[bug#46106] [PATCH] gnu: Add quark.

[bug#46106] [PATCH] gnu: Add quark.

[Morgan.J.Smith]

From: Morgan Smith <Morgan.J.Smith@outlook.com>

* gnu/packages/web.scm (quark): New variable.
---

So linting this package brings up CVE-2019-15520. This CVE is for a completely
different program that also happens to be called quark.

---
 gnu/packages/web.scm | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 16c99af9d3..63a5637c87 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -8039,3 +8039,36 @@ handling library written in C89 (\"ANSI C\").  uriparser is fast and supports
 Unicode.")
       (home-page "https://uriparser.github.io/")
       (license license:bsd-3))))
+
+(define-public quark
+  ;; No releases yet
+  (let ((revision "0")
+        (commit "c6a9055e5a30be570e30da8d216c39662c3a3f99"))
+    (package
+      (name "quark")
+      (version "0.0.0")
+      (source (origin
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://git.suckless.org/quark/")
+                      (commit commit)))
+                (file-name (git-file-name name version))
+                (sha256
+                 (base32
+                  "1znvnr30xi5vgd6n3wvgv9pwj992zpzzjk0fmq28ydf1l6kqvkm7"))))
+      (build-system gnu-build-system)
+      (arguments
+       `(#:tests? #f ; no tests
+         #:make-flags
+         (list (string-append "CC=" ,(cc-for-target))
+               (string-append "PREFIX=" %output))
+         #:phases
+         (modify-phases %standard-phases
+           (delete 'configure)))) ; no configure script
+      (home-page "https://tools.suckless.org/quark/")
+      (synopsis "Small and simple HTTP GET/HEAD-only web server for static
+content")
+      (description "An extremely small and simple HTTP GET/HEAD only web
+server for static content.  TLS is not natively supported and should be
+provided by a TLS reverse proxy (e.g. tlstunnel, hitch or stunnel).")
+      (license license:isc))))
-- 
2.30.0

bug#46106: [PATCH] gnu: Add quark.

[Ludovic Courtès]

[-- Attachment #1: Type: text/plain, Size: 207 bytes --]

Hi,

Morgan.J.Smith@outlook.com skribis:

> From: Morgan Smith <Morgan.J.Smith@outlook.com>
>
> * gnu/packages/web.scm (quark): New variable.

Applied with the changes below.

Thanks,
Ludo’.


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: Type: text/x-patch, Size: 1329 bytes --]

diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 1366637de6..879eb160ea 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -8022,7 +8022,7 @@ Unicode.")
         (commit "c6a9055e5a30be570e30da8d216c39662c3a3f99"))
     (package
       (name "quark")
-      (version "0.0.0")
+      (version (git-version "0.0.0" revision commit))
       (source (origin
                 (method git-fetch)
                 (uri (git-reference
@@ -8044,7 +8044,12 @@ Unicode.")
       (home-page "https://tools.suckless.org/quark/")
       (synopsis "Small and simple HTTP GET/HEAD-only web server for static
 content")
-      (description "An extremely small and simple HTTP GET/HEAD only web
-server for static content.  TLS is not natively supported and should be
+      (description "Quark is an extremely small and simple HTTP GET/HEAD only
+web server for static content.  TLS is not natively supported and should be
 provided by a TLS reverse proxy (e.g. tlstunnel, hitch or stunnel).")
-      (license license:isc))))
+      (license license:isc)
+
+      ;; XXX: Ignore this CVE to work around a name clash with the unrelated
+      ;; "cpe:2.3:a:comelz:quark" package.  The proper fix is for (guix cve)
+      ;; to account for "vendor names".
+      (properties '((lint-hidden-cve . ("CVE-2019-15520")))))))