Hi,
Maxim Cournoyer writes:
> * gnu/packages/base.scm (patch): Rename to...
> (patch/pinned): ... this. Hide package.
> (patch): New variable.
> * gnu/packages/commencement.scm (patch-mesboot): Inherit from patch/pinned.
> (patch-boot0): Likewise.
> (%final-inputs): Replace patch with patch/pin
Hi Simon,
Simon Tournier writes:
> Hi,
>
> On Wed, 05 Jun 2024 at 18:04, Ludovic Courtès wrote:
>
>> What about renaming ‘patch’ to ‘patch/pinned’ and having ‘patch’ point
>> to the new version?
>>
>> Internally, we’d refer to ‘patch/pinned’ in (guix packages), but user
>> code etc. would refer
Hi,
On Wed, 05 Jun 2024 at 18:04, Ludovic Courtès wrote:
> What about renaming ‘patch’ to ‘patch/pinned’ and having ‘patch’ point
> to the new version?
>
> Internally, we’d refer to ‘patch/pinned’ in (guix packages), but user
> code etc. would refer to ‘patch’ and thus get the latest version.
I
Hi Maxim,
Maxim Cournoyer skribis:
> Ludovic Courtès writes:
[...]
>> Unless I’m mistaken, this will have practically no effect because Patch
>> is a build-time-only dependency.
>>
>> My recommendation would be to not add a ‘replacement’ field at all.
>> Instead, you could add a new ‘patch/la
Hi,
Ludovic Courtès writes:
> Hi,
>
> Léo Le Bouter via Bug reports for GNU Guix skribis:
>
>> * gnu/packages/base.scm (patch/fixed): New variable.
>> (patch)[replacement]: Graft.
>
> It’s (almost) useless to provide a graft of ‘patch’ because patch is
> usually a build-time only dependency. (
On Sun, Mar 14, 2021 at 05:37:25PM -0400, Mark H Weaver wrote:
> patch@2.7.6: probably vulnerable to CVE-2019-13636, CVE-2019-13638,
> CVE-2019-20633, CVE-2018-1000156, CVE-2018-20969, CVE-2018-6951, CVE-
> 2018-6952
I tried building a "fixed" package of patch, cherry-picking bug fix
patches from
I'm forwarding this to bug-guix@gnu.org so that it won't be forgotten.
Mark
Start of forwarded message
Subject: security patching of 'patch' package
From: Léo Le Bouter
To: guix-de...@gnu.org
Date: Wed, 10 Mar 2021 04:14:35 +0100
Hello!
I could
