aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
authorTobias Geerinckx-Rice <me@tobias.gr>2021-12-16 01:12:10 +0100
committerTobias Geerinckx-Rice <me@tobias.gr>2021-12-16 01:55:34 +0100
commitceb9c6c50ed2c0d127189bb5d28832b6538aa7a2 (patch)
treecc528b9e85f93b440f3318d33e97b5a4b1a295cd /gnu/packages
parent18b1497673b92b6a0947839f9757a561a77d0d5f (diff)
downloadguix-ceb9c6c50ed2c0d127189bb5d28832b6538aa7a2.tar
guix-ceb9c6c50ed2c0d127189bb5d28832b6538aa7a2.tar.gz
gnu: nss-certs: Avoid top-level reference to NSS.
This is the only hammer I know for dealing with module cycles and effectively fixes, for example, ‘guix show nss’ today. It's also a very poor solution. * gnu/packages/certs.scm (nss-certs)[version, source]: Copy verbatim from the nss package rather than referring to it at the top level. Reported by several users of #guix.
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/certs.scm28
-rw-r--r--gnu/packages/nss.scm4
2 files changed, 27 insertions, 5 deletions
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index fc4f4f2686..28c2f84f98 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -33,7 +33,6 @@
#:use-module (guix build-system gnu)
#:use-module (guix build-system trivial)
#:use-module (gnu packages)
- #:use-module (gnu packages nss)
#:use-module (gnu packages curl)
#:use-module (gnu packages python)
#:use-module (gnu packages perl)
@@ -128,8 +127,31 @@ that was originally contributed to Debian.")
(define-public nss-certs
(package
(name "nss-certs")
- (version (package-version nss))
- (source (package-source nss))
+ ;; XXX We used to refer to the nss package here, but that eventually caused
+ ;; module cycles. The below is a quick copy-paste job that must be kept in
+ ;; sync manually. Surely there's a better way…?
+ (version "3.71")
+ (source (origin
+ (method url-fetch)
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "0ly2l3dv6z5hlxs72h5x6796ni3x1bq60saavaf42ddgv4ax7b4r"))
+ ;; Create nss.pc and nss-config.
+ (patches (search-patches "nss-3.56-pkgconfig.patch"
+ "nss-getcwd-nonnull.patch"
+ "nss-increase-test-timeout.patch"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete the bundled copy of these libraries.
+ (delete-file-recursively "nss/lib/zlib")
+ (delete-file-recursively "nss/lib/sqlite")))))
(build-system gnu-build-system)
(outputs '("out"))
(native-inputs
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index af9003e823..41b564483f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -107,11 +107,11 @@ in the Mozilla clients.")
(base32
"0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv"))))))
-;;; Note: When updating, verify that the nss-certs package still builds fine
-;;; as it inherits its source from the nss package.
(define-public nss
(package
(name "nss")
+ ;; Also update and test the nss-certs package, which duplicates version and
+ ;; source to avoid a top-level variable reference & module cycle.
(version "3.71")
(source (origin
(method url-fetch)