GNU bug report logs - #41602
texlive is actually substitutable

Previous Next

Package: guix;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Fri, 29 May 2020 15:17:01 UTC

Severity: important

Full log

View this message in rfc822 format

From: Liliana Marie Prikler <liliana.prikler <at> gmail.com>
To: Morgan Arnold <morgan.arnold <at> proton.me>, 41602 <at> debbugs.gnu.org
Subject: bug#41602: [PATCH v2] Prevent publication of non-substitutable derivation outputs
Date: Wed, 05 Mar 2025 20:59:22 +0100

Am Montag, dem 24.02.2025 um 19:10 +0000 schrieb Morgan Arnold:
> This commit prevents Guix substitute servers from distributing
> binaries which are marked non-substitutable. This prevents substitute
> servers from accidentally committing copyright violations by
> distributing binaries which are non-substitutable for copyright
> reasons.
> 
> Change-Id: Iaca81f5bdb430a12a3ad41e9b83e0bcc535af607
> ---
>  guix/scripts/publish.scm | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm
> index a000c559a7..f736cf3068 100644
> --- a/guix/scripts/publish.scm
> +++ b/guix/scripts/publish.scm
> @@ -61,6 +61,7 @@ (define-module (guix scripts publish)
>    #:use-module (guix cache)
>    #:use-module (guix ui)
>    #:use-module (guix scripts)
> +  #:use-module (guix derivations)
>    #:use-module ((guix utils)
>                  #:select (with-atomic-file-output compressed-file?))
>    #:use-module ((guix build utils)
> @@ -696,11 +697,15 @@ (define* (bake-narinfo+nar cache item
>  (define* (render-nar store request store-item
>                       #:key (compression %no-compression))
>    "Render archive of the store path corresponding to STORE-ITEM."
> -  (let ((store-path (string-append %store-directory "/" store-
> item)))
> +  (let* ((store-path (string-append %store-directory "/" store-
> item))
> +         (substitutable-store-item? (every substitutable-derivation?
> +                                           (map read-derivation-
> from-file
> +                                                (valid-derivers
> store
> +                                                               
> store-path)))))
>      ;; The ISO-8859-1 charset *must* be used otherwise HTTP clients
> will
>      ;; interpret the byte stream as UTF-8 and arbitrarily change
> invalid byte
>      ;; sequences.
> -    (if (valid-path? store store-path)
> +    (if ((and substitutable-store-item? valid-path?) store store-
> path)
This should probably be 
  (and substitutable-store-item? (valid-path? store store-path))

Cheers
This bug report was last modified 142 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.