GNU bug report logs - #42030
[PATCH] channels: Error out when the 'guix' channel lacks an introduction.

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Wed, 24 Jun 2020 12:58:01 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 42030 in the body.
You can then email your comments to 42030 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to guix-patches <at> gnu.org:
bug#42030; Package guix-patches. (Wed, 24 Jun 2020 12:58:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Ludovic Courtès <ludo <at> gnu.org>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Wed, 24 Jun 2020 12:58:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: guix-patches <at> gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>
Subject: [PATCH] channels: Error out when the 'guix' channel lacks an
 introduction.
Date: Wed, 24 Jun 2020 14:57:49 +0200
* guix/channels.scm (latest-channel-instance): Raise an error instead of
warning when 'guix is unauthenticated.
* tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
New test.
---
 guix/channels.scm  | 13 ++++++++++---
 tests/channels.scm | 21 +++++++++++++++++++++
 2 files changed, 31 insertions(+), 3 deletions(-)

Hi!

This patch makes it an error to have a 'guix' channel without an
introduction.  Before that, it was just a warning, which is easily
overlooked.  (Similarly, wget or your browser stop if they cannot
authenticate the host you're connecting to over HTTPS.)

Note that when using the "official" 'guix' channel, (guix channels)
automatically adds the introduction (see commit
c3f6f564e909ebefe752d24b325871a4e3a02d40).  It will work similarly
for people who maintain forks.

Thanks,
Ludo'.

diff --git a/guix/channels.scm b/guix/channels.scm
index 3eec5df883..1016b95045 100644
--- a/guix/channels.scm
+++ b/guix/channels.scm
@@ -406,9 +406,16 @@ their relation.  When AUTHENTICATE? is false, CHANNEL is not authenticated."
             ;; TODO: Warn for all the channels once the authentication interface
             ;; is public.
             (when (guix-channel? channel)
-              (warning (G_ "channel '~a' lacks an introduction and \
-cannot be authenticated~%")
-                       (channel-name channel))))
+              (raise (condition
+                      (&message
+                       (message (format #f (G_ "channel '~a' lacks an \
+introduction and cannot be authenticated~%")
+                                        (channel-name channel))))
+                      (&fix-hint
+                       (hint (G_ "Add the missing introduction to your
+channels file to address the issue.  Alternatively, you can pass
+@option{--disable-authentication}, at the risk of running unauthenticated and
+thus potentially malicious code.")))))))
         (warning (G_ "channel authentication disabled~%")))
 
     (when (guix-channel? channel)
diff --git a/tests/channels.scm b/tests/channels.scm
index 3a2c1d429b..d7202f8cbf 100644
--- a/tests/channels.scm
+++ b/tests/channels.scm
@@ -402,6 +402,27 @@
                          (channel-news-for-commit channel commit5 commit1))
                     '(#f "tag-for-first-news-entry")))))))
 
+(unless (which (git-command)) (test-skip 1))
+(test-assert "latest-channel-instances, missing introduction for 'guix'"
+  (with-temporary-git-repository directory
+      '((add "a.txt" "A")
+        (commit "first commit")
+        (add "b.scm" "#t")
+        (commit "second commit"))
+    (with-repository directory repository
+      (let* ((commit1 (find-commit repository "first"))
+             (commit2 (find-commit repository "second"))
+             (channel (channel (url (string-append "file://" directory))
+                               (name 'guix))))
+
+        (guard (c ((message-condition? c)
+                   (->bool (string-contains (condition-message c)
+                                            "introduction"))))
+          (with-store store
+            ;; Attempt a downgrade from NEW to OLD.
+            (latest-channel-instances store (list channel))
+            #f))))))
+
 (unless (gpg+git-available?) (test-skip 1))
 (test-equal "authenticate-channel, wrong first commit signer"
   #t
-- 
2.26.2





Information forwarded to guix-patches <at> gnu.org:
bug#42030; Package guix-patches. (Wed, 24 Jun 2020 21:14:02 GMT) Full text and rfc822 format available.

Message #8 received at 42030 <at> debbugs.gnu.org (full text, mbox):

From: Marius Bakke <marius <at> gnu.org>
To: Ludovic Courtès <ludo <at> gnu.org>, 42030 <at> debbugs.gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>
Subject: Re: [bug#42030] [PATCH] channels: Error out when the 'guix' channel
 lacks an introduction.
Date: Wed, 24 Jun 2020 23:13:43 +0200
[Message part 1 (text/plain, inline)]
Ludovic Courtès <ludo <at> gnu.org> writes:

> * guix/channels.scm (latest-channel-instance): Raise an error instead of
> warning when 'guix is unauthenticated.
> * tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
> New test.

The hunk in tests/channels.scm does not apply.  :-)  LGTM, anyway.

I think we should export %guix-channel-introduction, or alternatively
add a %default-guix-channel that can be inherited, for easy access in
custom channels.scm files.  WDYT?
[signature.asc (application/pgp-signature, inline)]

Information forwarded to guix-patches <at> gnu.org:
bug#42030; Package guix-patches. (Thu, 25 Jun 2020 09:30:02 GMT) Full text and rfc822 format available.

