From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 31 16:10:49 2025 Received: (at submit) by debbugs.gnu.org; 31 Jan 2025 21:10:49 +0000 Received: from localhost ([127.0.0.1]:54541 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tdyHo-00055C-7G for submit@debbugs.gnu.org; Fri, 31 Jan 2025 16:10:48 -0500 Received: from lists.gnu.org ([2001:470:142::17]:56404) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tdyHj-00054g-PM for submit@debbugs.gnu.org; Fri, 31 Jan 2025 16:10:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <45mg.writes@gmail.com>) id 1tdyHU-00080p-GJ for guix-patches@gnu.org; Fri, 31 Jan 2025 16:10:29 -0500 Received: from mail-pj1-x1042.google.com ([2607:f8b0:4864:20::1042]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <45mg.writes@gmail.com>) id 1tdyHS-0008MU-8E for guix-patches@gnu.org; Fri, 31 Jan 2025 16:10:28 -0500 Received: by mail-pj1-x1042.google.com with SMTP id 98e67ed59e1d1-2ef87d24c2dso3337361a91.1 for ; Fri, 31 Jan 2025 13:10:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738357824; x=1738962624; darn=gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=6vbQZg9QxmIdkwbeWIk3TN/FYCiD4UOzCGk/rt5FNZQ=; b=OkLfhrha+DMI5oolDCGdyJ54I1XYuOyzYSz6lBV8H4AFH/8g+K1Iu4Ce0m8aq7s3uV U3iAaFPzHXwo9kBuDwvRoc07L/a1G2ueWYHDEzdF0yVEwrvCyzkE9ASf2OR0sbZj68Gf Z2N9B3DDSv4yb9z87psuwFpnOOdA9A4IGnJSSdI7kqBIKxRRNujCmPgeOtuUaCrEhgIk pE9l3V00e4wAJeCUGqb6xF+RDGv+ZylDLYdo+I/fJJSeWeYqDqmqxd1BufcNNI68BCuM GhPhKbknXn9HPgMl0Bk02rfVkJcZt+65XZMxn1UPzd79Pho7yRchdaaM4fYiZg5V5ZJ+ d5lQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738357824; x=1738962624; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6vbQZg9QxmIdkwbeWIk3TN/FYCiD4UOzCGk/rt5FNZQ=; b=kJx/G2lUD61LImPWrBQ0rImb1Yrlke0+rvbkx28P6c1EbgbRvJ4oRTtt22auP4Y1bs StubOMb0HE1BbNmUd6S9bneAnooOaFX+B+zr7sNFPTkgQnAErUEiVIo8T4MMiy7ca5zX 7EN80h1Ptt6EKWzcfHGGgITZvShKScy4UMfZvJkDF8gPw0J9ZNGAOhc3VKvStuKpnWZT LdcwRjRx8pdIgEt430YcjZSj4pb4Bz36mdJW8vjG6Vd57ECrpXZ2tSIIidzTCEtL1Bs9 F3TYZhvD6PV8wOhmmihQah7RSFSbNrizbN6ks237jd+eH9ECVwXJU06nXsjhXmNEJxoC oaGA== X-Gm-Message-State: AOJu0YzwgAOj4pDSUqwyjQEgoBLidhfYaVLuICaCn2w1ZzNPJx77EOwg v6IsBlOQzWZExmhmzniIN4KyM91W2wpjpyy1ZghvZXH9FYXFOmLmhJC/Mq5P X-Gm-Gg: ASbGnct1ifyNoUp7R6T79f05dKGZTY1q4LHMwJ94+toV/BSzPV78ryYwTRnbTzSvk2C FDiGCfGFY67R78pK79M4BpvhTY3ckQpibKYgW85RYV5ARCxeVwPHCWkL5hNykyx78Fu6DSvqnOA cwx/JNY459pi/otHtLc35fLC3cul5LCXOmPcZEW8vlz+0edlwqBAXwMbgB4YY/xWRAMTZMRZmdp o2tQnZmGqlfKruftnmtWKbBU3/+uxlQPZPy9VS3DubGMA3J4ajya4Cr36C1OuDSkuyXvED4/Har 4lwBCcLYPyjNTbnL1MY2V2VOQs6Q7QddGXEgow== X-Google-Smtp-Source: AGHT+IHd0KjUaTjEscVIwWx3zAZjw6GmPD8Ukqs3CTLnfj7D1CJLN2tOgxlA8OyfoskEFkRWH8zlWA== X-Received: by 2002:a17:90b:53c8:b0:2ee:c04a:4281 with SMTP id 98e67ed59e1d1-2f83abb3525mr17134955a91.6.1738357824112; Fri, 31 Jan 2025 13:10:24 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de31ef0d0sm34814905ad.25.2025.01.31.13.10.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 Jan 2025 13:10:23 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: guix-patches@gnu.org Subject: [PATCH (WIP) v1 0/4] Add 'guix fork'. Date: Sat, 1 Feb 2025 02:40:08 +0530 Message-ID: X-Mailer: git-send-email 2.48.1 MIME-Version: 1.0 X-Debbugs-Cc: Ludovic Courtès , Maxim Cournoyer Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::1042; envelope-from=45mg.writes@gmail.com; helo=mail-pj1-x1042.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: submit Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) Please ignore bugs #75973 and #75975. Those were both attempts to send this patch series, but I sent the first one out before it was done and somehow messed up the 'CC' and 'In-Reply-To' fields of the second. The best I can do is close them and try again. Hopefully I'll get it right this time. (The 'v1' in the subject line here is to differentiate this attempt from those ones.) Hello Guix, This patch series aims to enable and automate the creation and management of authenticated local forks of Guix. The purpose of this work is to allow contributors to use their own patches before they're applied to upstream Guix, so that their own use of Guix is not hindered by the slow and erratic pace of patch review. This is a solution to bug #75552 [1], in whose discussion thread the design was conceived and refined. Credit goes to Tomas for being the first person (to my knowledge) to share their solution to this problem [2], which provided a blueprint for 'guix fork create'; to Liliana for the idea behind the way 'guix fork update' works [3]; and to Ricardo for the idea behind 'guix fork identify' [4]. I've also CC'ed Attila and Nicolas since they replied in the original thread (apologies in advance if I shouldn't have). As I mentioned in the original thread [5], this solution aims to satisfy four conditions which are not met by any existing method to my knowledge: 1. Allows authenticating both upstream and fork commits. 2. Does not require bumping the channel introduction (as distributing channel introductions is sensitive) 3. Keeps fork history intact (to avoid force pulls). 4. Keeps upstream history intact (to avoid confusion). Despite the '(WIP)' subject prefix, this patch series should be perfectly usable in its current state. The easiest way to try it out would be as follows: 1. Apply it to your local clone of Guix (eg. in a branch) and build it. 2. 'cp -r' your local clone to another location. 3. Run the following command: ./pre-inst-env guix fork create path/to/copy/of/local/clone --use-existing Now you have the setup needed for an authenticated local fork. From here, you can create and 'guix pull' (with authentication) from branches starting from the initial fork commit. You can authenticate both fork and upstream using 'guix fork authenticate', even if the key used to create your fork is not authorized upstream. You can update your fork with new commits from upstream using 'guix fork update'. The documentation (additions to doc/guix.texi and doc/contributing.texi) should provide a proper overview of these commands and their usage. Easiest way to view it could be to run 'make doc/guix.html' and then open it in a browser. The '(WIP)' subject prefix is there because the following things are yet to be implemented: 1. The 'guix fork identify' command. 2. Tests, along the lines of tests/guix-git-authenticate.sh. The code here adapts certain procedures from Tomas Volf's original 'fork-guix' script [6]; namely: '-->', 'invoke/c', 'create-keyring-branch', 'git-C', and 'git-C/c'. That script is licensed under AGPL, so my understanding is that it, or the procedures I used from it, would need to be relicensed under GPLv3 to be included into Guix. Tomas - could you confirm here that you're willing to do so, as we discussed earlier? (Note that I didn't ask you about the last two of the five procedures above, since I hadn't used them yet at the time.) Regards, 45mg P.S It was helpfully explained to me [8] (in a reply to one of my previous botched attempts to send this out) that since this patch series modifies (guix build utils), it will result in almost every derivation changing and almost everything needing to be rebuilt. I may send a v1.5 that moves those changes elsewhere, so that it's feasible to 'guix pull' from a clone with this series applied. Until then, you can test things via pre-inst-env. [1] https://issues.guix.gnu.org/75552 [2] https://lists.gnu.org/archive/html/help-guix/2023-09/msg00078.html [3] https://lists.nongnu.org/archive/html/bug-guix/2025-01/msg00139.html [4] https://lists.nongnu.org/archive/html/bug-guix/2025-01/msg00130.html [5] https://lists.nongnu.org/archive/html/bug-guix/2025-01/msg00135.html [6] https://git.wolfsden.cz/guix/tree/etc/fork-guix [7] https://ci.guix.gnu.org/eval/2036099 [8] https://lists.gnu.org/archive/html/guix-patches/2025-01/msg02844.html 45mg (4): Add 'guix fork create'. Add 'guix fork authenticate'. Add 'guix fork update'. Document 'guix fork'. Makefile.am | 4 + doc/contributing.texi | 50 +++++ doc/guix.texi | 150 +++++++++++++ guix/build/utils.scm | 20 ++ guix/channels.scm | 13 ++ guix/git-authenticate.scm | 17 ++ guix/git.scm | 10 + guix/scripts/fork.scm | 71 +++++++ guix/scripts/fork/authenticate.scm | 331 +++++++++++++++++++++++++++++ guix/scripts/fork/create.scm | 257 ++++++++++++++++++++++ guix/scripts/fork/update.scm | 181 ++++++++++++++++ guix/scripts/git/authenticate.scm | 45 +--- guix/utils.scm | 33 +++ 13 files changed, 1141 insertions(+), 41 deletions(-) create mode 100644 guix/scripts/fork.scm create mode 100644 guix/scripts/fork/authenticate.scm create mode 100644 guix/scripts/fork/create.scm create mode 100644 guix/scripts/fork/update.scm base-commit: b85d20e853192a92093cd8d6a5756ec80e94c658 -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 31 16:19:57 2025 Received: (at 75981) by debbugs.gnu.org; 31 Jan 2025 21:19:57 +0000 Received: from localhost ([127.0.0.1]:54945 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tdyQd-0005jT-AO for submit@debbugs.gnu.org; Fri, 31 Jan 2025 16:19:56 -0500 Received: from mail-pl1-x642.google.com ([2607:f8b0:4864:20::642]:49434) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tdyQU-0005iu-HS for 75981@debbugs.gnu.org; Fri, 31 Jan 2025 16:19:48 -0500 Received: by mail-pl1-x642.google.com with SMTP id d9443c01a7336-2166f1e589cso61998635ad.3 for <75981@debbugs.gnu.org>; Fri, 31 Jan 2025 13:19:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738358380; x=1738963180; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8Qcfzz6WaLO9QLkrmpAvxsmLkRJTSrWMDKbZ/+TnOvc=; b=PaSP6/kCIzounG1PmRU/tWofxWsgeqGUUXE1B2VNXPORa04ArwzZ7FmFlEp/leJ01m MuZ0XdU571pFYBVOv3Yw4iRsxGoxdMI9H5KTsyZ0xWSXn+txJ/VrZWS72i7PbyMW3aXj 4oY+QhscyicR1hBVyHcmWh6gCjk/gndHcH7U9vIm0wgcBHTlQKwiH87+U7PAks/8bsaW e5e5o3NTJPwu0p+qYwgic5iNGHEnzJQfrFCLCYXiDeoCPQojewZnQav+8wPaZTiA7ntH MlrlEzgZeNkjTi6do2361fPkcPnI0Yj20Rcj8HxPrjuHusskpAGZsryCu38y2lUM0e/1 BZSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738358380; x=1738963180; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8Qcfzz6WaLO9QLkrmpAvxsmLkRJTSrWMDKbZ/+TnOvc=; b=r/R+YfC/wC+WL6S+fv/WJWE7bRQ9l4hmkdTOuvr8ZPgm3WbJ823HT7cFZOtyaqxZE9 56nQzBDbVj2zD5cvf7a0u8wOizQJgnhfZIW/dQBmYWjCXBo7yzGixnxJ4RUtLeNEPTt4 qMx1XXN8hZPVgY3NuCw+zqVJAxO+qa0331q5d5TG/ospuA0x43B3nez6q7ixei8V/I1f HvWrZM77AoTaJyUFz8JRc4eZzM0N/ziaONz3RsM6hP6zPIgC8xn/ns2mkFSvN1AorSy0 YDMHRWlLhowSfR03zePJZ7q7CLIVpIXif83A6GuHcT4rw3k6p0CGZ212VFNn5Eii0Wbj T52Q== X-Gm-Message-State: AOJu0Yz19tA4FoCGpMTidTEnIy7k7Bzm3zPGkIsRsBH4PskFw2tqHMsn U5bV4se8TKzjxYp+46kiAbr0djc+PzM7unjHHo6c3y5WMY4dW/9TzuGbDR9y X-Gm-Gg: ASbGncsawGnTOOPyaVMVs+VuIRPK/XU6imH7wd+2dQVbyvDnN4X298nTT8QrXt7yWJ6 SCX7Veg6gFnlOBIruLAjzBiRYRllifax3Pfjrwf2teRrqtaYV+6pFbUyWKiNOoX5ZX8m0c/9p/5 usxxtoyFpZoehg0XicJYId05IYUqHIDMbnkeXOenG4R6UHEz80PRdHeF7HrcRw2vh95GM6pXZCg iOVUetGL03FAo76XnyYZQm6Ehh7QtI7UIRiADxU0s8PDKk39S3dK6RFzFAbsbIzJIV/mqH9cGTc dLgPCAJZxd2DU4Iep3G44p5BZ4fb9yVo5qrwBQ== X-Google-Smtp-Source: AGHT+IFNyH2mrVud6EfDqapYhA/0wbOGhaCg5lWXJSbIQwOZvMADNKjWNsOrxYmBxBybvr6PfESCGg== X-Received: by 2002:a05:6a00:4acc:b0:72a:8cc8:34aa with SMTP id d2e1a72fcca58-72fd097948emr19238636b3a.0.1738358379320; Fri, 31 Jan 2025 13:19:39 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72fe64275c4sm3924008b3a.61.2025.01.31.13.19.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 Jan 2025 13:19:39 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1 1/4] Add 'guix fork create'. Date: Sat, 1 Feb 2025 02:48:44 +0530 Message-ID: <2a950d7e5c42768724d1c8fe3bcea3ff54fb81bd.1738357415.git.45mg.writes@gmail.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * guix/scripts/fork.scm, guix/scripts/fork/create.scm: New files. * Makefile.am (MODULES): Add the new files. * guix/build/utils.scm (invoke/stdout): New procedure. * guix/utils.scm (chain-cut): New procedure. * guix/scripts/git/authenticate.scm (commit-short-id): Remove procedure, and use its existing duplicate in guix/channels.scm. (openpgp-fingerprint*, current-branch, show-stats): Move procedures to the files below. * guix/channels.scm (openpgp-fingerprint*): Moved here. * guix/git.scm (repository-current-branch): Moved here and renamed from 'current-branch'. * guix/git-authenticate.scm (show-authentication-stats): Moved here and renamed from 'show-stats'. Change-Id: I45ba37f434e136f6d496c741d9a933280f9ccf88 --- Makefile.am | 2 + guix/build/utils.scm | 20 +++ guix/channels.scm | 13 ++ guix/git-authenticate.scm | 17 ++ guix/git.scm | 10 ++ guix/scripts/fork.scm | 67 ++++++++ guix/scripts/fork/create.scm | 257 ++++++++++++++++++++++++++++++ guix/scripts/git/authenticate.scm | 45 +----- guix/utils.scm | 33 ++++ 9 files changed, 423 insertions(+), 41 deletions(-) create mode 100644 guix/scripts/fork.scm create mode 100644 guix/scripts/fork/create.scm diff --git a/Makefile.am b/Makefile.am index f759803b8b..c628450a5a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -377,6 +377,8 @@ MODULES = \ guix/scripts/size.scm \ guix/scripts/git.scm \ guix/scripts/git/authenticate.scm \ + guix/scripts/fork.scm \ + guix/scripts/fork/create.scm \ guix/scripts/graph.scm \ guix/scripts/weather.scm \ guix/scripts/container.scm \ diff --git a/guix/build/utils.scm b/guix/build/utils.scm index 94714bf397..e8bd39f5de 100644 --- a/guix/build/utils.scm +++ b/guix/build/utils.scm @@ -10,6 +10,8 @@ ;;; Copyright © 2021, 2022 Maxime Devos ;;; Copyright © 2021 Brendan Tildesley ;;; Copyright © 2023 Carlo Zancanaro +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -39,6 +41,7 @@ (define-module (guix build utils) #:use-module (ice-9 rdelim) #:use-module (ice-9 format) #:use-module (ice-9 threads) + #:use-module (ice-9 popen) #:use-module (rnrs bytevectors) #:use-module (rnrs io ports) #:re-export (alist-cons @@ -128,6 +131,7 @@ (define-module (guix build utils) report-invoke-error invoke/quiet + invoke/stdout make-desktop-entry-file @@ -889,6 +893,22 @@ (define (invoke/quiet program . args) (line (loop (cons line lines))))))) +(define (invoke/stdout program . args) + "Invoke PROGRAM with ARGS and capture PROGRAM's standard output. If PROGRAM +succeeds, return its standard output as a string. Otherwise, raise an +'&invoke-error' condition." + (let* ((port (apply open-pipe* OPEN_READ program args)) + (data (get-string-all port)) + (code (close-pipe port))) + (unless (zero? code) + (raise (condition (&invoke-error + (program program) + (arguments args) + (exit-status (status:exit-val code)) + (term-signal (status:term-sig code)) + (stop-signal (status:stop-sig code)))))) + data)) + ;;; ;;; Text substitution (aka. sed). diff --git a/guix/channels.scm b/guix/channels.scm index 4700f7a45d..6ca8e64881 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -47,6 +47,7 @@ (define-module (guix channels) #:use-module (guix packages) #:use-module (guix progress) #:use-module (guix derivations) + #:autoload (rnrs bytevectors) (bytevector-length) #:use-module (guix diagnostics) #:use-module (guix sets) #:use-module (guix store) @@ -81,6 +82,7 @@ (define-module (guix channels) openpgp-fingerprint->bytevector openpgp-fingerprint + openpgp-fingerprint* %default-guix-channel %default-channels @@ -171,6 +173,17 @@ (define-syntax openpgp-fingerprint ((_ str) #'(openpgp-fingerprint->bytevector str))))) +(define (openpgp-fingerprint* str) + "Like openpgp-fingerprint, but with error handling from (guix diagnostics)." + (unless (string-every (char-set-union char-set:hex-digit + char-set:whitespace) + str) + (leave (G_ "~a: invalid OpenPGP fingerprint~%") str)) + (let ((fingerprint (openpgp-fingerprint str))) + (unless (= 20 (bytevector-length fingerprint)) + (leave (G_ "~a: wrong length for OpenPGP fingerprint~%") str)) + fingerprint)) + (define %guix-channel-introduction ;; Introduction of the official 'guix channel. The chosen commit is the ;; first one that introduces '.guix-authorizations' on the 'staging' diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index 37c69d0880..8bc7fb6fb3 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -40,6 +40,7 @@ (define-module (guix git-authenticate) #:use-module (rnrs bytevectors) #:use-module (rnrs io ports) #:use-module (ice-9 match) + #:use-module (ice-9 format) #:autoload (ice-9 pretty-print) (pretty-print) #:export (read-authorizations commit-signing-key @@ -52,6 +53,7 @@ (define-module (guix git-authenticate) repository-cache-key authenticate-repository + show-authentication-stats git-authentication-error? git-authentication-error-commit @@ -449,3 +451,18 @@ (define* (authenticate-repository repository start signer (oid->string (commit-id end-commit))) stats)))) + +(define (show-authentication-stats stats) + "Display STATS, an alist containing commit signing stats as returned by +'authenticate-repository'." + (format #t (G_ "Signing statistics:~%")) + (for-each (match-lambda + ((signer . count) + (format #t " ~a ~10d~%" + (openpgp-format-fingerprint + (openpgp-public-key-fingerprint signer)) + count))) + (sort stats + (match-lambda* + (((_ . count1) (_ . count2)) + (> count1 count2)))))) diff --git a/guix/git.scm b/guix/git.scm index 6ac6e4e3a2..afeacb53aa 100644 --- a/guix/git.scm +++ b/guix/git.scm @@ -59,6 +59,7 @@ (define-module (guix git) with-git-error-handling false-if-git-not-found repository-info + repository-current-branch update-cached-checkout url+commit->name latest-repository-commit @@ -401,6 +402,15 @@ (define (repository-info directory) (lambda _ (values #f #f #f)))) +(define (repository-current-branch repository) + "Return the name of the checked out branch of REPOSITORY or #f if it could +not be determined." + (and (not (repository-head-detached? repository)) + (let* ((head (repository-head repository)) + (name (reference-name head))) + (and (string-prefix? "refs/heads/" name) + (string-drop name (string-length "refs/heads/")))))) + (define* (update-submodules repository #:key (log-port (current-error-port)) (fetch-options #f)) diff --git a/guix/scripts/fork.scm b/guix/scripts/fork.scm new file mode 100644 index 0000000000..2d97bcb93f --- /dev/null +++ b/guix/scripts/fork.scm @@ -0,0 +1,67 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork) + #:use-module (ice-9 match) + #:use-module (guix ui) + #:use-module (guix scripts) + #:export (guix-fork)) + +(define (show-help) + (display (G_ "Usage: guix fork ACTION ARGS... +Create and manage authenticated forks of Guix.\n")) + (newline) + (display (G_ "The valid values for ACTION are:\n")) + (newline) + (display (G_ "\ + create set up a fork of Guix\n")) + (newline) + (display (G_ " + -h, --help display this help and exit")) + (display (G_ " + -V, --version display version information and exit")) + (newline) + (show-bug-report-information)) + +(define %sub-commands '("create")) + +(define (resolve-sub-command name) + (let ((module (resolve-interface + `(guix scripts fork ,(string->symbol name)))) + (proc (string->symbol (string-append "guix-fork-" name)))) + (module-ref module proc))) + +(define-command (guix-fork . args) + (category plumbing) + (synopsis "operate on Guix forks") + + (with-error-handling + (match args + (() + (format (current-error-port) + (G_ "guix fork: missing sub-command~%"))) + ((or ("-h") ("--help")) + (leave-on-EPIPE (show-help)) + (exit 0)) + ((or ("-V") ("--version")) + (show-version-and-exit "guix fork")) + ((sub-command args ...) + (if (member sub-command %sub-commands) + (apply (resolve-sub-command sub-command) args) + (format (current-error-port) + (G_ "guix fork: invalid sub-command~%"))))))) diff --git a/guix/scripts/fork/create.scm b/guix/scripts/fork/create.scm new file mode 100644 index 0000000000..8b5555947b --- /dev/null +++ b/guix/scripts/fork/create.scm @@ -0,0 +1,257 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork create) + #:use-module (guix ui) + #:use-module (guix scripts) + #:use-module ((guix utils) #:select (chain-cut)) + #:use-module (guix build utils) + #:use-module (guix channels) + #:use-module (ice-9 exceptions) + #:use-module (ice-9 match) + #:use-module (ice-9 popen) + #:use-module (ice-9 pretty-print) + #:use-module (ice-9 string-fun) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-13) + #:use-module (srfi srfi-26) + #:use-module (srfi srfi-37) + #:use-module (srfi srfi-71) + #:export (guix-fork-create)) + +;;; Commentary: +;;; +;;; Create a fork of Guix, by running a series of git commands. +;;; +;;; Code: + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix fork create"))) + (option '("upstream") #t #f + (lambda (opt name arg result) + (alist-cons 'upstream arg result))) + (option '("channel-url") #t #f + (lambda (opt name arg result) + (alist-cons 'channel-url arg result))) + (option '("use-existing") #f #f + (lambda (opt name arg result) + (alist-cons 'use-existing? #t result))) + (option '("git-parameter") #t #f + (lambda (opt name arg result) + (let ((git-parameters (assoc-ref result 'git-parameters))) + (if git-parameters + (alist-cons 'git-parameters (cons arg git-parameters) result) + (alist-cons 'git-parameters (list arg) result))))))) + +(define %default-options + `((upstream . ,(channel-url %default-guix-channel)))) + +(define %usage + (format #f (G_ "Usage: guix fork create SIGNING_KEY [DIRECTORY OPTIONS...] +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the introductory +commit. +DIRECTORY defaults to ./guix. + + --upstream=URI the repository to clone from + (defaults to ~a) + --channel-url=URI optional URI, used to replace the channel URL + and the existing 'origin' remote (which is + renamed to 'upstream') + --use-existing Use existing clone of Guix in DIRECTORY + --git-parameter PARAMETER + Specify configuration PARAMETER for git, via + '-c' option (can pass multiple times) + + -h, --help display this help and exit + -V, --version display version information and exit +") + (channel-url %default-guix-channel))) + +(define (show-help) + (display %usage) + (newline) + (show-bug-report-information)) + +(define (missing-arguments) + (leave (G_ "wrong number of arguments; \ +required SIGNING_KEY~%"))) + + +;;; +;;; Helper prodecures. +;;; + +(define (fingerprint->key-file-name fingerprint) + (let* ((listing (invoke/stdout "gpg" "--list-key" "--with-colons" fingerprint)) + (uid (chain-cut listing + (string-split <> #\newline) + (filter (cut string-prefix? "uid:" <>) <>) + first + (string-split <> #\:) + tenth)) + (email-name (string-delete + (cut eq? <> #\.) + (substring uid + (1+ (or (string-index-right uid #\<) + -1)) ;no name in uid + (string-index uid #\@)))) + (key-id (chain-cut listing + (string-split <> #\newline) + (filter (cut string-prefix? "pub:" <>) <>) + car + (string-split <> #\:) + fifth + (string-take-right <> 8)))) + (string-append email-name "-" key-id ".key"))) + +(define (update-channel-url file channel-url) + "Modify .guix_channel FILE. +Change the channel url to CHANNEL-URL." + (let ((channel-data (call-with-input-file file read))) + (assq-set! (cdr channel-data) 'url (list channel-url)) + (call-with-output-file file + (lambda (file) + (display ";; This is a Guix channel.