lint: Honor 'cpe-name' and 'cpe-version' package properties.

* guix/scripts/lint.scm (package-name->cpe-name): Remove. (package-vulnerabilities): Honor 'cpe-name' and 'cpe-version' properties. * gnu/packages/grub.scm (grub)[properties]: New field. * gnu/packages/gnuzilla.scm (icecat)[properties]: Add 'cpe-name' and 'cpe-version'. * doc/guix.texi (Invoking guix lint): Mention 'cpe-name'.
author: Ludovic Courtès <ludo@gnu.org> 2016-05-17 18:04:13 +0200
committer: Ludovic Courtès <ludo@gnu.org> 2016-05-17 18:15:53 +0200
commit: 99effc8faa43d478371eb06aee5df8ae1383c51a (patch)
tree: 6e01a04c76f80f4707c56c12bdb6cad80d410b20 /doc
parent: 1c29f3ef8452860c4301d7ae57c89ac5956d1663 (diff)
download: guix-99effc8faa43d478371eb06aee5df8ae1383c51a.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 0e63ecadfd..3f0106be02 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -4961,6 +4961,19 @@ To view information about a particular vulnerability, visit pages such as:
 where @code{CVE-YYYY-ABCD} is the CVE identifier---e.g.,
 @code{CVE-2015-7554}.
 
+Package developers can specify in package recipes the
+@uref{https://nvd.nist.gov/cpe.cfm,Common Platform Enumeration (CPE)}
+name and version of the package when they differ from the name that Guix
+uses, as in this example:
+
+@example
+(package
+  (name "grub")
+  ;; @dots{}
+  ;; CPE calls this package "grub2".
+  (properties '((cpe-name . "grub2"))))
+@end example
+
 @item formatting
 Warn about obvious source code formatting issues: trailing white space,
 use of tabulations, etc.
author	Ludovic Courtès <ludo@gnu.org>	2016-05-17 18:04:13 +0200
committer	Ludovic Courtès <ludo@gnu.org>	2016-05-17 18:15:53 +0200
commit	99effc8faa43d478371eb06aee5df8ae1383c51a (patch)
tree	6e01a04c76f80f4707c56c12bdb6cad80d410b20 /doc
parent	1c29f3ef8452860c4301d7ae57c89ac5956d1663 (diff)
download	guix-99effc8faa43d478371eb06aee5df8ae1383c51a.tar.gz