From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ricardo Wurmus <rekado@elephly.net>
Subject: Re: Switching to Artifex Ghostscript
Date: Mon, 29 May 2017 20:38:58 +0200
Message-ID: <874lw3ik3h.fsf@elephly.net>
References: <20170520205523.GA27152@jasmine> <87k25b5h5d.fsf@fastmail.com>
	<87vaougxzy.fsf@elephly.net> <87inkr8fui.fsf@gnu.org>
	<20170529175013.GA13897@jasmine>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:58944)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rekado@elephly.net>) id 1dFPZd-00067g-NA
	for guix-devel@gnu.org; Mon, 29 May 2017 14:39:26 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rekado@elephly.net>) id 1dFPZc-00024h-Qz
	for guix-devel@gnu.org; Mon, 29 May 2017 14:39:25 -0400
In-reply-to: <20170529175013.GA13897@jasmine>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Leo Famulari <leo@famulari.name>
Cc: guix-devel@gnu.org


Leo Famulari <leo@famulari.name> writes:

> Here are patches that allow you build groff, cairo, and cups with the
> Artifex Ghostscript.

Woo!

> +        (patches (search-patches "artifex-ghostscript-runpath.patch"
> +                                 ;; TODO:
> +                                 ;;"ghostscript-CVE-2017-8291.patch"
> +                                 ))

What’s up with this?  Is the latest release of Artifex Ghostscript
vulnerable?

> +        (modules '((guix build utils)))
> +        (snippet
> +          ;; Remove bundled libraries.
> +          ;; TODO Try unbundling ijs, which is developed alongside Ghostscript.
> +         '(begin
> +            (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg"
> +                                                "lcms2" "libpng"
> +                                                ;;"openjpeg" ; Patched fork.
> +                                                "tiff" "zlib"))))))

Excellent!

> +         (replace 'build
> +           (lambda _
> +             ;; Build 'libgs.so', but don't build the statically-linked 'gs'
> +             ;; binary (saves 22 MiB).
> +             (zero? (system* "make" "so" "-j"
> +                             (number->string
> (parallel-job-count))))))

Couldn’t we just add “#:make-flags '("so")” and avoid replacing the
build phase?


> From 8ee8b63f35909ca1b9cfd89552f08e22f28b5d10 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Mon, 29 May 2017 04:42:37 -0400
> Subject: [PATCH 2/3] gnu: ijs: Use modify-phases syntax.
>
> * gnu/packages/ghostscript.scm (ijs)[arguments]: Use modify-phases.

OK!

> From 35a515a7d2bbd95a45fde81b31201bd48a7e7588 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Mon, 29 May 2017 04:43:21 -0400
> Subject: [PATCH 3/3] gnu: ijs: Update to 9.21.0 and switch to Artifex
>  Ghostscript source.
>
> * gnu/packages/ghostscript.scm (ijs): Update to 9.21.0.
> [source, version, home-page]: Inherit from artifex-ghostscript.
> ---

LGTM!  Thank you!

--
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net