From: Ian Eure <ian@retrospec.tv>
To: 71832@debbugs.gnu.org
Cc: Ian Eure <ian@retrospec.tv>, guix-security@gnu.org
Subject: [bug#71832] [PATCH v6 2/3] gnu: Add nss-rapid.
Date: Sat, 17 Aug 2024 12:32:39 -0700 [thread overview]
Message-ID: <20240817193240.27089-3-ian@retrospec.tv> (raw)
In-Reply-To: <20240817193240.27089-1-ian@retrospec.tv>
* gnu/packages/nss.scm (nss-rapid): New variable.
Change-Id: I2bdd2119fb0c857feae9eb2e47a28909b8228cd7
---
gnu/packages/nss.scm | 67 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 67 insertions(+)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 9224a8ed5a..1a684e6146 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,6 +106,8 @@ (define-public nspr-4.32
(base32
"0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv"))))))
+;; nss should track ESRs, but currently doesn't. 3.102.1 is the current ESR.
+
(define-public nss
(package
(name "nss")
@@ -303,6 +305,71 @@ (define-public nss/fixed
(invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))))))))))
+;; nss-rapid tracks the rapid release channel. Unless your package requires a
+;; newer version, you should prefer the `nss' package, which tracks the ESR
+;; channel.
+;;
+;; See https://wiki.mozilla.org/NSS:Release_Versions
+;; and https://wiki.mozilla.org/Rapid_Release_Model
+
+(define-public nss-rapid
+ (package
+ (inherit nss)
+ (name "nss-rapid")
+ (version "3.103")
+ (source (origin
+ (inherit (package-source nss))
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "0qp9rs226rr6gh51b42cdbydr4mj80cli3bfqhh7bp3jyxbvcjkv"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nss)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (if tests?
+ (begin
+ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for
+ ;; testing. The latter requires a working DNS or /etc/hosts.
+ (setenv "DOMSUF" "localdomain")
+ (setenv "USE_IP" "TRUE")
+ (setenv "IP_ADDRESS" "127.0.0.1")
+
+ ;; This specific test is looking at performance "now
+ ;; verify that we can quickly dump a database", and
+ ;; we're not testing performance here (especially
+ ;; since we're using faketime), so raise the
+ ;; threshold
+ (substitute* "nss/tests/dbtests/dbtests.sh"
+ ((" -lt 5") " -lt 50"))
+
+ ;; Since the test suite is very lengthy, run the test
+ ;; suite once, not thrice as done by default, by
+ ;; selecting only the 'standard' cycle.
+ (setenv "NSS_CYCLES" "standard")
+
+ ;; The "PayPalEE.cert" certificate expires every six months,
+ ;; leading to test failures:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
+ ;; work around that, set the time to roughly the release date.
+ (invoke "faketime" "2024-08-17" "./nss/tests/all.sh"))
+ (format #t "test suite not run~%"))))))))
+ (synopsis "Network Security Services (Rapid Release)")
+ (description
+ "Network Security Services (@dfn{NSS}) is a set of libraries designed to
+support cross-platform development of security-enabled client and server
+applications. Applications built with NSS can support SSL v2 and v3, TLS,
+PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
+security standards.
+
+This package tracks the Rapid Release channel, which updates frequently.")))
