;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2022, 2024 Janneke Nieuwenhuizen <janneke@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

;; GNU Guix development manifest.  To create development environment, run
;;
;;     guix shell
;;
;; or something like
;;
;;     guix shell --pure -m manifest.scm hello ...

(use-modules (guix packages))

(concatenate-manifests
 (list (package->development-manifest
        (let ((guix (specification->package "guix")))
          (package/inherit guix
            ;; Replace with non-minimal Graphviz for PDF support.
            (native-inputs (modify-inputs (package-native-inputs guix)
                             (replace "graphviz"
                               (specification->package "graphviz")))))))

       ;; Extra packages used by unit tests.
       (specifications->manifest (list "gnupg"))

       ;; Packages needed for 'make dist' and 'make distcheck'.
       (specifications->manifest
        (list "imagemagick"
              "perl"))

       ;; Useful extras for patches submission.
       (specifications->manifest
        (list "b4"
              "git"
              "git:send-email"
              "mumi"
              "nss-certs"
              "openssl"              ;required if using 'smtpEncryption = tls'
              "patman"))
       ;; For installer
       (specifications->manifest
        (list "guile-newt"
              "guile-parted"
              "guile-webutils"))))
0a8c3b88035695a529584555380da1cc'>nix</a>/<a href='/guix/log/nix/libutil?id=c5b72f0d0a8c3b88035695a529584555380da1cc'>libutil</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/nix/libutil?id=c5b72f0d0a8c3b88035695a529584555380da1cc&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2024-05-13 16:31:34 +0200'>2024-05-13</span></td><td><a href='/guix/commit/nix/libutil?id=7757fdd491862fa5c33f1f894503346b89898a01'>daemon: Loop over ‘copy_fi<tr><td><span title='2020-11-18 22:31:32 +0100'>2020-11-18</span></td><td><a href='/guix/commit/gnu/services/sddm.scm?id=0ae9bbe4f5f89e6f597bdb1f6df646fc5f504876'>services: SDDM: Wait for elogind before starting.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes &lt;https://bugs.gnu.org/44669&gt;.

* gnu/services/sddm.scm (sddm-shepherd-service)[requirement]: Add elogind.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-04-19 09:06:20 +0300'>2020-04-19</span></td><td><a href='/guix/commit/gnu/services/sddm.scm?id=fafe2343c29bcb02fcee79558fbd8ae2ba2c1214'>services: sddm: Have sddm provision xorg-server.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/services/sddm.scm (sddm-shepherd-service)[shepherd-service]: Have
sddm provision 'xorg-server like the other display managers.
</span></span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2020-03-01 14:13:27 +0100'>2020-03-01</span></td><td><a href='/guix/commit/gnu/services/sddm.scm?id=50be0da7bfd5c108697679effeb2a893d2f37598'>services: set-xorg-configuration: handle slim and sddm</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/services/xorg.scm (handle-xorg-configuration): New syntax.
  (gdm-service-type, slim-service-type): Use handle-xorg-configuration.
* gnu/services/sddm.scm (sddm-service-type): Likewise.
</span></span></td><td>Jakub Kądziołka</td></tr>
<tr><td><span title='2020-02-16 09:25:00 +0200'>2020-02-16</span></td><td><a href='/guix/commit/gnu/services/sddm.scm?id=3c6aca4232d1a3638ec962bc7afe9121626c43ec'>doc: Fix typo.</a><span class='msg-avail'>...<span class='msg-tooltip'>* doc/guix.texi (X Window)[sddm-service-type]: SSDM -&gt; SDDM typo fix.
[sddm-configuration]: Also list 'maya' theme.
* gnu/services/sddm.scm (sddm-service): Fix typo in doc string.
(sddm-configuration): Also list 'maya' theme.
</span></span></td><td>Efraim Flashner</td></tr>
 (CVE-2024-27297) whereby a fixed-output
derivation build process could open a writable file descriptor to its
output, send it to some outside process for instance over an abstract
AF_UNIX socket, which would then allow said process to modify the file
in the store after it has been marked as “valid”.

Vulnerability discovered by puck &lt;https://github.com/puckipedia&gt;.

Nix security advisory:
https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37

Nix fix:
https://github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9

* nix/libutil/util.cc (readDirectory): Add variants that take a DIR* and
a file descriptor.  Rewrite the ‘Path’ variant accordingly.
(copyFile, copyFileRecursively): New functions.
* nix/libutil/util.hh (copyFileRecursively): New declaration.
* nix/libstore/build.cc (DerivationGoal::buildDone): When ‘fixedOutput’
is true, call ‘copyFileRecursively’ followed by ‘rename’ on each output.

Change-Id: I7952d41093eed26e123e38c14a4c1424be1ce1c4

Reported-by: Picnoir &lt;picnoir@alternativebit.fr&gt;, Théophane Hufschmitt &lt;theophane.hufschmitt@tweag.io&gt;
Change-Id: Idb5f2757f35af86b032a9851cecb19b70227bd88
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2023-01-09 17:40:54 +0100'>2023-01-09</span></td><td><a href='/guix/commit/nix/libutil?id=407175a1d0e29f45639e7f28a531b3981cd20085'>daemon: Improve error message for wrong hash sizes.</a><span class='msg-avail'>...<span class='msg-tooltip'>* nix/libutil/hash.cc (parseHash): Show the hash algorithm name and
expected size in the error message.
* tests/derivations.scm ("fixed-output derivation, invalid hash size"):
New test.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-12-18 01:16:47 +0100'>2022-12-18</span></td><td><a href='/guix/commit/nix/libutil?id=2d4d26769d6a3be1b21302b0bb2bd099fd55ccf8'>daemon: Make "opening file" error messages distinguishable.</a><span class='msg-avail'>...<span class='msg-tooltip'>* nix/libstore/build.cc (DerivationGoal::openLogFile): Customize
"opening file" error message.
* nix/libutil/hash.cc (hashFile): Likewise.
* nix/libutil/util.cc (readFile, writeFile): Likewise.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-11-19 23:04:19 +0100'>2021-11-19</span></td><td><a href='/guix/commit/nix/libutil?id=24224530d1f4a70808d003ba8dce849b77625b79'>daemon: Micro-optimize 'deletePath'.</a><span class='msg-avail'>...<span class='msg-tooltip'>'remove' calls 'unlink' first and falls back to 'rmdir' upon EISDIR.
This change gets rid of the 'unlink' call for every directory being
removed.

* nix/libutil/util.cc (_deletePath): Call 'unlink' or 'rmdir' depending
on 'st.st_mode', rather than call 'remove'.
</span></span></td><td>Ludovic Courtès</td></tr>