diff options
author | Ludovic Courtès <ludo@gnu.org> | 2016-04-28 17:48:47 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2016-04-28 18:03:01 +0200 |
commit | 5c6a062d48e36d6f086c0308d57c65df87b3c518 (patch) | |
tree | 0aa4c2b0261dd4d3360c7f4f4b32bbfa01ae2112 | |
parent | 158f5734cfa34ffda8bc714e47eb68c8312346d5 (diff) | |
download | guix-5c6a062d48e36d6f086c0308d57c65df87b3c518.tar.gz |
lint: 'check-vulnerabilities' follows package replacements.
* guix/scripts/lint.scm (check-vulnerabilities): Check the replacement of PACKAGE. * tests/lint.scm ("cve: patched vulnerability in replacement"): New test.
-rw-r--r-- | guix/scripts/lint.scm | 3 | ||||
-rw-r--r-- | tests/lint.scm | 19 |
2 files changed, 21 insertions, 1 deletions
diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm index a8023a5b1e..c581586ac3 100644 --- a/guix/scripts/lint.scm +++ b/guix/scripts/lint.scm @@ -644,7 +644,8 @@ from ~s: ~a (~s)~%") (() #t) ((vulnerabilities ...) - (let* ((patches (filter-map patch-file-name + (let* ((package (or (package-replacement package) package)) + (patches (filter-map patch-file-name (or (and=> (package-source package) origin-patches) '()))) diff --git a/tests/lint.scm b/tests/lint.scm index 9bc42990ef..1f1b0c95e9 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -559,6 +559,25 @@ requests." (patches (list "/a/b/pi-CVE-2015-1234.patch")))))))))) +(test-assert "cve: patched vulnerability in replacement" + (mock ((guix scripts lint) package-vulnerabilities + (lambda (package) + (list (make-struct (@@ (guix cve) <vulnerability>) 0 + "CVE-2015-1234" + (list (cons (package-name package) + (package-version package))))))) + (string-null? + (with-warnings + (check-vulnerabilities + (dummy-package + "pi" (version "3.14") (source (dummy-origin)) + (replacement (dummy-package + "pi" (version "3.14") + (source + (dummy-origin + (patches + (list "/a/b/pi-CVE-2015-1234.patch")))))))))))) + (test-assert "formatting: lonely parentheses" (string-contains (with-warnings |