\n\n" file) + (pretty-print channel-data file))))) + +(define (rewrite-authorizations file name fingerprint) + "Rewrite .guix-authorizations FILE to contain a single authorization +consisting of NAME and FINGERPRINT." + (let ((auth-data (call-with-input-file file read))) + (list-set! auth-data (1- (length auth-data)) + `((,fingerprint (name ,name)))) + (call-with-output-file file + (lambda (file) + (display ";; This file, which is best viewed as -*- Scheme -*-, lists the OpenPGP keys +;; currently authorized to sign commits in this fork branch. + +" file) + (pretty-print auth-data file))))) + + +;;; +;;; Entry point. +;;; + +(define (guix-fork-create . args) + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (with-error-handling + (let* ((signing-key directory (match (command-line-arguments options) + ((signing-key directory) + (values signing-key directory)) + ((signing-key) + (values signing-key "guix")) + (_ (missing-arguments)))) + (upstream (assoc-ref options 'upstream)) + (channel-url (assoc-ref options 'channel-url)) + (use-existing? (assoc-ref options 'use-existing?)) + (git-parameters (assoc-ref options 'git-parameters)) + (git-c-options ;'("-c" "param1" "-c" "param2" ...) + (let loop ((opts '()) (params git-parameters)) + (if (or (not params) (null-list? params)) + opts + (loop (append + opts (list "-c" (first params))) + (drop params 1))))) + + (key-file-name (fingerprint->key-file-name signing-key)) + (introduction-name (car (string-split key-file-name #\-))) + + (upstream-branch-name "master")) + + (define (invoke-git . args) + (apply invoke `("git" ,@git-c-options "-C" ,directory ,@args))) + + (unless use-existing? + (info (G_ "Cloning from upstream ~a...~%") upstream) + (invoke "git" "clone" upstream directory)) + + (info (G_ "Authenticating upstream commits...~%")) + + (when channel-url + (info (G_ "Renaming existing 'origin' remote to 'upstream'...~%")) + (invoke-git "remote" "rename" "origin" "upstream") + (info (G_ "Using provided channel URL for new 'origin' remote...~%")) + (invoke-git "remote" "add" "origin" channel-url)) + + (set! upstream-branch-name + (chain-cut + (invoke/stdout "git" + "-C" directory + "symbolic-ref" + (string-append "refs/remotes/" + (if channel-url "upstream" "origin") + "/HEAD")) + string-trim-right + (string-split <> #\/) + last)) + + (info (G_ "Adding key to keyring branch...~%")) + (invoke-git "switch" "keyring") + (invoke "gpg" + "--armor" "--export" + "-o" (string-append directory "/" key-file-name) + signing-key) + (invoke-git "add" "--" key-file-name) + (invoke-git "commit" "-m" "Add key for fork introduction.") + + (info (G_ "Setting up fork branch...~%")) + (invoke-git "switch" "--create" "fork" "master") + (when channel-url + (update-channel-url (string-append directory "/.guix-channel") + channel-url)) + (rewrite-authorizations (string-append directory "/.guix-authorizations") + introduction-name signing-key) + (invoke-git "add" "--" + (string-append directory "/.guix-authorizations") + (string-append directory "/.guix-channel")) + (invoke-git "commit" + (string-append "--gpg-sign=" signing-key) + "-m" + (string-append + "Initial fork commit.\n\n" + ".guix-authorizations: Allow only " introduction-name "'s key." + (if channel-url + "\n.guix-channels: Update channel URL." + ""))) + + (info (G_ "Successfully created Guix fork in ~a. +You should run the following command next: +guix fork authenticate ~a ~a ~a~%") + directory + upstream-branch-name + (string-trim-right (invoke/stdout "git" "-C" directory "rev-parse" "HEAD")) + signing-key)))) diff --git a/guix/scripts/git/authenticate.scm b/guix/scripts/git/authenticate.scm index e3ecb67c89..154aae9b14 100644 --- a/guix/scripts/git/authenticate.scm +++ b/guix/scripts/git/authenticate.scm @@ -23,8 +23,8 @@ (define-module (guix scripts git authenticate) #:use-module (guix git-authenticate) #:autoload (guix openpgp) (openpgp-format-fingerprint openpgp-public-key-fingerprint) - #:use-module ((guix channels) #:select (openpgp-fingerprint)) - #:use-module ((guix git) #:select (with-git-error-handling)) + #:use-module ((guix channels) #:select (openpgp-fingerprint*)) + #:use-module ((guix git) #:select (with-git-error-handling commit-short-id repository-current-branch)) #:use-module (guix progress) #:use-module (guix base64) #:autoload (rnrs bytevectors) (bytevector-length) @@ -76,15 +76,6 @@ (define %options (define %default-options '()) -(define (current-branch repository) - "Return the name of the checked out branch of REPOSITORY or #f if it could -not be determined." - (and (not (repository-head-detached? repository)) - (let* ((head (repository-head repository)) - (name (reference-name head))) - (and (string-prefix? "refs/heads/" name) - (string-drop name (string-length "refs/heads/")))))) - (define (config-value repository key) "Return the config value associated with KEY in the 'guix.authentication' or 'guix.authentication-BRANCH' name space in REPOSITORY, or #f if no such config @@ -94,7 +85,7 @@ (define (config-value repository key) ((_ exp) (catch 'git-error (lambda () exp) (const #f)))))) (let* ((config (repository-config repository)) - (branch (current-branch repository))) + (branch (repository-current-branch repository))) ;; First try the BRANCH-specific value, then the generic one.` (or (and branch (false-if-git-error @@ -194,21 +185,6 @@ (define (install-hooks repository) (warning (G_ "cannot determine where to install hooks\ (Guile-Git too old?)~%")))) -(define (show-stats stats) - "Display STATS, an alist containing commit signing stats as returned by -'authenticate-repository'." - (format #t (G_ "Signing statistics:~%")) - (for-each (match-lambda - ((signer . count) - (format #t " ~a ~10d~%" - (openpgp-format-fingerprint - (openpgp-public-key-fingerprint signer)) - count))) - (sort stats - (match-lambda* - (((_ . count1) (_ . count2)) - (> count1 count2)))))) - (define (show-help) (display (G_ "Usage: guix git authenticate COMMIT SIGNER [OPTIONS...] Authenticate the given Git checkout using COMMIT/SIGNER as its introduction.\n")) @@ -251,19 +227,6 @@ (define (guix-git-authenticate . args) (_ #f)) lst))) - (define commit-short-id - (compose (cut string-take <> 7) oid->string commit-id)) - - (define (openpgp-fingerprint* str) - (unless (string-every (char-set-union char-set:hex-digit - char-set:whitespace) - str) - (leave (G_ "~a: invalid OpenPGP fingerprint~%") str)) - (let ((fingerprint (openpgp-fingerprint str))) - (unless (= 20 (bytevector-length fingerprint)) - (leave (G_ "~a: wrong length for OpenPGP fingerprint~%") str)) - fingerprint)) - (define (make-reporter start-commit end-commit commits) (format (current-error-port) (G_ "Authenticating commits ~a to ~a (~h new \ @@ -321,7 +284,7 @@ (define (guix-git-authenticate . args) (install-hooks repository)) (when (and show-stats? (not (null? stats))) - (show-stats stats)) + (show-authentication-stats stats)) (info (G_ "successfully authenticated commit ~a~%") (oid->string end)))))) diff --git a/guix/utils.scm b/guix/utils.scm index b6cf5aea4f..e07e89c321 100644 --- a/guix/utils.scm +++ b/guix/utils.scm @@ -21,6 +21,8 @@ ;;; Copyright © 2023 Zheng Junjie <873216071@qq.com> ;;; Copyright © 2023 Foundation Devices, Inc. ;;; Copyright © 2024 Herman Rimm +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -163,6 +165,8 @@ (define-module (guix utils) call-with-compressed-output-port canonical-newline-port + chain-cut + string-distance string-closest @@ -1193,6 +1197,35 @@ (define-syntax current-source-directory ;; raising an error would upset Geiser users #f)))))) + +;;; +;;; Higher-order functions. +;;; + +(define-syntax chain-cut + (lambda (x) + "Apply each successive form to the result of evaluating the previous one. +Before applying, expand each form (op ...) to (cut op ...). + +Examples: + + (chain-cut '(1 2 3) cdr car) + => (car (cdr '(1 2 3))) + + (chain-cut 2 (- 3 <>) 1+) + => (1+ ((cut - 3 <>) 2)) + => (1+ (- 3 2)) +" + (syntax-case x () + ((chain-cut init op) (identifier? #'op) + #'(op init)) + ((chain-cut init (op ...)) + #'((cut op ...) init)) + ((chain-cut init op op* ...) (identifier? #'op) + #'(chain-cut (op init) op* ...)) + ((chain-cut init (op ...) op* ...) + #'(chain-cut ((cut op ...) init) op* ...))))) + ;;; ;;; String comparison. -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 31 16:20:04 2025 Received: (at 75981) by debbugs.gnu.org; 31 Jan 2025 21:20:05 +0000 Received: from localhost ([127.0.0.1]:54950 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tdyQl-0005kN-2O for submit@debbugs.gnu.org; Fri, 31 Jan 2025 16:20:04 -0500 Received: from mail-pl1-x641.google.com ([2607:f8b0:4864:20::641]:53379) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tdyQg-0005jQ-Ps for 75981@debbugs.gnu.org; Fri, 31 Jan 2025 16:19:59 -0500 Received: by mail-pl1-x641.google.com with SMTP id d9443c01a7336-215770613dbso33992515ad.2 for <75981@debbugs.gnu.org>; Fri, 31 Jan 2025 13:19:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738358393; x=1738963193; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rASlCkCXzp5SO8O1bmNfoaP77uE1mhNlivO/wDiYLuQ=; b=Keu6EuwxRT+Jp4AgnRa1s+u9ZhYR+Z7ZPUedSwUwNBagL3IB0zRYJK5uRNmVh6paSi RDTkHLSZn9fbh9Gu6bSTUu3WCb70pD7F+mfEgnS2b7JlP4j8Q+ld6XtwnI0nY12CbP6M Ttl/zq0uTUWRy+KqYn+w613XuofUR24kOUBt1kikVMQ+iDMcOXGplGUfT3emswlun+5Y 8aCKWxcarqR4GgXQDW6Z+pAAtQi/Mqlp4y++hx37H4ccQ1OjgFcAuafWtJItFdKg9QcS PojI99YLYeF2Xt2VUkHKsHFgl5nNGYI0yXT7pF7Zd4HLlr7q5gUGkHTFeJF6Y01+p+UV /fLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738358393; x=1738963193; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rASlCkCXzp5SO8O1bmNfoaP77uE1mhNlivO/wDiYLuQ=; b=R3h6UmIZz2N25ONDeLJG6jv5oMI9Ujsfz07/Vok4hZMjpPZ3ByYsEEJdBKnODo1wc6 d7ADm9R/3QFtA9Gli9iOQtUC1TxHGt4DRYjdrcLgjrwmZ74WlMU11hl+iZOv993qmz8z KIPJAYDtVNH0nOhhup/YQwhdFDlVg8C0Oad7/ZWKK4tA0N7utbiP8jSWR0/GUsNWa98t cKvi2SR9TpIedSf+ImJ6JrHEoe6dHmnGS/JjOzrm0w7aIwmIpMd9J+EG51ItyztYNK6D zpjpwiTxr9fVKgFXVQt9ygh5GFpRqyYV35neDD9p1z/JHqLnDGs/Ba8t1rrO9CDdFqAl G5qg== X-Gm-Message-State: AOJu0YwoGzD33satlCXOJLrqikoWTQJUgdz2TXYeZLnc7qjDyGD66D6k of92xJmFlRzHz/GMXMHOTJX5gaqaek/sMNcYeSwGd3P4OeRZsep3Ajk4lvky X-Gm-Gg: ASbGncvFErIRLjtUGCKq/dSuJV3D7pRBceNzA1egYQk+d6rhPc7QFSGi+K7q3eac2sE qK9qtj/XcgfQLdGBT/icryGKjHv/55fG8owrX75rDJ/Xx5onoaEY4cu/z2Rp5ubkijnDmYwgpr2 xji1TL6xBsGw1xo/Kzj9JcymNJZCw0avkNG305WWWYGq+Ib0DxRDsjSdaZv02t7199G8+24EdoH 5fwg/ByRq3fInlsed15Z9xEEz7rHf9H+/rTFDGfrsaykRWinY4sel2Lsg7BDz1Tc3hCoBrgz+bM Hrl3ulmnZvCL1J+UzKkAsRDH5dAMWo4P55edqQ== X-Google-Smtp-Source: AGHT+IH2uHf5PjJFoodSfpVpfcV31ObJTIt+Il8PgTG7RPv8wWTxg8niRKDkXoaeFG4dRMEG154EPQ== X-Received: by 2002:a05:6a21:670b:b0:1e1:dbfd:582b with SMTP id adf61e73a8af0-1ed7a4dafd0mr20406091637.15.1738358392489; Fri, 31 Jan 2025 13:19:52 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72fe64275c4sm3924008b3a.61.2025.01.31.13.19.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 Jan 2025 13:19:52 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1 2/4] Add 'guix fork authenticate'. Date: Sat, 1 Feb 2025 02:48:45 +0530 Message-ID: <97662f19dd262168c9d8c5d76bc4bfee20d9695a.1738357415.git.45mg.writes@gmail.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * guix/scripts/fork/authenticate.scm: New file. * Makefile.am (MODULES): Add the new file. * guix/scripts/fork.scm (show-help): Mention new command. (%sub-commands): Add new command. Change-Id: Ic34a1b3d1642cedce8d1ff5bae825df30e47755c --- Makefile.am | 1 + guix/scripts/fork.scm | 6 +- guix/scripts/fork/authenticate.scm | 331 +++++++++++++++++++++++++++++ 3 files changed, 336 insertions(+), 2 deletions(-) create mode 100644 guix/scripts/fork/authenticate.scm diff --git a/Makefile.am b/Makefile.am index c628450a5a..1c1f5d84fd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -379,6 +379,7 @@ MODULES = \ guix/scripts/git/authenticate.scm \ guix/scripts/fork.scm \ guix/scripts/fork/create.scm \ + guix/scripts/fork/authenticate.scm \ guix/scripts/graph.scm \ guix/scripts/weather.scm \ guix/scripts/container.scm \ diff --git a/guix/scripts/fork.scm b/guix/scripts/fork.scm index 2d97bcb93f..c5c7a59ba7 100644 --- a/guix/scripts/fork.scm +++ b/guix/scripts/fork.scm @@ -29,7 +29,9 @@ (define (show-help) (display (G_ "The valid values for ACTION are:\n")) (newline) (display (G_ "\ - create set up a fork of Guix\n")) + create set up a fork of Guix\n")) + (display (G_ "\ + authenticate authenticate a fork of Guix\n")) (newline) (display (G_ " -h, --help display this help and exit")) @@ -38,7 +40,7 @@ (define (show-help) (newline) (show-bug-report-information)) -(define %sub-commands '("create")) +(define %sub-commands '("create" "authenticate")) (define (resolve-sub-command name) (let ((module (resolve-interface diff --git a/guix/scripts/fork/authenticate.scm b/guix/scripts/fork/authenticate.scm new file mode 100644 index 0000000000..83d9d87d44 --- /dev/null +++ b/guix/scripts/fork/authenticate.scm @@ -0,0 +1,331 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork authenticate) + #:use-module (git) + #:use-module (guix git) + #:use-module (guix git-authenticate) + #:use-module (guix base16) + #:use-module (guix ui) + #:use-module (guix progress) + #:use-module (guix scripts) + #:use-module (guix build utils) + #:use-module (guix channels) + #:use-module (ice-9 exceptions) + #:use-module (ice-9 match) + #:use-module (ice-9 receive) + #:use-module (ice-9 popen) + #:use-module (ice-9 format) + #:use-module (ice-9 pretty-print) + #:use-module (ice-9 string-fun) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-13) + #:use-module (srfi srfi-26) + #:use-module (srfi srfi-37) + #:use-module (srfi srfi-71) + #:export (guix-fork-authenticate + + fork-config-value + fork-configured? + fork-configured-keyring-reference + fork-configured-introduction)) + +;;; Commentary: +;;; +;;; Authenticate a fork of Guix, in the same manner as `guix git +;;; authenticate`. +;;; +;;; Code: + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix fork authenticate"))) + + (option '(#\r "repository") #t #f + (lambda (opt name arg result) + (alist-cons 'directory arg result))) + (option '("upstream-commit") #f #f + (lambda (opt name arg result) + (alist-cons 'upstream-commit (string->oid arg) result))) + (option '("upstream-signer") #f #f + (lambda (opt name arg result) + (alist-cons 'upstream-signer (openpgp-fingerprint* arg) result))) + + (option '(#\e "end") #t #f + (lambda (opt name arg result) + (alist-cons 'end-commit (string->oid arg) result))) + (option '("upstream-end") #t #f + (lambda (opt name arg result) + (alist-cons 'upstream-end-commit (string->oid arg) result))) + (option '(#\k "keyring") #t #f + (lambda (opt name arg result) + (alist-cons 'keyring-reference arg result))) + (option '("upstream-keyring") #t #f + (lambda (opt name arg result) + (alist-cons 'upstream-keyring arg result))) + (option '("cache-key") #t #f + (lambda (opt name arg result) + (alist-cons 'cache-key arg result))) + (option '("historical-authorizations") #t #f + (lambda (opt name arg result) + (alist-cons 'historical-authorizations arg + result))) + (option '("stats") #f #f + (lambda (opt name arg result) + (alist-cons 'show-stats? #t result))))) + +(define %default-options + (let ((introduction (channel-introduction %default-guix-channel))) + `((upstream-commit + . ,(string->oid (channel-introduction-first-signed-commit introduction))) + (upstream-signer + . ,(openpgp-fingerprint + (string-upcase + (bytevector->base16-string + (channel-introduction-first-commit-signer introduction))))) + (upstream-keyring + . "keyring")))) + +(define %usage + (format #f (G_ "Usage: guix fork authenticate UPSTREAM COMMIT SIGNER [OPTIONS...] +Authenticate a fork of Guix, using COMMIT/SIGNER as the fork introduction. + +First, authenticate new commits from UPSTREAM, using Guix's default +introduction. Then authenticate the remaining commits using the fork +introduction. + + -r, --repository=DIRECTORY + Authenticate the Git repository in DIRECTORY + + --upstream-commit=COMMIT + --upstream-signer=SIGNER + Use COMMIT/SIGNER as the introduction for upstream + Guix, overriding the default values + ~a + /~a + (Guix's default introduction). + + -k, --keyring=REFERENCE + load keyring for fork commits from REFERENCE, a Git + branch (default \"keyring\") + --upstream-keyring=REFERENCE + load keyring for upstream commits from REFERENCE, a + Git branch (default \"keyring\") + --end=COMMIT authenticate fork commits up to COMMIT + --cache-key=KEY cache authenticated commits under KEY + --historical-authorizations=FILE + read historical authorizations from FILE + --stats Display commit signing statistics upon completion + + -h, --help display this help and exit + -V, --version display version information and exit +") + (assoc-ref %default-options 'upstream-commit) + (assoc-ref %default-options 'upstream-signer))) + +(define (show-help) + (display %usage) + (newline) + (show-bug-report-information)) + +(define (missing-arguments) + (leave (G_ "wrong number of arguments; \ +required UPSTREAM, COMMIT and SIGNER~%"))) + + +;;; +;;; Helper prodecures. +;;; + +(define (fork-config-value repository key) + "Return the config value associated with KEY in the +'guix.fork-authentication' namespace in REPOSITORY, or #f if no such config +was found." + (let* ((config (repository-config repository)) + (branch (repository-current-branch repository))) + (catch 'git-error + (lambda () + (config-entry-value + (config-get-entry config + (string-append "guix.fork-authentication." + key)))) + (const #f)))) + +(define (fork-configured-introduction repository) + "Return three values: the upstream branch name, introductory commit, and +signer fingerprint (strings) for this fork, as configured in REPOSITORY. +Error out if any were missing." + (let* ((upstream-branch (fork-config-value repository "upstream-branch")) + (commit (fork-config-value repository "introduction-commit")) + (signer (fork-config-value repository "introduction-signer"))) + (unless (and upstream-branch commit signer) + (leave (G_ "fork information in .git/config is incomplete; +missing at least one of +introduction-commit, introduction-signer, upstream-branch +under [guix \"fork-authentication\"]"))) + (values upstream-branch commit signer))) + +(define (fork-configured-keyring-reference repository) + "Return the keyring reference configured in REPOSITORY or #f if missing." + (fork-config-value repository "keyring")) + +(define (fork-configured? repository) + "Return true if REPOSITORY already contains fork introduction info in its +'config' file." + (and (fork-config-value repository "upstream-branch") + (fork-config-value repository "introduction-commit") + (fork-config-value repository "introduction-signer"))) + +(define* (record-fork-configuration + repository + #:key commit signer upstream-branch keyring-reference) + "Record COMMIT, SIGNER, UPSTREAM-BRANCH and KEYRING-REFERENCE in the +'config' file of REPOSITORY." + (define config + (repository-config repository)) + + ;; Guile-Git < 0.7.0 lacks 'set-config-string'. + (if (module-defined? (resolve-interface '(git)) 'set-config-string) + (begin + (set-config-string config "guix.fork-authentication.introduction-commit" + commit) + (set-config-string config "guix.fork-authentication.introduction-signer" + signer) + (set-config-string config "guix.fork-authentication.upstream-branch" + upstream-branch) + (set-config-string config "guix.fork-authentication.keyring" + keyring-reference) + (info (G_ "introduction, upstream branch and keyring recorded \ +in repository configuration file~%"))) + (warning (G_ "could not record introduction and keyring configuration\ + (Guile-Git too old?)~%")))) + + +(define (guix-fork-authenticate . args) + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (define (make-reporter start-commit end-commit commits) + (format (current-error-port) + (G_ "Authenticating commits ~a to ~a (~h new \ +commits)...~%") + (commit-short-id start-commit) + (commit-short-id end-commit) + (length commits)) + (if (isatty? (current-error-port)) + (progress-reporter/bar (length commits)) + progress-reporter/silent)) + + (with-error-handling + (with-git-error-handling + ;; TODO: BUG: it doesn't recognize '~' in paths + ;; How to do 'realpath' in Guile? + (let* ((repository (repository-open (or (assoc-ref options 'directory) + (repository-discover ".")))) + (upstream commit signer (match (command-line-arguments options) + ((upstream commit signer) + (values + (branch-lookup repository upstream) + (string->oid commit) + (openpgp-fingerprint* signer))) + (() + (receive (upstream commit signer) + (fork-configured-introduction repository) + (values + (branch-lookup repository upstream) + (string->oid commit) + (openpgp-fingerprint* signer)))) + (_ + (missing-arguments)))) + (upstream-commit (assoc-ref options 'upstream-commit)) + (upstream-signer (assoc-ref options 'upstream-signer)) + (history (match (assoc-ref options 'historical-authorizations) + (#f '()) + (file (call-with-input-file file + read-authorizations)))) + (keyring (or (assoc-ref options 'keyring-reference) + (fork-configured-keyring-reference repository) + "keyring")) + (upstream-keyring (assoc-ref options 'upstream-keyring)) + (end (match (assoc-ref options 'end-commit) + (#f (reference-target + (repository-head repository))) + (oid oid))) + (upstream-end (match (assoc-ref options 'upstream-end-commit) + (#f + (reference-target upstream)) + (oid oid))) + (cache-key (or (assoc-ref options 'cache-key) + (repository-cache-key repository))) + (show-stats? (assoc-ref options 'show-stats?))) + + (define upstream-authentication-args + (filter identity + (list + (oid->string upstream-commit) + (bytevector->base16-string upstream-signer) + (string-append "--repository=" + (repository-directory repository)) + (string-append "--end=" + (oid->string upstream-end)) + (and upstream-keyring + (string-append "--keyring=" + upstream-keyring)) + (and show-stats? "--stats")))) + + (info (G_ "calling `guix git authenticate` for branch ~a...