GNU bug report logs -
#41767
[PATCH 0/9] Authenticate channels
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Mon, 8 Jun 2020 21:53:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #50 received at 41767 <at> debbugs.gnu.org (full text, mbox):
Hi,
Maxim Cournoyer <maxim.cournoyer <at> gmail.com> skribis:
> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>> This allows users to authenticate commits that were made before
>> '.guix-authorizations' was introduced.
>>
>> * guix/channels.scm (<channel-introduction>)[prehistorical-authorizations]:
>> New field.
>> (%guix-historical-committers): New variable.
>> (openpgp-fingerprint->bytevector): New procedure.
>> (%guix-channel-introduction): Add 'prehistorical-authorizations' field.
>> (authenticate-channel): Honor it. Pass it as #:default-authorizations
>> to 'authenticate-commits'.
>> * build-aux/git-authenticate.scm (%historical-committers)
>> (%historical-authorized-signing-keys, commit-short-id): Remove.
>> * build-aux/git-authenticate.scm (git-authenticate): Rewrite to use
>> 'authenticate-channel'.
>> * tests/channels.scm ("authenticate-channel, wrong first commit signer")
>> ("authenticate-channel, .guix-authorizations"): Adjust accordingly.
>
> I'd be in favor of dropping this commit, to not be burdened by legacy
> complexity, which I'm doubtful would see much use anyway. This means
> that a channel require all its commits to have a .guix-authorizations
> file to be authenticated. I think that's fine.
Yeah, makes sense to me.
> The series LGTM. I haven't tested it locally, but the tests give me
> confidence.
Cool. I’ll reply to your other comments soonish.
Anyhow, I’ll leave a few more days for people to weigh in before going
further.
Thanks for reviewing!
Ludo’.
This bug report was last modified 4 years and 344 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.