Newer patchelf may break binaries.
This commit replaces patchelf with patchelf-0.16 for binary-build-system and
nvidia-driver (known affected package).
Fixes: https://gitlab.com/nonguix/nonguix/-/issues/350
* nonguix/build-system/binary.scm (default-patchelf): Replace patchelf with
patchelf-0.16.
* nongnu/packages/nvidia.scm (nvidia-driver)[native-inputs]: Likewise.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
linux-libre-6.10 is set to be dropped by upstream Guix, see
<https://issues.guix.gnu.org/74168>. So, let's remove before then to prevent
guix pull from breaking due to a missing variable.
* nongnu/packages/linux.scm (linux-6.10): Remove variable.
* nongnu/packages/nvidia.scm (nvidia-nvml)[#:phases]<unpack>: Replace source
G-expression by keyword argument source.
These cases of `replace 'unpack` were referring to the `#$source` of the
package in the g-exp, which was baking in the source *at the point of
package definition* to the g-exp. This prevented inheritor packages from
modifying the source field and getting the expected effect.
The correct way to refer to the source field from a phase override is
with the `source` key. This modifies all the references to `#$source` I
could find in `unpack` phase replacements.
Signed-off-by: Jelle Licht <jlicht@fsfe.org>
Fixes CVE-2024-9936 and, in previous versions since 130.0.1, CVE-2024-9680,
CVE-2024-9391, CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9395,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, and CVE-2024-9403.
Upstream removed firefox.desktop files which can be generated from their mach
tool. However, this will try to download various dependencies. So, for now
at least, use a patch which reverts that commit so we can use the included
desktop file. In Arch, for example, they include a separate pre-generated
desktop file rather than doing this at build time.
* nongnu/packages/mozilla.scm (firefox): Update to 131.0.3.
* nongnu/packages/patches/firefox-CVE-2024-9680.patch: Delete patch.
* nongnu/packages/patches/firefox-restore-desktop-files.patch: Add patch.
* nongnu/packages/wine.scm (winetricks)[inputs]: Use label-less style.
[arguments]: Use G-expressions.
<#:make-flags>: Replace '(assoc-ref %outputs "out")' with '#$output'.
<#:phases>: In 'wrap-program' and 'patch-perl-path', Replace
'(assoc-ref inputs ...)' with 'this-package-input'.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
This halves the size of the firmware collection from 1.1 GiB to 509 MiB.
* nongnu/packages/linux.scm (linux-firmware)[phases]: Override install phase.
[native-inputs]: Add zstd.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
* nongnu/packages/patches/firefox-CVE-2024-9680.patch: New file.
* nongnu/packages/mozilla.scm (firefox)[source]<patches>: Add it.
(%firefox-build-id): Update.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
No visible version change but all the other Apple font packages got an
update to a newer internet archive timestamp so New York gets one too.
* nongnu/packages/fonts (font-apple-new-york): Update source archive.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (sof-firmware)[arguments]<#:install-plan>: Also
install sof-ace-tplg.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
Use it by launching Chrome with '--gtk-version=4'. (At the time of this
writing, at least; Google changes these flags often.)
* nongnu/packages/chrome (google-chrome):
[inputs]: Add gtk.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
* nongnu/packages/nvidia.scm (%nvidia-driver-hashes,%nvidia-settings-hashes):
New variables.
(nvidia-source,nvidia-settings): Use them.
(nvidia-source-hash): Delete procedure.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>