~%") + (branch-name upstream)) + + (apply run-guix-command 'git "authenticate" + upstream-authentication-args) + + (define fork-stats + (authenticate-repository + repository commit signer + #:end end + #:keyring-reference keyring + #:historical-authorizations history + #:cache-key cache-key + #:make-reporter make-reporter)) + + (unless (fork-configured? repository) + (record-fork-configuration repository + #:commit (oid->string commit) + #:signer (bytevector->base16-string signer) + #:upstream-branch (branch-name upstream) + #:keyring-reference keyring)) + + (when (and show-stats? (not (null? fork-stats))) + (show-authentication-stats fork-stats)) + + (info (G_ "successfully authenticated commit ~a~%") + (oid->string end)))))) -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 31 16:20:12 2025 Received: (at 75981) by debbugs.gnu.org; 31 Jan 2025 21:20:12 +0000 Received: from localhost ([127.0.0.1]:54953 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tdyQt-0005l7-UL for submit@debbugs.gnu.org; Fri, 31 Jan 2025 16:20:12 -0500 Received: from mail-pl1-x642.google.com ([2607:f8b0:4864:20::642]:61737) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tdyQr-0005kQ-Cl for 75981@debbugs.gnu.org; Fri, 31 Jan 2025 16:20:10 -0500 Received: by mail-pl1-x642.google.com with SMTP id d9443c01a7336-21669fd5c7cso43783225ad.3 for <75981@debbugs.gnu.org>; Fri, 31 Jan 2025 13:20:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738358403; x=1738963203; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+XspKeyjomk44e0/WIApWppbYgKqZm7vtWqBqkgLKjs=; b=WN3ZvX4BM5x32buT4f9WgMP/X3Fw/FSvcXdxBbTtnQUvZjQwI0+4+bWHfrs2IQplCU 0PhSC4oVpuHZ4/IVeeUnun/oBgjiKR9IdToUNxESlM4bLCiB5sBa1K7avMoNNIc+Jj4s dloy/HY0wYg2R8neZ9pyk7XRa59R4LdpAx1PILmNp1bAXtx36C4po+EYTV0/A+H+vkXk ipOj4BLyCQDQvbITMF7vmDcBH/9CtI1ILVN8YbTX0/avYy59DRM5CdswyhMkWgW4MGG4 P9snyronE3oScSefiIKsTEPEZReDE3nwyFc05jMGZNg/vPGvzYZGbzODBpkChwp6YhjR CCsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738358403; x=1738963203; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+XspKeyjomk44e0/WIApWppbYgKqZm7vtWqBqkgLKjs=; b=QhPVs2VxnUEmOnJgI7TVA7vjmugWl8gje5yPc3qqa5iqSIhhQDg2Bm1YPaGi3CpYu8 4/uXlWuL4AsOPEtQIHvjubRepVqWeNFwOHwtsYlOMerjE4TVLm//nmwqwzdxoolzK4WN 7+JHB6EAQ+tk0FUNXJoojPXbwnNa72vY5GWWSls4rsmG5QL6K7/z78lunbiZjArj3HUP h59LqoXZP9hXpkHp1KZX6JkOskjOsLrU4ScU1CHn1yVOPmP/6dhjw19jmGb/rGH95htv Fn8raIIp+Wg2vOuIXhzSpjg4xaXTqC1x+Mv2nICC+CiWJp88XyqFfYUI0OWcRtoY94U4 MNBw== X-Gm-Message-State: AOJu0Ywr7MHG6v4C4hvvBWRvz+4Zvldva/3jfQ1V4v+NE7jR7wgun5xY NcMajEWAATau6zM3lZ27g0RoEEcp1n+KcP43g1/6i7qejAid1PyqPDJmm+4l X-Gm-Gg: ASbGncv7cBd7Q5JtUT9+3kbhF4L7NiuzdkON2+zTo8aR2TCEgwIbeJathPP8XNdZio0 +o/imU+BllZxpR6cXDRkVVyRoFtp7H9a2JpoARgStu1A0ZTWMuJQRgkxcX045qxZ1y5DlM00JWk rWJuGtTeHT6xU2M3FywJ8drbiIPKulJejYgSUnJSXKXWFasMEAgDTRW+N7h6+TI3G91Pis5XzgX Qj9vDO9YxG0TgFSHdlumLBpbt3PHb4zGE1feomADVL2HsUMWVrV8TrOhVfJzWAo+QUozZf6v9FH gE9TMzPGPwV5MN/S0wdevHvxENxOAgIlb1IxOg== X-Google-Smtp-Source: AGHT+IFuPwf+hRwCp1jyv0amn0b8uDVXPs1L12kBLRKlcDR+W4P1f35RRYEbXR5K2ea+nOOHqSxyxQ== X-Received: by 2002:a05:6a00:e8a:b0:72a:bc6a:3a87 with SMTP id d2e1a72fcca58-72fd096a0a5mr18685827b3a.0.1738358403090; Fri, 31 Jan 2025 13:20:03 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72fe64275c4sm3924008b3a.61.2025.01.31.13.20.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 Jan 2025 13:20:02 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1 3/4] Add 'guix fork update'. Date: Sat, 1 Feb 2025 02:48:46 +0530 Message-ID: X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * guix/scripts/fork/update.scm: New file. * Makefile.am (MODULES): Add the new file. * guix/scripts/fork.scm (show-help): Mention new command. (%sub-commands): Add new command. Change-Id: I2017eb9a9286c02ca8bdf962bcbfe89d7607c413 --- Makefile.am | 1 + guix/scripts/fork.scm | 4 +- guix/scripts/fork/update.scm | 181 +++++++++++++++++++++++++++++++++++ 3 files changed, 185 insertions(+), 1 deletion(-) create mode 100644 guix/scripts/fork/update.scm diff --git a/Makefile.am b/Makefile.am index 1c1f5d84fd..8edd371ccd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -380,6 +380,7 @@ MODULES = \ guix/scripts/fork.scm \ guix/scripts/fork/create.scm \ guix/scripts/fork/authenticate.scm \ + guix/scripts/fork/update.scm \ guix/scripts/graph.scm \ guix/scripts/weather.scm \ guix/scripts/container.scm \ diff --git a/guix/scripts/fork.scm b/guix/scripts/fork.scm index c5c7a59ba7..bf9c86e0aa 100644 --- a/guix/scripts/fork.scm +++ b/guix/scripts/fork.scm @@ -32,6 +32,8 @@ (define (show-help) create set up a fork of Guix\n")) (display (G_ "\ authenticate authenticate a fork of Guix\n")) + (display (G_ "\ + update update a fork of Guix\n")) (newline) (display (G_ " -h, --help display this help and exit")) @@ -40,7 +42,7 @@ (define (show-help) (newline) (show-bug-report-information)) -(define %sub-commands '("create" "authenticate")) +(define %sub-commands '("create" "authenticate" "update")) (define (resolve-sub-command name) (let ((module (resolve-interface diff --git a/guix/scripts/fork/update.scm b/guix/scripts/fork/update.scm new file mode 100644 index 0000000000..5aed337b85 --- /dev/null +++ b/guix/scripts/fork/update.scm @@ -0,0 +1,181 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork update) + #:use-module (guix scripts fork authenticate) + #:use-module (git repository) + #:use-module (git structs) + #:use-module (git config) + #:use-module (guix ui) + #:use-module (guix scripts) + #:use-module (guix build utils) + #:use-module (guix channels) + #:use-module (ice-9 exceptions) + #:use-module (ice-9 match) + #:use-module (ice-9 popen) + #:use-module (ice-9 pretty-print) + #:use-module (ice-9 string-fun) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-13) + #:use-module (srfi srfi-26) + #:use-module (srfi srfi-37) + #:use-module (srfi srfi-71) + #:export (guix-fork-update)) + +;;; Commentary: +;;; +;;; Update a fork of Guix created via `guix fork create` and authenticated via +;;; `guix fork authenticate`, by applying new commits from the upstream branch +;;; onto it. +;;; +;;; Code: + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix fork create"))) + + (option '( "fork-branch") #t #f + (lambda (opt name arg result) + (alist-cons 'fork-branch-name arg result))) + (option '(#\r "repository") #t #f + (lambda (opt name arg result) + (alist-cons 'directory arg result))))) + +(define %default-options + '()) + +(define %usage + (G_ "Usage: guix fork update [OPTIONS...] +Pull into this Guix fork's configured upstream branch, then apply new commits +onto the current branch. + + -r, --repository=DIRECTORY + Act in the Git repository in DIRECTORY + --fork-branch=BRANCH + Apply new commits onto BRANCH instead of the current + branch + + -h, --help display this help and exit + -V, --version display version information and exit +")) + +(define (show-help) + (display %usage) + (newline) + (show-bug-report-information)) + +(define (missing-arguments) + (leave (G_ "wrong number of arguments; \ +required ~%"))) + + +;;; +;;; Entry point. +;;; + +(define (guix-fork-update . args) + + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (define-syntax invoke-git + (lambda (x) + (syntax-case x () + ((_ args ...) + #`(invoke "git" "-C" #,(datum->syntax x 'directory) args ...))))) + + (define-syntax invoke-git/stdout + (lambda (x) + (syntax-case x () + ((_ args ...) + #`(string-trim-right + (invoke/stdout "git" "-C" #,(datum->syntax x 'directory) args ...)))))) + + (with-error-handling + (let* ((directory (or (assoc-ref options 'directory) ".")) + (current-branch-name (invoke-git/stdout + "branch" + "--show-current")) + (current-head-location (invoke-git/stdout + "rev-parse" + "HEAD")) + (fork-branch-name (or (assoc-ref options 'fork-branch-name) + (if (string= current-branch-name "") + (leave (G_ "no current branch and --fork-branch not given")) + current-branch-name))) + + (repository (repository-open directory)) + (upstream-branch-name introduction-commit introduction-signer + (if (fork-configured? repository) + (fork-configured-introduction + (repository-open directory)) + (leave (G_ "fork not fully configured. +(Did you remember to run `guix fork authenticate` first?)%~")))) + (upstream-branch-commit + (invoke-git/stdout "rev-parse" upstream-branch-name)) + (new-upstream-branch-commit "") + (config (repository-config repository)) + (signing-key + (or + (catch 'git-error + (lambda () + (config-entry-value + (config-get-entry config "user.signingkey"))) + (const #f)) + (begin + (info (G_ "user.signingkey not set for this repository.~%")) + (info (G_ "Will attempt to sign commits with fork introduction key.~%")) + introduction-signer)))) + + (info (G_ "Pulling into '~a'...~%") upstream-branch-name) + (invoke-git "switch" upstream-branch-name) + (invoke-git "pull") + (set! new-upstream-branch-commit + (invoke-git/stdout "rev-parse" upstream-branch-name)) + + (info (G_ "Rebasing commits from '~a' to '~a' onto fork branch '~a'...~%") + upstream-branch-commit + new-upstream-branch-commit + fork-branch-name) + (invoke-git "rebase" "--rebase-merges" + (string-append "--gpg-sign=" signing-key) + fork-branch-name new-upstream-branch-commit) + + (info (G_ "Resetting fork branch '~a' to latest rebased commit...~%") + fork-branch-name) + (invoke-git "branch" "--force" fork-branch-name "HEAD") + + (invoke-git "checkout" (or current-branch-name current-head-location)) + + (info (G_ "Successfully updated Guix fork in ~a~%") + directory)))) -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 31 16:20:20 2025 Received: (at 75981) by debbugs.gnu.org; 31 Jan 2025 21:20:20 +0000 Received: from localhost ([127.0.0.1]:54959 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tdyR1-0005qu-QN for submit@debbugs.gnu.org; Fri, 31 Jan 2025 16:20:20 -0500 Received: from mail-pl1-x643.google.com ([2607:f8b0:4864:20::643]:46164) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tdyQx-0005kj-EP for 75981@debbugs.gnu.org; Fri, 31 Jan 2025 16:20:16 -0500 Received: by mail-pl1-x643.google.com with SMTP id d9443c01a7336-219f8263ae0so46830385ad.0 for <75981@debbugs.gnu.org>; Fri, 31 Jan 2025 13:20:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738358409; x=1738963209; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kTLhP7eOxVAyBixFBetnmK4lTMHiffyZRO+XOSa3nEo=; b=QxOiMvz/NyzwMd3WiSrAOGDFtKyG/uPlceSeR+ItNUGkSPCOSelYsA6BUhLzVOatMY xWha+6gcZDk418SUs3CPPKA2Tx/r6ugA0GcZY3TcOOs+k3Ze914UgAmg2VqxbT+6Y8yJ lOM+MpX2cBbB4TuKj6O9mbkqfINcHnbFkL1FnSdSYUwTJO30eZQIPNR0Aw23s6bJhUpl eu5hlEo3Eo3aIsA2O9XIgEjxfjXO6bLuI72ghhkGQk+CM16CR8ihDu7Ey5H/rN+Bcg7i MSmA5Rm8ZMkmmv2lLq3JktU93CDFf1jxdoHU1Wg252sSoEjDXERflSFYTxvTQVCQmIQg LE5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738358409; x=1738963209; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kTLhP7eOxVAyBixFBetnmK4lTMHiffyZRO+XOSa3nEo=; b=wmWo3RpkjQgQUAIJJgut/VDwS0N+P051UxGCCHeHRY5d60qRrdpTnA18SyMYh88ahe IOgMWzOwO3Y9Kc593VY1susjgBwx+yEUr/kYTJauP38LCL2bi5IvEyZK4sXBKI8d1MUe 86C+smMcy7aH5NEq4XVtwd6BHzwrgpjFKxL+XUs0wEH6TK1PuqCNb+vLReQIz28cstbp dCUESDfDdLhx5ax9oVSkAEFUkT2Avw3X1kjejTEz/F2sLC7CJ5/dusuQWOoqS6D680KG Jq//v2BZYj6fPrQcgwoQbZQep/oYHwLyzoFLxiM8h/TiVNXq///OqtDSK66ZYikLBk4G NHVw== X-Gm-Message-State: AOJu0YwG36efi9gylCk+qvejO20AJ4Dx5LCHRb+fWqotTqAUmkdU1cFp GexJ5o1JNawqD5Yha4wwOdNcPdLQlVeZB+ey57iVQMKaPsuO9E2x/bUA0j6L X-Gm-Gg: ASbGncsmzG1E99cTUtxzI1rsaK0weBUidFBJYXCTO+qpwRxj2+SfPzhHoUUI/jgodH4 6gXgdEGv+vH2jd+bzB8glHo1CFp9LEW+9IiK2n7DXEa9CuM1UDF1xdo22Oo2y0r0ShQlI0+xpx5 EnFDHX9Tc6lfbLO6rKF1vRydRk1sbM0QMj/R87lf0HDM5l9+H4PxRyzVoE36K2wGGGe6DVnnOBi PH1cZmybpyaKb7pLdIHaT2ZmzD0WKerCGmWXkrlkF5hZFoQ0odRoV97SzZV1yt5XYxsMl86bsOd sX4jpj0cDviMpA8xEn/a9TvAXMKcqh3jdatvrA== X-Google-Smtp-Source: AGHT+IF63NhnKRm4Eq91FSP0/ppF7N5+C7xl0PJy8TMR1CA94SRIizjkowJ0AVBGVczgYZ+HJAz62A== X-Received: by 2002:a05:6a00:1411:b0:725:9f02:489a with SMTP id d2e1a72fcca58-72fd0c5ee8cmr16921091b3a.17.1738358409143; Fri, 31 Jan 2025 13:20:09 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72fe64275c4sm3924008b3a.61.2025.01.31.13.20.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 Jan 2025 13:20:08 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1 4/4] Document 'guix fork'. Date: Sat, 1 Feb 2025 02:48:47 +0530 Message-ID: X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * doc/guix.texi (Invoking guix fork): New node. * doc/contributing.texi (Using Your Own Patches): New node. Change-Id: I06240f0fe8d1fe39f27130a72f5d0d92949c99da --- doc/contributing.texi | 50 ++++++++++++++ doc/guix.texi | 150 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 200 insertions(+) diff --git a/doc/contributing.texi b/doc/contributing.texi index c94ae940fa..bd4fd6c2ac 100644 --- a/doc/contributing.texi +++ b/doc/contributing.texi @@ -35,6 +35,7 @@ Contributing * Making Decisions:: Collectively choosing the way forward. * Commit Access:: Pushing to the official repository. * Reviewing the Work of Others:: Some guidelines for sharing reviews. +* Using Your Own Patches:: Using your own work before it's accepted. * Updating the Guix Package:: Updating the Guix package definition. * Deprecation Policy:: Commitments and tools for deprecation. * Writing Documentation:: Improving documentation in GNU Guix. @@ -3095,6 +3096,55 @@ Reviewing the Work of Others have reviewed more easily by adding a @code{reviewed-looks-good} usertag for the @code{guix} user (@pxref{Debbugs Usertags}). +@node Using Your Own Patches +@section Using Your Own Patches + +If you've taken the time to contribute code to Guix, chances are that +you want the changes you've made to be reflected in your own Guix +installation as soon as possible. Maybe you've added a package you want, +and you want to start using it @emph{right now}. Or you've fixed a bug +that affects you, and you want it to @emph{go away}. + +As described in the preceding sections, all contributions to Guix first +go through a review process to ensure code quality. Sometimes, this can +take longer than one would like. Ideally, the pace of the review process +should not prevent you from benefiting from your own work. + +One way to work around this issue is to create an additional channel of +your own (@pxref{Creating a Channel}), and add your code to it. For +certain kinds of contributions, such as adding a new package, this is +fairly straightforward - simply copy your new package definition(s) into +a new file in the channel, and remove them when your contribution is +accepted. + +However, there may be cases where this is not convenient. Certain kinds +of changes, such as those that need to modify existing Guix internals, +may be more challenging to incorporate into a channel. Moreoever, the +more substantial your contribution is, the more work it will be to do +so. + +@cindex fork, of Guix +For such cases, there is another option. Recall that the patch series +that you sent (@pxref{Sending a Patch Series}) was created from a one or +more commits on a checkout of the Guix repository (@pxref{Building from +Git}). You could simply specify this repository (referred to as your +`Guix fork', or simply `fork', from here onwards), and its relevant +branch, as your `@code{guix}' channel (@pxref{Using a Custom Guix +Channel}). Now `@code{guix pull}' will fetch your new commits, and +you'll see the changes you made reflected in your Guix installation! + +However, there's a potential complication to this approach - the issue +of authentication (@pxref{Channel Authentication}). If your fork only +exists on your local filesystem (a `local fork'), then you probably +don't need to worry about this, and can pull without authentication +(@pxref{Invoking guix pull}). But other situations, such as a remotely +hosted fork, may make it important for your fork to be authenticated, in +the same way that all channels are expected to be. + +Guix provides a @command{guix fork} command in order to simplify and +automate many details of creating and managing and authenticated +fork. For more information, @pxref{Invoking guix fork}. + @node Updating the Guix Package @section Updating the Guix Package diff --git a/doc/guix.texi b/doc/guix.texi index b1b6d98e74..bbb5666d0a 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -311,6 +311,7 @@ Top * Invoking guix pack:: Creating software bundles. * The GCC toolchain:: Working with languages supported by GCC. * Invoking guix git authenticate:: Authenticating Git repositories. +* Invoking guix fork:: Creating and managing authenticated forks of Guix. Programming Interface @@ -5930,6 +5931,7 @@ Development * Invoking guix pack:: Creating software bundles. * The GCC toolchain:: Working with languages supported by GCC. * Invoking guix git authenticate:: Authenticating Git repositories. +* Invoking guix fork:: Creating and managing authenticated forks of Guix. @end menu @node Invoking guix shell @@ -7534,6 +7536,154 @@ Invoking guix git authenticate @end table +@node Invoking guix fork +@section Invoking @command{guix fork} + +@cindex @command{guix fork} + +The @command{guix fork} command provides the means to quickly set up, +authenticate, and keep up-to-date an authenticated fork of Guix. For +more information on authentication of a Guix checkout, @pxref{Invoking +guix git authenticate}. + +Its syntax is: + +guix fork ACTION ARGS... + +ACTION specifies the fork-related action to perform. Currently, the +following values are supported: + +@table @code +@item create SIGNING_KEY [DIRECTORY OPTIONS...] +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the introductory +commit. +DIRECTORY defaults to ./guix. + +First, clone Guix into DIRECTORY, unless @code{--use-existing} is +given. Then, add SIGNING_KEY to the `@code{keyring}' branch of the +repository. Finally, create a new `@code{fork}' branch based starting +from the default branch, whose initial commit authorizes SIGNING_KEY +alone (by adding it to @file{.guix-authorizations}) and is signed by it. + +The new `@code{fork}' branch is intended to mirror upstream +Guix. Updating the fork amounts to applying all new commits to it (see +the `@code{update}' command below for further explanation). You can work +on patches in branches based off of this one, in much the same way as +you would base them on Guix's default branch - every commit from the +latter will be present in the former. + +To @command{guix pull} your changes, you could create a `build' branch +starting from the initial fork commit, onto which you can cherry-pick or +rebase commits from patch branches. This branch can then be specified +for the `@code{guix}' channel (@pxref{Using a Custom Guix Channel}). +Updating this channel can be done by merging the `@code{fork}' branch +into it. + +OPTIONS can be one or more of the following: + +@table @code +@item --use-existing +Use existing clone of Guix in DIRECTORY. This is useful if you've +already created commits for a patch series (@pxref{Using Your Own +Patches}). However, all commits to the default branch, as well as any +branches that may be merged into it in the future, must have been signed +with an authorized key; otherwise, authentication will fail later. +@item --upstream=URI +The repository to clone from. This defaults to the default URL for the +Guix repository. +@item --channel-url=URI +Optional URI, which if given, will be used to replace the channel URL. +Furthermore, the existing `origin' remote (which tracks +`@code{upstream}') is renamed to `upstream', and a new `origin' remote +is created to track URI. +@item --git-parameter PARAMETER +Specify configuration PARAMETER for git, via `-c' option. You can pass +this option multiple times. +@end table + +@cindex authentication, of Guix forks +@item authenticate UPSTREAM COMMIT SIGNER [OPTIONS...] +Authenticate a Guix fork, using COMMIT and SIGNER as the fork +introduction. + +First, authenticate new commits from UPSTREAM, using Guix's default +introduction. Then authenticate the remaining commits using the fork +introduction. + +As with @code{guix git authenticate}, all three of UPSTREAM, COMMIT and +SIGNER will be cached in .git/config, so that you don't need to specify +them after the first time. + +OPTIONS can be one or more of the following: + +@table @code +@item --repository=DIRECTORY +@itemx -r DIRECTORY +Authenticate the git repository in DIRECTORY, instead of the current +directory. +@item --upstream-commit=COMMIT +@itemx --upstream-signer=SIGNER +Use COMMIT/SIGNER as the introduction for upstream +Guix, instead of Guix's default channel introduction. +@item --keyring=REFERENCE +@itemx -k REFERENCE +Load keyring for fork commits from REFERENCE, a Git branch (default +`@code{keyring}'). +@item --upstream-keyring=REFERENCE +Load keyring for upstream commits from REFERENCE, a Git branch (default +`@code{keyring}'). +@item --end=COMMIT +Authenticate fork commits up to COMMIT. +@item --upstream-end=COMMIT +Authenticate upstream commits up to COMMIT. + +@item --cache-key=KEY +@itemx --historical-authorizations=FILE +@itemx --stats +Identical to the correponding options in @command{guix git authenticate} +(@pxref{Invoking guix git authenticate}). +@end table + +@item update [OPTIONS...] +Pull into this Guix fork's configured upstream branch (from running +@command{guix fork authenticate}), then apply new commits onto the +current branch. + +This approach may seem less convenient than simply merging the upstream +branch into the fork branch. Indeed, it duplicates every upstream commit +under a different commit hash, and applying a large number of commits +can be slow. However, this is currently the only feasible approach due +to the nature of Guix's authentication mechanism. Namely, merge commits +can only be authenticated if both their parents are signed by an +authorized key, meaning that you can only use the merge workflow if +you're authorized to commit to upstream Guix. + +For mapping commits on the fork branch to their equivalents on the +upstream branch, you can use @command{guix fork identify} (see below). + +OPTIONS can be one or more of the following: + +@table @code +@item --repository=DIRECTORY +@itemx -r DIRECTORY +Act in the Git repository in DIRECTORY. +@item --fork-branch=BRANCH +Apply new commits onto BRANCH instead of the current branch. +@end table + +@item identify +Coming soon! + +Given a commit hash from upstream Guix, print its equivalent on the