summary refs log tree commit diff
diff options
context:
space:
mode:
authorBrice Waegeneire <brice@waegenei.re>2021-08-17 20:25:52 +0200
committerBrice Waegeneire <brice@waegenei.re>2021-08-17 20:33:23 +0200
commitea04295256329511b3201feaefb17900b05053b0 (patch)
treeefb3e55c7e234167a67cbfd18a80bce01d3c13ee
parenta45d5a9478187d63c8ac314ce8ce96b2cfc5ee09 (diff)
downloadguix-ea04295256329511b3201feaefb17900b05053b0.tar.gz
gnu: git: Hide CVEs from the linter.
* gnu/packages/version-control.scm (git)[properties]: Set 'properties'
  field.
-rw-r--r--gnu/packages/version-control.scm7
1 files changed, 7 insertions, 0 deletions
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 15f68ecf3a..22bf9b408f 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -538,6 +538,13 @@ as well as the classic centralized workflow.")
    (description
     "Git is a free distributed version control system designed to handle
 everything from small to very large projects with speed and efficiency.")
+   ;; XXX: Ignore this CVE to work around a name clash with the unrelated
+   ;; "cpe:2.3:a:jenkins:git" package.  The proper fix is for (guix cve) to
+   ;; account for "vendor names".
+   (properties '((lint-hidden-cve . ("CVE-2018-1000182"
+                                     "CVE-2018-1000110"
+                                     "CVE-2019-1003010"
+                                     "CVE-2020-2136"))))
    (license license:gpl2)
    (home-page "https://git-scm.com/")))