gnu: Add mitm-cache.

* gnu/packages/rust-apps.scm (mitm-cache): New variable.
* gnu/packages/rust-crates.scm (lookup-cargo-inputs): Add mitm-cache.

Change-Id: Ifc2d3a631940b69d1b5c8e9f5a2d9aa25551c265

gnu: audacity: Update to 3.7.7.

This fixes the compatibility with ffmpeg@8.

* gnu/packages/audio.scm (audacity): Update to 3.7.7.

Fixes: guix/guix#4892
Change-Id: I147bda84239194d9a3ab09462a933331c5ec2cb7

gnu: trealla: Update to 2.87.3.

* gnu/packages/prolog.scm (trealla): Update to 2.87.3.

Change-Id: Ief5532baabc1631ceb94d46713d356cf0829e2fe

gnu: fortify-headers: Update to 3.0.

* gnu/packages/suckless.scm (fortify-headers): Update to 3.0.

Change-Id: I2c0f995bea106c5d33a48faad17580acbff8ec26

gnu: opencv: Skip failing test on aarch64.

* gnu/packages/image-processing.scm (opencv)[arguments]: Disable
ReferenceAccuracy test due to floating-point precision differences
with ARM NEON.

Signed-off-by: Andreas Enge <andreas@enge.fr>

gnu: python-edalize: Update to 0.6.3.

* gnu/packages/electronics.scm (python-edalize): Update to 0.6.3.

Change-Id: Ied9491135ad06564688860454a99e4b848496f3d

gnu: librewolf: Update to 146.0-2 [security-fixes].

Contains fixes for:
CVE-2025-14321: Use-after-free in the WebRTC: Signaling component
CVE-2025-14322: Sandbox escape due to incorrect boundary conditions in
                the Graphics: CanvasWebGL component
CVE-2025-14323: Privilege escalation in the DOM: Notifications
                component
CVE-2025-14324: JIT miscompilation in the JavaScript Engine: JIT
                component
CVE-2025-14325: JIT miscompilation in the JavaScript Engine: JIT
                component
CVE-2025-14326: Use-after-free in the Audio/Video: GMP component
CVE-2025-14327: Spoofing issue in the Downloads Panel component
CVE-2025-14328: Privilege escalation in the Netmonitor component
CVE-2025-14329: Privilege escalation in the Netmonitor component
CVE-2025-14330: JIT miscompilation in the JavaScript Engine: JIT
                component
CVE-2025-14331: Same-origin policy bypass in the Request Handling
                component
CVE-2025-14332: Memory safety bugs fixed in Firefox 146 and
                Thunderbird 146
CVE-2025-14333: Memory safety bugs fixed in Firefox ESR 140.6,
                Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146

* gnu/packages/librewolf.scm (librewolf): Update to 146.0-2.

gnu: firefox-l10n: Update to fa4b12c075b42be6652237119d74346d377d2ae4.

* gnu/packages/librewolf.scm (firefox-l10n): Update to fa4b12c075b42be6652237119d74346d377d2ae4.

Change-Id: I25e7c160fd252d67c5e117b0ad48d431c7ee5b45

gnu: Add rust-cbindgen-0.29.

* gnu/packages/rust-apps.scm (rust-cbindgen-0.29): New variable.

Change-Id: I844f77160d3a6c271ba54e3a5731f34219603895

gnu: openfortivpn: Update to 1.24.0.

* gnu/packages/vpn.scm (openfortivpn): Update to 1.24.0.
[native-inputs]: Add perl and python-wrapper.

Change-Id: Iaafc5902d4cd3fde0964d9d11d21b68a7a2328e8

system: Reinstate lock-mounts work around for system containers.

The underlying problem for system containers still hasn't been
solved, the part of issue 78356 that has been solved is only
home containers.

This reverts commit cbc35fd9aa08a6da9df1ce8463779ad7decaf12a.
This is a work around for #4788 (previously https://issues.guix.gnu.org/78356).

* gnu/system/linux-container.scm (container-script): Disable lock-mounts?

Change-Id: Ib8eacfc1f1f1a858acf19beb6c14e12c4648b8d9

gnu: Add emacs-perl-doc.

* gnu/packages/emacs-xyz.scm (emacs-perl-doc): New variable.

Change-Id: I81d50af847dd251247085df3dca151a5b75958eb

gnu: abc: Update to 0.0-8.ee04349.

* gnu/packages/electronics.scm (abc): Update to 0.0-8.ee04349.

Change-Id: Icbd4c181801d393710acc76fe4a06366a8cf825a

gnu: python-cocotb-bus: Update to 0.3.0.

* gnu/packages/electronics.scm (python-cocotb-bus): Update to 0.3.0.
[propagated-inputs]: Remove python-packaging.

Change-Id: I5dbc4624843c008813fc9f2bbaefaba01b22ffa3

gnu: wlroots-0.15: Fix build with GCC 15.

* gnu/packages/wm.scm (wlroots-0.15)[arguments]: Change CFLAGS
to disable new GCC 15 warnings.

Change-Id: I7c27892097e0bb4f0a8e116dc2485c23b9a4aac2
Signed-off-by: Andreas Enge <andreas@enge.fr>

gnu: go-1.21: Disable failing tests on arm architectures.

* gnu/packages/golang.scm (go-1.21)[arguments]<#:phases>{patch-source}:
Add phase disabling tests on arm architectures.

Change-Id: I6b07de4d6eee755502f02d6961f1a51066003721
Signed-off-by: Andreas Enge <andreas@enge.fr>

gnu: qtbase@6: Don't install test junk.

* gnu/packages/qt.scm (qtbase)[arguments]: Replace ineffective
delete-installed-tests phase with dont-install-tests phase.

Fixes: guix/guix#4529
Change-Id: I2ddd27e34a314e7a04de571d0bc1b13f75af66f4
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>

gnu: qtwebengine: Fix GPU rendering with mesa-25.2.0.

* gnu/packages/qt.scm (qtwebengine)[source]: Add patch.
* gnu/packages/patches/qtwebengine-revert-egl.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

Fixes: guix/guix#3222
Change-Id: Id0cb3d956d3faf30f737fa2a689cd936270c2413
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>

gnu: qtwebengine: Update to 6.9.3.

* gnu/packages/qt.scm (qtwebengine): Update to 6.9.3.
[source]: Remove patch.
* gnu/packages/patches/qtwebengine-fix-dependencies.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.

Co-authored-by: kestrelwx <kestrel.w@proton.me>
Change-Id: I08a3915f0896b74ce493afcc1746d950a1444a03
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>

gnu: qtbase: Always find libvulkan.

Fixes: guix/guix#3330

* gnu/packages/qt.scm (qtbase)[source]: Add patch.
[arguments]: Adjust a phase to substitute the location for libvulkan.so.
* gnu/packages/patches/qtbase-patch-libvulkan.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

Co-authored-by: kestrelwx <kestrel.w@proton.me>
Change-Id: I39f1be5a30c5c17a4e4ea6c853b475f20ba8272c
Signed-off-by: Andreas Enge <andreas@enge.fr>