From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id MPGzOQRAO2bWHQEAe85BDQ:P1 (envelope-from ) for ; Wed, 08 May 2024 11:04:05 +0200 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id MPGzOQRAO2bWHQEAe85BDQ (envelope-from ) for ; Wed, 08 May 2024 11:04:05 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=jpoiret.xyz header.s=dkim header.b=OE5CYGvx; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=reject) header.from=jpoiret.xyz ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1715159044; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=5ce1N0LmmsMSozYKSLSD7cyqS1/eebTeyorJtZ8veTc=; b=CX1fwCVURfTtV+j7iDD1whdYSLFvqt89brJIES270Ep6Wvk0RKNebfPMUlULyUR+t7QBfl 7E34jUt+QFIggwGv3JCmPhKax/k+IoU5sGTRV4GylMHEnlEXmH3w4UlI22h1PDjWF6zvQP d8uiO08tfxxY2xUiMKD7n1YKaHJjehUwzB/qv0KMeeIw1kH0akyn1WQ0xCYBo1oCS1VIGI 9pn64U4efZCkdFelS7kLrrzTw8qsZXh37E9edxLey9lpEVsF7tRkyotdgpb6n7qyMgLuZD G22u+57NFLnAxxTxJmChILhpKa++lo+jqF3LAwaRGIynwmLyBp3t8epcAYpDnA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=jpoiret.xyz header.s=dkim header.b=OE5CYGvx; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=reject) header.from=jpoiret.xyz ARC-Seal: i=1; s=key1; d=yhetil.org; t=1715159044; a=rsa-sha256; cv=none; b=jxn3iTpshYjFP8vzOtwP3DMGG3UN8Fb1KXxEd45SoA1C7mIj7IBFtSr6h268RGJMdfmRP6 MxVZ4CU4o0RkU039ekZnl30RxVOU9FHrPzQ41BgGlukme/FqrAOp8vpKcbJcxcNJvnmoaM XdSxQu05QDzg+Tce1AT+FhJC/DE80tmmVPgJe8FsEq+u2cpX7LVjXoWGCn0mQAZ7Z7g+1g doqGI5sWRg8l1Z0ke3T3QQZSeBrzswvxUrvPK4ZJEMBQg1VvwfJeRx7ljLC1ajDnoEQFGg 5IOPz8i/0/fxfxmJuMOhlVjEHtaTv9y0Jc14cHM13HGRv4JMWCYy3hNPsq6p7A== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 62B7F642A4 for ; Wed, 8 May 2024 11:04:04 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s4dCj-0007fg-A0; Wed, 08 May 2024 05:03:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s4dCh-0007fN-FW for guix-devel@gnu.org; Wed, 08 May 2024 05:03:11 -0400 Received: from jpoiret.xyz ([206.189.101.64]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s4dCf-0004gd-LF; Wed, 08 May 2024 05:03:11 -0400 Received: from authenticated-user (jpoiret.xyz [206.189.101.64]) by jpoiret.xyz (Postfix) with ESMTPA id 89BD4185461; Wed, 8 May 2024 09:03:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jpoiret.xyz; s=dkim; t=1715158985; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=5ce1N0LmmsMSozYKSLSD7cyqS1/eebTeyorJtZ8veTc=; b=OE5CYGvxhT/eyfNy+ZHqS6K31jOo2tKGJQ8ux26AUaxA8sx79mfldHzgOkDacY673yFcg2 7CzhszxVmtx54CiPPyFKQiEQLgRwGR+d4q+KZ91esgPwIYLfZElO9q0LsKvQ4ETvqQcYHV PCBj9c5tj/0htzzY0G0r3H0h/EtvxGgx4rwjvMgDYGs/aDuq64FmJsnMkk0/ZrV7ao/qv8 AqcB7z6KRFNjxjz6szLZ+/iqcvPUO9nhvkilET5hVASwEREohUwd8zMn6Lan94P/ucEbnx EatH60vMk2Nftj9AtAbIb5jcSLMqQYePCJ0AmSa4WKlU0ThYlbgz3ZLWyDjyiQ== From: Josselin Poiret To: Ludovic =?utf-8?Q?Court=C3=A8s?= Cc: Maxim Cournoyer , Efraim Flashner , Steve George , Kaelyn , guix-devel@gnu.org Subject: Re: Core updates status In-Reply-To: <87msp3jl5a.fsf@gnu.org> References: <4qoo3nfwivyjoqduswls7tptq5z2e2pz5xwogdvubxz7kmr4si@xaxu5sqskgl6> <87y18o3s4d.fsf@jpoiret.xyz> <87o79j7jgm.fsf@gmail.com> <87v83r499q.fsf@jpoiret.xyz> <87msp3jl5a.fsf@gnu.org> Date: Wed, 08 May 2024 11:03:02 +0200 Message-ID: <87seys4qwp.fsf@jpoiret.xyz> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Spamd-Bar: / Received-SPF: pass client-ip=206.189.101.64; envelope-from=dev@jpoiret.xyz; helo=jpoiret.xyz X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -8.19 X-Spam-Score: -8.19 X-Migadu-Queue-Id: 62B7F642A4 X-Migadu-Scanner: mx13.migadu.com X-TUID: hmT9oM6/1RCs --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Ludo, Ludovic Court=C3=A8s writes: > I=E2=80=99m in favor of whatever allows us to move forward more quickly, = so > temporarily stashing away the pkgconf changes sounds good to me. > > In that case, when time permits, could you push a =E2=80=98core-updates-n= ew=E2=80=99 (?) > branch, (partially) rebased and without the pkgconf changes, and a > separate =E2=80=98wip-pkgconf=E2=80=99 branch? Does that seem doable to = you? I did that partially yesterday, moved the old borked core-updates to old-core-updates and pushed the cleaned-up version at core-updates. I haven't pushed the pkgconf patches anywhere yet, but we should probably focus on c-u for now and worry about that later. > It would be great if you could also explain at which commit you started > rebasing =E2=80=98core-updates=E2=80=99=C2=B9 and which method/script you= used. I started rebasing at the very first commit of core-updates that wasn't reachable from master (it is a rebase after all). I wrote a little script (attached) that basically filters `git rev-list` output, removing commits for which a commit with the same name appears on master after 1.4. --=-=-= Content-Type: text/plain Content-Disposition: attachment; filename=helper.scm Content-Description: scheme script to filter commit list #!/usr/bin/env -S guile -s !# (use-modules (ice-9 popen) (ice-9 textual-ports)) (define (check name) (let* ((input+output (pipe)) (pid (spawn "git" (list "git" "log" "-n1" "v1.4.0..origin/master" "-F" (string-append "--grep=" name)) #:output (cdr input+output)))) (close-port (cdr input+output)) (define res (let loop ((n 0)) (if (eof-object? (get-line (car input+output))) n (loop (+ 1 n))))) (close-port (car input+output)) (waitpid pid) (> res 0))) (check "gnu: Add glirc.") (let ((port (open-input-pipe "git rev-list --no-merges origin/master..origin/core-updates --pretty=oneline"))) (define res (let loop ((acc '())) (let ((line (get-line port))) (if (eof-object? line) acc (loop (cons line acc)))))) (close-pipe port) (for-each (lambda (line) (unless (check (string-drop line 41)) (format #t "~a~%" line))) res)) ;; (unless (check (string-drop line 41)) ;; (format #t "~a~%" line)) --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable The one thing that we need to do right now is update glibc 2.39 with all the fixes from the upstream release/2.39/master branch. I don't think we've done this before significantly, but since we have an occasion this time we might as well. We can't really use git-fetch for glibc, so imo the only feasible option is like what Debian does [1], which is keeping a diff of the 2.39 tag and the release branch and applying it as a patch. We'll then probably need to add autotools to glibc builds, but this is doable even in commencement because we have them already available at that point. The own downside of this is that the patch name will not include the fixed CVEs, so guix lint won't be aware that the CVEs have been patched. [1] https://salsa.debian.org/glibc-team/glibc/-/blob/sid/debian/patches/git= -updates.diff WDYT? Best, =2D-=20 Josselin Poiret --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQHEBAEBCAAuFiEEOSSM2EHGPMM23K8vUF5AuRYXGooFAmY7P8YQHGRldkBqcG9p cmV0Lnh5egAKCRBQXkC5FhcaitySC/4lVaYBSqZu1VbzIPSNw69TCfZfwZy28wDd We0H/WA32B6qdbF136pIc0ScQ0lBbsJbNh6GoSfHZsu6kG/rHmE9ezSb9b56CNsL bQ/pVXXgEyKpZur1QoVG/BRl1MA5MyFXu6Hk6Ed9o1O/VoodzgXVcVrK+Eh47bNE 4zsqotkaE5DUIrGt4BPOHjrBmKpHwOFDk3nqRwjffzxXEsw+5kHIXMDHkgJoIVRy Ylu/sz9WrdszJNV93iAdIZcrEnIIO/1cZU5PbMzyYYgI8YRJ82JOfab+hQ4u27cm YCbp3NfNO+hso9St1xtpVREnS7jeI0tKdUuL7ugbjQV9FcJdlu3zNLejs0ow0Ryo F1iPm/ilYTTM8upfJgCkeyBpIEiKIB7xB7JAJkEAMURtOzjBzE6LhkWZhYKLRcGr Rz7ua9LxKh/p5oA7QuH3H2njgmpdows8N8Er10weCYSh0PkUD+UhWidOJNB3F1Ok kKNr7101F37a7aIx8sB+wwfxMECtDBM= =T/c6 -----END PGP SIGNATURE----- --==-=-=--