Message #11 received at 42030 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Marius Bakke <marius <at> gnu.org>
Cc: 42030 <at> debbugs.gnu.org
Subject: Re: [bug#42030] [PATCH] channels: Error out when the 'guix' channel
 lacks an introduction.
Date: Thu, 25 Jun 2020 11:29:07 +0200
Hi,

Marius Bakke <marius <at> gnu.org> skribis:

> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>> * guix/channels.scm (latest-channel-instance): Raise an error instead of
>> warning when 'guix is unauthenticated.
>> * tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
>> New test.
>
> The hunk in tests/channels.scm does not apply.  :-)  LGTM, anyway.

Ah, maybe because you were too fast: it depends on
a18d02def9862dfb9b7a5e3d5aa3b541b066d198, which I pushed yesterday.

> I think we should export %guix-channel-introduction, or alternatively
> add a %default-guix-channel that can be inherited, for easy access in
> custom channels.scm files.  WDYT?

The idea was to expose only ‘%default-channels’, which leaves room for
the possibility of having multiple channels by default.  I’d rather
avoid exposing the individual bits as that’s a bit of an additional
committment.

But note that the introduction of the “official” guix channel is
automatically added anyway (commit
c3f6f564e909ebefe752d24b325871a4e3a02d40).

Thanks for your feedback!

Ludo’.




Reply sent to Ludovic Courtès <ludo <at> gnu.org>:
You have taken responsibility. (Sun, 28 Jun 2020 21:32:01 GMT) Full text and rfc822 format available.

Notification sent to Ludovic Courtès <ludo <at> gnu.org>:
bug acknowledged by developer. (Sun, 28 Jun 2020 21:32:01 GMT) Full text and rfc822 format available.

Message #16 received at 42030-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: 42030-done <at> debbugs.gnu.org
Cc: Marius Bakke <marius <at> gnu.org>
Subject: Re: [bug#42030] [PATCH] channels: Error out when the 'guix' channel
 lacks an introduction.
Date: Sun, 28 Jun 2020 23:31:16 +0200
Ludovic Courtès <ludo <at> gnu.org> skribis:

> * guix/channels.scm (latest-channel-instance): Raise an error instead of
> warning when 'guix is unauthenticated.
> * tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
> New test.
> ---
>  guix/channels.scm  | 13 ++++++++++---
>  tests/channels.scm | 21 +++++++++++++++++++++
>  2 files changed, 31 insertions(+), 3 deletions(-)

Pushed as ead5c46147ebf352ad4804d52a766dcf105eda4f.

Ludo’.




Information forwarded to guix-patches <at> gnu.org:
bug#42030; Package guix-patches. (Mon, 29 Jun 2020 11:48:01 GMT) Full text and rfc822 format available.

Message #19 received at 42030 <at> debbugs.gnu.org (full text, mbox):

From: Marius Bakke <marius <at> gnu.org>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 42030 <at> debbugs.gnu.org
Subject: Re: [bug#42030] [PATCH] channels: Error out when the 'guix' channel
 lacks an introduction.
Date: Mon, 29 Jun 2020 13:47:48 +0200
[Message part 1 (text/plain, inline)]
Hello!  Sorry for the late reply.

Ludovic Courtès <ludo <at> gnu.org> writes:

>> I think we should export %guix-channel-introduction, or alternatively
>> add a %default-guix-channel that can be inherited, for easy access in
>> custom channels.scm files.  WDYT?
>
> The idea was to expose only ‘%default-channels’, which leaves room for
> the possibility of having multiple channels by default.  I’d rather
> avoid exposing the individual bits as that’s a bit of an additional
> committment.
>
> But note that the introduction of the “official” guix channel is
> automatically added anyway (commit
> c3f6f564e909ebefe752d24b325871a4e3a02d40).

It is only added for people using the default channel URL, and not for
local mirrors that may well be authenticated.  E.g. (url "/some/dir") or
(url "https://github.com/guix-mirror/guix").

Would it make sense to remove the %default-channel-url check from
ensure-default-introductions?  I think we can safely assume that a
channel named 'guix is _the_ Guix channel regardless of where it came
from, and if users need to override the introduction they can just do
that.

Currently I do this to access the channel introduction, which seems
needlessly complicated:

--8<---------------cut here---------------start------------->8---
(use-modules (srfi srfi-1))
(let ((guix-channel (find (lambda (channel)
                            (eq? 'guix (channel-name channel)))
                          %default-channels)))
  (list [other channels omitted]
        (channel
         (inherit guix-channel)
         (url "/home/marius/src/guix"))))
--8<---------------cut here---------------end--------------->8---
[signature.asc (application/pgp-signature, inline)]

Information forwarded to guix-patches <at> gnu.org:
bug#42030; Package guix-patches. (Mon, 29 Jun 2020 15:15:03 GMT) Full text and rfc822 format available.

