with-link): Use it.
This gives an 18% speedup on the wall-clock time of:
guile -c '(use-modules (git) (guix git-authenticate)) (load-keyring-from-reference (repository-open ".") "keyring")'
* guix/openpgp.scm (crc24): Rewrite by calling out to 'bytevector-hash'.
The guix-translated-texinfo.drv execution time goes from 1mn42s with 1
core to 1mn8s with 4 cores.
* guix/self.scm (translate-texi-manuals)[build]: Use 'n-par-for-each'
instead of 'for-each' for translation.
This reduces the execution time of:
(call-with-input-file "po/doc/guix-manual.de.po" read-po-file)
from 4.7s to 4.0s.
* guix/build/po.scm (interpret-newline-escape): New procedure.
(parse-tree->assoc): Use it instead of 'regexp-substitute/global'.
Building guix-translated-texinfo.drv goes from 11mn to 1mn50s, most of
which is taken by po4a.
* guix/self.scm (translate-texi-manuals)[build](make-ref-regex): Remove.
(canonicalize-whitespace): New procedure.
(xref-regexp): New variable.
(translate-cross-references): Rewrite to iterate over the
cross-references rather than iterating over the msgids. Update caller.
Until now, we'd call (nar-sha256 file) unconditionally. Thus, if FILE
was a directory, we would traverse it for no reason, and then call
'deduplicate' on FILE, which would again traverse it.
This change also removes redundant (mkdir-p store) calls from the loop,
and avoids 'lstat' calls by using 'scandir*'.
* guix/store/deduplication.scm (deduplicate): Add named loop. Move
'mkdir-p' outside the loop. Use 'scandir*' instead of 'scandir'. Do
not call 'nar-sha256' when FILE has type 'directory.
Fixes <https://bugs.gnu.org/41908>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
The relation check imposed an extra restriction that was unnecessary:
it's enough to authenticate the set difference between the closure of
START-COMMIT and that of END-COMMIT. Any attempt to jump to an
unrelated commit would lead to the authentication failure of one commit
on the way.
* guix/channels.scm (authenticate-channel): Remove extra
'commit-relation' check when (null? commits).
Fixes <https://bugs.gnu.org/41775>.
* guix/build-system/gnu.scm (gnu-cross-build)[canonicalize-reference]:
Pass TARGET and SYSTEM to 'package-cross-derivation'.
This test was skipped since the switch to Guile 3 because
'assert-container-features' would be inlined and thus accessing it with
@@ would fail with an unbound-variable error.
* guix/scripts/environment.scm (assert-container-features): Export.
* tests/guix-environment-container.sh: Use single '@'.
* guix/build/lisp-utils.scm (make-asd-file): Ensure lib directory exists and
check if prebuilt bundle system was generated.
(generate-system-definition): Add :class and :components only if prebuilt
system was generated.
Fixes <https://bugs.gnu.org/41924>.
* guix/profiles.scm (linux-module-database)[build]: Arrange so
'directory-entries' always returns a list. Add 'match' clause for the
empty list.
Co-authored-by: Ivan Kozlov <kanichos@yandex.ru>
* guix/nar.scm (finalize-store-file): Call 'register-items' and pass it
DB. This avoids opening the database a second time and hopefully
reduces contention on 'db.sqlite-shm'.
* guix/channels.scm (<channel-metadata>)[url]: New field.
(read-channel-metadata): Initialize it.
(read-channel-metadata-from-source): Likewise.
(channel-instance-primary-url): New procedure.
(latest-channel-instances): Compare CHANNEL's URL against it.
* doc/guix.texi (Channels)[Primary URL]: New subsection.
This has become redundant with the standard 'unpack' phase since
17919a5801.
* guix/build/gnu-dist.scm (copy-source): Remove.
(%dist-phases): Remove 'unpack' phase.
This is useful when people run "guix time-machine -C channels.scm",
where 'channels.scm' misses channel introductions.
* guix/channels.scm (%default-channel-url): New variable.
(%default-channels): Use it.
(ensure-default-introduction): New procedure.
(latest-channel-instance): Call it.
This should come before patching, authentication, etc.
* guix/channels.scm (latest-channel-instance): Add #:validate-pull
parameter and honor it. Return a single value: the instance.
(ensure-forward-channel-update): Change 'instance' parameter to 'commit'
and adjust accordingly.
(latest-channel-instances): Adjust to 'latest-channel-instance' changes.
* guix/scripts/pull.scm (warn-about-backward-updates): Change 'instance'
parameter to 'commit' and adjust accordingly.
* tests/channels.scm ("latest-channel-instances #:validate-pull"):
Likewise.
Fixes <https://bugs.gnu.org/22883>.
* guix/channels.scm (<channel>)[introduction]: New field.
(<channel-introduction>): New record type.
(%guix-channel-introduction): New variable.
(%default-channels): Use it.
(<channel-metadata>)[keyring-reference]: New field.
(%default-keyring-reference): New variable.
(read-channel-metadata, read-channel-metadata-from-source): Initialize
the 'keyring-reference' field.
(commit-short-id, verify-introductory-commit)
(authenticate-channel): New procedures.
(latest-channel-instance): Call 'authenticate-channel' when CHANNEL has
an introduction.
