GNU bug report logs -
#59363
The package transformation 'with-commit' does not work in user-friendly way
Previous Next
Reported by: Jacob Hrbek <kreyren <at> rixotstudio.cz>
Date: Fri, 18 Nov 2022 15:57:02 UTC
Severity: normal
Tags: notabug
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #11 received at 59363 <at> debbugs.gnu.org (full text, mbox):
CC mentors -- please review and merge if appropriate
-- Jacob "Kreyren" Hrbek
------- Original Message -------
On Friday, November 18th, 2022 at 6:54 PM, Jacob Hrbek <kreyren <at> rixotstudio.cz> wrote:
> ---
> gnu/packages/package-management.scm | 208 +++++++++++++++-------------
> 1 file changed, 108 insertions(+), 100 deletions(-)
>
> diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm
> index 891b504a46..be5e581c49 100644
> --- a/gnu/packages/package-management.scm
> +++ b/gnu/packages/package-management.scm
> @@ -1915,110 +1915,118 @@ (define-public libostree
> the boot loader configuration.")
> (license license:lgpl2.0+)))
>
> -(define-public flatpak
> - (package
> - (name "flatpak")
> - (version "1.14.0")
> - (source
> - (origin
> - (method url-fetch)
> - (uri (string-append "https://github.com/flatpak/flatpak/releases/download/"
> - version "/flatpak-" version ".tar.xz"))
> - (sha256
> - (base32 "05bqy9kwmaj32y7f94fydcz3k63bsgn4mbcp4pglv8hffxrnj9wf"))
> - (patches
> - (search-patches "flatpak-fix-path.patch"
> - "flatpak-unset-gdk-pixbuf-for-sandbox.patch"))))
> +;; FIXME: Does not respect #:tests? according to guix lint
> +;; FIXME: Accodring to guix-lint it's probably vulnerable to CVE-2022-21682, CVE-2021-21261, CVE-2021-21381, CVE-2021-41133, CVE-2021-43860, CVE-2019-10063, CVE-2019-8308
> +(define-public flatpak-0.14.0
> + (let ((commit "f9a768721e881debe3a0effa3a47748033d20045"))
> + (package
> + (name "flatpak")
> + (version (git-version "0.14.0" "0" commit))
> + (source (origin
> + (method git-fetch)
> + (uri (git-reference
> + (url "https://github.com/flatpak/flatpak.git")
> + (commit commit)))
> + (sha256
> + (base32
> + "05bqy9kwmaj32y7f94fydcz3k63bsgn4mbcp4pglv8hffxrnj9wf"))
> + (file-name (git-file-name name version))
> + (patches (search-patches "flatpak-fix-path.patch"
> + "flatpak-unset-gdk-pixbuf-for-sandbox.patch"))))
>
> - ;; Wrap 'flatpak' so that GIO_EXTRA_MODULES is set, thereby allowing GIO to
> - ;; find the TLS backend in glib-networking.
> - (build-system glib-or-gtk-build-system)
> + ;; Wrap 'flatpak' so that GIO_EXTRA_MODULES is set, thereby allowing GIO to
> + ;; find the TLS backend in glib-networking.
> + (build-system glib-or-gtk-build-system)
>
> - (arguments
> - (list
> - #:configure-flags
> - #~(list
> - "--enable-documentation=no" ;; FIXME
> - "--enable-system-helper=no"
> - "--localstatedir=/var"
> - (string-append "--with-system-bubblewrap="
> - (assoc-ref %build-inputs "bubblewrap")
> - "/bin/bwrap")
> - (string-append "--with-system-dbus-proxy="
> - (assoc-ref %build-inputs "xdg-dbus-proxy")
> - "/bin/xdg-dbus-proxy"))
> - #:phases
> - #~(modify-phases %standard-phases
> - (add-after 'unpack 'fix-tests
> - (lambda* (#:key inputs #:allow-other-keys)
> - (copy-recursively
> - (search-input-directory inputs "lib/locale")
> - "/tmp/locale")
> - (for-each make-file-writable (find-files "/tmp"))
> - (substitute* "tests/make-test-runtime.sh"
> - (("cp `which.*") "echo guix\\n") - (("cp -r /usr/lib/locale/C\\\\.\\\\*") - (string-append "mkdir ${DIR}/usr/lib/locale/en_US; \\ -cp -r /tmp/locale/*/en_US.*"))) - (substitute* "tests/libtest.sh" - (("/bin/kill") (which "kill")) - (("/usr/bin/python3") (which "python3"))) - #t)) - (add-after 'unpack 'p11-kit-fix - (lambda* (#:key inputs #:allow-other-keys) - (let ((p11-path (search-input-file inputs "/bin/p11-kit"))) - (substitute* "session-helper/flatpak-session-helper.c" - (("\\"p11-kit\\",") - (string-append "\\"" p11-path "\\",")) - (("if \\\\(g_find_program_in_path \\\\(\\"p11-kit\\"\\\\)\\\\)") - (string-append "if (g_find_program_in_path (\\"" - p11-path "\\"))")))))) - ;; Many tests fail for unknown reasons, so we just run a few basic - ;; tests. - (replace 'check - (lambda _ - (setenv "HOME" "/tmp") - (invoke "make" "check" - "TESTS=tests/test-basic.sh tests/test-config.sh testcommon")))))) - (native-inputs - (list bison - dbus ; for dbus-daemon - gettext-minimal -` (,glib "bin") ; for glib-mkenums + gdbus-codegen