Message #22 received at 42030 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Marius Bakke <marius <at> gnu.org>
Cc: 42030 <at> debbugs.gnu.org
Subject: Re: [bug#42030] [PATCH] channels: Error out when the 'guix' channel
 lacks an introduction.
Date: Mon, 29 Jun 2020 17:14:40 +0200
Hi!

Marius Bakke <marius <at> gnu.org> skribis:

> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>>> I think we should export %guix-channel-introduction, or alternatively
>>> add a %default-guix-channel that can be inherited, for easy access in
>>> custom channels.scm files.  WDYT?
>>
>> The idea was to expose only ‘%default-channels’, which leaves room for
>> the possibility of having multiple channels by default.  I’d rather
>> avoid exposing the individual bits as that’s a bit of an additional
>> committment.
>>
>> But note that the introduction of the “official” guix channel is
>> automatically added anyway (commit
>> c3f6f564e909ebefe752d24b325871a4e3a02d40).
>
> It is only added for people using the default channel URL, and not for
> local mirrors that may well be authenticated.  E.g. (url "/some/dir") or
> (url "https://github.com/guix-mirror/guix").
>
> Would it make sense to remove the %default-channel-url check from
> ensure-default-introductions?  I think we can safely assume that a
> channel named 'guix is _the_ Guix channel regardless of where it came
> from, and if users need to override the introduction they can just do
> that.

I don’t think we can do that: if someone who’s not currently a committer
wants to publish a fork, they’ll also publish a different introduction,
pointing to the first commit where they’re in ‘.guix-authorizations’.

> Currently I do this to access the channel introduction, which seems
> needlessly complicated:
>
> (use-modules (srfi srfi-1))
> (let ((guix-channel (find (lambda (channel)
>                             (eq? 'guix (channel-name channel)))
>                           %default-channels)))

You can write: (find guix-channel? %default-channels).

>   (list [other channels omitted]
>         (channel
>          (inherit guix-channel)
>          (url "/home/marius/src/guix"))))

I’m hesitant.  We can publish ‘%guix-channel-introduction’ if it helps,
but it’s a slight maintenance constraint for a slight improvement.  :-)
WDYT?

Ludo’.




Information forwarded to guix-patches <at> gnu.org:
bug#42030; Package guix-patches. (Sat, 25 Jul 2020 15:06:01 GMT) Full text and rfc822 format available.

Message #25 received at 42030-done <at> debbugs.gnu.org (full text, mbox):

From: Marius Bakke <marius <at> gnu.org>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 42030-done <at> debbugs.gnu.org
Subject: Re: [bug#42030] [PATCH] channels: Error out when the 'guix' channel
 lacks an introduction.
Date: Sat, 25 Jul 2020 17:05:08 +0200
[Message part 1 (text/plain, inline)]
Ludovic Courtès <ludo <at> gnu.org> writes:

> Hi!
>
> Marius Bakke <marius <at> gnu.org> skribis:
>
>> Ludovic Courtès <ludo <at> gnu.org> writes:
>>
>>>> I think we should export %guix-channel-introduction, or alternatively
>>>> add a %default-guix-channel that can be inherited, for easy access in
>>>> custom channels.scm files.  WDYT?
>>>
>>> The idea was to expose only ‘%default-channels’, which leaves room for
>>> the possibility of having multiple channels by default.  I’d rather
>>> avoid exposing the individual bits as that’s a bit of an additional
>>> committment.
>>>
>>> But note that the introduction of the “official” guix channel is
>>> automatically added anyway (commit
>>> c3f6f564e909ebefe752d24b325871a4e3a02d40).
>>
>> It is only added for people using the default channel URL, and not for
>> local mirrors that may well be authenticated.  E.g. (url "/some/dir") or
>> (url "https://github.com/guix-mirror/guix").
>>
>> Would it make sense to remove the %default-channel-url check from
>> ensure-default-introductions?  I think we can safely assume that a
>> channel named 'guix is _the_ Guix channel regardless of where it came
>> from, and if users need to override the introduction they can just do
>> that.
>
> I don’t think we can do that: if someone who’s not currently a committer
> wants to publish a fork, they’ll also publish a different introduction,
> pointing to the first commit where they’re in ‘.guix-authorizations’.

Right.

>> Currently I do this to access the channel introduction, which seems
>> needlessly complicated:
>>
>> (use-modules (srfi srfi-1))
>> (let ((guix-channel (find (lambda (channel)
>>                             (eq? 'guix (channel-name channel)))
>>                           %default-channels)))
>
> You can write: (find guix-channel? %default-channels).

Ah, much better.

>>   (list [other channels omitted]
>>         (channel
>>          (inherit guix-channel)
>>          (url "/home/marius/src/guix"))))
>
> I’m hesitant.  We can publish ‘%guix-channel-introduction’ if it helps,
> but it’s a slight maintenance constraint for a slight improvement.  :-)
> WDYT?

I'm happy with the 'find guix-channel?' trick for now.  Let's see if
other users report workflow issues before changing anything.  :-)
[signature.asc (application/pgp-signature, inline)]

bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Sun, 23 Aug 2020 11:24:07 GMT) Full text and rfc822 format available.

This bug report was last modified 4 years and 359 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.