This is a following up 635994b023 commit
and discussion in <https://codeberg.org/guix/guix/pulls/7459>.
* gnu/packages/music.scm (mopidy):
[inputs]: Remove python-gst, python-pygobject, python-pykka,
python-requests, and python-tornado.
[propagated-inputs]: Add python-gst, python-pygobject, python-pykka,
python-requests, and python-tornado.
Change-Id: If1daf18a24ddfabc673289d60fac200ad7ecac73
* gnu/services/web.scm (sogogi-service-type): New services.
(sogogi-serialize-section, sogogi-serialize-field)
(sogogi-serialize-string, sogogi-serialize-list-of-strings)
(sogogi-serialize-sogogi-user, sogogi-serialize-sogogi-location)
(sogogi-serialize-list-of-sogogi-user): New procedures.
(sogogi-user, sogogi-location)
(sogogi-configuration): New record types.
(sogogi-account-service): New variable.
(sogogi-config-file, sogogi-shepherd-service): New procedures.
* gnu/tests/web.scm (%test-sogogi): Add tests for the service.
* doc/guix.texi (Web Services): Document it.
Change-Id: I5cc6dd84d6c7c8d5d13b685853b19c5d433ed7e5
* gnu/packages/librewolf.scm (librewolf): Update to 149.0-1.
Contains fixes for:
CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component
CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component
CVE-2026-4686: Incorrect boundary conditions in the Graphics: Canvas2D component
CVE-2026-4687: Sandbox escape due to incorrect boundary conditions in the Telemetry component
CVE-2026-4688: Sandbox escape due to use-after-free in the Disability Access APIs component
CVE-2026-4689: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
CVE-2026-4690: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
CVE-2026-4691: Use-after-free in the CSS Parsing and Computation component
CVE-2026-4692: Sandbox escape in the Responsive Design Mode component
CVE-2026-4693: Incorrect boundary conditions in the Audio/Video: Playback component
CVE-2026-4694: Incorrect boundary conditions, integer overflow in the Graphics component
CVE-2026-4695: Incorrect boundary conditions in the Audio/Video: Web Codecs component
CVE-2026-4696: Use-after-free in the Layout: Text and Fonts component
CVE-2026-4697: Incorrect boundary conditions in the Audio/Video: Web Codecs component
CVE-2026-4698: JIT miscompilation in the JavaScript Engine: JIT component
CVE-2026-4699: Incorrect boundary conditions in the Layout: Text and Fonts component
CVE-2026-4700: Mitigation bypass in the Networking: HTTP component
CVE-2026-4701: Use-after-free in the JavaScript Engine component
CVE-2026-4722: Privilege escalation in the IPC component
CVE-2026-4702: JIT miscompilation in the JavaScript Engine component
CVE-2026-4723: Use-after-free in the JavaScript Engine component
CVE-2026-4724: Undefined behavior in the Audio/Video component
CVE-2026-4704: Denial-of-service in the WebRTC: Signaling component
CVE-2026-4705: Undefined behavior in the WebRTC: Signaling component
CVE-2026-4706: Incorrect boundary conditions in the Graphics: Canvas2D component
CVE-2026-4707: Incorrect boundary conditions in the Graphics: Canvas2D component
CVE-2026-4708: Incorrect boundary conditions in the Graphics component
CVE-2026-4709: Incorrect boundary conditions in the Audio/Video: GMP component
CVE-2026-4710: Incorrect boundary conditions in the Audio/Video component
CVE-2026-4711: Use-after-free in the Widget: Cocoa component
CVE-2026-4725: Sandbox escape due to use-after-free in the Graphics: Canvas2D component
CVE-2026-4712: Information disclosure in the Widget: Cocoa component
CVE-2026-4713: Incorrect boundary conditions in the Graphics component
CVE-2026-4714: Incorrect boundary conditions in the Audio/Video component
CVE-2026-4715: Uninitialized memory in the Graphics: Canvas2D component
CVE-2026-4716: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component
CVE-2026-4717: Privilege escalation in the Netmonitor component
CVE-2026-4726: Denial-of-service in the XML component
CVE-2025-59375: Denial-of-service in the XML component
CVE-2026-4727: Denial-of-service in the Libraries component in NSS
CVE-2026-4728: Spoofing issue in the Privacy: Anti-Tracking component
CVE-2026-4718: Undefined behavior in the WebRTC: Signaling component
CVE-2026-4719: Incorrect boundary conditions in the Graphics: Text component
CVE-2026-4720: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149
CVE-2026-4729: Memory safety bugs fixed in Firefox 149 and Thunderbird 149
CVE-2026-4721: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and
hunderbird 149
Change-Id: I40e76bf852087d71f8df869103c846032e8552c9
Signed-off-by: Ian Eure <ian@retrospec.tv>
* gnu/packages/python-build.scm (python-pypa-installer): Drop
variable, and redefine it as a deprecated version of python-installer.
Change-Id: I97467c9832eb7e23ffe67aea90fbf017864f312b
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
* gnu/packages/dav.scm (xandikos): Update to 0.3.3.
[source]: Switch to git-fetch.
[arguments]<#:test-backend>: Drop it (use pytest).
<#:phases>: Drop 'create-entrypoints phase replacement, fixed by
https://github.com/jelmer/xandikos/pull/563 in version 0.3.1.
[native-inputs]: Add python-pytest.
[propagated-inputs]: Replace python-dulwich-0.24 by python-dulwich.
Change-Id: I6de5cd2a35aeface02946d1cec8b76035ae70708
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
* gnu/packages/emacs-xyz.scm (emacs-exwm)[arguments]:
<#:phases>: Add -mm flag to exported .desktop file, ensuring emacs starts with a frame the same size as the screen. Use '(exwm-wm-mode)' instead of deprecated '(exwm-enable)'.
Change-Id: I5a7ddc017196171f44fe81016f4e16dbe4f4b545
Signed-off-by: Ian Eure <ian@retrospec.tv>
Much of the modern Linux video stack depends on using kernel modesetting (KMS)
drivers. Because of this, not much effort has been put into the legacy stuff,
which have grown less supported and more buggy. Unfortunately, the
modesetting Xorg driver didn’t initially have support for tear-free
video (which most legacy drivers did), requiring additional software -- a
compositor -- to fix this. Sadly, there’s no good option for a compositor --
they all require hardware-specific tweaking and tuning, and tend to be quite
buggy.
Support for a "TearFree" option merged in 2022[1], but there hasn’t been an
Xorg release since it was merged.
This PR applies the patch from that MR to the last release. It required a
one-character edit to apply cleanly, necesitating inclusion in the Guix repo.
I tested this on bare metal and it appears to work well.
[1]: https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1006
* gnu/local.mk (dist_patch_DATA): Add patch.
* gnu/packages/patches/xorg-server-tearfree-modesetting.patch: New file.
* gnu/packages/xorg.scm (xorg-server): Apply modesetting tearfree patch.
Change-Id: I60a705b35cb51bfd7de79aba406bc4b7b3934e48
* gnu/packages/maths.scm (hdf5)[outputs]: Add 'doc'.
[arguments]: Add a phase to move the documentation to the 'doc' output.
Fixesguix/guix#7486
Merges guix/guix!7495
Change-Id: I9753715f270748abff9ddf8adaa64120fe167664