fork +branch, or vice versa. +This uses the 'Change-Id:' line added to commit messages by Guix's +'commit-msg' hook. +The first invocation of this command will be slow, as the entire set of +corresponding commits is built up as a hash table, and then +cached. Subsequent invocations should be nearly instant. + +@end table + @c ********************************************************************* @node Programming Interface @chapter Programming Interface -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 31 16:24:24 2025 Received: (at 75981) by debbugs.gnu.org; 31 Jan 2025 21:24:24 +0000 Received: from localhost ([127.0.0.1]:55222 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tdyUx-0006EZ-Em for submit@debbugs.gnu.org; Fri, 31 Jan 2025 16:24:24 -0500 Received: from mail-pl1-x644.google.com ([2607:f8b0:4864:20::644]:42117) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tdyTU-00061U-7E for 75981@debbugs.gnu.org; Fri, 31 Jan 2025 16:22:55 -0500 Received: by mail-pl1-x644.google.com with SMTP id d9443c01a7336-216395e151bso30898765ad.0 for <75981@debbugs.gnu.org>; Fri, 31 Jan 2025 13:22:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738358566; x=1738963366; darn=debbugs.gnu.org; h=mime-version:message-id:date:references:subject:to:from:from:to:cc :subject:date:message-id:reply-to; bh=NyxrI5USujHKH+GOaGfVLK93kfoTLeDTFuozmKBeCAw=; b=T16TEgzOg8zQuKY/gtnI7qi+9G3a71zG+3GB+86SWQ2XFBq9wzWVV1Wu80u+CiahkY 3xrOyPPkwps1MwIJD+SA+YfekUEQwo8TLfeAWsre+TYID7kiRVmC/zpQgdOKECHAOGmf L2mcmR/cyNHRU+unZaA/0hJzwYg67+qePuBwscYZu9QH+XO9d1q5aeOSd/WP3ZunX27L y7rh9RrvQ3KY/32DLzgDlHC5ayVQU9v4uv49XBRiAMfdk32bPs3di8knfIXZlOaqnZzR J0T7tCbN493HmMZFL3tFeLWxxMNs7PrRI8WRQ6Uqo/iiHyuMgi6/9yrPAInf0pRIYCpV h0YA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738358566; x=1738963366; h=mime-version:message-id:date:references:subject:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=NyxrI5USujHKH+GOaGfVLK93kfoTLeDTFuozmKBeCAw=; b=lw1SXw28m0Rby1qOlz8rPzVZ+7xfS8MNCemoAUHVc8u5CWo4pyFXcpVajd6vTT8GM4 +PxweSys4tQpbXtuU8q6Zr4XhdUMSl1uadxtjk4XEbazrWVa1FtL31zpTxvXCYo7vHZs gCGL4VRGFIXPNs3I5HwRm4O+29uV/429Y6JgL6NNVrSAyLvjaOjLlfTJbDU8C1Mp0KLL wkPrUHtXHGykHj61gf8xp7OqlPeHu6t0QcGMeVb3FpFcaEvmGEDTcYJxpmTEsto7mOxX DpLnoIa1cq4g+DzBnhunBYDweKnu9zS1zHdk7J3/pxkmSJFIB+/ZTwDzvAwTcCzI1ZZT 9jiQ== X-Gm-Message-State: AOJu0YyBivWGj3kJclHbHe1m0dxsuoi1sWjVRQUkRddxrYEgL8AAJk/R Q8hn2dm9vRk0SgCphQZB1RVq+qOS9imLhFOmd35Zd5q5r4G3YCFxBMZmoQHE X-Gm-Gg: ASbGncu2zuw9WTLxSbc2LW26IJMGVmC8DEmGERvxjAHjcUecX9qurKcGKCjFR9N5bnF Z6/XAVamrDyFdUYeHPYyRS20eLFda6Eu7r2WurDvrx97z7OW1Bh03nXtBk9CYv8ZRlPa99CmiD7 Gi9RCXva7+eoxMnOz8tXoX+oK+dT4kVujwaf+nOU7ZmgnuYPfm4hPNIis8qS6qTB2aaX5IV5r79 HULI6HCCts2t72vZ8QiWCWRADsEx1+7O5pIPiNn8qlPHTI0sisU5B1iRRH/ZS3ZlzAITJ8yDqaI BEFgeyuYMZEKvfsz X-Google-Smtp-Source: AGHT+IHe7vlgMBCxdwGarZrBNPuBxyvTFgZLJt93mqI3dwzzDn/9ScDG2YVqZdhoMHX7MCyKabqNOw== X-Received: by 2002:a17:903:903:b0:215:58be:334e with SMTP id d9443c01a7336-21de1958de1mr126469385ad.10.1738358565865; Fri, 31 Jan 2025 13:22:45 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de31fcdd0sm35015275ad.103.2025.01.31.13.22.44 for <75981@debbugs.gnu.org> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 Jan 2025 13:22:45 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [Tomas Volf] Re: [PATCH (WIP) 0/4] Add 'guix fork'. References: <87wmeaaer2.fsf@wolfsden.cz> Date: Fri, 31 Jan 2025 21:22:50 +0000 Message-ID: <87ed0ivfth.fsf@gmail.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain Forwarding this from the previous thread. -------------------- Start of forwarded message -------------------- From: Tomas Volf <~@wolfsden.cz> To: 45mg <45mg.writes@gmail.com> Cc: 75975@debbugs.gnu.org, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai , Nicolas Graves Subject: Re: [PATCH (WIP) 0/4] Add 'guix fork'. Date: Fri, 31 Jan 2025 21:51:29 +0100 --=-=-= Content-Type: multipart/signed; boundary="==-=-=" --==-=-= Content-Type: text/plain Content-Disposition: inline 45mg <45mg.writes@gmail.com> writes: > The code here adapts certain procedures from Tomas Volf's original 'fork-guix' > script [6]; namely: '-->', 'invoke/c', 'create-keyring-branch', 'git-C', and > 'git-C/c'. That script is licensed under AGPL, so my understanding is that it, > or the procedures I used from it, would need to be relicensed under GPLv3 to > be included into Guix. Tomas - could you confirm here that you're willing to > do so, as we discussed earlier? (Note that I didn't ask you about the last two > of the five procedures above, since I hadn't used them yet at the > time.) I hereby declare the above mentioned procedures to be dual licensed under AGPL-3.0-only and GPL-3.0-or-later. That should remove any possible licensing issues for merging this patch. ^_^ Tomas -- There are only two hard things in Computer Science: cache invalidation, naming things and off-by-one errors. --==-=-= Content-Type: application/pgp-signature; name=signature.asc Content-Transfer-Encoding: base64 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRSkNCQUVCQ2dBc0ZpRUV0NE5KczR3VWZU WXBpR2lrTDcvdWZiWi93YWtGQW1lZE45RU9ISDVBZDI5c1puTmsKWlc0dVkzb0FDZ2tRTDcvdWZi Wi93YWtWSGcvOERGdWpzSVlZTkZKYnE2QkZIczQ3MkhhcTM4QWRrWlNzNGp2Mwp0YWh4Ry9hWGZ4 Vi82QnhVWHRBcEFJQko2WFR4NHJyRjIxV1hBaVAyTHpjaHpCYSsyWHkrSWtqU2twYUFTS3p2ClpF TkZlTEpEbWtiNmxuOVFlSXZua2dHTk1uL0JMcFd4YlZxaXVqL0lhdm9YTHZtVnV2MG4xYUtwRlVq QWlZNEMKaVZQWS92SlFKMnBMTHhMNlp5Nk5SbHFzMldEbG9WNkhMQjN3RVg2dWpSVCtFeWtFU01h Qm9hbHNzZnY1ZktCdQpSU3A2em1pU0swejlEMXRkejRWUnNRNjgrVmJWRkF0dWdyVmwvMW1XTzUr ZWVncjIzTWRWaWIrV0gzbzh6WWhQCjJkWHViTmtTelhxQU5neUhVMmlnRjUzNy94OVpQNXVaYTA5 MERJQVhEaWZOSFRMYW1tREphT05VY1BLTXFWSDIKUEtFSC9RUzJaWnFrcWhOLy9CeEdOcERvWFgv R1VFR2lnektBaVpHaFdZWGY4UGxYMmFIS1hwSi96V0ROdTlwVApzUWEvdEREb0U0MHhvZGNQbzZr Y1N0RXR3K3NLMDh3S3ZYVzd5NS9wR2tiS2doTUp2dGs5dG5FNnhEakExOFBqCkpLNHZrcVhMOTUw dTA2aUg2TEJTejBUcXVwYXVrMG5JUC9xY1pmWjB2UUc5NUhYb21OL0tqaC85b3pSREczMTgKbVlN VFBWYmpSTkF3b2UzellMbXJFNFJucTFuTjVFbG5FMEY0VFlaU3NRdlF1ZnpaeGFVZUJsd21rRERr ZzJhNQo3Vk0ySDhkYmhOWnc2VEdaclFoM1l0amFJNzVtMExZUXEyUmczbzREV0tjeWZUWWxjOVQ4 Z3owU2M3WFE1U3NYCmVTM1pTL0k9Cj1UOWtzCi0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQ== --==-=-=-- --=-=-= Content-Type: text/plain -------------------- End of forwarded message -------------------- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sat Feb 01 06:44:04 2025 Received: (at 75981) by debbugs.gnu.org; 1 Feb 2025 11:44:04 +0000 Received: from localhost ([127.0.0.1]:56704 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teBut-0004wm-Lo for submit@debbugs.gnu.org; Sat, 01 Feb 2025 06:44:03 -0500 Received: from mail-pj1-x1043.google.com ([2607:f8b0:4864:20::1043]:55385) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1teBuq-0004w2-Le for 75981@debbugs.gnu.org; Sat, 01 Feb 2025 06:44:01 -0500 Received: by mail-pj1-x1043.google.com with SMTP id 98e67ed59e1d1-2ee397a82f6so4941550a91.2 for <75981@debbugs.gnu.org>; Sat, 01 Feb 2025 03:44:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738410234; x=1739015034; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=Dkq+9XbMCNfPJ8VkbEDQzJcCxNbcT3nuTI14kRoenNc=; b=iiMl8IOPl9cvCuKPneDJ2owg6/2mm5HboV2fdcRl7D53q0PJpYs7PlrRY423fD3l8n thfzPlLeqdeG8EwH/oJXK2Qtuy+08SsZ3pz5PKCDMzD9MPAULBu0EcJ4eVcJn6zM4y6w 12TeASd/MlQhnxRfn/Fi9jrMLeCkSdecyNqginXB1On1/GZKKNrjp/qLFFtW833ADwZV 5nF8pfLgN2b0CLxlm2ukDufx/pC/60ZlL7JGiqQgJSMEsCStFWqun+Azv1lWHiYqHnzE Gp8QRzYFAMbuzX7/SLlpx0LzcfTWLkV9sbd33FdnKQ7og2S2ht31DQ/wjImcJL2xO37T PpgQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738410234; x=1739015034; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Dkq+9XbMCNfPJ8VkbEDQzJcCxNbcT3nuTI14kRoenNc=; b=l7eud5D3kGaJmwCXBwci/cnnGPGhVDPFzu8rdWiGY1jGQ9fpxIjpLrMV4Ij23n1l/D ddnA6x3QPI3JtvPbzreSJLZYnPQjEtil+MnkvKCkCTFju6p280yz95NwUT5C77tZfv/e mcW/kJm2loTj11Yj1CkSAaLMMw/V/N1wSExFlSi4ExLxwSSiRG5gsYKCqwLBtZItRmI5 gvegMe0zvQP8kbBaGA+CSfziibhZUpWHjkZY1fLHDunR97Me7m0wQjZA/nC2xaOaChgm rTgEOB6rSSjeNREUwkC9Arj94Q5kcb9WtFGlYqbroDsDm9rGKUHPQj2MXpnmPdAulG8q BdXw== X-Gm-Message-State: AOJu0Yzf5K5QMi/E07+WFREOXztzKSMzDwZddLXdxnsjedSkxxL0NnyY VBbkOuyKri6bV/34tW6SOlQcIr62tYq3j0uDUEWyHwpNnuqoAGDEabSqBmfa X-Gm-Gg: ASbGnctYTuy33PBDHpZS4xUMI6MV4ByGMTjAlxXtGVNkY+tZztxopaGl6CxKuCNsZUJ zy4znxD/6ogX0oAFKcA/Z5KPCnLEcggQmR2rKsD6FCDMv4wkx/C2r+BiJRU/jjqBG4i0EpA4aiF O3w6nUCY+x+DBRb78KMRJ0T/tU6mrKXMxqv3zlW7WpV0MKc6nc42tnQJxURiew0eDvtHYYL6Hq+ 4R9sNyaX807NG3AU0U6QNdqLJJfEsbhVLzz3DBfv5uO0ykPvGu6VRHXrIrWeZ4Zu0SfQ8aySATi XPbWV+eqLethH9Ducb9POHwOwJj0mJHaYyVVgQ== X-Google-Smtp-Source: AGHT+IEkp0o7pcqa5eJT7MDuZLsDqQRMu+YS0Moairy5K0DgyebpoQ/42SPW1BY1qGykQkMBuAVsAA== X-Received: by 2002:a17:90b:258c:b0:2ee:f687:6acb with SMTP id 98e67ed59e1d1-2f83abd9998mr21373356a91.13.1738410233958; Sat, 01 Feb 2025 03:43:53 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de331f8d4sm43844805ad.224.2025.02.01.03.43.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 01 Feb 2025 03:43:53 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1.5 0/4] Add 'guix fork'. Date: Sat, 1 Feb 2025 17:13:21 +0530 Message-ID: X-Mailer: git-send-email 2.48.1 MIME-Version: 1.0 X-Debbugs-Cc: Ludovic Courtès , Maxim Cournoyer Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Guix, This revision is the same as v1, with one difference - the procedure 'invoke/stdout' was moved from (guix build utils) to (guix utils). While it probably belongs in the former file, the fact is that nearly every gexp starts with `(with-imported-modules ((guix build utils)) #~(begin ...))` or something similar, so changing that file will cause most derivations to change, which will result in a world rebuild (I think that's what it's called? That term is not in the manual...). So I moved it, added some TODO comments pointing out where it should go, and didn't update the commit message changelogs. This revision only exists so that I can apply it to my fork, `guix pull`, and thereby have access to these commands in my CLI. So if anyone else wants to use this patch - as opposed to just test it via pre-inst-env - then this is what you should apply. 45mg (4): Add 'guix fork create'. Add 'guix fork authenticate'. Add 'guix fork update'. Document 'guix fork'. Makefile.am | 4 + doc/contributing.texi | 50 +++++ doc/guix.texi | 150 +++++++++++++ guix/channels.scm | 13 ++ guix/git-authenticate.scm | 17 ++ guix/git.scm | 10 + guix/scripts/fork.scm | 71 +++++++ guix/scripts/fork/authenticate.scm | 331 +++++++++++++++++++++++++++++ guix/scripts/fork/create.scm | 258 ++++++++++++++++++++++ guix/scripts/fork/update.scm | 182 ++++++++++++++++ guix/scripts/git/authenticate.scm | 45 +--- guix/utils.scm | 61 ++++++ 12 files changed, 1151 insertions(+), 41 deletions(-) create mode 100644 guix/scripts/fork.scm create mode 100644 guix/scripts/fork/authenticate.scm create mode 100644 guix/scripts/fork/create.scm create mode 100644 guix/scripts/fork/update.scm base-commit: b85d20e853192a92093cd8d6a5756ec80e94c658 -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Sat Feb 01 06:45:18 2025 Received: (at 75981) by debbugs.gnu.org; 1 Feb 2025 11:45:18 +0000 Received: from localhost ([127.0.0.1]:56710 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teBw3-00052s-AA for submit@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:18 -0500 Received: from mail-pl1-x643.google.com ([2607:f8b0:4864:20::643]:52474) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1teBvz-0004yw-La for 75981@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:13 -0500 Received: by mail-pl1-x643.google.com with SMTP id d9443c01a7336-2165cb60719so52565045ad.0 for <75981@debbugs.gnu.org>; Sat, 01 Feb 2025 03:45:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738410305; x=1739015105; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=F85/sIfvICd2GtgcoafUgDYLDpJBVD1bPSct/mRV/9k=; b=bK31Jf3XsQ3sIcYq0IOHUvA+9m5TvAeX2wWccNazc7IrwEClElwBKdEBqftKCDFBQr jaElJiurMPngHPCIlzvhl4MJrCB6MuW1S58izZFekgwA5RIJsfYmba+KHDsXOnTisqvW 2Rw2hiwnDfNKTjxn5BSpgIosrf7x1INYZEOi5EZKa8jXt8EnicbN8ABOwYwB/pBS8lh9 0JGS1DwVP2fxBBoUvi1krTIixZ8FUSHk1h4PJkU/6PM58uCXtwOi2I6MO8guhTTutcPi yb5jBJupoTPGbWSONWzeEhGV7GDJRE+tDjbF6TNM6N7N3xudpNtqKugNWfA5MTf4J4Kq ZlvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738410305; x=1739015105; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=F85/sIfvICd2GtgcoafUgDYLDpJBVD1bPSct/mRV/9k=; b=ICkouMBKC59YswbarCLbxm1Xbrx7HBPxFCDBIbCkqSYakIL6FfuGJVFoV2/SsjzFeN j96h6LvNKvRsmTgYyhCxw9JzVrzcYvD6QOR1DrpI5jfAx3aF8u2GcXXMEM0fycby51DA exuY4G1512H5c2X4/doQofCkHuESl1Yw0maQQiSMlHYv2Jdmeec4Wz0X6TjAhQdJDsKm 1W3skJx8RIVI0jbt5OMA7QlzvWZEygWRcTHRQ7NTCPYXEKcZSxz5m+VCvqWYPj7vXSBl gwZlk0U8YOB1JmVKRd+Du8AWbYk+uHJRwPwFL3xF2eWywy3foBzk4luyTYqpSOMwa+1b P0zA== X-Gm-Message-State: AOJu0YxU9fL+wTTucMly11XhJgsvHG2da8Bd7dSW+nkRY63XudNAaBlA A8OrhVRc775CdYmW7UMfLtx+UhVDA0gn+NTGzi3A7ZyWgSoeze68/7aEk8rj X-Gm-Gg: ASbGnct43AWJarvH6DRJn84eySKEOstYlok61kAZ0TDedank90JkXmaRHKZqXa4Q6WJ xqSXPYX9rAl/YzVzFzRz9ltHc2RpTXglad2x9knFjb2NwmxDZOmIi6pNR45wE48x5oE3GBpqt8D tGZez7ANUd8WZzP/IzlMSFSnKpMzYSemsQHmh7FoMMDpGk22ReEM5273ONcPxMXlgbwcHFoCFtM prnna6F3T2AZ8+/3n7i/1W3JEbg46Hc7bsV0aowUZvLIRpjXElOZRlICRvySnEOgX6V0uLarCy8 sUMSAvWaFI0dYxs2YsN9lxm/9Y3fkeXJsiD+4A== X-Google-Smtp-Source: AGHT+IFgcnX80p98Lzc3vxehsQfdGymWiyMRQn2rF027BU+AZOJk/G87bILk+ezOCVYqIK/wf4ZgSA== X-Received: by 2002:a17:902:ec8a:b0:215:b473:1dc9 with SMTP id d9443c01a7336-21dd7de383fmr226484925ad.46.1738410304925; Sat, 01 Feb 2025 03:45:04 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de331f8d4sm43844805ad.224.2025.02.01.03.45.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 01 Feb 2025 03:45:04 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1.5 1/4] Add 'guix fork create'. Date: Sat, 1 Feb 2025 17:13:23 +0530 Message-ID: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * guix/scripts/fork.scm, guix/scripts/fork/create.scm: New files. * Makefile.am (MODULES): Add the new files. * guix/build/utils.scm (invoke/stdout): New procedure. * guix/utils.scm (chain-cut): New procedure. * guix/scripts/git/authenticate.scm (commit-short-id): Remove procedure, and use its existing duplicate in guix/channels.scm. (openpgp-fingerprint*, current-branch, show-stats): Move procedures to the files below. * guix/channels.scm (openpgp-fingerprint*): Moved here. * guix/git.scm (repository-current-branch): Moved here and renamed from 'current-branch'. * guix/git-authenticate.scm (show-authentication-stats): Moved here and renamed from 'show-stats'. Change-Id: I45ba37f434e136f6d496c741d9a933280f9ccf88 --- Makefile.am | 2 + guix/channels.scm | 13 ++ guix/git-authenticate.scm | 17 ++ guix/git.scm | 10 ++ guix/scripts/fork.scm | 67 ++++++++ guix/scripts/fork/create.scm | 258 ++++++++++++++++++++++++++++++ guix/scripts/git/authenticate.scm | 45 +----- guix/utils.scm | 61 +++++++ 8 files changed, 432 insertions(+), 41 deletions(-) create mode 100644 guix/scripts/fork.scm create mode 100644 guix/scripts/fork/create.scm diff --git a/Makefile.am b/Makefile.am index f759803b8b..c628450a5a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -377,6 +377,8 @@ MODULES = \ guix/scripts/size.scm \ guix/scripts/git.scm \ guix/scripts/git/authenticate.scm \ + guix/scripts/fork.scm \ + guix/scripts/fork/create.scm \ guix/scripts/graph.scm \ guix/scripts/weather.scm \ guix/scripts/container.scm \ diff --git a/guix/channels.scm b/guix/channels.scm index 4700f7a45d..6ca8e64881 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -47,6 +47,7 @@ (define-module (guix channels) #:use-module (guix packages) #:use-module (guix progress) #:use-module (guix derivations) + #:autoload (rnrs bytevectors) (bytevector-length) #:use-module (guix diagnostics) #:use-module (guix sets) #:use-module (guix store) @@ -81,6 +82,7 @@ (define-module (guix channels) openpgp-fingerprint->bytevector openpgp-fingerprint + openpgp-fingerprint* %default-guix-channel %default-channels @@ -171,6 +173,17 @@ (define-syntax openpgp-fingerprint ((_ str) #'(openpgp-fingerprint->bytevector str))))) +(define (openpgp-fingerprint* str) + "Like openpgp-fingerprint, but with error handling from (guix diagnostics)." + (unless (string-every (char-set-union char-set:hex-digit + char-set:whitespace) + str) + (leave (G_ "~a: invalid OpenPGP fingerprint~%") str)) + (let ((fingerprint (openpgp-fingerprint str))) + (unless (= 20 (bytevector-length fingerprint)) + (leave (G_ "~a: wrong length for OpenPGP fingerprint~%") str)) + fingerprint)) + (define %guix-channel-introduction ;; Introduction of the official 'guix channel. The chosen commit is the ;; first one that introduces '.guix-authorizations' on the 'staging' diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index 37c69d0880..8bc7fb6fb3 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -40,6 +40,7 @@ (define-module (guix git-authenticate) #:use-module (rnrs bytevectors) #:use-module (rnrs io ports) #:use-module (ice-9 match) + #:use-module (ice-9 format) #:autoload (ice-9 pretty-print) (pretty-print) #:export (read-authorizations commit-signing-key @@ -52,6 +53,7 @@ (define-module (guix git-authenticate) repository-cache-key authenticate-repository + show-authentication-stats git-authentication-error? git-authentication-error-commit @@ -449,3 +451,18 @@ (define* (authenticate-repository repository start signer (oid->string (commit-id end-commit))) stats)))) + +(define (show-authentication-stats stats) + "Display STATS, an alist containing commit signing stats as returned by +'authenticate-repository'." + (format #t (G_ "Signing statistics:~%")) + (for-each (match-lambda + ((signer . count) + (format #t " ~a ~10d~%" + (openpgp-format-fingerprint + (openpgp-public-key-fingerprint signer)) + count))) + (sort stats + (match-lambda* + (((_ . count1) (_ . count2)) + (> count1 count2)))))) diff --git a/guix/git.scm b/guix/git.scm index 6ac6e4e3a2..afeacb53aa 100644 --- a/guix/git.scm +++ b/guix/git.scm @@ -59,6 +59,7 @@ (define-module (guix git) with-git-error-handling false-if-git-not-found repository-info + repository-current-branch update-cached-checkout url+commit->name latest-repository-commit @@ -401,6 +402,15 @@ (define (repository-info directory) (lambda _ (values #f #f #f)))) +(define (repository-current-branch repository) + "Return the name of the checked out branch of REPOSITORY or #f if it could +not be determined." + (and (not (repository-head-detached? repository)) + (let* ((head (repository-head repository)) + (name (reference-name head))) + (and (string-prefix? "refs/heads/" name) + (string-drop name (string-length "refs/heads/")))))) + (define* (update-submodules repository #:key (log-port (current-error-port)) (fetch-options #f)) diff --git a/guix/scripts/fork.scm b/guix/scripts/fork.scm new file mode 100644 index 0000000000..2d97bcb93f --- /dev/null +++ b/guix/scripts/fork.scm @@ -0,0 +1,67 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork) + #:use-module (ice-9 match) + #:use-module (guix ui) + #:use-module (guix scripts) + #:export (guix-fork)) + +(define (show-help) + (display (G_ "Usage: guix fork ACTION ARGS... +Create and manage authenticated forks of Guix.\n")) + (newline) + (display (G_ "The valid values for ACTION are:\n")) + (newline) + (display (G_ "\ + create set up a fork of Guix\n")) + (newline) + (display (G_ " + -h, --help display this help and exit")) + (display (G_ " + -V, --version display version information and exit")) + (newline) + (show-bug-report-information)) + +(define %sub-commands '("create")) + +(define (resolve-sub-command name) + (let ((module (resolve-interface + `(guix scripts fork ,(string->symbol name)))) + (proc (string->symbol (string-append "guix-fork-" name)))) + (module-ref module proc))) + +(define-command (guix-fork . args) + (category plumbing) + (synopsis "operate on Guix forks") + + (with-error-handling + (match args + (() + (format (current-error-port) + (G_ "guix fork: missing sub-command~%"))) + ((or ("-h") ("--help")) + (leave-on-EPIPE (show-help)) + (exit 0)) + ((or ("-V") ("--version")) + (show-version-and-exit "guix fork")) + ((sub-command args ...) + (if (member sub-command %sub-commands) + (apply (resolve-sub-command sub-command) args) + (format (current-error-port) + (G_ "guix fork: invalid sub-command~%"))))))) diff --git a/guix/scripts/fork/create.scm b/guix/scripts/fork/create.scm new file mode 100644 index 0000000000..a9de204f23 --- /dev/null +++ b/guix/scripts/fork/create.scm @@ -0,0 +1,258 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork create) + #:use-module (guix ui) + #:use-module (guix scripts) + #:use-module ((guix utils) #:select (chain-cut + invoke/stdout)) ;TODO move to (guix build utils) + #:use-module (guix build utils) + #:use-module (guix channels) + #:use-module (ice-9 exceptions) + #:use-module (ice-9 match) + #:use-module (ice-9 popen) + #:use-module (ice-9 pretty-print) + #:use-module (ice-9 string-fun) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-13) + #:use-module (srfi srfi-26) + #:use-module (srfi srfi-37) + #:use-module (srfi srfi-71) + #:export (guix-fork-create)) + +;;; Commentary: +;;; +;;; Create a fork of Guix, by running a series of git commands. +;;; +;;; Code: + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix fork create"))) + (option '("upstream") #t #f + (lambda (opt name arg result) + (alist-cons 'upstream arg result))) + (option '("channel-url") #t #f + (lambda (opt name arg result) + (alist-cons 'channel-url arg result))) + (option '("use-existing") #f #f + (lambda (opt name arg result) + (alist-cons 'use-existing? #t result))) + (option '("git-parameter") #t #f + (lambda (opt name arg result) + (let ((git-parameters (assoc-ref result 'git-parameters))) + (if git-parameters + (alist-cons 'git-parameters (cons arg git-parameters) result) + (alist-cons 'git-parameters (list arg) result))))))) + +(define %default-options + `((upstream . ,(channel-url %default-guix-channel)))) + +(define %usage + (format #f (G_ "Usage: guix fork create SIGNING_KEY [DIRECTORY OPTIONS...] +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the introductory +commit. +DIRECTORY defaults to ./guix. + + --upstream=URI the repository to clone from + (defaults to ~a) + --channel-url=URI optional URI, used to replace the channel URL + and the existing 'origin' remote (which is + renamed to 'upstream') + --use-existing Use existing clone of Guix in DIRECTORY + --git-parameter PARAMETER + Specify configuration PARAMETER for git, via + '-c' option (can pass multiple times) + + -h, --help display this help and exit + -V, --version display version information and exit +") + (channel-url %default-guix-channel))) + +(define (show-help) + (display %usage) + (newline) + (show-bug-report-information)) + +(define (missing-arguments) + (leave (G_ "wrong number of arguments; \ +required SIGNING_KEY~%"))) + + +;;; +;;; Helper prodecures. +;;; + +(define (fingerprint->key-file-name fingerprint) + (let* ((listing (invoke/stdout "gpg" "--list-key" "--with-colons" fingerprint)) + (uid (chain-cut listing + (string-split <> #\newline) + (filter (cut string-prefix? "uid:" <>) <>) + first + (string-split <> #\:) + tenth)) + (email-name (string-delete + (cut eq? <> #\.) + (substring uid + (1+ (or (string-index-right uid #\<) + -1)) ;no name in uid + (string-index uid #\@)))) + (key-id (chain-cut listing + (string-split <> #\newline) + (filter (cut string-prefix? "pub:" <>) <>) + car + (string-split <> #\:) + fifth + (string-take-right <> 8)))) + (string-append email-name "-" key-id ".key"))) + +(define (update-channel-url file channel-url) + "Modify .guix_channel FILE. +Change the channel url to CHANNEL-URL." + (let ((channel-data (call-with-input-file file read))) + (assq-set! (cdr channel-data) 'url (list channel-url)) + (call-with-output-file file + (lambda (file) + (display ";; This is a Guix channel.