guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] tar bombs and muscle


From: Leo Famulari
Subject: Re: [PATCH] tar bombs and muscle
Date: Fri, 29 Apr 2016 22:13:53 -0400
User-agent: Mutt/1.5.24 (2015-08-30)

On Sun, Apr 24, 2016 at 10:04:01AM +1000, Ben Woodcroft wrote:
> * gnu/packages/bioinformatics.scm (muscle): New variable.

> +              (file-name (string-append name "-" version ".tar.gz"))

Once fetched, the source code is a directory rather than a tarball, so
I think it's best to omit the last component of the string.

> +         (replace 'install
> +           (lambda* (#:key outputs #:allow-other-keys)
> +             (let* ((out (assoc-ref outputs "out"))
> +                    (bin (string-append out "/bin")))
> +               (install-file "muscle" bin)))))))

It only creates the one executable?

> +    (license license:public-domain)))

Wow, they really don't make it easy to find this information. Can you
add a comment saying that it's in 'usage.cpp'? Unless I missed something
obvious...

Otherwise, looks good to me!



reply via email to

[Prev in Thread] Current Thread [Next in Thread]