aboutsummaryrefslogtreecommitdiff
path: root/doc/guix.texi
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2016-05-17 18:04:13 +0200
committerLudovic Courtès <ludo@gnu.org>2016-05-17 18:15:53 +0200
commit99effc8faa43d478371eb06aee5df8ae1383c51a (patch)
tree6e01a04c76f80f4707c56c12bdb6cad80d410b20 /doc/guix.texi
parent1c29f3ef8452860c4301d7ae57c89ac5956d1663 (diff)
downloadpatches-99effc8faa43d478371eb06aee5df8ae1383c51a.tar
patches-99effc8faa43d478371eb06aee5df8ae1383c51a.tar.gz
lint: Honor 'cpe-name' and 'cpe-version' package properties.
* guix/scripts/lint.scm (package-name->cpe-name): Remove. (package-vulnerabilities): Honor 'cpe-name' and 'cpe-version' properties. * gnu/packages/grub.scm (grub)[properties]: New field. * gnu/packages/gnuzilla.scm (icecat)[properties]: Add 'cpe-name' and 'cpe-version'. * doc/guix.texi (Invoking guix lint): Mention 'cpe-name'.
Diffstat (limited to 'doc/guix.texi')
-rw-r--r--doc/guix.texi13
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 0e63ecadfd..3f0106be02 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -4961,6 +4961,19 @@ To view information about a particular vulnerability, visit pages such as:
where @code{CVE-YYYY-ABCD} is the CVE identifier---e.g.,
@code{CVE-2015-7554}.
+Package developers can specify in package recipes the
+@uref{https://nvd.nist.gov/cpe.cfm,Common Platform Enumeration (CPE)}
+name and version of the package when they differ from the name that Guix
+uses, as in this example:
+
+@example
+(package
+ (name "grub")
+ ;; @dots{}
+ ;; CPE calls this package "grub2".
+ (properties '((cpe-name . "grub2"))))
+@end example
+
@item formatting
Warn about obvious source code formatting issues: trailing white space,
use of tabulations, etc.