> - glibc-utf8-locales
> - gobject-introspection
> - libcap
> - pkg-config
> - python
> - python-pyparsing
> - socat
> - which))
> - (inputs
> - (list appstream
> - appstream-glib
> - bubblewrap
> - curl
> - dconf
> - fuse
> - gdk-pixbuf
> - gpgme
> - json-glib
> - libarchive
> - libostree
> - libseccomp
> - libsoup-minimal-2
> - libxau
> - libxml2
> - p11-kit-next
> - util-linux
> - xdg-dbus-proxy))
> - (propagated-inputs (list glib-networking gnupg gsettings-desktop-schemas))
> - (home-page "https://flatpak.org")
> - (synopsis "System for building, distributing, and running sandboxed desktop
> + (arguments
> + (list #:configure-flags #~(list "--enable-documentation=no"
> + "--enable-system-helper=no"
> + "--localstatedir=/var"
> + (string-append
> + "--with-system-bubblewrap="
> + (assoc-ref %build-inputs "bubblewrap")
> + "/bin/bwrap")
> + (string-append
> + "--with-system-dbus-proxy="
> + (assoc-ref %build-inputs
> + "xdg-dbus-proxy")
> + "/bin/xdg-dbus-proxy"))
> + #:phases #~(modify-phases %standard-phases
> + (add-after 'unpack 'fix-tests
> + (lambda* (#:key inputs #:allow-other-keys)
> + (copy-recursively (search-input-directory inputs
> + "lib/locale") "/tmp/locale")
> + (for-each make-file-writable
> + (find-files "/tmp"))
> + (substitute* "tests/make-test-runtime.sh"
> + (("cp `which.*") + "echo guix\\n") + (("cp -r /usr/lib/locale/C\\\\.\\\\*") + (string-append + "mkdir ${DIR}/usr/lib/locale/en_US; cp -r /tmp/locale/*/en_US.*"))) + (substitute* "tests/libtest.sh" + (("/bin/kill") + (which "kill")) + (("/usr/bin/python3") + (which "python3"))) #t)) + (add-after 'unpack 'p11-kit-fix + (lambda* (#:key inputs #:allow-other-keys) + (let ((p11-path (search-input-file inputs + "/bin/p11-kit"))) + (substitute* "session-helper/flatpak-session-helper.c" + (("\\"p11-kit\\",") + (string-append "\\"" p11-path "\\",")) + (("if \\\\(g_find_program_in_path \\\\(\\"p11-kit\\"\\\\)\\\\)") + (string-append + "if (g_find_program_in_path (\\"" p11-path + "\\"))")))))) + (replace 'check + (lambda _ + (setenv "HOME" "/tmp") + (invoke "make" "check" + "TESTS=tests/test-basic.sh tests/test-config.sh testcommon")))))) + (native-inputs (list autoconf + automake ;for alocal + bison + dbus ;for dbus-daemon + gettext-minimal +` (,glib "bin") ;for glib-mkenums + gdbus-codegen
> + glibc-utf8-locales
> + gobject-introspection
> + libcap
> + libtool
> + pkg-config
> + python
> + python-pyparsing
> + socat
> + which))
> + (inputs (list appstream
> + appstream-glib
> + bubblewrap
> + curl
> + dconf
> + fuse
> + gdk-pixbuf
> + gpgme
> + json-glib
> + libarchive
> + libostree
> + libseccomp
> + libsoup-minimal-2
> + libxau
> + libxml2
> + p11-kit-next
> + util-linux
> + xdg-dbus-proxy))
> + (propagated-inputs (list glib-networking gnupg gsettings-desktop-schemas))
> + (home-page "https://flatpak.org")
> + (synopsis
> + "System for building, distributing, and running sandboxed desktop
> applications")
> - (description "Flatpak is a system for building, distributing, and running
> + (description
> + "Flatpak is a system for building, distributing, and running
> sandboxed desktop applications on GNU/Linux.")
> - (license license:lgpl2.1+)))
> + (license license:lgpl2.1+))))
>
> (define-public akku
> (package
> --
> 2.37.3
This bug report was last modified 2 years and 177 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.