On Thu, Apr 20, 2017 at 11:20:23PM -0500, Eric Bavier wrote: > Attached is my own shot at this. It does not make use of git, so > should be fine as a regular test. It doesn't check whether the files > listed in dist_patch_DATA actually exist, because `make dist` already > checks that. I suppose it might be nice, if git a git checkout, to > check whether the used patches are all known to git... I do think it's better to avoid depending on Git here. > -----------BEGIN test-suite.log---------------- > FAIL: tests/patches > =================== > > test-name: distributed patches are used > location: /home/bavier/projects/guix/tests/patches.scm:50 > source: > + (test-equal > + "distributed patches are used" > + '() > + (lset-difference > + string=? > + distributed-patches > + used-patches)) > expected-value: () > actual-value: ("/home/bavier/projects/guix/gnu/packages/patches/ath9k-htc-firmware-binutils.patch" "/home/bavier/projects/guix/gnu/packages/patches/ath9k-htc-firmware-gcc.patch" "/home/bavier/projects/guix/gnu/packages/patches/coreutils-cut-huge-range-test.patch" "/home/bavier/projects/guix/gnu/packages/patches/gawk-shell.patch" "/home/bavier/projects/guix/gnu/packages/patches/gcc-libiberty-printf-decl.patch" "/home/bavier/projects/guix/gnu/packages/patches/gcc-4.9.3-mingw-gthr-default.patch" "/home/bavier/projects/guix/gnu/packages/patches/gcj-arm-mode.patch" "/home/bavier/projects/guix/gnu/packages/patches/glibc-bootstrap-system.patch" "/home/bavier/projects/guix/gnu/packages/patches/grub-CVE-2015-8370.patch" "/home/bavier/projects/guix/gnu/packages/patches/grub-gets-undeclared.patch" "/home/bavier/projects/guix/gnu/packages/patches/grub-freetype.patch" "/home/bavier/projects/guix/gnu/packages/patches/guile-arm-fixes.patch" "/home/bavier/projects/guix/gnu/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch" "/home/bavier/projects/guix/gnu/packages/patches/icu4c-reset-keyword-list-iterator.patch" "/home/bavier/projects/guix/gnu/packages/patches/ldc-disable-tests.patch" "/home/bavier/projects/guix/gnu/packages/patches/ldc-1.1.0-disable-dmd-tests.patch" "/home/bavier/projects/guix/gnu/packages/patches/ldc-1.1.0-disable-phobos-tests.patch" "/home/bavier/projects/guix/gnu/packages/patches/libgit2-use-after-free.patch" "/home/bavier/projects/guix/gnu/packages/patches/libxslt-CVE-2016-4738.patch" "/home/bavier/projects/guix/gnu/packages/patches/mplayer2-theora-fix.patch" "/home/bavier/projects/guix/gnu/packages/patches/patchelf-rework-for-arm.patch" "/home/bavier/projects/guix/gnu/packages/patches/pcre-CVE-2017-7186.patch" "/home/bavier/projects/guix/gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch" "/home/bavier/projects/guix/gnu/packages/patches/readline-7.0-mingw.patch" "/home/bavier/projects/guix/gnu/packages/patches/soprano-find-clucene.patch" "/home/bavier/projects/guix/gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch" "/home/bavier/projects/guix/gnu/packages/patches/util-linux-CVE-2017-2616.patch" "/home/bavier/projects/guix/gnu/packages/patches/xf86-video-ast-remove-mibstore.patch" "/home/bavier/projects/guix/gnu/packages/patches/xf86-video-intel-compat-api.patch" "/home/bavier/projects/guix/gnu/packages/patches/xf86-video-intel-glibc-2.20.patch") At least one of these is a false positive: icu4c-CVE-2017-7867-CVE-2017-7868.patch It's used in a grafted package.