The primary audience of the
guix refresh command is developers
of the GNU software distribution. By default, it reports any packages
provided by the distribution that are outdated compared to the latest
upstream version, like this:
$ guix refresh gnu/packages/gettext.scm:29:13: gettext would be upgraded from 0.18.1.1 to 0.18.2.1 gnu/packages/glib.scm:77:12: glib would be upgraded from 2.34.3 to 2.37.0
It does so by browsing each package’s FTP directory and determining the highest version number of the source tarballs therein5.
--update, it modifies distribution source files to
update the version numbers and source tarball hashes of those packages’
recipes (see Defining Packages). This is achieved by downloading
each package’s latest source tarball and its associated OpenPGP
signature, authenticating the downloaded tarball against its signature
gpg, and finally computing its hash. When the public
key used to sign the tarball is missing from the user’s keyring, an
attempt is made to automatically retrieve it from a public key server;
when it’s successful, the key is added to the user’s keyring; otherwise,
guix refresh reports an error.
The following options are supported:
Update distribution source files (package recipes) in place. Defining Packages, for more information on package definitions.
Select all the packages in subset, one of
core subset refers to all the packages at the core of the
distribution—i.e., packages that are used to build “everything
else”. This includes GCC, libc, Binutils, Bash, etc. Usually,
changing one of these packages in the distribution entails a rebuild of
all the others. Thus, such updates are an inconvenience to users in
terms of build time or bandwidth used to achieve the upgrade.
non-core subset refers to the remaining packages. It is
typically useful in cases where an update of the core packages would be
guix refresh can be passed one or more package
names, as in this example:
guix refresh -u emacs idutils
The command above specifically updates the
idutils packages. The
--select option would have no
effect in this case.
The following options can be used to customize GnuPG operation:
Use host as the OpenPGP key server when importing a public key.
Use command as the GnuPG 2.x command. command is searched
Currently, this only works for GNU packages.