aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--guix/scripts/lint.scm3
-rw-r--r--tests/lint.scm19
2 files changed, 21 insertions, 1 deletions
diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm
index a8023a5b1e..c581586ac3 100644
--- a/guix/scripts/lint.scm
+++ b/guix/scripts/lint.scm
@@ -644,7 +644,8 @@ from ~s: ~a (~s)~%")
(()
#t)
((vulnerabilities ...)
- (let* ((patches (filter-map patch-file-name
+ (let* ((package (or (package-replacement package) package))
+ (patches (filter-map patch-file-name
(or (and=> (package-source package)
origin-patches)
'())))
diff --git a/tests/lint.scm b/tests/lint.scm
index 9bc42990ef..1f1b0c95e9 100644
--- a/tests/lint.scm
+++ b/tests/lint.scm
@@ -559,6 +559,25 @@ requests."
(patches
(list "/a/b/pi-CVE-2015-1234.patch"))))))))))
+(test-assert "cve: patched vulnerability in replacement"
+ (mock ((guix scripts lint) package-vulnerabilities
+ (lambda (package)
+ (list (make-struct (@@ (guix cve) <vulnerability>) 0
+ "CVE-2015-1234"
+ (list (cons (package-name package)
+ (package-version package)))))))
+ (string-null?
+ (with-warnings
+ (check-vulnerabilities
+ (dummy-package
+ "pi" (version "3.14") (source (dummy-origin))
+ (replacement (dummy-package
+ "pi" (version "3.14")
+ (source
+ (dummy-origin
+ (patches
+ (list "/a/b/pi-CVE-2015-1234.patch"))))))))))))
+
(test-assert "formatting: lonely parentheses"
(string-contains
(with-warnings