diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2021-12-16 01:12:10 +0100 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2021-12-16 01:55:34 +0100 |
commit | ceb9c6c50ed2c0d127189bb5d28832b6538aa7a2 (patch) | |
tree | cc528b9e85f93b440f3318d33e97b5a4b1a295cd | |
parent | 18b1497673b92b6a0947839f9757a561a77d0d5f (diff) | |
download | guix-ceb9c6c50ed2c0d127189bb5d28832b6538aa7a2.tar.gz |
gnu: nss-certs: Avoid top-level reference to NSS.
This is the only hammer I know for dealing with module cycles and effectively fixes, for example, ‘guix show nss’ today. It's also a very poor solution. * gnu/packages/certs.scm (nss-certs)[version, source]: Copy verbatim from the nss package rather than referring to it at the top level. Reported by several users of #guix.
-rw-r--r-- | gnu/packages/certs.scm | 28 | ||||
-rw-r--r-- | gnu/packages/nss.scm | 4 |
2 files changed, 27 insertions, 5 deletions
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm index fc4f4f2686..28c2f84f98 100644 --- a/gnu/packages/certs.scm +++ b/gnu/packages/certs.scm @@ -33,7 +33,6 @@ #:use-module (guix build-system gnu) #:use-module (guix build-system trivial) #:use-module (gnu packages) - #:use-module (gnu packages nss) #:use-module (gnu packages curl) #:use-module (gnu packages python) #:use-module (gnu packages perl) @@ -128,8 +127,31 @@ that was originally contributed to Debian.") (define-public nss-certs (package (name "nss-certs") - (version (package-version nss)) - (source (package-source nss)) + ;; XXX We used to refer to the nss package here, but that eventually caused + ;; module cycles. The below is a quick copy-paste job that must be kept in + ;; sync manually. Surely there's a better way…? + (version "3.71") + (source (origin + (method url-fetch) + (uri (let ((version-with-underscores + (string-join (string-split version #\.) "_"))) + (string-append + "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" + "releases/NSS_" version-with-underscores "_RTM/src/" + "nss-" version ".tar.gz"))) + (sha256 + (base32 + "0ly2l3dv6z5hlxs72h5x6796ni3x1bq60saavaf42ddgv4ax7b4r")) + ;; Create nss.pc and nss-config. + (patches (search-patches "nss-3.56-pkgconfig.patch" + "nss-getcwd-nonnull.patch" + "nss-increase-test-timeout.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete the bundled copy of these libraries. + (delete-file-recursively "nss/lib/zlib") + (delete-file-recursively "nss/lib/sqlite"))))) (build-system gnu-build-system) (outputs '("out")) (native-inputs diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index af9003e823..41b564483f 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -107,11 +107,11 @@ in the Mozilla clients.") (base32 "0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv")))))) -;;; Note: When updating, verify that the nss-certs package still builds fine -;;; as it inherits its source from the nss package. (define-public nss (package (name "nss") + ;; Also update and test the nss-certs package, which duplicates version and + ;; source to avoid a top-level variable reference & module cycle. (version "3.71") (source (origin (method url-fetch) |