From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id 2NDiGVeMSWe7fgEAe85BDQ:P1 (envelope-from ) for ; Fri, 29 Nov 2024 09:41:43 +0000 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id 2NDiGVeMSWe7fgEAe85BDQ (envelope-from ) for ; Fri, 29 Nov 2024 10:41:43 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=jxwfUpoq; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b="Ta1jbO/p"; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 37C3C768A2 for ; Fri, 29 Nov 2024 10:41:42 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tGxUq-0000UX-Ks; Fri, 29 Nov 2024 04:41:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tGxUp-0000UE-L5 for guix-patches@gnu.org; Fri, 29 Nov 2024 04:41:07 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tGxUp-0003wS-3c; Fri, 29 Nov 2024 04:41:07 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:References:In-Reply-To:Date:From:To:Subject; bh=8jBWdTzMpoQSH2YggZH/sg4RaM5fUc156ugtZxBQDm0=; b=jxwfUpoqHIgATV12KSdQjgXTnffuvR/xOrCSBqNMKj6ObLAbRuy49+nMsni/AFRt73XNbGG24Fa6AZh1H29yqNLaVU0Eqo2+J71P+CsdXHKEEqkN9uKHjW4q1DZO7FtBw9cFX2zjDYnbcvGigZlxVReyXzhPQ4REGuz2zP5m1MIuvZxKi4GNZX41MjIypwa7Ogr8us8B2SdEIM4VTAx5OJsM87arq/B5B/ne8E8lPUXRUnVI1DR+9W29is9IPbukoMI4fwRlmhZVfukVcGWYBM8WcJfUKh0oLb16IepPRgcUYmWHOJQ2T4/x3Crek24RDiCoqu7r4h2H8QpZoUffNw==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1tGxUl-0005rP-MC; Fri, 29 Nov 2024 04:41:03 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#74542] [PATCH v2 00/16] Improved tooling for package updates Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix@cbaines.net, dev@jpoiret.xyz, ludo@gnu.org, othacehe@gnu.org, zimon.toutoune@gmail.com, me@tobias.gr, guix-patches@gnu.org Resent-Date: Fri, 29 Nov 2024 09:41:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 74542 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 74542@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= , Christopher Baines , Josselin Poiret , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice X-Debbugs-Original-Xcc: Christopher Baines , Josselin Poiret , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Received: via spool by 74542-submit@debbugs.gnu.org id=B74542.173287325422452 (code B ref 74542); Fri, 29 Nov 2024 09:41:03 +0000 Received: (at 74542) by debbugs.gnu.org; 29 Nov 2024 09:40:54 +0000 Received: from localhost ([127.0.0.1]:41010 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tGxUc-0005pz-0H for submit@debbugs.gnu.org; Fri, 29 Nov 2024 04:40:54 -0500 Received: from eggs.gnu.org ([209.51.188.92]:39624) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tGxUZ-0005pP-Gb for 74542@debbugs.gnu.org; Fri, 29 Nov 2024 04:40:52 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tGxUP-0003jf-Hr; Fri, 29 Nov 2024 04:40:41 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=8jBWdTzMpoQSH2YggZH/sg4RaM5fUc156ugtZxBQDm0=; b=Ta1jbO/pQFibpSxnHEge b6V8c5OytEUh3JtQo0ls1Io8ra+PiE4yeSC4XDLs+E2+ExibGtZiBJzjF1lH42+kcKry127KuVrfy 50FTJ08a+RFngjBaNva1x0eoywTARYzp3PDeQBeKww51SVrfN5h+hGFUHbANn1rs9GMTXgG7Pcafd fi8dOaoNAed5u5hL9o3uKgn9vp2tUWXY0wvAaUL4NUQaeLC25D+s6MTtw/Yyc2fQKLNLPQWx+21yY 7fricGZ345TwuaEZH+ucIWzPRpMlIkuwL21WKKzJHoMNkB85b/xuXQv2OdXvsmK9KHOgXO8rBjRuq IwZn5jK/KzC6FA==; From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Date: Fri, 29 Nov 2024 10:40:03 +0100 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -4.81 X-Spam-Score: -4.81 X-Migadu-Queue-Id: 37C3C768A2 X-Migadu-Scanner: mx10.migadu.com X-TUID: EZcs0e/SQkT/ Hello! This version aims to address comments by Simon and additional issues I stumbled upon: • Short option for ‘--dependents’ is now ‘-P’ (instead of ‘-T’). • More package refresher metadata updates (GnuTLS, Git). • ‘generic-html’ updater correctly computes URLs for ‘curl’ and any other package that uses in its release monitoring page. • ‘package-with-upstream-version’ can preserve patches. This turns out to be a hard requirement if we want to make this useful. While ‘guix build openssl --with-latest=openssl’ dismisses patches, what we want here instead is to preserve patches, such that what’s being built is exactly the same as what we’d get with ‘guix refresh -u openssl’. • ‘package-with-upstream-version’ can disable authentication: it’s essentially required if we are to run this in a non-interactive way, given the fact that we cannot reliably fetch keys from OpenPGP key servers. • Manifest is now limited to a dozen security-critical packages (I left out leaf packages entirely; we can work on it separately later). • Manifest is more precise: it refers to the packages to update by their variable (rather than by package specs), which again makes sure we’re upgrading the exact variant we want to upgrade. Thoughts? I’d like to have the manifest built by CI soon so we can assess its usefulness and tweak it as needed. Ludo’. Ludovic Courtès (16): transformations: Export ‘package-with-upstream-version’. gnu-maintenance: ‘import-html-release’ doesn’t abort upon HTTP 404. gnu-maintenance: Savannah/Xorg updaters no longer abort on network errors. guix build: Add ‘--development’ option. packages: Factorize ‘all-packages’. guix build: Add ‘--dependents’. import: gnome: Keep going upon HTTP errors. gnu-maintenance: ‘gnu-ftp’ updater excludes GnuPG-hosted packages. gnu: Update updater properties for GnuPG-related packages. gnu: gnutls: Change release monitoring URL. gnu: git-minimal: Add ‘upstream-name’ property. gnu-maintenance: ‘generic-html’ update honors . guix build: Validate that the file passed to ‘-m’ returns a manifest. transformations: ‘package-with-upstream-version’ can preserve patches. transformations: Add #:authenticate? to ‘package-with-upstream-version’. etc: Add upgrade manifest. Makefile.am | 1 + doc/contributing.texi | 4 +- doc/guix.texi | 52 +++++++++ etc/source-manifest.scm | 13 +-- etc/upgrade-manifest.scm | 128 +++++++++++++++++++++ gnu/packages.scm | 20 +++- gnu/packages/gnupg.scm | 40 ++----- gnu/packages/tls.scm | 6 +- gnu/packages/version-control.scm | 3 +- guix/download.scm | 3 +- guix/gnu-maintenance.scm | 90 +++++++++------ guix/import/gnome.scm | 13 ++- guix/scripts/build.scm | 185 ++++++++++++++++++++++++------- guix/scripts/graph.scm | 10 -- guix/scripts/refresh.scm | 10 -- guix/scripts/weather.scm | 15 --- guix/transformations.scm | 43 ++++++- tests/guix-build.sh | 11 ++ tests/transformations.scm | 31 +++++- 19 files changed, 517 insertions(+), 161 deletions(-) create mode 100644 etc/upgrade-manifest.scm base-commit: f8979b4bcc8772d02640f6f665b4195380d57df9 -- 2.46.0