summary refs log tree commit diff
path: root/doc
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-11-26 22:59:06 +0100
committerLudovic Courtès <ludo@gnu.org>2015-11-26 23:04:19 +0100
commit5432734b00ae14c3a93af358fc7bbf80e3db5ee8 (patch)
treea2dbd935bfb43f2d7e4523a2182de26f3268103f /doc
parent0eef7551303e3fc855809d84eed8421d2a075cfa (diff)
downloadguix-5432734b00ae14c3a93af358fc7bbf80e3db5ee8.tar.gz
lint: Add "cve" checker.
Fixes <http://bugs.gnu.org/21289>.

* guix/scripts/lint.scm (package-name->cpe-name, package-vulnerabilities)
(check-vulnerabilities): New procedures.
* guix/scripts/lint.scm (%checkers): Add "cve" checker.
* tests/lint.scm ("cve", "cve: one vulnerability"): New tests.
* doc/guix.texi (Invoking guix lint): Mention it.
Diffstat (limited to 'doc')
-rw-r--r--doc/guix.texi6
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 058b3598dc..8ecb7ccc17 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -4452,6 +4452,12 @@ invalid.  Check that the source file name is meaningful, e.g. is not
 just a version number or ``git-checkout'', and should not have a
 @code{file-name} declared (@pxref{origin Reference}).
 
+@item cve
+Report known vulnerabilities found in the Common Vulnerabilities and
+Exposures (CVE) database
+@uref{https://nvd.nist.gov/download.cfm#CVE_FEED, published by the US
+NIST}.
+
 @item formatting
 Warn about obvious source code formatting issues: trailing white space,
 use of tabulations, etc.