gnu: Add mitm-cache.
* gnu/packages/rust-apps.scm (mitm-cache): New variable.
* gnu/packages/rust-crates.scm (lookup-cargo-inputs): Add mitm-cache.
Change-Id: Ifc2d3a631940b69d1b5c8e9f5a2d9aa25551c265
gnu: audacity: Update to 3.7.7.
This fixes the compatibility with ffmpeg@8.
* gnu/packages/audio.scm (audacity): Update to 3.7.7.
Fixes: guix/guix#4892
Change-Id: I147bda84239194d9a3ab09462a933331c5ec2cb7
gnu: trealla: Update to 2.87.3.
* gnu/packages/prolog.scm (trealla): Update to 2.87.3.
Change-Id: Ief5532baabc1631ceb94d46713d356cf0829e2fe
gnu: fortify-headers: Update to 3.0.
* gnu/packages/suckless.scm (fortify-headers): Update to 3.0.
Change-Id: I2c0f995bea106c5d33a48faad17580acbff8ec26
gnu: opencv: Skip failing test on aarch64.
* gnu/packages/image-processing.scm (opencv)[arguments]: Disable
ReferenceAccuracy test due to floating-point precision differences
with ARM NEON.
Signed-off-by: Andreas Enge <andreas@enge.fr>
gnu: python-edalize: Update to 0.6.3.
* gnu/packages/electronics.scm (python-edalize): Update to 0.6.3.
Change-Id: Ied9491135ad06564688860454a99e4b848496f3d
gnu: librewolf: Update to 146.0-2 [security-fixes].
Contains fixes for:
CVE-2025-14321: Use-after-free in the WebRTC: Signaling component
CVE-2025-14322: Sandbox escape due to incorrect boundary conditions in
the Graphics: CanvasWebGL component
CVE-2025-14323: Privilege escalation in the DOM: Notifications
component
CVE-2025-14324: JIT miscompilation in the JavaScript Engine: JIT
component
CVE-2025-14325: JIT miscompilation in the JavaScript Engine: JIT
component
CVE-2025-14326: Use-after-free in the Audio/Video: GMP component
CVE-2025-14327: Spoofing issue in the Downloads Panel component
CVE-2025-14328: Privilege escalation in the Netmonitor component
CVE-2025-14329: Privilege escalation in the Netmonitor component
CVE-2025-14330: JIT miscompilation in the JavaScript Engine: JIT
component
CVE-2025-14331: Same-origin policy bypass in the Request Handling
component
CVE-2025-14332: Memory safety bugs fixed in Firefox 146 and
Thunderbird 146
CVE-2025-14333: Memory safety bugs fixed in Firefox ESR 140.6,
Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
* gnu/packages/librewolf.scm (librewolf): Update to 146.0-2.
gnu: firefox-l10n: Update to fa4b12c075b42be6652237119d74346d377d2ae4.
* gnu/packages/librewolf.scm (firefox-l10n): Update to fa4b12c075b42be6652237119d74346d377d2ae4.
Change-Id: I25e7c160fd252d67c5e117b0ad48d431c7ee5b45
gnu: Add rust-cbindgen-0.29.
* gnu/packages/rust-apps.scm (rust-cbindgen-0.29): New variable.
Change-Id: I844f77160d3a6c271ba54e3a5731f34219603895
gnu: openfortivpn: Update to 1.24.0.
* gnu/packages/vpn.scm (openfortivpn): Update to 1.24.0.
[native-inputs]: Add perl and python-wrapper.
Change-Id: Iaafc5902d4cd3fde0964d9d11d21b68a7a2328e8
system: Reinstate lock-mounts work around for system containers.
The underlying problem for system containers still hasn't been
solved, the part of issue 78356 that has been solved is only
home containers.
This reverts commit cbc35fd9aa08a6da9df1ce8463779ad7decaf12a.
This is a work around for #4788 (previously https://issues.guix.gnu.org/78356).
* gnu/system/linux-container.scm (container-script): Disable lock-mounts?
Change-Id: Ib8eacfc1f1f1a858acf19beb6c14e12c4648b8d9
self: Install systemd timer and mount services.
Add missing systemd files.
* guix/self.scm (miscellaneous-files): Add gnu-store.mount
and guix-gc.timer
Change-Id: I746a575a6e82363a78f69081ec67b76457d52bf2
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
teams: hare: Fix typo in module header comment.
* etc/teams/hare/hare-manifest.scm: Fix typo in module header comment.
Change-Id: Ic8b9dfeb2ae9f7785bd56c41c7cb5c568e6b7bbb
gnu: Add emacs-perl-doc.
* gnu/packages/emacs-xyz.scm (emacs-perl-doc): New variable.
Change-Id: I81d50af847dd251247085df3dca151a5b75958eb
guix-install.sh: Check for gpg keys only if downloading tarball from ftp.
* etc/guix-install.sh (main_install): Call chk_gpg_keyring only if
GUIX_BINARY_FILE_NAME is not set.
Change-Id: Ia0a7449c8798ca7d61a0f1f1e793f2bafd521c5b
Signed-off-by: npatra <nilesh@riseup.net>
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
guix-install.sh: Fetch gpg keys from codeberg and public keyservers.
Instead of fetching from no longer responsive gnu.org, fetch from
Codeberg.org, falling back to public keyservers in case codeberg
is down or unresponsive.
* etc/guix-install.sh
(GPG_SIGNING_KEY): Change gnu.org user ids to codeberg usernames.
(PUBLIC_KEYSERVERS): Add variable.
(chk_gpg_keyring): Use codeberg for fetching gpgs and fallback to public
keyservers.
Change-Id: Iddcd31239e2f3460d920194d62443ff00be7c957
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
etc: SELinux: Add permissions to allow garbage collection.
There may be an improvement to be made to guix-daemon to avoid some
spurious denial audit messages, as described in the FIXME.
* etc/guix-daemon.cil.in: Add missing rules for guix gc.
Change-Id: I3651c4523528649048c7135fabd3000c8e78b1ff
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
etc: SELinux: Add missing permissions.
With the changes in this commit, I can use "guix pull" and
"guix install <package>" successfully and without generating SELinux
denial erros in the system log.
* etc/guix-daemon.cil.in: Add missing rules for guix pull/guix install.
Change-Id: I40b5ed2c458b275804bc073fb72286947ecb0283
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
gnu: abc: Update to 0.0-8.ee04349.
* gnu/packages/electronics.scm (abc): Update to 0.0-8.ee04349.
Change-Id: Icbd4c181801d393710acc76fe4a06366a8cf825a
gnu: python-cocotb-bus: Update to 0.3.0.
* gnu/packages/electronics.scm (python-cocotb-bus): Update to 0.3.0.
[propagated-inputs]: Remove python-packaging.
Change-Id: I5dbc4624843c008813fc9f2bbaefaba01b22ffa3