(define-public nsncd
(package
(name "nsncd")
--
2.45.2
next prev parent reply other threads:[~2024-08-17 19:33 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-29 3:57 [bug#71832] [PATCH 0/2] Add nss-latest; updte Librewolf to 127.0.2-2 Ian Eure
2024-06-29 3:59 ` [bug#71832] [PATCH 1/2] gnu: Add nss-latest Ian Eure
2024-06-29 3:59 ` [bug#71832] [PATCH 2/2] gnu: librewolf: Update to 127.0.2-1 Ian Eure
2024-06-29 17:22 ` [bug#71832] [PATCH v2 0/2] Add nss-latest; update Librewolf to 127.0.2-2 Ian Eure
2024-06-29 17:22 ` [bug#71832] [PATCH v2 1/2] gnu: Add nss-latest Ian Eure
2024-06-29 17:22 ` [bug#71832] [PATCH v2 2/2] gnu: librewolf: Update to 127.0.2-1 Ian Eure
2024-07-02 0:21 ` [bug#71832] [PATCH v3 0/2] Add nss-rapid; updte Librewolf to 127.0.2-2 Ian Eure
2024-07-02 0:21 ` [bug#71832] [PATCH v3 1/2] gnu: Add nss-rapid Ian Eure
2024-07-02 0:21 ` [bug#71832] [PATCH v3 2/2] gnu: librewolf: Update to 127.0.2-1 Ian Eure
2024-07-08 8:55 ` [bug#71832] Closing one bug Andreas Enge
2024-07-01 19:53 ` [bug#71882] [PATCH] gnu: librewolf: Fix building on aarch64-linux Remco van 't Veer
[not found] ` <handler.71882.D71882.172042897930179.notifdone@debbugs.gnu.org>
2024-07-08 10:16 ` [bug#71882] closed (Closing one bug) Remco van 't Veer
2024-07-17 3:06 ` [bug#71832] [PATCH v4 0/3] Add nss-rapid; update Librewolf to 128.0-2 Ian Eure
2024-07-17 3:06 ` [bug#71832] [PATCH v4 1/3] gnu: Add nss-rapid Ian Eure
2024-07-17 3:06 ` [bug#71832] [PATCH v4 2/3] gnu: gnuzilla: Add skr to all-mozilla-locales Ian Eure
2024-07-17 3:06 ` [bug#71832] [PATCH v4 3/3] gnu: librewolf: Update to 128.0-2 Ian Eure
2024-07-21 16:17 ` [bug#71832] [PATCH 0/2] Add nss-latest; updte Librewolf to 127.0.2-2 Ian Eure
2024-07-31 3:54 ` [bug#71832] [PATCH v5 0/3] [SECURITY] Add nss-rapid; update Librewolf to 128.0.3-1 Ian Eure
2024-07-31 3:54 ` [bug#71832] [PATCH v5 1/3] gnu: Add nss-rapid Ian Eure
2024-07-31 3:55 ` [bug#71832] [PATCH v5 2/3] gnu: gnuzilla: Add skr to all-mozilla-locales Ian Eure
2024-07-31 3:55 ` [bug#71832] [PATCH v5 3/3] gnu: librewolf: Update to 128.0.3-1 Ian Eure
2024-08-17 19:32 ` [bug#71832] [PATCH v6 0/3] [SECURITY] Update LibreWolf to 129.0.1-1; add nss-rapid Ian Eure
2024-08-17 19:32 ` [bug#71832] [PATCH v6 1/3] gnu: gnuzilla: Add skr to all-mozilla-locales Ian Eure
2024-08-17 19:32 ` Ian Eure [this message]
2024-08-17 22:46 ` [bug#71832] [PATCH v6 2/3] gnu: Add nss-rapid Vagrant Cascadian
2024-08-17 23:33 ` Vagrant Cascadian
2024-08-17 23:51 ` Ian Eure
2024-08-18 2:00 ` Vagrant Cascadian
2024-08-18 3:38 ` Vagrant Cascadian
2024-08-18 3:48 ` Ian Eure
2024-08-17 19:32 ` [bug#71832] [PATCH v6 3/3] gnu: librewolf: Update to 129.0.1-1 Ian Eure
2024-08-18 3:46 ` [bug#71832] [PATCH v6 0/3] [SECURITY] Update LibreWolf to 129.0.1-1; add nss-rapid Vagrant Cascadian
2024-08-20 5:46 ` bug#71832: " Vagrant Cascadian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240817193240.27089-3-ian@retrospec.tv \
--to=ian@retrospec.tv \
--cc=71832@debbugs.gnu.org \
--cc=guix-security@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.