From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#27943: tar complains about too-long names (guix release) Date: Sat, 02 Dec 2017 10:55:05 +0100 Message-ID: <87po7x3152.fsf@gnu.org> References: <20170804092212.77f65fef@scratchpost.org> <87shcyzdhg.fsf@gnu.org> <20171130130510.GT991@macbook41> <877eu750rb.fsf@gnu.org> <20171130214901.GA19582@macbook41> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43058) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eL4Wj-0006DS-Hv for bug-guix@gnu.org; Sat, 02 Dec 2017 04:56:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eL4Wg-0002us-FC for bug-guix@gnu.org; Sat, 02 Dec 2017 04:56:05 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:60538) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eL4Wg-0002uL-BA for bug-guix@gnu.org; Sat, 02 Dec 2017 04:56:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1eL4Wf-0000u8-SU for bug-guix@gnu.org; Sat, 02 Dec 2017 04:56:01 -0500 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20171130214901.GA19582@macbook41> (Efraim Flashner's message of "Thu, 30 Nov 2017 23:49:01 +0200") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Efraim Flashner Cc: 27943@debbugs.gnu.org Efraim Flashner skribis: > From ad48d84c8659985d706cfe2f8e07314d6017611a Mon Sep 17 00:00:00 2001 > From: Efraim Flashner > Date: Thu, 30 Nov 2017 23:41:29 +0200 > Subject: [PATCH 1/2] lint: 'check-vulnerabilities' also checks package > properties. > > * guix/scripts/lint.scm (check-vulnerabilities): Also check for CVEs > listed as mitigated in the package properties. > --- > guix/scripts/lint.scm | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm > index 1b43b0a63..8112595c8 100644 > --- a/guix/scripts/lint.scm > +++ b/guix/scripts/lint.scm > @@ -7,6 +7,7 @@ > ;;; Copyright =C2=A9 2016 Hartmut Goebel > ;;; Copyright =C2=A9 2017 Alex Kost > ;;; Copyright =C2=A9 2017 Tobias Geerinckx-Rice > +;;; Copyright =C2=A9 2017 Efraim Flashner > ;;; > ;;; This file is part of GNU Guix. > ;;; > @@ -881,10 +882,11 @@ the NIST server non-fatal." > (or (and=3D> (package-source packag= e) > origin-patches) > '()))) > + (known-safe (assq-ref (package-properties package) 'fixed-= vulnerabilities)) Can you change that to =E2=80=98lint-hidden-cve=E2=80=99 as Leo suggested? > (unpatched (remove (lambda (vuln) > (find (cute string-contains > <> (vulnerability-id vuln)) > - patches)) > + (append patches known-safe))) > vulnerabilities))) To be accurate, we=E2=80=99d rather do: (remove (lambda (vuln) (let ((id (vulnerability-id vuln))) (or (find =E2=80=A6 patches) (member id known-safe)))) =E2=80=A6) Also could you add a simple test in tests/lint.scm? You can start from one of the existing CVE tests in there and just add a =E2=80=98properties= =E2=80=99 field to the test package. Thank you! Ludo=E2=80=99.