01/02: lint: 'check-vulnerabilities' follows package replacements.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/02: lint: 'check-vulnerabilities' follows package replacements.

From:	Ludovic Court�s
Subject:	01/02: lint: 'check-vulnerabilities' follows package replacements.
Date:	Thu, 28 Apr 2016 16:03:22 +0000

civodul pushed a commit to branch master
in repository guix.

commit 5c6a062d48e36d6f086c0308d57c65df87b3c518
Author: Ludovic Courtès <address@hidden>
Date:   Thu Apr 28 17:48:47 2016 +0200

    lint: 'check-vulnerabilities' follows package replacements.
    
    * guix/scripts/lint.scm (check-vulnerabilities): Check the replacement
    of PACKAGE.
    * tests/lint.scm ("cve: patched vulnerability in replacement"): New test.
---
 guix/scripts/lint.scm |    3 ++-
 tests/lint.scm        |   19 +++++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm
index a8023a5..c581586 100644
--- a/guix/scripts/lint.scm
+++ b/guix/scripts/lint.scm
@@ -644,7 +644,8 @@ from ~s: ~a (~s)~%")
     (()
      #t)
     ((vulnerabilities ...)
-     (let* ((patches   (filter-map patch-file-name
+     (let* ((package   (or (package-replacement package) package))
+            (patches   (filter-map patch-file-name
                                    (or (and=> (package-source package)
                                               origin-patches)
                                        '())))
diff --git a/tests/lint.scm b/tests/lint.scm
index 9bc4299..1f1b0c9 100644
--- a/tests/lint.scm
+++ b/tests/lint.scm
@@ -559,6 +559,25 @@ requests."
                              (patches
                               (list "/a/b/pi-CVE-2015-1234.patch"))))))))))
 
+(test-assert "cve: patched vulnerability in replacement"
+  (mock ((guix scripts lint) package-vulnerabilities
+         (lambda (package)
+           (list (make-struct (@@ (guix cve) <vulnerability>) 0
+                              "CVE-2015-1234"
+                              (list (cons (package-name package)
+                                          (package-version package)))))))
+        (string-null?
+         (with-warnings
+           (check-vulnerabilities
+            (dummy-package
+             "pi" (version "3.14") (source (dummy-origin))
+             (replacement (dummy-package
+                           "pi" (version "3.14")
+                           (source
+                            (dummy-origin
+                             (patches
+                              (list "/a/b/pi-CVE-2015-1234.patch"))))))))))))
+
 (test-assert "formatting: lonely parentheses"
   (string-contains
    (with-warnings

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (158f573 -> f28cb89), Ludovic Court�s, 2016/04/28
- 01/02: lint: 'check-vulnerabilities' follows package replacements., Ludovic Court�s <=
- 02/02: gnu: libtasn1: Replace 4.7 with 4.8 [fixes CVE-2016-4008]., Ludovic Court�s, 2016/04/28

Prev by Date: 01/02: gnu: magit: Update to 2.6.2.
Next by Date: 02/02: gnu: libtasn1: Replace 4.7 with 4.8 [fixes CVE-2016-4008].
Previous by thread: branch master updated (158f573 -> f28cb89)
Next by thread: 02/02: gnu: libtasn1: Replace 4.7 with 4.8 [fixes CVE-2016-4008].
Index(es):
- Date
- Thread