;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013, 2015 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (test-snix) #:use-module (guix import snix) #:use-module (srfi srfi-1) #:use-module (srfi srfi-64) #:use-module (ice-9 match)) (define %nixpkgs-directory (getenv "NIXPKGS")) (define factorize-uri (@@ (guix import snix) factorize-uri)) (define-syntax-rule (every? proc lists ...) (not (not (every proc lists ...)))) (test-begin "snix") (test-assert "factorize-uri" (every? (match-lambda ((uri version '-> expected) (equal? (factorize-uri uri version) expected))) '(("http://example.com/foo.tgz" "1.0" -> "http://example.com/foo.tgz") ("http://example.com/foo-2.8.tgz" "2.8" -> ("http://example.com/foo-" version ".tgz")) ("http://example.com/2.8/foo-2.8.tgz" "2.8" -> ("http://example.com/" version "/foo-" version ".tgz"))))) (test-skip (if (and %nixpkgs-directory (file-exists? (string-append %nixpkgs-directory "/default.nix"))) 0 1)) (test-assert "nixpkgs->guix-package" (match (nixpkgs->guix-package %nixpkgs-directory "guile") (('package ('name "guile") ('version (? string?)) ('source ('origin _ ...)) ('build-system _) ('inputs ('quasiquote (inputs ...))) ('propagated-inputs ('quasiquote (pinputs ...))) ('home-page (? string?)) ('synopsis (? string?)) ('description (? string?)) ('license (? symbol?))) (and (member '("libffi" ,libffi) inputs) (member '("gmp" ,gmp) pinputs) #t)) (x (pk 'fail x #f)))) (test-end "snix") )Author 2019-10-23cve: Rewrite to read the JSON feed instead of the XML feed....The XML feed was discontinued on Oct. 16th, 2019: <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3> * guix/cve.scm (string->date*): New procedure. (<cve-item>, <cve>, <cve-reference>): New record types. (cpe-match->cve-configuration, configuration-data->cve-configurations) (json->cve-items, version-matches?): New procedures. (yearly-feed-uri): Change URL to refer to JSON feed. (cpe->product-alist, %parse-vulnerability-feed) (xml->vulnerabilities): Remove. (cve-configuration->package-list, merge-package-lists) (cve-item->vulnerability, json->vulnerabilities): New procedures. (write-cache): Use 'json->vulnerabilities' instead of 'xml->vulnerabilities', and remove 'parameterize'. (vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is true. * tests/cve.scm (%sample): Use 'tests/cve-sample.json'. (%expected-vulnerabilities): Rewrite accordingly. ("json->cve-items", "cve-item-published-date") ("json->vulnerabilities"): New tests. ("xml->vulnerabilities"): Remove. ("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities. * tests/cve-sample.json: New file. * tests/cve-sample.xml: Remove. * Makefile.am (EXTRA_DIST): Adjust accordingly. * doc/guix.texi (Invoking guix lint): Update nist.gov URLs. Ludovic Courtès 2019-10-20tests: Avoid now-deprecated 'make-struct'....* tests/cve.scm (vulnerability): Use 'make-struct/no-tail' instead of 'make-struct', which is deprecated. * tests/lint.scm ("cve: one vulnerability") ("cve: one patched vulnerability") ("cve: known safe from vulnerability") ("cve: vulnerability fixed in replacement version") ("cve: patched vulnerability in replacement"): Likewise. Ludovic Courtès