From 5c6a062d48e36d6f086c0308d57c65df87b3c518 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 28 Apr 2016 17:48:47 +0200 Subject: lint: 'check-vulnerabilities' follows package replacements. * guix/scripts/lint.scm (check-vulnerabilities): Check the replacement of PACKAGE. * tests/lint.scm ("cve: patched vulnerability in replacement"): New test. --- guix/scripts/lint.scm | 3 ++- tests/lint.scm | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm index a8023a5b1e..c581586ac3 100644 --- a/guix/scripts/lint.scm +++ b/guix/scripts/lint.scm @@ -644,7 +644,8 @@ from ~s: ~a (~s)~%") (() #t) ((vulnerabilities ...) - (let* ((patches (filter-map patch-file-name + (let* ((package (or (package-replacement package) package)) + (patches (filter-map patch-file-name (or (and=> (package-source package) origin-patches) '()))) diff --git a/tests/lint.scm b/tests/lint.scm index 9bc42990ef..1f1b0c95e9 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -559,6 +559,25 @@ requests." (patches (list "/a/b/pi-CVE-2015-1234.patch")))))))))) +(test-assert "cve: patched vulnerability in replacement" + (mock ((guix scripts lint) package-vulnerabilities + (lambda (package) + (list (make-struct (@@ (guix cve) ) 0 + "CVE-2015-1234" + (list (cons (package-name package) + (package-version package))))))) + (string-null? + (with-warnings + (check-vulnerabilities + (dummy-package + "pi" (version "3.14") (source (dummy-origin)) + (replacement (dummy-package + "pi" (version "3.14") + (source + (dummy-origin + (patches + (list "/a/b/pi-CVE-2015-1234.patch")))))))))))) + (test-assert "formatting: lonely parentheses" (string-contains (with-warnings -- cgit v1.2.3