\n\n" file) + (pretty-print channel-data file))))) + +(define (rewrite-authorizations file name fingerprint) + "Rewrite .guix-authorizations FILE to contain a single authorization +consisting of NAME and FINGERPRINT." + (let ((auth-data (call-with-input-file file read))) + (list-set! auth-data (1- (length auth-data)) + `((,fingerprint (name ,name)))) + (call-with-output-file file + (lambda (file) + (display ";; This file, which is best viewed as -*- Scheme -*-, lists the OpenPGP keys +;; currently authorized to sign commits in this fork branch. + +" file) + (pretty-print auth-data file))))) + + +;;; +;;; Entry point. +;;; + +(define (guix-fork-create . args) + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (with-error-handling + (let* ((signing-key directory (match (command-line-arguments options) + ((signing-key directory) + (values signing-key directory)) + ((signing-key) + (values signing-key "guix")) + (_ (missing-arguments)))) + (upstream (assoc-ref options 'upstream)) + (channel-url (assoc-ref options 'channel-url)) + (use-existing? (assoc-ref options 'use-existing?)) + (git-parameters (assoc-ref options 'git-parameters)) + (git-c-options ;'("-c" "param1" "-c" "param2" ...) + (let loop ((opts '()) (params git-parameters)) + (if (or (not params) (null-list? params)) + opts + (loop (append + opts (list "-c" (first params))) + (drop params 1))))) + + (key-file-name (fingerprint->key-file-name signing-key)) + (introduction-name (car (string-split key-file-name #\-))) + + (upstream-branch-name "master")) + + (define (invoke-git . args) + (apply invoke `("git" ,@git-c-options "-C" ,directory ,@args))) + + (unless use-existing? + (info (G_ "Cloning from upstream ~a...~%") upstream) + (invoke "git" "clone" upstream directory)) + + (info (G_ "Authenticating upstream commits...~%")) + + (when channel-url + (info (G_ "Renaming existing 'origin' remote to 'upstream'...~%")) + (invoke-git "remote" "rename" "origin" "upstream") + (info (G_ "Using provided channel URL for new 'origin' remote...~%")) + (invoke-git "remote" "add" "origin" channel-url)) + + (set! upstream-branch-name + (chain-cut + (invoke/stdout "git" + "-C" directory + "symbolic-ref" + (string-append "refs/remotes/" + (if channel-url "upstream" "origin") + "/HEAD")) + string-trim-right + (string-split <> #\/) + last)) + + (info (G_ "Adding key to keyring branch...~%")) + (invoke-git "switch" "keyring") + (invoke "gpg" + "--armor" "--export" + "-o" (string-append directory "/" key-file-name) + signing-key) + (invoke-git "add" "--" key-file-name) + (invoke-git "commit" "-m" "Add key for fork introduction.") + + (info (G_ "Setting up fork branch...~%")) + (invoke-git "switch" "--create" "fork" "master") + (when channel-url + (update-channel-url (string-append directory "/.guix-channel") + channel-url)) + (rewrite-authorizations (string-append directory "/.guix-authorizations") + introduction-name signing-key) + (invoke-git "add" "--" + (string-append directory "/.guix-authorizations") + (string-append directory "/.guix-channel")) + (invoke-git "commit" + (string-append "--gpg-sign=" signing-key) + "-m" + (string-append + "Initial fork commit.\n\n" + ".guix-authorizations: Allow only " introduction-name "'s key." + (if channel-url + "\n.guix-channels: Update channel URL." + ""))) + + (info (G_ "Successfully created Guix fork in ~a. +You should run the following command next: +guix fork authenticate ~a ~a ~a~%") + directory + upstream-branch-name + (string-trim-right (invoke/stdout "git" "-C" directory "rev-parse" "HEAD")) + signing-key)))) diff --git a/guix/scripts/git/authenticate.scm b/guix/scripts/git/authenticate.scm index e3ecb67c89..154aae9b14 100644 --- a/guix/scripts/git/authenticate.scm +++ b/guix/scripts/git/authenticate.scm @@ -23,8 +23,8 @@ (define-module (guix scripts git authenticate) #:use-module (guix git-authenticate) #:autoload (guix openpgp) (openpgp-format-fingerprint openpgp-public-key-fingerprint) - #:use-module ((guix channels) #:select (openpgp-fingerprint)) - #:use-module ((guix git) #:select (with-git-error-handling)) + #:use-module ((guix channels) #:select (openpgp-fingerprint*)) + #:use-module ((guix git) #:select (with-git-error-handling commit-short-id repository-current-branch)) #:use-module (guix progress) #:use-module (guix base64) #:autoload (rnrs bytevectors) (bytevector-length) @@ -76,15 +76,6 @@ (define %options (define %default-options '()) -(define (current-branch repository) - "Return the name of the checked out branch of REPOSITORY or #f if it could -not be determined." - (and (not (repository-head-detached? repository)) - (let* ((head (repository-head repository)) - (name (reference-name head))) - (and (string-prefix? "refs/heads/" name) - (string-drop name (string-length "refs/heads/")))))) - (define (config-value repository key) "Return the config value associated with KEY in the 'guix.authentication' or 'guix.authentication-BRANCH' name space in REPOSITORY, or #f if no such config @@ -94,7 +85,7 @@ (define (config-value repository key) ((_ exp) (catch 'git-error (lambda () exp) (const #f)))))) (let* ((config (repository-config repository)) - (branch (current-branch repository))) + (branch (repository-current-branch repository))) ;; First try the BRANCH-specific value, then the generic one.` (or (and branch (false-if-git-error @@ -194,21 +185,6 @@ (define (install-hooks repository) (warning (G_ "cannot determine where to install hooks\ (Guile-Git too old?)~%")))) -(define (show-stats stats) - "Display STATS, an alist containing commit signing stats as returned by -'authenticate-repository'." - (format #t (G_ "Signing statistics:~%")) - (for-each (match-lambda - ((signer . count) - (format #t " ~a ~10d~%" - (openpgp-format-fingerprint - (openpgp-public-key-fingerprint signer)) - count))) - (sort stats - (match-lambda* - (((_ . count1) (_ . count2)) - (> count1 count2)))))) - (define (show-help) (display (G_ "Usage: guix git authenticate COMMIT SIGNER [OPTIONS...] Authenticate the given Git checkout using COMMIT/SIGNER as its introduction.\n")) @@ -251,19 +227,6 @@ (define (guix-git-authenticate . args) (_ #f)) lst))) - (define commit-short-id - (compose (cut string-take <> 7) oid->string commit-id)) - - (define (openpgp-fingerprint* str) - (unless (string-every (char-set-union char-set:hex-digit - char-set:whitespace) - str) - (leave (G_ "~a: invalid OpenPGP fingerprint~%") str)) - (let ((fingerprint (openpgp-fingerprint str))) - (unless (= 20 (bytevector-length fingerprint)) - (leave (G_ "~a: wrong length for OpenPGP fingerprint~%") str)) - fingerprint)) - (define (make-reporter start-commit end-commit commits) (format (current-error-port) (G_ "Authenticating commits ~a to ~a (~h new \ @@ -321,7 +284,7 @@ (define (guix-git-authenticate . args) (install-hooks repository)) (when (and show-stats? (not (null? stats))) - (show-stats stats)) + (show-authentication-stats stats)) (info (G_ "successfully authenticated commit ~a~%") (oid->string end)))))) diff --git a/guix/utils.scm b/guix/utils.scm index b6cf5aea4f..0d023e7729 100644 --- a/guix/utils.scm +++ b/guix/utils.scm @@ -21,6 +21,8 @@ ;;; Copyright © 2023 Zheng Junjie <873216071@qq.com> ;;; Copyright © 2023 Foundation Devices, Inc. ;;; Copyright © 2024 Herman Rimm +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -44,6 +46,8 @@ (define-module (guix utils) #:use-module (srfi srfi-11) #:use-module (srfi srfi-26) #:use-module (srfi srfi-71) + #:use-module (srfi srfi-35) ;TODO remove after moving invoke/stdout + #:use-module (ice-9 popen) ;TODO remove after moving invoke/stdout #:use-module (rnrs io ports) ;need 'port-position' etc. #:use-module ((rnrs bytevectors) #:select (bytevector-u8-set!)) #:use-module (guix memoization) @@ -163,6 +167,9 @@ (define-module (guix utils) call-with-compressed-output-port canonical-newline-port + chain-cut + invoke/stdout ;TODO move to (guix build utils) + string-distance string-closest @@ -1193,6 +1200,60 @@ (define-syntax current-source-directory ;; raising an error would upset Geiser users #f)))))) + +;;; +;;; Higher-order functions. +;;; + +(define-syntax chain-cut + (lambda (x) + "Apply each successive form to the result of evaluating the previous one. +Before applying, expand each form (op ...) to (cut op ...). + +Examples: + + (chain-cut '(1 2 3) cdr car) + => (car (cdr '(1 2 3))) + + (chain-cut 2 (- 3 <>) 1+) + => (1+ ((cut - 3 <>) 2)) + => (1+ (- 3 2)) +" + (syntax-case x () + ((chain-cut init op) (identifier? #'op) + #'(op init)) + ((chain-cut init (op ...)) + #'((cut op ...) init)) + ((chain-cut init op op* ...) (identifier? #'op) + #'(chain-cut (op init) op* ...)) + ((chain-cut init (op ...) op* ...) + #'(chain-cut ((cut op ...) init) op* ...))))) + +;; Copied from (guix build utils); remove +(define-condition-type &invoke-error &error + invoke-error? + (program invoke-error-program) + (arguments invoke-error-arguments) + (exit-status invoke-error-exit-status) + (term-signal invoke-error-term-signal) + (stop-signal invoke-error-stop-signal)) +;; TODO move to (guix build utils) +(define (invoke/stdout program . args) + "Invoke PROGRAM with ARGS and capture PROGRAM's standard output. If PROGRAM +succeeds, return its standard output as a string. Otherwise, raise an +'&invoke-error' condition." + (let* ((port (apply open-pipe* OPEN_READ program args)) + (data (get-string-all port)) + (code (close-pipe port))) + (unless (zero? code) + (raise (condition (&invoke-error + (program program) + (arguments args) + (exit-status (status:exit-val code)) + (term-signal (status:term-sig code)) + (stop-signal (status:stop-sig code)))))) + data)) + ;;; ;;; String comparison. -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Sat Feb 01 06:45:21 2025 Received: (at 75981) by debbugs.gnu.org; 1 Feb 2025 11:45:21 +0000 Received: from localhost ([127.0.0.1]:56715 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teBw8-00055J-R4 for submit@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:21 -0500 Received: from mail-pl1-x643.google.com ([2607:f8b0:4864:20::643]:44152) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1teBw5-0004zT-Lk for 75981@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:18 -0500 Received: by mail-pl1-x643.google.com with SMTP id d9443c01a7336-2163dc5155fso51735555ad.0 for <75981@debbugs.gnu.org>; Sat, 01 Feb 2025 03:45:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738410311; x=1739015111; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rASlCkCXzp5SO8O1bmNfoaP77uE1mhNlivO/wDiYLuQ=; b=OpXS9t5uqGAXcd6qM4ibbJPp+WQEumoRnshZJFV6ueOI6UIC+OVId9LhhheSd4ZNwm yLhVXLZEWA77lQutke0LcGHdWmVppbR2CE2F65kGXlYA+2fVhvknAKJsaH6cOXZN+5d/ KICk7JX3+u4J4bPnVBJ5eZBSwE2e+hj7eywtFA1TCSTrYIQGYpaUJg0FrchL/OO2Ew3k wONBRRjI2AsSLqGAn1Lce3//F7uIzpDpdl8ZP5mzZHbV6GBBeyjxsb35ePqP7ld9b9yO bJCiYhJg/BSMOfUqgYZ5zsM+gD4n9IhJhH1GPswg4HEmjULXOGYsCITqcwfeYzcBQX1V a+FQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738410311; x=1739015111; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rASlCkCXzp5SO8O1bmNfoaP77uE1mhNlivO/wDiYLuQ=; b=gYqUr8oQAosa4tgYOVcU8TK2NM/JRMGdmDIV5/VdCAr1756pBilSeE0qEui+JBSRuL U6tKw3qnfgWMcygLqklKWmf3+fGHF5wZG6UbI0zd5JmxbTI/beZxdZ3UHHKi39kmkGRU hRia9sS1kMoK1fgnC6nqvkznK0pQor1BbepXSIXhzGnpciOGdAPrd1ygYcKGGZQqWjM7 gkMthX5eFIU60BK6zQKPC17spKi/pYSFnz/7NYxGoD18oemKCHgf78ZyAaNHFZECptek Ihc+ukUEA2n1hLluebeRFr0wxbq7j8UG2aDi4pYA6k51cHTxaVoQP5Pgd3qHaMCva/YO i87A== X-Gm-Message-State: AOJu0YyQHEYm/6imDF7nL81D47z/JXDr75ZZzPzfinS9Hx4FfR2cgD5D axqGc/OLpIW9terq2xFto5ameEhj5f786MgJinKlo6k4Qwf8jozDGRGxf8C0 X-Gm-Gg: ASbGnctXNolmGTd7BiUvBdvXWDrjn9jQVExAWiB6Gkp3Y6dGRNIRs0Jzw4QuoVFHCwP ZixIHpxksmJN/jhyQtUvJbxeHrnihByyVmOiXu0WAPNzdDz1WNsZqbFM9hKe7Kszr1mvGCzGvGj pq1Ho7tYgCPk9w+Pr3Xdx/ps/7OZ67GpbDVNBsOH8DrdvnGH150yJPEmJn8reCMVTJLiGU3ZM6q otYoQTmexJ+17ra6BCZ7/rZ2oUXYthkWXhEYD2j2xuStG0M0f7W90cRSI+rvm4E0GRadddRKJiZ zaIEbE02gqCSD5Oa7dCDcsQUeugLz5TZugLVJw== X-Google-Smtp-Source: AGHT+IFcnPO2E7PW+B4+upoT1IISmq3tOZpDVa1M8GbwVvH5e2u8cOriHdnRF/I+IKYfDIiFfadHgA== X-Received: by 2002:a17:902:c40a:b0:212:63c0:d9e7 with SMTP id d9443c01a7336-21dd7b61a82mr236607115ad.0.1738410311115; Sat, 01 Feb 2025 03:45:11 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de331f8d4sm43844805ad.224.2025.02.01.03.45.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 01 Feb 2025 03:45:10 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1.5 2/4] Add 'guix fork authenticate'. Date: Sat, 1 Feb 2025 17:13:24 +0530 Message-ID: <10c11dfc090e48aa6a3f4b1fd67543ec2bab7b40.1738408683.git.45mg.writes@gmail.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * guix/scripts/fork/authenticate.scm: New file. * Makefile.am (MODULES): Add the new file. * guix/scripts/fork.scm (show-help): Mention new command. (%sub-commands): Add new command. Change-Id: Ic34a1b3d1642cedce8d1ff5bae825df30e47755c --- Makefile.am | 1 + guix/scripts/fork.scm | 6 +- guix/scripts/fork/authenticate.scm | 331 +++++++++++++++++++++++++++++ 3 files changed, 336 insertions(+), 2 deletions(-) create mode 100644 guix/scripts/fork/authenticate.scm diff --git a/Makefile.am b/Makefile.am index c628450a5a..1c1f5d84fd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -379,6 +379,7 @@ MODULES = \ guix/scripts/git/authenticate.scm \ guix/scripts/fork.scm \ guix/scripts/fork/create.scm \ + guix/scripts/fork/authenticate.scm \ guix/scripts/graph.scm \ guix/scripts/weather.scm \ guix/scripts/container.scm \ diff --git a/guix/scripts/fork.scm b/guix/scripts/fork.scm index 2d97bcb93f..c5c7a59ba7 100644 --- a/guix/scripts/fork.scm +++ b/guix/scripts/fork.scm @@ -29,7 +29,9 @@ (define (show-help) (display (G_ "The valid values for ACTION are:\n")) (newline) (display (G_ "\ - create set up a fork of Guix\n")) + create set up a fork of Guix\n")) + (display (G_ "\ + authenticate authenticate a fork of Guix\n")) (newline) (display (G_ " -h, --help display this help and exit")) @@ -38,7 +40,7 @@ (define (show-help) (newline) (show-bug-report-information)) -(define %sub-commands '("create")) +(define %sub-commands '("create" "authenticate")) (define (resolve-sub-command name) (let ((module (resolve-interface diff --git a/guix/scripts/fork/authenticate.scm b/guix/scripts/fork/authenticate.scm new file mode 100644 index 0000000000..83d9d87d44 --- /dev/null +++ b/guix/scripts/fork/authenticate.scm @@ -0,0 +1,331 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork authenticate) + #:use-module (git) + #:use-module (guix git) + #:use-module (guix git-authenticate) + #:use-module (guix base16) + #:use-module (guix ui) + #:use-module (guix progress) + #:use-module (guix scripts) + #:use-module (guix build utils) + #:use-module (guix channels) + #:use-module (ice-9 exceptions) + #:use-module (ice-9 match) + #:use-module (ice-9 receive) + #:use-module (ice-9 popen) + #:use-module (ice-9 format) + #:use-module (ice-9 pretty-print) + #:use-module (ice-9 string-fun) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-13) + #:use-module (srfi srfi-26) + #:use-module (srfi srfi-37) + #:use-module (srfi srfi-71) + #:export (guix-fork-authenticate + + fork-config-value + fork-configured? + fork-configured-keyring-reference + fork-configured-introduction)) + +;;; Commentary: +;;; +;;; Authenticate a fork of Guix, in the same manner as `guix git +;;; authenticate`. +;;; +;;; Code: + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix fork authenticate"))) + + (option '(#\r "repository") #t #f + (lambda (opt name arg result) + (alist-cons 'directory arg result))) + (option '("upstream-commit") #f #f + (lambda (opt name arg result) + (alist-cons 'upstream-commit (string->oid arg) result))) + (option '("upstream-signer") #f #f + (lambda (opt name arg result) + (alist-cons 'upstream-signer (openpgp-fingerprint* arg) result))) + + (option '(#\e "end") #t #f + (lambda (opt name arg result) + (alist-cons 'end-commit (string->oid arg) result))) + (option '("upstream-end") #t #f + (lambda (opt name arg result) + (alist-cons 'upstream-end-commit (string->oid arg) result))) + (option '(#\k "keyring") #t #f + (lambda (opt name arg result) + (alist-cons 'keyring-reference arg result))) + (option '("upstream-keyring") #t #f + (lambda (opt name arg result) + (alist-cons 'upstream-keyring arg result))) + (option '("cache-key") #t #f + (lambda (opt name arg result) + (alist-cons 'cache-key arg result))) + (option '("historical-authorizations") #t #f + (lambda (opt name arg result) + (alist-cons 'historical-authorizations arg + result))) + (option '("stats") #f #f + (lambda (opt name arg result) + (alist-cons 'show-stats? #t result))))) + +(define %default-options + (let ((introduction (channel-introduction %default-guix-channel))) + `((upstream-commit + . ,(string->oid (channel-introduction-first-signed-commit introduction))) + (upstream-signer + . ,(openpgp-fingerprint + (string-upcase + (bytevector->base16-string + (channel-introduction-first-commit-signer introduction))))) + (upstream-keyring + . "keyring")))) + +(define %usage + (format #f (G_ "Usage: guix fork authenticate UPSTREAM COMMIT SIGNER [OPTIONS...] +Authenticate a fork of Guix, using COMMIT/SIGNER as the fork introduction. + +First, authenticate new commits from UPSTREAM, using Guix's default +introduction. Then authenticate the remaining commits using the fork +introduction. + + -r, --repository=DIRECTORY + Authenticate the Git repository in DIRECTORY + + --upstream-commit=COMMIT + --upstream-signer=SIGNER + Use COMMIT/SIGNER as the introduction for upstream + Guix, overriding the default values + ~a + /~a + (Guix's default introduction). + + -k, --keyring=REFERENCE + load keyring for fork commits from REFERENCE, a Git + branch (default \"keyring\") + --upstream-keyring=REFERENCE + load keyring for upstream commits from REFERENCE, a + Git branch (default \"keyring\") + --end=COMMIT authenticate fork commits up to COMMIT + --cache-key=KEY cache authenticated commits under KEY + --historical-authorizations=FILE + read historical authorizations from FILE + --stats Display commit signing statistics upon completion + + -h, --help display this help and exit + -V, --version display version information and exit +") + (assoc-ref %default-options 'upstream-commit) + (assoc-ref %default-options 'upstream-signer))) + +(define (show-help) + (display %usage) + (newline) + (show-bug-report-information)) + +(define (missing-arguments) + (leave (G_ "wrong number of arguments; \ +required UPSTREAM, COMMIT and SIGNER~%"))) + + +;;; +;;; Helper prodecures. +;;; + +(define (fork-config-value repository key) + "Return the config value associated with KEY in the +'guix.fork-authentication' namespace in REPOSITORY, or #f if no such config +was found." + (let* ((config (repository-config repository)) + (branch (repository-current-branch repository))) + (catch 'git-error + (lambda () + (config-entry-value + (config-get-entry config + (string-append "guix.fork-authentication." + key)))) + (const #f)))) + +(define (fork-configured-introduction repository) + "Return three values: the upstream branch name, introductory commit, and +signer fingerprint (strings) for this fork, as configured in REPOSITORY. +Error out if any were missing." + (let* ((upstream-branch (fork-config-value repository "upstream-branch")) + (commit (fork-config-value repository "introduction-commit")) + (signer (fork-config-value repository "introduction-signer"))) + (unless (and upstream-branch commit signer) + (leave (G_ "fork information in .git/config is incomplete; +missing at least one of +introduction-commit, introduction-signer, upstream-branch +under [guix \"fork-authentication\"]"))) + (values upstream-branch commit signer))) + +(define (fork-configured-keyring-reference repository) + "Return the keyring reference configured in REPOSITORY or #f if missing." + (fork-config-value repository "keyring")) + +(define (fork-configured? repository) + "Return true if REPOSITORY already contains fork introduction info in its +'config' file." + (and (fork-config-value repository "upstream-branch") + (fork-config-value repository "introduction-commit") + (fork-config-value repository "introduction-signer"))) + +(define* (record-fork-configuration + repository + #:key commit signer upstream-branch keyring-reference) + "Record COMMIT, SIGNER, UPSTREAM-BRANCH and KEYRING-REFERENCE in the +'config' file of REPOSITORY." + (define config + (repository-config repository)) + + ;; Guile-Git < 0.7.0 lacks 'set-config-string'. + (if (module-defined? (resolve-interface '(git)) 'set-config-string) + (begin + (set-config-string config "guix.fork-authentication.introduction-commit" + commit) + (set-config-string config "guix.fork-authentication.introduction-signer" + signer) + (set-config-string config "guix.fork-authentication.upstream-branch" + upstream-branch) + (set-config-string config "guix.fork-authentication.keyring" + keyring-reference) + (info (G_ "introduction, upstream branch and keyring recorded \ +in repository configuration file~%"))) + (warning (G_ "could not record introduction and keyring configuration\ + (Guile-Git too old?)