From 5432734b00ae14c3a93af358fc7bbf80e3db5ee8 Mon Sep 17 00:00:00 2001
From: Ludovic Courtès <ludo@gnu.org>
Date: Thu, 26 Nov 2015 22:59:06 +0100
Subject: lint: Add "cve" checker.

Fixes <http://bugs.gnu.org/21289>.

* guix/scripts/lint.scm (package-name->cpe-name, package-vulnerabilities)
(check-vulnerabilities): New procedures.
* guix/scripts/lint.scm (%checkers): Add "cve" checker.
* tests/lint.scm ("cve", "cve: one vulnerability"): New tests.
* doc/guix.texi (Invoking guix lint): Mention it.
---
 doc/guix.texi | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'doc/guix.texi')

diff --git a/doc/guix.texi b/doc/guix.texi
index 058b3598dc..8ecb7ccc17 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -4452,6 +4452,12 @@ invalid.  Check that the source file name is meaningful, e.g. is not
 just a version number or ``git-checkout'', and should not have a
 @code{file-name} declared (@pxref{origin Reference}).
 
+@item cve
+Report known vulnerabilities found in the Common Vulnerabilities and
+Exposures (CVE) database
+@uref{https://nvd.nist.gov/download.cfm#CVE_FEED, published by the US
+NIST}.
+
 @item formatting
 Warn about obvious source code formatting issues: trailing white space,
 use of tabulations, etc.
-- 
cgit v1.2.3