guix: Compile GUI separately from other binaries #35098

pull hebasto wants to merge 6 commits into bitcoin:master from hebasto:260417-guix-gui changing 14 files +312 −232
  1. hebasto commented at 10:50 AM on April 17, 2026: member

    This PR isolates the GUI build, including its specific dependencies, into a dedicated container.

    Benefits of this approach:

    1. Improves security: Any unknown backdoors in GUI-specific dependencies will no longer affect bitcoind and other non-GUI binaries.

    2. Enables a safer upgrade path: Allows for the introduction of additional GUI dependencies needed for Wayland support or transitioning to the QML-based GUI.

    3. Could be useful for #25573.

    This implementation is based on an idea proposed here.

    Currently based on #34948 and #35072.

    Closes #29914.

  2. guix: Split manifest into build and codesign manifests 690e587b7b
  3. cmake: Move `USE_DBUS` to `bitcoinqt` target
    This removes the `USE_DBUS` definition from `bitcoin-build-config.h`,
reducing the dependency of non-GUI code on GUI-specific definitions.
    afcb4be937
  4. cmake: Move `USE_QRCODE` to `bitcoinqt` target
    This removes the `USE_QRCODE` definition from `bitcoin-build-config.h`,
reducing the dependency of non-GUI code on GUI-specific definitions.

Additionally, `QRencode::QRencode` is now linked only when wallet is
enabled, because the `qrencode.h` header is used exclusively in
wallet-specific code.
    29d4d1ff96
  5. guix: Split GUI dependencies into separate manifest 037fce4eee
  6. guix, depends: Omit `GUIX_ENVIRONMENT` from `gen_id` calculations
    When using the Guix build/sign scripts from this repository, the Guix
environment and the `GUIX_ENVIRONMENT` variable within the container are
fully defined by the commit hash and the user-provided
`ADDITIONAL_GUIX_*_FLAGS`.

This change removes `GUIX_ENVIRONMENT` from the package ID calculations.
Doing so allows us to split manifests and reuse built depends packages
across containers that utilize these split manifests in subsequent
commits.

The potential impact of `ADDITIONAL_GUIX_*_FLAGS` is still accounted for
by passing them to the `gen_id` script via the `{BUILD,HOST}_ID_SALT`
variables.
    0bb539dec3
  7. guix: Build GUI sequentially 81bf176555
  8. hebasto added the label Build system on Apr 17, 2026
  9. DrahtBot commented at 10:51 AM on April 17, 2026: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--021abf342d371248e50ceaed478a90ca-->

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #35072 (cmake: Remove GUI-specific definitions from bitcoin-build-config.h by hebasto)
    • #34948 (guix: Split manifest into build and codesign manifests by hebasto)
    • #33974 (cmake: Check dependencies after build option interaction by hebasto)
    • #32764 (guix: Build for macOS using Clang only by hebasto)
    • #32162 (depends: Switch from multilib to platform-specific toolchains by hebasto)
    • #25573 (guix: produce a -static-pie bitcoind by fanquake)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

    <!--5faf32d7da4f0f540f40219e4f7537a3-->

  10. DrahtBot added the label CI failed on Apr 17, 2026
  11. DrahtBot commented at 11:58 AM on April 17, 2026: contributor

    <!--85328a0da195eb286784d51f73fa0af9-->

    🚧 At least one of the CI tasks failed. <sub>Task lint: https://github.com/bitcoin/bitcoin/actions/runs/24561368833/job/71811492362</sub> <sub>LLM reason (✨ experimental): CI failed because the shell lint check (lint-shell.py) reported a ShellCheck SC2206 word-splitting warning in contrib/guix/libexec/build.sh and treated it as an error.</sub>

    <details><summary>Hints</summary>

    Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

    • Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.

    • A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.

    • An intermittent issue.

    Leave a comment here, if you need help tracking down a confusing failure.

    </details>

Contributors
hebastoDrahtBot
Labels
Build systemCI failed
Linked (view graph)
#22708 build, qt: Add Wayland support for Linux builds with depends#25573 guix: produce a `-static-pie` bitcoind#29914 RFC: In guix compile the GUI sequentially from everything else?#34948 guix: Split manifest into build and codesign manifests#35072 cmake: Remove GUI-specific definitions from `bitcoin-build-config.h`
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-21 09:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me