Next: , Previous: , Up: Utilities   [Contents][Index]

5.7 Invoking guix lint

The guix lint command is meant to help package developers avoid common errors and use a consistent style. It runs a number of checks on a given set of packages in order to find common mistakes in their definitions. Available checkers include (see --list-checkers for a complete list):


Validate certain typographical and stylistic rules about package descriptions and synopses.


Identify inputs that should most likely be native inputs.


Probe home-page and source URLs and report those that are invalid. Suggest a mirror:// URL when applicable. Check that the source file name is meaningful, e.g. is not just a version number or “git-checkout”, without a declared file-name (see origin Reference).


Report known vulnerabilities found in the Common Vulnerabilities and Exposures (CVE) databases of the current and past year published by the US NIST.

To view information about a particular vulnerability, visit pages such as:

where CVE-YYYY-ABCD is the CVE identifier—e.g., CVE-2015-7554.

Package developers can specify in package recipes the Common Platform Enumeration (CPE) name and version of the package when they differ from the name that Guix uses, as in this example:

  (name "grub")
  ;; …
  ;; CPE calls this package "grub2".
  (properties '((cpe-name . "grub2"))))

Warn about obvious source code formatting issues: trailing white space, use of tabulations, etc.

The general syntax is:

guix lint options package

If no package is given on the command line, then all packages are checked. The options may be zero or more of the following:


List and describe all the available checkers that will be run on packages and exit.


Only enable the checkers specified in a comma-separated list using the names returned by --list-checkers.

Next: , Previous: , Up: Utilities   [Contents][Index]