Hi again, seg 23 mai 2022 às 16:18:52 (1653333532), l...@gnu.org enviou: > ... > (For now commit b6bfe9ea6a1b19159455b34f1af4ac00ef9b94ab changes > Guile-Git in Guix to depend on libgit2 1.3 as a workaround.)
After upgrading guile-git, the attached patches disables owner validation and reverts the above commit which made Guix's guile-git depend on libgit2 1.3 instead of latest. Cheers!
From f9de10676c15a65d6df7e430efbb84cebb431ac9 Mon Sep 17 00:00:00 2001
In-Reply-To: <87a6b85o37.fsf...@gnu.org>
References: <87a6b85o37.fsf...@gnu.org>
From: =?UTF-8?q?Andr=C3=A9=20Batista?= <nan...@riseup.net>
To: 55...@debbugs.gnu.org
Date: Tue, 24 May 2022 19:38:17 -0300
Subject: [PATCH] guix: Disable owner validation when updating cached checkout
* guix/git.scm (update-cached-checkout): Disable owner validation
checks.
---
guix/git.scm | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/guix/git.scm b/guix/git.scm
index 53e7219c8c..d5e12188a2 100644
--- a/guix/git.scm
+++ b/guix/git.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2021 Kyle Meyer <k...@kyleam.com>
;;; Copyright © 2021 Marius Bakke <mar...@gnu.org>
;;; Copyright © 2022 Maxime Devos <maximede...@telenet.be>
+;;; Copyright © 2022 André Batista <nan...@riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -23,6 +24,7 @@
(define-module (guix git)
#:use-module (git)
#:use-module (git object)
+ #:use-module (git settings)
#:use-module (git submodule)
#:use-module (guix i18n)
#:use-module (guix base32)
@@ -463,6 +465,8 @@ (define canonical-ref
(repository (if cache-exists?
(repository-open cache-directory)
(clone/swh-fallback url ref cache-directory))))
+ ;; Disable owner validation. See <https://issues.guix.gnu.org/55399>.
+ (set-owner-validation! #f)
;; Only fetch remote if it has not been cloned just before.
(when (and cache-exists?
(not (reference-available? repository ref)))
--
2.36.0
From f9de10676c15a65d6df7e430efbb84cebb431ac9 Mon Sep 17 00:00:00 2001
In-Reply-To: <87a6b85o37.fsf...@gnu.org>
References: <87a6b85o37.fsf...@gnu.org>
From: =?UTF-8?q?Andr=C3=A9=20Batista?= <nan...@riseup.net>
To: 55...@debbugs.gnu.org
Date: Tue, 24 May 2022 19:38:18 -0300
Subject: [PATCH] gnu: guile-git: Use latest libgit2
* gnu/packages/guile.scm (guile-git) [inputs]: Use latest libgit2.
Reverts commit b6bfe9ea6a1b19159455b34f1af4ac00ef9b94ab.
---
gnu/packages/guile.scm | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm
index a9e04cb476..138fb4d6bc 100644
--- a/gnu/packages/guile.scm
+++ b/gnu/packages/guile.scm
@@ -833,9 +833,7 @@ (define-public guile-git
(native-inputs
(list pkg-config autoconf automake texinfo guile-3.0
guile-bytestructures))
(inputs
- ;; libgit2@1.4.3 ‘fixed’ a git CVE it never shared, breaking Guix. Use
- ;; 1.3 for now; see <https://issues.guix.gnu.org/55399> for alternatives.
- (list guile-3.0 libgit2-1.3))
+ (list guile-3.0 libgit2))
(propagated-inputs
(list guile-bytestructures))
(synopsis "Guile bindings for libgit2")
signature.asc
Description: PGP signature