~%")))) + + +(define (guix-fork-authenticate . args) + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (define (make-reporter start-commit end-commit commits) + (format (current-error-port) + (G_ "Authenticating commits ~a to ~a (~h new \ +commits)...~%") + (commit-short-id start-commit) + (commit-short-id end-commit) + (length commits)) + (if (isatty? (current-error-port)) + (progress-reporter/bar (length commits)) + progress-reporter/silent)) + + (with-error-handling + (with-git-error-handling + ;; TODO: BUG: it doesn't recognize '~' in paths + ;; How to do 'realpath' in Guile? + (let* ((repository (repository-open (or (assoc-ref options 'directory) + (repository-discover ".")))) + (upstream commit signer (match (command-line-arguments options) + ((upstream commit signer) + (values + (branch-lookup repository upstream) + (string->oid commit) + (openpgp-fingerprint* signer))) + (() + (receive (upstream commit signer) + (fork-configured-introduction repository) + (values + (branch-lookup repository upstream) + (string->oid commit) + (openpgp-fingerprint* signer)))) + (_ + (missing-arguments)))) + (upstream-commit (assoc-ref options 'upstream-commit)) + (upstream-signer (assoc-ref options 'upstream-signer)) + (history (match (assoc-ref options 'historical-authorizations) + (#f '()) + (file (call-with-input-file file + read-authorizations)))) + (keyring (or (assoc-ref options 'keyring-reference) + (fork-configured-keyring-reference repository) + "keyring")) + (upstream-keyring (assoc-ref options 'upstream-keyring)) + (end (match (assoc-ref options 'end-commit) + (#f (reference-target + (repository-head repository))) + (oid oid))) + (upstream-end (match (assoc-ref options 'upstream-end-commit) + (#f + (reference-target upstream)) + (oid oid))) + (cache-key (or (assoc-ref options 'cache-key) + (repository-cache-key repository))) + (show-stats? (assoc-ref options 'show-stats?))) + + (define upstream-authentication-args + (filter identity + (list + (oid->string upstream-commit) + (bytevector->base16-string upstream-signer) + (string-append "--repository=" + (repository-directory repository)) + (string-append "--end=" + (oid->string upstream-end)) + (and upstream-keyring + (string-append "--keyring=" + upstream-keyring)) + (and show-stats? "--stats")))) + + (info (G_ "calling `guix git authenticate` for branch ~a...~%") + (branch-name upstream)) + + (apply run-guix-command 'git "authenticate" + upstream-authentication-args) + + (define fork-stats + (authenticate-repository + repository commit signer + #:end end + #:keyring-reference keyring + #:historical-authorizations history + #:cache-key cache-key + #:make-reporter make-reporter)) + + (unless (fork-configured? repository) + (record-fork-configuration repository + #:commit (oid->string commit) + #:signer (bytevector->base16-string signer) + #:upstream-branch (branch-name upstream) + #:keyring-reference keyring)) + + (when (and show-stats? (not (null? fork-stats))) + (show-authentication-stats fork-stats)) + + (info (G_ "successfully authenticated commit ~a~%") + (oid->string end)))))) -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Sat Feb 01 06:45:31 2025 Received: (at 75981) by debbugs.gnu.org; 1 Feb 2025 11:45:31 +0000 Received: from localhost ([127.0.0.1]:56718 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teBwI-00055l-Tm for submit@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:31 -0500 Received: from mail-pl1-x642.google.com ([2607:f8b0:4864:20::642]:42000) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1teBwG-00055U-MY for 75981@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:29 -0500 Received: by mail-pl1-x642.google.com with SMTP id d9443c01a7336-216395e151bso35162275ad.0 for <75981@debbugs.gnu.org>; Sat, 01 Feb 2025 03:45:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738410322; x=1739015122; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=C43SsUA5OCcbVBTaSANAj1vwibNoo1rJF1BpXIfZWW8=; b=frY6YJvA4iv9rrm0t+t1Czox72gYk3SN3nGwlelnG/ceHiipxbz7kbwwR3MKNlrMab VBsCKRg36qzUWtNrFPJXh0kuP4PLnz/mkIjrCrKjs2XFZ+U5A2hX54aNJ/SK8OaG73e5 fy6DdjQLrvmL2HqGnlP4Pg9SobSPIbbnGIvvrRqZuWrFPwfPqWEB841Fj1G8WajqrvLJ CzULuuTTjDkThfQhbm7+oeXpRJeideaarHZmG4JQBea3j8MZgRkb33LvByuQLymvdxhb 4+UdC4KabT4wTWWu83k58Dy+DciKudrobMU3XpvvQO2EWypNejTKVpXNVEXhsp/jxaTi mIIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738410322; x=1739015122; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=C43SsUA5OCcbVBTaSANAj1vwibNoo1rJF1BpXIfZWW8=; b=YQB96j8eobyrwB5KC4BsQOQm7iSLgC3xe94i+Dw029KhhMxoDQdzCWTgqA4DuHfS0c OQPgcBBWUfMJndvSWximxc6Pg3bgfHVxh/X9QxSBTJ6ANAKymsWWO6Dwjvu+rRNXs0r1 X8iDc5Q9XkTMsUkTeoO7DiY+bz9LbKnK6kJOomWsCH7i1i2qjydD7SjJPwwWCb3DzEjU CatDL6j4Rr5uAI9TsAnmzt5yxhHM3bEvycqzcKSNGnVBtjAraWhWe9mUVcba7kjozBM8 HS+GVnvD6Vfm8U4va2TvnjAQWYfQfCgKUOL2g7wFcD1k4DhEPQDPi/goy0QEwufjbj/x WyVQ== X-Gm-Message-State: AOJu0YzDlTIoJTvaUkr3jXMSZtMufZDKdxM0zMDjvNt05M2FBonl5nMi IiBO1rs+BuvHi83+b/Jaotknm+O5GwGT9O5ZINrfNlfz07D6wNVEcF+hmacm X-Gm-Gg: ASbGncumiDxAHrCBM0oiuzbVRpqw4n5IWvKt1edaxFl3CLPr7EmDzvtgqYvlzRq7yGl 8BDiGVSrMkBfTyfsmCl2xyCA4CqSB7r9guY62D9G9oJkM9/Rh/litW6fvnK8SfKvc6dPL8Poziz EFEQPnbKBbIoj349rFLJ71mu9YRkTNUwProhg3wFmh/J3G0+o2gUr2u16txLQW9HeTWMiRP0fKV V71yLeSOUsr0+Ivq97Kql3NgDJBYkDkCSdJKT6BVxK03KfisT35NF2GZRXqSnXP+wpCPv1oY5Ff GYAX9RC3H2DxBM/GzzyCraTucv2mEYJ/HPJ2PQ== X-Google-Smtp-Source: AGHT+IFbwwKI7Pc2LIZzqmfu9wewH23RfB/o1GVHXun4PgPYResuPVdqO5rRLbnZC0Q2ZbmP/xcQSQ== X-Received: by 2002:a17:902:d486:b0:216:4676:dfb5 with SMTP id d9443c01a7336-21de19b09camr168965575ad.21.1738410322476; Sat, 01 Feb 2025 03:45:22 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de331f8d4sm43844805ad.224.2025.02.01.03.45.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 01 Feb 2025 03:45:22 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1.5 3/4] Add 'guix fork update'. Date: Sat, 1 Feb 2025 17:13:25 +0530 Message-ID: <20c828d43d189914c7a5a3de58831f74b134e796.1738408683.git.45mg.writes@gmail.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * guix/scripts/fork/update.scm: New file. * Makefile.am (MODULES): Add the new file. * guix/scripts/fork.scm (show-help): Mention new command. (%sub-commands): Add new command. Change-Id: I2017eb9a9286c02ca8bdf962bcbfe89d7607c413 --- Makefile.am | 1 + guix/scripts/fork.scm | 4 +- guix/scripts/fork/update.scm | 182 +++++++++++++++++++++++++++++++++++ 3 files changed, 186 insertions(+), 1 deletion(-) create mode 100644 guix/scripts/fork/update.scm diff --git a/Makefile.am b/Makefile.am index 1c1f5d84fd..8edd371ccd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -380,6 +380,7 @@ MODULES = \ guix/scripts/fork.scm \ guix/scripts/fork/create.scm \ guix/scripts/fork/authenticate.scm \ + guix/scripts/fork/update.scm \ guix/scripts/graph.scm \ guix/scripts/weather.scm \ guix/scripts/container.scm \ diff --git a/guix/scripts/fork.scm b/guix/scripts/fork.scm index c5c7a59ba7..bf9c86e0aa 100644 --- a/guix/scripts/fork.scm +++ b/guix/scripts/fork.scm @@ -32,6 +32,8 @@ (define (show-help) create set up a fork of Guix\n")) (display (G_ "\ authenticate authenticate a fork of Guix\n")) + (display (G_ "\ + update update a fork of Guix\n")) (newline) (display (G_ " -h, --help display this help and exit")) @@ -40,7 +42,7 @@ (define (show-help) (newline) (show-bug-report-information)) -(define %sub-commands '("create" "authenticate")) +(define %sub-commands '("create" "authenticate" "update")) (define (resolve-sub-command name) (let ((module (resolve-interface diff --git a/guix/scripts/fork/update.scm b/guix/scripts/fork/update.scm new file mode 100644 index 0000000000..4223b9855c --- /dev/null +++ b/guix/scripts/fork/update.scm @@ -0,0 +1,182 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts fork update) + #:use-module (guix scripts fork authenticate) + #:use-module (git repository) + #:use-module (git structs) + #:use-module (git config) + #:use-module (guix ui) + #:use-module (guix scripts) + #:use-module ((guix utils) #:select (invoke/stdout)) ;TODO move invoke/stdout to (guix build utils) + #:use-module (guix build utils) + #:use-module (guix channels) + #:use-module (ice-9 exceptions) + #:use-module (ice-9 match) + #:use-module (ice-9 popen) + #:use-module (ice-9 pretty-print) + #:use-module (ice-9 string-fun) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-13) + #:use-module (srfi srfi-26) + #:use-module (srfi srfi-37) + #:use-module (srfi srfi-71) + #:export (guix-fork-update)) + +;;; Commentary: +;;; +;;; Update a fork of Guix created via `guix fork create` and authenticated via +;;; `guix fork authenticate`, by applying new commits from the upstream branch +;;; onto it. +;;; +;;; Code: + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix fork create"))) + + (option '( "fork-branch") #t #f + (lambda (opt name arg result) + (alist-cons 'fork-branch-name arg result))) + (option '(#\r "repository") #t #f + (lambda (opt name arg result) + (alist-cons 'directory arg result))))) + +(define %default-options + '()) + +(define %usage + (G_ "Usage: guix fork update [OPTIONS...] +Pull into this Guix fork's configured upstream branch, then apply new commits +onto the current branch. + + -r, --repository=DIRECTORY + Act in the Git repository in DIRECTORY + --fork-branch=BRANCH + Apply new commits onto BRANCH instead of the current + branch + + -h, --help display this help and exit + -V, --version display version information and exit +")) + +(define (show-help) + (display %usage) + (newline) + (show-bug-report-information)) + +(define (missing-arguments) + (leave (G_ "wrong number of arguments; \ +required ~%"))) + + +;;; +;;; Entry point. +;;; + +(define (guix-fork-update . args) + + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (define-syntax invoke-git + (lambda (x) + (syntax-case x () + ((_ args ...) + #`(invoke "git" "-C" #,(datum->syntax x 'directory) args ...))))) + + (define-syntax invoke-git/stdout + (lambda (x) + (syntax-case x () + ((_ args ...) + #`(string-trim-right + (invoke/stdout "git" "-C" #,(datum->syntax x 'directory) args ...)))))) + + (with-error-handling + (let* ((directory (or (assoc-ref options 'directory) ".")) + (current-branch-name (invoke-git/stdout + "branch" + "--show-current")) + (current-head-location (invoke-git/stdout + "rev-parse" + "HEAD")) + (fork-branch-name (or (assoc-ref options 'fork-branch-name) + (if (string= current-branch-name "") + (leave (G_ "no current branch and --fork-branch not given")) + current-branch-name))) + + (repository (repository-open directory)) + (upstream-branch-name introduction-commit introduction-signer + (if (fork-configured? repository) + (fork-configured-introduction + (repository-open directory)) + (leave (G_ "fork not fully configured. +(Did you remember to run `guix fork authenticate` first?)%~")))) + (upstream-branch-commit + (invoke-git/stdout "rev-parse" upstream-branch-name)) + (new-upstream-branch-commit "") + (config (repository-config repository)) + (signing-key + (or + (catch 'git-error + (lambda () + (config-entry-value + (config-get-entry config "user.signingkey"))) + (const #f)) + (begin + (info (G_ "user.signingkey not set for this repository.~%")) + (info (G_ "Will attempt to sign commits with fork introduction key.~%")) + introduction-signer)))) + + (info (G_ "Pulling into '~a'...~%") upstream-branch-name) + (invoke-git "switch" upstream-branch-name) + (invoke-git "pull") + (set! new-upstream-branch-commit + (invoke-git/stdout "rev-parse" upstream-branch-name)) + + (info (G_ "Rebasing commits from '~a' to '~a' onto fork branch '~a'...~%") + upstream-branch-commit + new-upstream-branch-commit + fork-branch-name) + (invoke-git "rebase" "--rebase-merges" + (string-append "--gpg-sign=" signing-key) + fork-branch-name new-upstream-branch-commit) + + (info (G_ "Resetting fork branch '~a' to latest rebased commit...~%") + fork-branch-name) + (invoke-git "branch" "--force" fork-branch-name "HEAD") + + (invoke-git "checkout" (or current-branch-name current-head-location)) + + (info (G_ "Successfully updated Guix fork in ~a~%") + directory)))) -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Sat Feb 01 06:45:36 2025 Received: (at 75981) by debbugs.gnu.org; 1 Feb 2025 11:45:36 +0000 Received: from localhost ([127.0.0.1]:56721 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teBwN-000561-MD for submit@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:36 -0500 Received: from mail-pl1-x642.google.com ([2607:f8b0:4864:20::642]:60814) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1teBwL-00055a-Ch for 75981@debbugs.gnu.org; Sat, 01 Feb 2025 06:45:34 -0500 Received: by mail-pl1-x642.google.com with SMTP id d9443c01a7336-21654fdd5daso50590765ad.1 for <75981@debbugs.gnu.org>; Sat, 01 Feb 2025 03:45:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738410327; x=1739015127; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kTLhP7eOxVAyBixFBetnmK4lTMHiffyZRO+XOSa3nEo=; b=CMNPlc3CW9YnyBT1/+HScsq0EDFnNwoDKzOOp9FKDwWj7Pe2hij1ToNAEpuZBeyBaE NYb6Bk4o5phxep0hxZbQJbEWVNjNYIHC8FFpyjoitpL9PVLUB4AiH74kcZ2ZUluQOPM4 iBz56zl8Kvt41FfXVbmucrlBvkLnr3zGLXiaZ1cghDSyIh7vfVw2CRoVsVE4XVrwC4oH jOPLCe//1isx0strjoGgujOSxQNecNxJEg8gcMr84LG3rFM9FR+2VosPdcqbQbW7lsJk eLd4KEJvFuX8omYZ9DEE6E9Zgb9qll2fBNuBLtGJJl91KvbGTIef1Bx5r97YBApqjKC2 JdVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738410327; x=1739015127; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kTLhP7eOxVAyBixFBetnmK4lTMHiffyZRO+XOSa3nEo=; b=Vcm/n+PyiMLBdym/dulhh/kDg1YFGO9L+H7+nYucYb/OkKQWF0znnvCf/zXZBTrqsO ZDn5gMzmD/nzs0QGO28WYKKls3Lu72w5GJKLEYCsLF2y9eHxnNAv82tAqgkHTVTpo+9P IjBhk7u3BiC74CWDYQtKTJkX6E3JVVaPr/Nnf0AOUrAIPWT1ZAnmLMXen24ku2Q2X23H uouveadhlPUqT1l9mw2A5hYgsF+derw3Uu5Ik2ZtwpUUWq1pT8Tz0qUnZxHlJS0c/Ery 5G7IBV6TVoi0e6rzKFEiG9U7XpCTFgLurCxeuIUJ+A9KZu4zIrEiiOeKrFKutyLkxvRW sgcw== X-Gm-Message-State: AOJu0Yx8pisBqQKFBawrF6C2QiQ7uQ2vYeElh0hp1FoqL1bfnJyiNWQ3 CS4uEg+2DU14xKBi1o1vs9vIsskKVD/88ifj/7T1vwxt7mG4/26NY/DCP0ce X-Gm-Gg: ASbGncvWtNPFxTr0wDKPRf6iVAJNgzClSAfLOL5tCo+AtfZ+4kUuexw6L4KrFDyualt mw8lPeD4Hy85SpnDaILT+suuUPYCdX2uoKmJyY5apPXto7oY4WMB0XQE7n+srz+o7KrTD3S7S2A FUuHtcI2WSSxj1tRAEF7BFNmuL+7SyE0Q9JsFpX4/1zMFhR7cxMsyO8uqMNiSIGIY4kOM0fLulD Bv2jG9c+sE/3wijIyjEcDT0K9pAJPzLF5T0zonlawIqwlNMHeW1poezfdIg/J81L+Sl5OwZLzjM GOalT5Ry26tL64IQKtC+4v8AemcFBtzOlmg/jg== X-Google-Smtp-Source: AGHT+IF+4YhbDM5krb8XTSjtwu75EH4CwFw9X+d4yRFSwgufUildNACOeZ6Fw1i/MOM/eJ7oJgRgKg== X-Received: by 2002:a17:902:db03:b0:215:b33b:e26d with SMTP id d9443c01a7336-21dd7c5141fmr216797555ad.21.1738410327178; Sat, 01 Feb 2025 03:45:27 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de331f8d4sm43844805ad.224.2025.02.01.03.45.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 01 Feb 2025 03:45:26 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH (WIP) v1.5 4/4] Document 'guix fork'. Date: Sat, 1 Feb 2025 17:13:26 +0530 Message-ID: <49cb491b107b5f0899209905d7679ba389bc65e6.1738408683.git.45mg.writes@gmail.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 X-Debbugs-Cc: Ludovic Courtès , Maxim Cournoyer Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * doc/guix.texi (Invoking guix fork): New node. * doc/contributing.texi (Using Your Own Patches): New node. Change-Id: I06240f0fe8d1fe39f27130a72f5d0d92949c99da --- doc/contributing.texi | 50 ++++++++++++++ doc/guix.texi | 150 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 200 insertions(+) diff --git a/doc/contributing.texi b/doc/contributing.texi index c94ae940fa..bd4fd6c2ac 100644 --- a/doc/contributing.texi +++ b/doc/contributing.texi @@ -35,6 +35,7 @@ Contributing * Making Decisions:: Collectively choosing the way forward. * Commit Access:: Pushing to the official repository. * Reviewing the Work of Others:: Some guidelines for sharing reviews. +* Using Your Own Patches:: Using your own work before it's accepted. * Updating the Guix Package:: Updating the Guix package definition. * Deprecation Policy:: Commitments and tools for deprecation. * Writing Documentation:: Improving documentation in GNU Guix. @@ -3095,6 +3096,55 @@ Reviewing the Work of Others have reviewed more easily by adding a @code{reviewed-looks-good} usertag for the @code{guix} user (@pxref{Debbugs Usertags}). +@node Using Your Own Patches +@section Using Your Own Patches + +If you've taken the time to contribute code to Guix, chances are that +you want the changes you've made to be reflected in your own Guix +installation as soon as possible. Maybe you've added a package you want, +and you want to start using it @emph{right now}. Or you've fixed a bug +that affects you, and you want it to @emph{go away}. + +As described in the preceding sections, all contributions to Guix first +go through a review process to ensure code quality. Sometimes, this can +take longer than one would like. Ideally, the pace of the review process +should not prevent you from benefiting from your own work. + +One way to work around this issue is to create an additional channel of +your own (@pxref{Creating a Channel}), and add your code to it. For +certain kinds of contributions, such as adding a new package, this is +fairly straightforward - simply copy your new package definition(s) into +a new file in the channel, and remove them when your contribution is +accepted. + +However, there may be cases where this is not convenient. Certain kinds +of changes, such as those that need to modify existing Guix internals, +may be more challenging to incorporate into a channel. Moreoever, the +more substantial your contribution is, the more work it will be to do +so. + +@cindex fork, of Guix +For such cases, there is another option. Recall that the patch series +that you sent (@pxref{Sending a Patch Series}) was created from a one or +more commits on a checkout of the Guix repository (@pxref{Building from +Git}). You could simply specify this repository (referred to as your +`Guix fork', or simply `fork', from here onwards), and its relevant +branch, as your `@code{guix}' channel (@pxref{Using a Custom Guix +Channel}). Now `@code{guix pull}' will fetch your new commits, and +you'll see the changes you made reflected in your Guix installation! + +However, there's a potential complication to this approach - the issue +of authentication (@pxref{Channel Authentication}). If your fork only +exists on your local filesystem (a `local fork'), then you probably +don't need to worry about this, and can pull without authentication +(@pxref{Invoking guix pull}). But other situations, such as a remotely +hosted fork, may make it important for your fork to be authenticated, in +the same way that all channels are expected to be. + +Guix provides a @command{guix fork} command in order to simplify and +automate many details of creating and managing and authenticated +fork. For more information, @pxref{Invoking guix fork}. + @node Updating the Guix Package @section Updating the Guix Package diff --git a/doc/guix.texi b/doc/guix.texi index b1b6d98e74..bbb5666d0a 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -311,6 +311,7 @@ Top * Invoking guix pack:: Creating software bundles. * The GCC toolchain:: Working with languages supported by GCC. * Invoking guix git authenticate:: Authenticating Git repositories. +* Invoking guix fork:: Creating and managing authenticated forks of Guix. Programming Interface @@ -5930,6 +5931,7 @@ Development * Invoking guix pack:: Creating software bundles. * The GCC toolchain:: Working with languages supported by GCC. * Invoking guix git authenticate:: Authenticating Git repositories. +* Invoking guix fork:: Creating and managing authenticated forks of Guix. @end menu @node Invoking guix shell @@ -7534,6 +7536,154 @@ Invoking guix git authenticate @end table +@node Invoking guix fork +@section Invoking @command{guix fork} + +@cindex @command{guix fork} + +The @command{guix fork} command provides the means to quickly set up, +authenticate, and keep up-to-date an authenticated fork of Guix. For +more information on authentication of a Guix checkout, @pxref{Invoking +guix git authenticate}. + +Its syntax is: + +guix fork ACTION ARGS... + +ACTION specifies the fork-related action to perform. Currently, the +following values are supported: + +@table @code +@item create SIGNING_KEY [DIRECTORY OPTIONS...] +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the introductory +commit. +DIRECTORY defaults to ./guix. + +First, clone Guix into DIRECTORY, unless @code{--use-existing} is +given. Then, add SIGNING_KEY to the `@code{keyring}' branch of the +repository. Finally, create a new `@code{fork}' branch based starting +from the default branch, whose initial commit authorizes SIGNING_KEY +alone (by adding it to @file{.guix-authorizations}) and is signed by it. + +The new `@code{fork}' branch is intended to mirror upstream +Guix. Updating the fork amounts to applying all new commits to it (see +the `@code{update}' command below for further explanation). You can work +on patches in branches based off of this one, in much the same way as +you would base them on Guix's default branch - every commit from the +latter will be present in the former. + +To @command{guix pull} your changes, you could create a `build' branch +starting from the initial fork commit, onto which you can cherry-pick or +rebase commits from patch branches. This branch can then be specified +for the `@code{guix}' channel (@pxref{Using a Custom Guix Channel}). +Updating this channel can be done by merging the `@code{fork}' branch +into it. + +OPTIONS can be one or more of the following: + +@table @code +@item --use-existing +Use existing clone of Guix in DIRECTORY. This is useful if you've +already created commits for a patch series (@pxref{Using Your Own +Patches}). However, all commits to the default branch, as well as any +branches that may be merged into it in the future, must have been signed +with an authorized key; otherwise, authentication will fail later. +@item --upstream=URI +The repository to clone from. This defaults to the default URL for the +Guix repository. +@item --channel-url=URI +Optional URI, which if given, will be used to replace the channel URL. +Furthermore, the existing `origin' remote (which tracks +`@code{upstream}') is renamed to `upstream', and a new `origin' remote +is created to track URI. +@item --git-parameter PARAMETER +Specify configuration PARAMETER for git, via `-c' option. You can pass +this option multiple times. +@end table + +@cindex authentication, of Guix forks +@item authenticate UPSTREAM COMMIT SIGNER [OPTIONS...] +Authenticate a Guix