A follow up patch adds libfido2, which is dependent on libcbor. Then, guix users may tweak their ssh packages to use the internal security key provider as described in the release notes for openssh 8.2: https://www.openssh.com/txt/release-8.2

Running lint on this package with `guix-devel-mode` shows an error:

gnu/packages/compression.scm:2739:5: libcbor@0.8.0: the source file name should contain the package name