GNU bug report logs -
#74542
[PATCH 00/11] Improved tooling for package updates
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Tue, 26 Nov 2024 10:33:01 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #116 received at 74542 <at> debbugs.gnu.org (full text, mbox):
Hello!
This version aims to address comments by Simon and additional issues
I stumbled upon:
• Short option for ‘--dependents’ is now ‘-P’ (instead of ‘-T’).
• More package refresher metadata updates (GnuTLS, Git).
• ‘generic-html’ updater correctly computes URLs for ‘curl’ and
any other package that uses <base href="…"> in its release
monitoring page.
• ‘package-with-upstream-version’ can preserve patches. This turns
out to be a hard requirement if we want to make this useful.
While ‘guix build openssl --with-latest=openssl’ dismisses patches,
what we want here instead is to preserve patches, such that what’s
being built is exactly the same as what we’d get with ‘guix
refresh -u openssl’.
• ‘package-with-upstream-version’ can disable authentication: it’s
essentially required if we are to run this in a non-interactive
way, given the fact that we cannot reliably fetch keys from OpenPGP
key servers.
• Manifest is now limited to a dozen security-critical packages (I
left out leaf packages entirely; we can work on it separately
later).
• Manifest is more precise: it refers to the packages to update by
their variable (rather than by package specs), which again makes
sure we’re upgrading the exact variant we want to upgrade.
Thoughts?
I’d like to have the manifest built by CI soon so we can assess
its usefulness and tweak it as needed.
Ludo’.
Ludovic Courtès (16):
transformations: Export ‘package-with-upstream-version’.
gnu-maintenance: ‘import-html-release’ doesn’t abort upon HTTP 404.
gnu-maintenance: Savannah/Xorg updaters no longer abort on network
errors.
guix build: Add ‘--development’ option.
packages: Factorize ‘all-packages’.
guix build: Add ‘--dependents’.
import: gnome: Keep going upon HTTP errors.
gnu-maintenance: ‘gnu-ftp’ updater excludes GnuPG-hosted packages.
gnu: Update updater properties for GnuPG-related packages.
gnu: gnutls: Change release monitoring URL.
gnu: git-minimal: Add ‘upstream-name’ property.
gnu-maintenance: ‘generic-html’ update honors <base href="…">.
guix build: Validate that the file passed to ‘-m’ returns a manifest.
transformations: ‘package-with-upstream-version’ can preserve patches.
transformations: Add #:authenticate? to
‘package-with-upstream-version’.
etc: Add upgrade manifest.
Makefile.am | 1 +
doc/contributing.texi | 4 +-
doc/guix.texi | 52 +++++++++
etc/source-manifest.scm | 13 +--
etc/upgrade-manifest.scm | 128 +++++++++++++++++++++
gnu/packages.scm | 20 +++-
gnu/packages/gnupg.scm | 40 ++-----
gnu/packages/tls.scm | 6 +-
gnu/packages/version-control.scm | 3 +-
guix/download.scm | 3 +-
guix/gnu-maintenance.scm | 90 +++++++++------
guix/import/gnome.scm | 13 ++-
guix/scripts/build.scm | 185 ++++++++++++++++++++++++-------
guix/scripts/graph.scm | 10 --
guix/scripts/refresh.scm | 10 --
guix/scripts/weather.scm | 15 ---
guix/transformations.scm | 43 ++++++-
tests/guix-build.sh | 11 ++
tests/transformations.scm | 31 +++++-
19 files changed, 517 insertions(+), 161 deletions(-)
create mode 100644 etc/upgrade-manifest.scm
base-commit: f8979b4bcc8772d02640f6f665b4195380d57df9
--
2.46.0
This bug report was last modified 169 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.