fork, using COMMIT and SIGNER as the fork +introduction. + +First, authenticate new commits from UPSTREAM, using Guix's default +introduction. Then authenticate the remaining commits using the fork +introduction. + +As with @code{guix git authenticate}, all three of UPSTREAM, COMMIT and +SIGNER will be cached in .git/config, so that you don't need to specify +them after the first time. + +OPTIONS can be one or more of the following: + +@table @code +@item --repository=DIRECTORY +@itemx -r DIRECTORY +Authenticate the git repository in DIRECTORY, instead of the current +directory. +@item --upstream-commit=COMMIT +@itemx --upstream-signer=SIGNER +Use COMMIT/SIGNER as the introduction for upstream +Guix, instead of Guix's default channel introduction. +@item --keyring=REFERENCE +@itemx -k REFERENCE +Load keyring for fork commits from REFERENCE, a Git branch (default +`@code{keyring}'). +@item --upstream-keyring=REFERENCE +Load keyring for upstream commits from REFERENCE, a Git branch (default +`@code{keyring}'). +@item --end=COMMIT +Authenticate fork commits up to COMMIT. +@item --upstream-end=COMMIT +Authenticate upstream commits up to COMMIT. + +@item --cache-key=KEY +@itemx --historical-authorizations=FILE +@itemx --stats +Identical to the correponding options in @command{guix git authenticate} +(@pxref{Invoking guix git authenticate}). +@end table + +@item update [OPTIONS...] +Pull into this Guix fork's configured upstream branch (from running +@command{guix fork authenticate}), then apply new commits onto the +current branch. + +This approach may seem less convenient than simply merging the upstream +branch into the fork branch. Indeed, it duplicates every upstream commit +under a different commit hash, and applying a large number of commits +can be slow. However, this is currently the only feasible approach due +to the nature of Guix's authentication mechanism. Namely, merge commits +can only be authenticated if both their parents are signed by an +authorized key, meaning that you can only use the merge workflow if +you're authorized to commit to upstream Guix. + +For mapping commits on the fork branch to their equivalents on the +upstream branch, you can use @command{guix fork identify} (see below). + +OPTIONS can be one or more of the following: + +@table @code +@item --repository=DIRECTORY +@itemx -r DIRECTORY +Act in the Git repository in DIRECTORY. +@item --fork-branch=BRANCH +Apply new commits onto BRANCH instead of the current branch. +@end table + +@item identify +Coming soon! + +Given a commit hash from upstream Guix, print its equivalent on the fork +branch, or vice versa. +This uses the 'Change-Id:' line added to commit messages by Guix's +'commit-msg' hook. +The first invocation of this command will be slow, as the entire set of +corresponding commits is built up as a hash table, and then +cached. Subsequent invocations should be nearly instant. + +@end table + @c ********************************************************************* @node Programming Interface @chapter Programming Interface -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 10:01:32 2025 Received: (at 75981) by debbugs.gnu.org; 2 Feb 2025 15:01:32 +0000 Received: from localhost ([127.0.0.1]:35800 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tebTX-0008RU-EK for submit@debbugs.gnu.org; Sun, 02 Feb 2025 10:01:32 -0500 Received: from mail-pl1-x635.google.com ([2607:f8b0:4864:20::635]:52630) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tebTU-0008RF-S0 for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 10:01:30 -0500 Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-21661be2c2dso58740425ad.1 for <75981@debbugs.gnu.org>; Sun, 02 Feb 2025 07:01:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738508483; x=1739113283; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=5EwW09qoRxzkXvekLo+qcnDjYrejcDs/3bJGa0holMM=; b=NLia4cZszRDCQp0L+c8ktur6EJ9ic99LI7wxg4v6/h9FDtDYBwkxCoi8zD+IiSjkKR n3wGIqxePLZK0nUVFPCf06URJN0h+EgvZmt1JRqTet4J3tLAwepM58uDhtPL+THGVxuQ on0AWMr9nCDRi6JqquCFtZdqcZIKkJkwkv29idhZ8AeUQE3tnfmE+av2G414otCjIBRt UCsrgo0r9hyc+JR8FswaqlokuQ9kNuQaVnFNxrRnmZhwSDMAzo5agvib5cex1SgVCYK3 nQroR95rj5dwoFuetYr9rzQOE5uhZkOA/e6if461WO94v378q5pskWzdUDQIwY0XJpva f/yQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738508483; x=1739113283; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=5EwW09qoRxzkXvekLo+qcnDjYrejcDs/3bJGa0holMM=; b=nfEpbAqsu0WffshsAkqwhf5ACnRLAsLxsVemINqW96p/usg/deXPSdEoJYOPhYoUQR VY3oApCX5i5cGXw6Y2ByAA0cQLKvvFqGp4ZoYr/TJBO1ytMzRFehxeyVmx9C2S3VMzKe jVhH1J6MS0DXWLBwQ/jw/mq/MzwATAP5D2/Co1ZZGTXsfCI6r6dfdhU7xu3rWenyTJWj pedZ2T35furqlK2viOEqSmdKjUb0macT6Plf2wVtwDqTm9lnL1HwgvEI3h5PwbDcBACq SIjOQ40drYYC6AVpSMpxbK1KyYOYyGRliaCdPUTnn+Mftw/RpHMIqfp+mbRN59rt2U85 SYiA== X-Gm-Message-State: AOJu0YwVFtpGfXkgk4G8LXrx7KTWtZwL6kNQidnfiIuRFuODJGwhScyi amm31/JfTrV3FEcA8ZF6RHQYYzb3nBxPSO8FIz2ZE3mmi639AvWQ X-Gm-Gg: ASbGncs0sCZpwUTwNMU1n3E5ebTmRHBl5v5hl+VDDOkIu5vG0N1q0n57k6nr94pF6zp /7FM3uvB8UijqCnf/mgq1M/itk5QTHhd+aZX1t0+R6F3coPNGVpld5JznpYxNQcL6dqc02H/Cit u7xu1aYEUSufh4g+u7DhgJEPCF55leFRjyfsQVZZEzPtu4xqQ8VXiUaCZspdxLFLqBzgpbe61sz eXtFq+ufEiJDmeiYgcasYJRRQvMKLPO/mfdJyfYASB68ldWstAmTPew76tX3Ze+uzkUL+lNz0vU DA0/8TkrK7jj X-Google-Smtp-Source: AGHT+IFFHCt99poLaShILIIq8Gl2bXfNtUZCDt1MOng10Xa2Gb9edTuqBUYq6fkM7dp+sWviL0yynA== X-Received: by 2002:a17:902:d542:b0:216:2b14:b625 with SMTP id d9443c01a7336-21dd7d7f818mr303690995ad.31.1738508482621; Sun, 02 Feb 2025 07:01:22 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de31f7768sm59751985ad.96.2025.02.02.07.01.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Feb 2025 07:01:21 -0800 (PST) From: Maxim Cournoyer To: 45mg <45mg.writes@gmail.com> Subject: Re: [bug#75981] [PATCH (WIP) v1.5 1/4] Add 'guix fork create'. In-Reply-To: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> (45mg.writes@gmail.com's message of "Sat, 1 Feb 2025 17:13:23 +0530") References: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> Date: Mon, 03 Feb 2025 00:01:07 +0900 Message-ID: <877c68jsr0.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, My first thought was similar to Liliana's reply in the other issue thread: putting lots of energy into making it convenient to fork Guix instead of contributing to the review process (described as slo [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:635 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, Tobias Geerinckx-Rice , Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, My first thought was similar to Liliana's reply in the other issue thread: putting lots of energy into making it convenient to fork Guix instead of contributing to the review process (described as slo [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:635 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi, My first thought was similar to Liliana's reply in the other issue thread: putting lots of energy into making it convenient to fork Guix instead of contributing to the review process (described as slow and erratic, which appears to be the motivation here), appears counter-productive. So I'm not even sure this should be incorporated in Guix, especially if it does touch the sensitive guix authentication mechanism. I'll still offer a review, given the code looks rather good, and perhaps being a committer I'm missing part of the picture on why such a mechanism improves on the status quo of using extensions or channels, or local unauthenticated forks (for personal use, that was enough for me when one of my changes didn't make it for a year). It was rather inconvenient, but that was a good motivator to keep nudging it into Guix proper. And I disagree with your assessment that it takes years to become a Guix committer. I think 6 months to a year would be a reasonable time frame for a dedicated individual. It's also not the only way to be useful to the project. Reviewing the work of others help a lot too (those appear at https://qa.guix.gnu.org/patches). Below are some comments on the code. 45mg <45mg.writes@gmail.com> writes: > * guix/scripts/fork.scm, guix/scripts/fork/create.scm: New files. > * Makefile.am (MODULES): Add the new files. > * guix/build/utils.scm (invoke/stdout): New procedure. Touching (guix build utils) is a world rebuild (the module is included in every build system, including the gnu-build-system). Perhaps start its life in (guix utils) with a TODO to move it to (guix build utils) later along another world-rebuilding change. Later: I see you changed that in this v1.5 revision: in this case just update the change log message. > * guix/utils.scm (chain-cut): New procedure. Could use 's/New procedure./Likewise./' to avoid repetition. > * guix/scripts/git/authenticate.scm > (commit-short-id): Remove procedure, and use its existing duplicate in > guix/channels.scm. > (openpgp-fingerprint*, current-branch, show-stats): Move procedures to > the files below. You can use the ellipsis trick: (openpgp-fingerprint*): "Move to..." * guix/channels.scm (openpgp-fingerprint*): ... here. and likewise for the other procedures. There's a missing entry for adjusting the renamed current-branch procedure inside the config-value proc. [...] > diff --git a/guix/channels.scm b/guix/channels.scm > index 4700f7a45d..6ca8e64881 100644 > --- a/guix/channels.scm > +++ b/guix/channels.scm > @@ -47,6 +47,7 @@ (define-module (guix channels) > #:use-module (guix packages) > #:use-module (guix progress) > #:use-module (guix derivations) > + #:autoload (rnrs bytevectors) (bytevector-length) > #:use-module (guix diagnostics) > #:use-module (guix sets) > #:use-module (guix store) > @@ -81,6 +82,7 @@ (define-module (guix channels) > > openpgp-fingerprint->bytevector > openpgp-fingerprint > + openpgp-fingerprint* > > %default-guix-channel > %default-channels > @@ -171,6 +173,17 @@ (define-syntax openpgp-fingerprint > ((_ str) > #'(openpgp-fingerprint->bytevector str))))) > > +(define (openpgp-fingerprint* str) > + "Like openpgp-fingerprint, but with error handling from (guix diagnostics)." > + (unless (string-every (char-set-union char-set:hex-digit > + char-set:whitespace) > + str) > + (leave (G_ "~a: invalid OpenPGP fingerprint~%") str)) > + (let ((fingerprint (openpgp-fingerprint str))) > + (unless (= 20 (bytevector-length fingerprint)) > + (leave (G_ "~a: wrong length for OpenPGP fingerprint~%") str)) > + fingerprint)) > + I'm not convinced having a program-exiting procedure in the public API makes sense (and these are annoying at the REPL!) Returning a proper exception would be better. [...] > --- /dev/null > +++ b/guix/scripts/fork.scm [...] > +(define-module (guix scripts fork) > + #:use-module (ice-9 match) > + #:use-module (guix ui) > + #:use-module (guix scripts) Please list modules in lexicographic order. [...] > diff --git a/guix/scripts/fork/create.scm b/guix/scripts/fork/create.scm > new file mode 100644 > index 0000000000..a9de204f23 > --- /dev/null > +++ b/guix/scripts/fork/create.scm [...] > + > +;;; > +;;; Helper prodecures. > +;;; > + > +(define (fingerprint->key-file-name fingerprint) > + (let* ((listing (invoke/stdout "gpg" "--list-key" "--with-colons" fingerprint)) > + (uid (chain-cut listing > + (string-split <> #\newline) > + (filter (cut string-prefix? "uid:" <>) <>) > + first If there are no key for FINGERPRINT, `first' will fail with a cryptic error here. It should ideally throw a useful exception. [...] > + > +;;; > +;;; Entry point. > +;;; > + > +(define (guix-fork-create . args) > + (define options > + (parse-command-line args %options (list %default-options) > + #:build-options? #f)) I think you could provide a proc to set the default value of the DIRECTORY positional argument via #:argument-handler... > + > + (define (command-line-arguments lst) > + (reverse (filter-map (match-lambda > + (('argument . arg) arg) > + (_ #f)) > + lst))) > + > + (with-error-handling > + (let* ((signing-key directory (match (command-line-arguments options) > + ((signing-key directory) > + (values signing-key directory)) > + ((signing-key) > + (values signing-key "guix")) > + (_ (missing-arguments)))) Avoiding the command-line-arguments proc as well as the match above. > + (upstream (assoc-ref options 'upstream)) > + (channel-url (assoc-ref options 'channel-url)) > + (use-existing? (assoc-ref options 'use-existing?)) > + (git-parameters (assoc-ref options 'git-parameters)) > + (git-c-options ;'("-c" "param1" "-c" "param2" ...) > + (let loop ((opts '()) (params git-parameters)) > + (if (or (not params) (null-list? params)) > + opts > + (loop (append > + opts (list "-c" (first params))) You have enough horizontal space to (append opts ...) on a single line I think. > + (drop params 1))))) > + > + (key-file-name (fingerprint->key-file-name signing-key)) > + (introduction-name (car (string-split key-file-name #\-))) > + > + (upstream-branch-name "master")) > + > + (define (invoke-git . args) > + (apply invoke `("git" ,@git-c-options "-C" ,directory ,@args))) We prefer to use guile-git throughout Guix, as it has a proper Scheme interface. Have you tried using it instead of shelling out to git? Perhaps it was missing some features you needed? > + (unless use-existing? > + (info (G_ "Cloning from upstream ~a...~%") upstream) > + (invoke "git" "clone" upstream directory)) Why not using the above defined invoke-git here? > + > + (info (G_ "Authenticating upstream commits...~%")) > + > + (when channel-url > + (info (G_ "Renaming existing 'origin' remote to 'upstream'...~%")) > + (invoke-git "remote" "rename" "origin" "upstream") > + (info (G_ "Using provided channel URL for new 'origin' remote...~%")) > + (invoke-git "remote" "add" "origin" channel-url)) > + > + (set! upstream-branch-name > + (chain-cut > + (invoke/stdout "git" Break the line to place "git" below invoke/stdout, to avoid busting our 80 columns max convention a bit below. > + "-C" directory > + "symbolic-ref" > + (string-append "refs/remotes/" > + (if channel-url "upstream" "origin") > + "/HEAD")) > + string-trim-right > + (string-split <> #\/) > + last)) > + > + (info (G_ "Adding key to keyring branch...~%")) > + (invoke-git "switch" "keyring") > + (invoke "gpg" > + "--armor" "--export" > + "-o" (string-append directory "/" key-file-name) > + signing-key) > + (invoke-git "add" "--" key-file-name) > + (invoke-git "commit" "-m" "Add key for fork introduction.") > + > + (info (G_ "Setting up fork branch...~%")) > + (invoke-git "switch" "--create" "fork" "master") > + (when channel-url > + (update-channel-url (string-append directory "/.guix-channel") > + channel-url)) > + (rewrite-authorizations (string-append directory "/.guix-authorizations") > + introduction-name signing-key) > + (invoke-git "add" "--" > + (string-append directory "/.guix-authorizations") > + (string-append directory "/.guix-channel")) > + (invoke-git "commit" > + (string-append "--gpg-sign=" signing-key) > + "-m" > + (string-append > + "Initial fork commit.\n\n" > + ".guix-authorizations: Allow only " introduction-name "'s key." > + (if channel-url > + "\n.guix-channels: Update channel URL." > + ""))) > + (info (G_ "Successfully created Guix fork in ~a. Phew! > +You should run the following command next: > +guix fork authenticate ~a ~a ~a~%") > + directory > + upstream-branch-name > + (string-trim-right (invoke/stdout "git" "-C" directory "rev-parse" "HEAD")) > + signing-key)))) > diff --git a/guix/scripts/git/authenticate.scm b/guix/scripts/git/authenticate.scm > index e3ecb67c89..154aae9b14 100644 > --- a/guix/scripts/git/authenticate.scm > +++ b/guix/scripts/git/authenticate.scm > @@ -23,8 +23,8 @@ (define-module (guix scripts git authenticate) > #:use-module (guix git-authenticate) > #:autoload (guix openpgp) (openpgp-format-fingerprint > openpgp-public-key-fingerprint) > - #:use-module ((guix channels) #:select (openpgp-fingerprint)) > - #:use-module ((guix git) #:select (with-git-error-handling)) > + #:use-module ((guix channels) #:select (openpgp-fingerprint*)) > + #:use-module ((guix git) #:select (with-git-error-handling commit-short-id repository-current-branch)) Please watch the 80 columns limit :-). > #:use-module (guix progress) > #:use-module (guix base64) > #:autoload (rnrs bytevectors) (bytevector-length) > @@ -76,15 +76,6 @@ (define %options > (define %default-options > '()) > > -(define (current-branch repository) > - "Return the name of the checked out branch of REPOSITORY or #f if it could > -not be determined." > - (and (not (repository-head-detached? repository)) > - (let* ((head (repository-head repository)) > - (name (reference-name head))) > - (and (string-prefix? "refs/heads/" name) > - (string-drop name (string-length "refs/heads/")))))) > - > (define (config-value repository key) > "Return the config value associated with KEY in the 'guix.authentication' or > 'guix.authentication-BRANCH' name space in REPOSITORY, or #f if no such config > @@ -94,7 +85,7 @@ (define (config-value repository key) > ((_ exp) > (catch 'git-error (lambda () exp) (const #f)))))) > (let* ((config (repository-config repository)) > - (branch (current-branch repository))) > + (branch (repository-current-branch repository))) > ;; First try the BRANCH-specific value, then the generic one.` > (or (and branch > (false-if-git-error > @@ -194,21 +185,6 @@ (define (install-hooks repository) > (warning (G_ "cannot determine where to install hooks\ > (Guile-Git too old?)~%")))) > > -(define (show-stats stats) > - "Display STATS, an alist containing commit signing stats as returned by > -'authenticate-repository'." > - (format #t (G_ "Signing statistics:~%")) > - (for-each (match-lambda > - ((signer . count) > - (format #t " ~a ~10d~%" > - (openpgp-format-fingerprint > - (openpgp-public-key-fingerprint signer)) > - count))) > - (sort stats > - (match-lambda* > - (((_ . count1) (_ . count2)) > - (> count1 count2)))))) > - > (define (show-help) > (display (G_ "Usage: guix git authenticate COMMIT SIGNER [OPTIONS...] > Authenticate the given Git checkout using COMMIT/SIGNER as its introduction.\n")) > @@ -251,19 +227,6 @@ (define (guix-git-authenticate . args) > (_ #f)) > lst))) > > - (define commit-short-id > - (compose (cut string-take <> 7) oid->string commit-id)) > - > - (define (openpgp-fingerprint* str) > - (unless (string-every (char-set-union char-set:hex-digit > - char-set:whitespace) > - str) > - (leave (G_ "~a: invalid OpenPGP fingerprint~%") str)) > - (let ((fingerprint (openpgp-fingerprint str))) > - (unless (= 20 (bytevector-length fingerprint)) > - (leave (G_ "~a: wrong length for OpenPGP fingerprint~%") str)) > - fingerprint)) > - If that's only ever used here, I'd leave it here, as as I said earlier, it's not a great API (and having confusing asterisk suffixes variants in the public API should be limited to cases that truly matter, in my opinion). [...] > > @@ -1193,6 +1200,60 @@ (define-syntax current-source-directory > ;; raising an error would upset Geiser users > #f)))))) > > + > +;;; > +;;; Higher-order functions. > +;;; > + > +(define-syntax chain-cut > + (lambda (x) > + "Apply each successive form to the result of evaluating the previous one. > +Before applying, expand each form (op ...) to (cut op ...). > + > +Examples: > + > + (chain-cut '(1 2 3) cdr car) > + => (car (cdr '(1 2 3))) > + > + (chain-cut 2 (- 3 <>) 1+) > + => (1+ ((cut - 3 <>) 2)) > + => (1+ (- 3 2)) > +" > + (syntax-case x () > + ((chain-cut init op) (identifier? #'op) > + #'(op init)) > + ((chain-cut init (op ...)) > + #'((cut op ...) init)) > + ((chain-cut init op op* ...) (identifier? #'op) > + #'(chain-cut (op init) op* ...)) > + ((chain-cut init (op ...) op* ...) > + #'(chain-cut ((cut op ...) init) op* ...))))) I'm not 100% convince on the above, as it seems it leads to bunching a whole lot of procedures together and not paying attention to potential exceptions/errors returned. But maybe that's OK if the whole form is wrapped in an error handler. That's it! This adding a whole new command line, and to get everyone aware, I think going through the new GCD (Guix Common Document/RFC) process is warranted before it is to be accepted/included in Guix. -- Thanks, Maxim From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 10:24:05 2025 Received: (at 75981) by debbugs.gnu.org; 2 Feb 2025 15:24:05 +0000 Received: from localhost ([127.0.0.1]:35867 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tebpM-00041T-Oo for submit@debbugs.gnu.org; Sun, 02 Feb 2025 10:24:05 -0500 Received: from mail-pl1-x633.google.com ([2607:f8b0:4864:20::633]:48542) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tebpK-00040z-Bb for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 10:24:03 -0500 Received: by mail-pl1-x633.google.com with SMTP id d9443c01a7336-21bc1512a63so67442535ad.1 for <75981@debbugs.gnu.org>; Sun, 02 Feb 2025 07:24:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738509836; x=1739114636; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=AreeE461uD3iJrFHKkGCGgjyGaSZ+/Yio9wPGxk0mB0=; b=PwzfUFvUZZWkKYatW1cIkdoWszfAvVE1p7X6T+nWmaVjCIVgj5sVUwE1QfSMoMhNi2 6p06n/SXkJ04skmCLlj92pstmjDCgvvnKVIe2tIm0pjDzgfx0GcUZ67eCLj4HI0KPs5X yQwTErr0K9zQHoC6vNq+iUV/2ckqS5Pa7Lq4akYW2OuafKwhlZoimZxfZGvlBG+Tl94E NqC+wEDFWuCR1Io93hVWsWAgoY6kJasHb+G6W+YOQQiP3WMDnz0VJ/guUDp7sc7q0Vvc Mwu3qjvj4/+Z8ZE5J6FyLEdBIV5rzSPQ+2FnqfDGMuzrP6Q3yCR++awH+5RXbNI5xl1e pxbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738509836; x=1739114636; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=AreeE461uD3iJrFHKkGCGgjyGaSZ+/Yio9wPGxk0mB0=; b=IZfpnjghIaL2pgRiVE+x8sxVqu4G0YvZv8Z9xX7Ibc3o5u0iIOBry4x4Wmqeqtx7kH dVN8RI+dBqNJJBvrNhaSvhR3RO0eiFXEMziaW2S/3opn+SeWNZSgpvesW2dt3wDk1YEk qV8S6kmGD/jbbd4w2fIYl+EVR6Y0JFfefc7WaiexVvdLyGm1XtGV19+Y9A5cSF4ktKMk 4owHsAwngk28/aRj5OfuMMmdUimCW+DQSJ4KB7w9NRCHqkdzRF5t4kQfmJbDxyQjsy1o USIiuovCiUvPXtqJpeTRlxQmbOc09rKhT6zO0ZRsDvj4KmmKQyGIpdFOWRyuX28+zi5Y lZmw== X-Gm-Message-State: AOJu0YyayFdv+fa8TIhBHF8zh3pqk2Ay/AdZHrFsFWWXXSSI7JdSSyfs SK5XkJM4mB2AcQou5wO0RWQlsbB8Ff21GNeBEph/ZNVEPp4tVuRd X-Gm-Gg: ASbGncsX2/SBdKxXfBIi09jplsAtpfjjoCyxtndK4gFXbn70RKaD6E1BLpOV1AEiW3S V/KVChz2DVf/v7UU0uzDjfZ1YPU0NRbVOJAS2qSMaCw7aQv+IpvwFlZkYZg4YEzy7piXepmhIDi 0vpAD5VYqhhPZXt76ZWFNn4EC67ParGc3mM+qjqEkCrmtzvINpHYs/CL3+J2+yyD6KCFh/1mqdN m8CjhZhi471X+8SZSlQrdKH/V9eMcKmXZqVpuTQ1896rYDGZ3EJjn1tmQo0CshwFIINLmM1mmqf /4zcHYjg4FCP X-Google-Smtp-Source: AGHT+IGFIMcC6wjFORA5gMNCTG6TiXemBIUfpOg4hlLuv6T7IUqZCg9eHRFZPmne+YHZfZOo0fdWPQ== X-Received: by 2002:a17:903:98c:b0:21a:8839:4f4d with SMTP id d9443c01a7336-21dd7c46868mr253278915ad.6.1738509836266; Sun, 02 Feb 2025 07:23:56 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21de31f5a60sm59347405ad.61.2025.02.02.07.23.