* tests/channels.scm (gpg+git-available?, commit-id-string): New
procedures.
("authenticate-channel, wrong first commit signer"):
("authenticate-channel, .guix-authorizations"): New tests.
* doc/guix.texi (Invoking guix pull): Mention authentication.
* guix/git-authenticate.scm (authenticated-commit-cache-file)
(cache-authenticated-commit, previously-authenticated-commits): Add
'key' parameter and honor it.
* build-aux/git-authenticate.scm (git-authenticate): Pass
"channels/guix" as the key.
This is a follow-up of 7ca533c723. The
introduced "target" variable is shadowing the target argument.
* guix/scripts/system.scm (perform-action): Rename "target" variable to
"target*".
For packages with lots of propagated inputs,
'manifest-transitive-entries', as called from 'check-for-collisions',
would exhibit pathological behavior. For example, "guix install cl-ana"
wouldn't complete in 1mn; now, it's down to 20s.
The issue was that manifest entries would never be 'equal?' due to the
delayed field in <manifest-entry>.
* guix/profiles.scm (manifest-transitive-entries): Use a vhash instead
of a set. Use 'manifest-entry=?' instead of 'equal?' when checking for
equality.
This avoids crashes for the patch-file-names checker where a <origin> is used
for a patch, but without a value for the file-name field. This is currently
the case with the bash package.
* guix/lint.scm (check-patch-file-names): Change origin-file-name to
origin-actual-file-name.
* guix/git-authenticate.scm (commit-signing-key): Add
#:disallowed-hash-algorithms and honor it.
(authenticate-commit)[recent-commit?]: New variable.
Pass #:disallowed-hash-algorithms to 'commit-signing-key'.
* tests/git-authenticate.scm ("signed commits, SHA1 signature"): New test.
* guix/lint.scm (check-patch-file-names)[starts-with-package-name?]: New
procedure, extracted from the existing logic. Using it, add a clause to
the match-lambda to handle origin records.
Fixes <https://bugs.gnu.org/41796>.
Reported by Jakub Kądziołka <kuba@kadziolka.net>.
* guix/packages.scm (input-graft): Add 'output' parameter and honor it.
Add OUTPUT to the cache key.
(input-cross-graft): Likewise.
(fold-bag-dependencies): Operate on inputs instead of nodes. Turn
VISITED into a vhash instead of a set. Pass PROC HEAD and OUTPUT
instead of just HEAD.
(bag-grafts): Adjust accordingly.
* tests/packages.scm ("package-grafts, dependency on several outputs"):
New test.
Previously call-with-transaction would both retry when SQLITE_BUSY errors were
thrown and do what its name suggested (start and rollback/commit a
transaction). This changes it to do only what its name implies, which
simplifies its implementation. Retrying is provided by the new
call-with-SQLITE_BUSY-retrying procedure.
* guix/store/database.scm (call-with-transaction): no longer restarts, new
#:restartable? argument controls whether "begin" or "begin immediate" is
used.
(call-with-SQLITE_BUSY-retrying, call-with-retrying-transaction,
call-with-retrying-savepoint): new procedures.
(register-items): use call-with-retrying-transaction to preserve old
behavior.
* .dir-locals.el (call-with-retrying-transaction,
call-with-retrying-savepoint): add indentation information.
update-or-insert can break if an insert occurs between when it decides whether
to update or insert and when it actually performs that operation. Putting the
check and the update/insert operation in the same transaction ensures that the
update/insert will only succeed if no other write has occurred in the middle.
* guix/store/database.scm (call-with-savepoint): new procedure.
(update-or-insert): use call-with-savepoint to ensure the read and the
insert/update occur within the same transaction.
Most of our queries would fail to finalize their statements properly if sqlite
returned an error during their execution. This resolves that, and also makes
them somewhat more concise as a side-effect.
This also makes some small changes to improve certain queries where behavior
was strange or overly verbose.
* guix/store/database.scm (call-with-statement): new procedure.
(with-statement): new macro.
(last-insert-row-id, path-id, update-or-insert, add-references): rewrite to
use with-statement.
(update-or-insert): factor last-insert-row-id out of the end of both
branches.
(add-references): remove pointless last-insert-row-id call.
* .dir-locals.el (with-statement): add indenting information.
guile-sqlite3 provides statement caching, making it unnecessary for sqlite to
keep re-preparing statements that are frequently used. Unfortunately it
doesn't quite emulate the semantics of sqlite_finalize properly, because it
doesn't cause a commit if the statement being finalized is the last "active"
statement (see https://notabug.org/guile-sqlite3/guile-sqlite3/issues/12). We
work around this by wrapping sqlite-finalize with our own version that ensures
sqlite-reset is called, which does The Right Thing™.
* guix/store/database.scm (sqlite-finalize): new procedure that shadows the
sqlite-finalize from (sqlite3).
Ludovic Courtès
Arun Isaac
Tobias Geerinckx-Rice
Jan (janneke) Nieuwenhuizen
Guillaume Le Vaillant
zimoun
Marius Bakke
Pierre Neidhardt
Efraim Flashner
Mathieu Othacehe
Konrad Hinsen
Ricardo Wurmus
Christopher Baines
Chris Marusich
Caleb Ristvedt