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Feb 2025 07:23:55 -0800 (PST) From: Maxim Cournoyer To: 45mg <45mg.writes@gmail.com> Subject: Re: [bug#75981] [PATCH (WIP) v1.5 2/4] Add 'guix fork authenticate'. In-Reply-To: <10c11dfc090e48aa6a3f4b1fd67543ec2bab7b40.1738408683.git.45mg.writes@gmail.com> (45mg.writes@gmail.com's message of "Sat, 1 Feb 2025 17:13:24 +0530") References: <10c11dfc090e48aa6a3f4b1fd67543ec2bab7b40.1738408683.git.45mg.writes@gmail.com> Date: Mon, 03 Feb 2025 00:23:41 +0900 Message-ID: <871pwgjrpe.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, 45mg writes: > * guix/scripts/fork/authenticate.scm: New file. > * Makefile.am (MODULES): Add the new file. > * guix/scripts/fork.scm > (show-help): Mention new command. > (%sub-commands): Add new command. Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:633 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, Tobias Geerinckx-Rice , Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, 45mg writes: > * guix/scripts/fork/authenticate.scm: New file. > * Makefile.am (MODULES): Add the new file. > * guix/scripts/fork.scm > (show-help): Mention new command. > (%sub-commands): Add new command. Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:633 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi, 45mg <45mg.writes@gmail.com> writes: > * guix/scripts/fork/authenticate.scm: New file. > * Makefile.am (MODULES): Add the new file. > * guix/scripts/fork.scm > (show-help): Mention new command. > (%sub-commands): Add new command. OK. [...] > diff --git a/guix/scripts/fork/authenticate.scm b/guix/scripts/fork/authenticate.scm [...] > +(define-module (guix scripts fork authenticate) > + #:use-module (git) > + #:use-module (guix git) > + #:use-module (guix git-authenticate) > + #:use-module (guix base16) > + #:use-module (guix ui) > + #:use-module (guix progress) > + #:use-module (guix scripts) > + #:use-module (guix build utils) > + #:use-module (guix channels) > + #:use-module (ice-9 exceptions) > + #:use-module (ice-9 match) > + #:use-module (ice-9 receive) > + #:use-module (ice-9 popen) > + #:use-module (ice-9 format) > + #:use-module (ice-9 pretty-print) > + #:use-module (ice-9 string-fun) > + #:use-module (ice-9 textual-ports) Please sort lexicographically. [...] > +(define %default-options > + (let ((introduction (channel-introduction %default-guix-channel))) > + `((upstream-commit > + . ,(string->oid (channel-introduction-first-signed-commit introduction))) nitpick: a bit wide (83 chars) > + (upstream-signer > + . ,(openpgp-fingerprint > + (string-upcase > + (bytevector->base16-string > + (channel-introduction-first-commit-signer introduction))))) > + (upstream-keyring > + . "keyring")))) > + > +(define %usage > + (format #f (G_ "Usage: guix fork authenticate UPSTREAM COMMIT SIGNER [OPTIONS...] > +Authenticate a fork of Guix, using COMMIT/SIGNER as the fork introduction. > + > +First, authenticate new commits from UPSTREAM, using Guix's default > +introduction. Then authenticate the remaining commits using the fork > +introduction. > + > + -r, --repository=DIRECTORY > + Authenticate the Git repository in DIRECTORY > + > + --upstream-commit=COMMIT > + --upstream-signer=SIGNER > + Use COMMIT/SIGNER as the introduction for upstream > + Guix, overriding the default values > + ~a > + /~a > + (Guix's default introduction). > + > + -k, --keyring=REFERENCE > + load keyring for fork commits from REFERENCE, a Git > + branch (default \"keyring\") > + --upstream-keyring=REFERENCE > + load keyring for upstream commits from REFERENCE, a > + Git branch (default \"keyring\") > + --end=COMMIT authenticate fork commits up to COMMIT > + --cache-key=KEY cache authenticated commits under KEY > + --historical-authorizations=FILE > + read historical authorizations from FILE > + --stats Display commit signing statistics upon completion > + > + -h, --help display this help and exit > + -V, --version display version information and exit > +") > + (assoc-ref %default-options 'upstream-commit) > + (assoc-ref %default-options 'upstream-signer))) > + > +(define (show-help) > + (display %usage) > + (newline) > + (show-bug-report-information)) > + > +(define (missing-arguments) > + (leave (G_ "wrong number of arguments; \ > +required UPSTREAM, COMMIT and SIGNER~%"))) > + > + > +;;; > +;;; Helper prodecures. > +;;; > + > +(define (fork-config-value repository key) > + "Return the config value associated with KEY in the > +'guix.fork-authentication' namespace in REPOSITORY, or #f if no such config > +was found." > + (let* ((config (repository-config repository)) > + (branch (repository-current-branch repository))) > + (catch 'git-error > + (lambda () > + (config-entry-value > + (config-get-entry config > + (string-append "guix.fork-authentication." > + key)))) > + (const #f)))) > + > +(define (fork-configured-introduction repository) > + "Return three values: the upstream branch name, introductory commit, and > +signer fingerprint (strings) for this fork, as configured in REPOSITORY. > +Error out if any were missing." s/were/are/ > + (let* ((upstream-branch (fork-config-value repository "upstream-branch")) > + (commit (fork-config-value repository "introduction-commit")) > + (signer (fork-config-value repository "introduction-signer"))) > + (unless (and upstream-branch commit signer) > + (leave (G_ "fork information in .git/config is incomplete; > +missing at least one of > +introduction-commit, introduction-signer, upstream-branch > +under [guix \"fork-authentication\"]"))) > + (values upstream-branch commit signer))) > + > +(define (fork-configured-keyring-reference repository) > + "Return the keyring reference configured in REPOSITORY or #f if missing." > + (fork-config-value repository "keyring")) > + > +(define (fork-configured? repository) > + "Return true if REPOSITORY already contains fork introduction info in its > +'config' file." > + (and (fork-config-value repository "upstream-branch") > + (fork-config-value repository "introduction-commit") > + (fork-config-value repository "introduction-signer"))) > + > +(define* (record-fork-configuration > + repository > + #:key commit signer upstream-branch keyring-reference) nitpick: I'd leave the first arg on the same line, and put the keywords on separate lines below. > + "Record COMMIT, SIGNER, UPSTREAM-BRANCH and KEYRING-REFERENCE in the > +'config' file of REPOSITORY." Should it say, .git/config file, for extra clarity? > + (define config > + (repository-config repository)) > + > + ;; Guile-Git < 0.7.0 lacks 'set-config-string'. > + (if (module-defined? (resolve-interface '(git)) 'set-config-string) > + (begin > + (set-config-string config "guix.fork-authentication.introduction-commit" > + commit) > + (set-config-string config "guix.fork-authentication.introduction-signer" > + signer) > + (set-config-string config "guix.fork-authentication.upstream-branch" > + upstream-branch) > + (set-config-string config "guix.fork-authentication.keyring" > + keyring-reference) > + (info (G_ "introduction, upstream branch and keyring recorded \ > +in repository configuration file~%"))) > + (warning (G_ "could not record introduction and keyring configuration\ > + (Guile-Git too old?)~%")))) That should be an error, not a warning, no? Unless you think it's not critical to what this tool is trying to achieve. > + > +(define (guix-fork-authenticate . args) > + (define options > + (parse-command-line args %options (list %default-options) > + #:build-options? #f)) > + > + (define (command-line-arguments lst) > + (reverse (filter-map (match-lambda > + (('argument . arg) arg) > + (_ #f)) > + lst))) > + > + (define (make-reporter start-commit end-commit commits) > + (format (current-error-port) > + (G_ "Authenticating commits ~a to ~a (~h new \ > +commits)...~%") > + (commit-short-id start-commit) > + (commit-short-id end-commit) > + (length commits)) > + (if (isatty? (current-error-port)) > + (progress-reporter/bar (length commits)) > + progress-reporter/silent)) > + > + (with-error-handling > + (with-git-error-handling > + ;; TODO: BUG: it doesn't recognize '~' in paths > + ;; How to do 'realpath' in Guile? It doesn't exist yet, as far as I know. We have readlink* which recursively expands links (guix utils). > + (let* ((repository (repository-open (or (assoc-ref options 'directory) > + (repository-discover ".")))) > + (upstream commit signer (match (command-line-arguments options) Perhaps break the line here to reduce horizontal indent. > + ((upstream commit signer) > + (values > + (branch-lookup repository upstream) > + (string->oid commit) > + (openpgp-fingerprint* signer))) > + (() > + (receive (upstream commit signer) > + (fork-configured-introduction repository) > + (values > + (branch-lookup repository upstream) > + (string->oid commit) > + (openpgp-fingerprint* signer)))) > + (_ > + (missing-arguments)))) Hm, I've looked at argument-handler again, and I guess it could be used, though I'm not sure it'd simplify things by much. Give it a try, if you want! > + (upstream-commit (assoc-ref options 'upstream-commit)) > + (upstream-signer (assoc-ref options 'upstream-signer)) > + (history (match (assoc-ref options 'historical-authorizations) > + (#f '()) > + (file (call-with-input-file file > + read-authorizations)))) > + (keyring (or (assoc-ref options 'keyring-reference) > + (fork-configured-keyring-reference repository) > + "keyring")) > + (upstream-keyring (assoc-ref options 'upstream-keyring)) > + (end (match (assoc-ref options 'end-commit) > + (#f (reference-target > + (repository-head repository))) > + (oid oid))) > + (upstream-end (match (assoc-ref options 'upstream-end-commit) > + (#f > + (reference-target upstream)) > + (oid oid))) > + (cache-key (or (assoc-ref options 'cache-key) > + (repository-cache-key repository))) > + (show-stats? (assoc-ref options 'show-stats?))) > + > + (define upstream-authentication-args > + (filter identity > + (list > + (oid->string upstream-commit) > + (bytevector->base16-string upstream-signer) > + (string-append "--repository=" > + (repository-directory repository)) > + (string-append "--end=" > + (oid->string upstream-end)) > + (and upstream-keyring > + (string-append "--keyring=" > + upstream-keyring)) > + (and show-stats? "--stats")))) > + > + (info (G_ "calling `guix git authenticate` for branch ~a...~%") > + (branch-name upstream)) > + > + (apply run-guix-command 'git "authenticate" > + upstream-authentication-args) > + > + (define fork-stats > + (authenticate-repository > + repository commit signer > + #:end end > + #:keyring-reference keyring > + #:historical-authorizations history > + #:cache-key cache-key > + #:make-reporter make-reporter)) > + > + (unless (fork-configured? repository) > + (record-fork-configuration repository > + #:commit (oid->string commit) > + #:signer (bytevector->base16-string signer) > + #:upstream-branch (branch-name upstream) > + #:keyring-reference keyring)) > + > + (when (and show-stats? (not (null? fork-stats))) > + (show-authentication-stats fork-stats)) > + > + (info (G_ "successfully authenticated commit ~a~%") > + (oid->string end)))))) The rest LGTM, from a cursory review. -- Thanks, Maxim From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 11:22:03 2025 Received: (at 75981) by debbugs.gnu.org; 2 Feb 2025 16:22:03 +0000 Received: from localhost ([127.0.0.1]:35950 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tecjS-0006hk-Or for submit@debbugs.gnu.org; Sun, 02 Feb 2025 11:22:03 -0500 Received: from mail-pl1-x62a.google.com ([2607:f8b0:4864:20::62a]:49567) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tecjP-0006h4-Pu for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 11:22:00 -0500 Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-2166f1e589cso89923645ad.3 for <75981@debbugs.gnu.org>; Sun, 02 Feb 2025 08:21:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738513313; x=1739118113; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=xtLMWcmuma6pcSkmpg4OYci9eQBViEee/D113KCYEbA=; b=YgwzoYQqOfPaKRecDMHj0aYhX6Hr8g1pQr+3tusODaJubGb9LB55UhzygHD6EHhaEl 6pggHiokaJvZ5X039AfHIEOiXo6pDt7/7Fcm+QPF3+AENIR2hbXnHjWsjR72We0DzFa1 00d84o191qkzb9U9j29JMuabZIoMhb2yXbqBJuoOCLzqxccNiCPncJgCvPvCzMHwJ8g7 xLfPw2bmLwfsAvmQ8VN/VFSxStV/nHty56WXOoiUVb5OUrsw/lz8mV/84B/dQTDhi2uU zHEqh//lP9TyAZR6kz8AGSIt/08+MfmMJW84h2Cc9F+xC0AaOZ3ZbHKw18To2tD/VPP8 3DVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738513313; x=1739118113; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=xtLMWcmuma6pcSkmpg4OYci9eQBViEee/D113KCYEbA=; b=iQdoSzZHAId47IFqrF7XP7vMxQwXW0a6TPiWAyPSSlL2xvPrJkJ+Ko7ghj1nApHb3g XA/KFtcBcWbyBDr8XW94i8fp1K1uclbG9PHZplV5dGlWkTtkOY/KksrHLJ/mLxsgp4V0 8I0ePHF/reQU/PjLOeHVEH9pOycSZaUQe7HDC3Iyp/3fMfXaDVMMVtXP3dJmHn6naNIs 2i293yUy5+UR6+Yq0pScciLlQp5ohPLom4Bc/pmEF7txWfmwygrK4+Q1EtuDiCnzryiH At3J0zf8ptuU2+cYgfzEV+McQnemt4+yxPdLbm+sGNnyzHuYZDEvp3dYsptVUZUD9KpU BxVw== X-Gm-Message-State: AOJu0Yy0xqj3fp9cxLDG4t4LS6DwhNNtmAk6Q5n601syttgEcKc/K/kI +wl1D6O7KjzDco0NtNaNYs2S1L0j3x/VVfv/jRuWRskD+nmhpYrA X-Gm-Gg: ASbGnctgV+KxLUYKzW9l4rMDb7BI7nynwDzpxgmsEFXWvCM0J0f8SfZWWv48PLw2K33 4Flgi0MxrGXd1oRs2VYtexhDL1qtyB0261r15IR8qKU2xGpsQBGJTnsn32/B8cqb5aDtQoN6GMK 6cMnUnllnFqYlQA+yn0TLb6g07YVubQNYWwM1j40RVhcPMLaxJnG+YPZxYEWahENc8n7HH739Sj 0yQjcuRShIF3C84aU0bgmsTrnCz6qwhtpBXXJjgS73ccbA5pjwkz+S4WmMdSxmSbIELarBHZqaQ woZ8/h7ZcZmo X-Google-Smtp-Source: AGHT+IFEmperqgk9TRGu9VZhmJSON6i4eonMZpt7mldx6bSxUTkT1JFBcPYbkYfTVBbQqFZYQ1GCKw== X-Received: by 2002:a05:6a00:a95:b0:725:ef4d:c1bd with SMTP id d2e1a72fcca58-72fd0c6cf7fmr31331318b3a.19.1738513313452; Sun, 02 Feb 2025 08:21:53 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72fe631bf29sm6631853b3a.20.2025.02.02.08.21.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Feb 2025 08:21:52 -0800 (PST) From: Maxim Cournoyer To: 45mg <45mg.writes@gmail.com> Subject: Re: [bug#75981] [PATCH (WIP) v1.5 3/4] Add 'guix fork update'. In-Reply-To: <20c828d43d189914c7a5a3de58831f74b134e796.1738408683.git.45mg.writes@gmail.com> (45mg.writes@gmail.com's message of "Sat, 1 Feb 2025 17:13:25 +0530") References: <20c828d43d189914c7a5a3de58831f74b134e796.1738408683.git.45mg.writes@gmail.com> Date: Mon, 03 Feb 2025 01:21:38 +0900 Message-ID: <87wme8iagd.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, 45mg writes: > * guix/scripts/fork/update.scm: New file. > * Makefile.am (MODULES): Add the new file. Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:62a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, Tobias Geerinckx-Rice , Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, 45mg writes: > * guix/scripts/fork/update.scm: New file. > * Makefile.am (MODULES): Add the new file. Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:62a listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi, 45mg <45mg.writes@gmail.com> writes: > * guix/scripts/fork/update.scm: New file. > * Makefile.am (MODULES): Add the new file. Or, "Register it." > * guix/scripts/fork.scm > (show-help): Mention new command. > (%sub-commands): Add new command. OK. [...] > +(define %options > + ;; Specifications of the command-line options. > + (list (option '(#\h "help") #f #f > + (lambda args > + (show-help) > + (exit 0))) > + (option '(#\V "version") #f #f > + (lambda args > + (show-version-and-exit "guix fork create"))) > + > + (option '( "fork-branch") #t #f Extraneous space in list. > + (lambda (opt name arg result) > + (alist-cons 'fork-branch-name arg result))) > + (option '(#\r "repository") #t #f > + (lambda (opt name arg result) > + (alist-cons 'directory arg result))))) > + > +(define %default-options > + '()) > + > +(define %usage > + (G_ "Usage: guix fork update [OPTIONS...] > +Pull into this Guix fork's configured upstream branch, then apply new commits > +onto the current branch. I'd reword the beginning to "Pull into this Guix fork its configured upstream branch [...]" > + > + -r, --repository=DIRECTORY > + Act in the Git repository in DIRECTORY Maybe, "Work on the Git repository in DIRECTORY" > + --fork-branch=BRANCH > + Apply new commits onto BRANCH instead of the current > + branch > + > + -h, --help display this help and exit > + -V, --version display version information and exit > +")) > + > +(define (show-help) > + (display %usage) > + (newline) > + (show-bug-report-information)) > + > +(define (missing-arguments) > + (leave (G_ "wrong number of arguments; \ > +required ~%"))) > + > + > +;;; > +;;; Entry point. > +;;; > + > +(define (guix-fork-update . args) > + > + (define options > + (parse-command-line args %options (list %default-options) > + #:build-options? #f)) > + > + (define (command-line-arguments lst) > + (reverse (filter-map (match-lambda > + (('argument . arg) arg) > + (_ #f)) > + lst))) > + > + (define-syntax invoke-git > + (lambda (x) > + (syntax-case x () > + ((_ args ...) > + #`(invoke "git" "-C" #,(datum->syntax x 'directory) args ...))))) > + > + (define-syntax invoke-git/stdout > + (lambda (x) > + (syntax-case x () > + ((_ args ...) > + #`(string-trim-right > + (invoke/stdout "git" "-C" #,(datum->syntax x 'directory) args ...)))))) > + > + (with-error-handling > + (let* ((directory (or (assoc-ref options 'directory) ".")) > + (current-branch-name (invoke-git/stdout > + "branch" > + "--show-current")) > + (current-head-location (invoke-git/stdout > + "rev-parse" > + "HEAD")) > + (fork-branch-name (or (assoc-ref options 'fork-branch-name) > + (if (string= current-branch-name "") > + (leave (G_ "no current branch and --fork-branch not given")) Too wide. You can always break a string with a \ escape. > + current-branch-name))) > + > + (repository (repository-open directory)) > + (upstream-branch-name introduction-commit introduction-signer > + (if (fork-configured? repository) > + (fork-configured-introduction > + (repository-open directory)) > + (leave (G_ "fork not fully configured. > +(Did you remember to run `guix fork authenticate` first?)%~")))) 'leave' prints errors, which conventionally should be brief and not complete sentence. I think you could get a nicer result by using a compound condition combining a &message and &fix-hint conditions; which the `with-error-handling' handler will correcly format with colors and all. > + (upstream-branch-commit > + (invoke-git/stdout "rev-parse" upstream-branch-name)) > + (new-upstream-branch-commit "") > + (config (repository-config repository)) > + (signing-key > + (or > + (catch 'git-error > + (lambda () > + (config-entry-value > + (config-get-entry config "user.signingkey"))) > + (const #f)) > + (begin > + (info (G_ "user.signingkey not set for this repository.~%")) > + (info (G_ "Will attempt to sign commits with fork introduction key.~%")) Max width busted :-) > + introduction-signer)))) > + > + (info (G_ "Pulling into '~a'...~%") upstream-branch-name) > + (invoke-git "switch" upstream-branch-name) > + (invoke-git "pull") > + (set! new-upstream-branch-commit > + (invoke-git/stdout "rev-parse" upstream-branch-name)) I think you can use (define new-upstream-branch-commit ...) and avoid its let-bound variable (set to the empty string). > + > + (info (G_ "Rebasing commits from '~a' to '~a' onto fork branch '~a'...~%") > + upstream-branch-commit > + new-upstream-branch-commit > + fork-branch-name) > + (invoke-git "rebase" "--rebase-merges" > + (string-append "--gpg-sign=" signing-key) > + fork-branch-name new-upstream-branch-commit) > + > + (info (G_ "Resetting fork branch '~a' to latest rebased commit...~%") > + fork-branch-name) > + (invoke-git "branch" "--force" fork-branch-name "HEAD") > + > + (invoke-git "checkout" (or current-branch-name current-head-location)) > + > + (info (G_ "Successfully updated Guix fork in ~a~%") > + directory)))) Phew! LGTM. So the idea is to avoid rewriting the fork's introductory commit and instead rewriting (rebasing) the Guix upstream commits on top, which will resign them with the fork's authorized key, IIUC? That's clever, but personally I much prefer to keep any work I've done *rebased* on upstream so they are easily (re-)submitted, and it's clear what extra work my fork has. Seems like a good way for "forks" to hide potentially bad commits hidden under thousands of rust commits, obscuring them. I think Liliana had that remark as well in the associated issue. -- Thanks, Maxim From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 13:23:29 2025 Received: (at 75981) by debbugs.gnu.org; 2 Feb 2025 18:23:30 +0000 Received: from localhost ([127.0.0.1]:36241 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teecz-0007Fb-Fy for submit@debbugs.gnu.org; Sun, 02 Feb 2025 13:23:29 -0500 Received: from mail-wm1-x341.google.com ([2a00:1450:4864:20::341]:43493) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1teecx-0007FM-PO for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 13:23:28 -0500 Received: by mail-wm1-x341.google.com with SMTP id 5b1f17b1804b1-43626213fffso29068615e9.1 for <75981@debbugs.gnu.org>; Sun, 02 Feb 2025 10:23:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738520601; x=1739125401; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=oiSImLmDx7UX28GtA0ewVJpXUFpcH4LejAQSuA2Pqq4=; b=FdHW5F8Ww/X/AFHiDVSCb4nPSHAOPuB//JdX7QiikCSx6gLKLnrklhThDIqhc9wgj6 lUNBcv7JvBk5o/CXQZ2jBZ0f4Bx9clYWsXCx4MrrlmTwC0HWDH8KPSHIW8alg4GUEcxc C0kYx8VCVtMrljO2GUbmTWaLe5YkvouLUmAX0Oh6gkfidokRia4nKFmbP5oy/LAc7wtF aBahDNg+NmxxWMZ/+jF+BCr3/Z4FHHKeSi3lsF3VorAaGD060s7u6dJBw2UpPHcoPBz2 vaoiTfY7dTyKck3wyd3m92o4xDzzzOhnoZCWpnJaDG4BykONJ5eJ/YRZIj+C20CsxI+I f7ZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738520601; x=1739125401; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=oiSImLmDx7UX28GtA0ewVJpXUFpcH4LejAQSuA2Pqq4=; b=wwCYwWWMQ0g0IaP4KfVU9c+4SLI2s275766i2jHACqn/56T31vZnYMn6FXWWdtgPoF 7l+/vl+V0yr2Viy1SH5tC8nJToN+D6St/hIyYNlk4yIuEZerL0Co6f9cvIJPe7qKB76Y GH/SJcMcaQIBaX5CEt9qYF4c8IYy0+lZP8HzA0Z2dAqvWNJ2/YvchPizEO10uNFRleow RLjWxV3Zyms/fj3gAvxeYZwiXivo6G5XjUpgdyw1UAZdyZWDxXtc+aeScNzAE53+9mDX XQsMA/oeykO0FPbKj5tapFmhsk34p90eiLuk7pcRp1IBhqLifUjq6mf3IvPuAhGCqqIY cDZA== X-Gm-Message-State: AOJu0YxX0TIxpP0+fwXGQIuVHbgxOTd9WG/g2ARHlgGuK0NdTfkz7kRC QKFj6OuXQopf6dAbbpFB3RYs6smRr/wub3lHCghkMNhPkMuy2Awe X-Gm-Gg: ASbGncux5xRkpZhyUKwRpLdipwLYTTJ5Xgh13Gu2B+FjyqzRpxqLq58iSPTriDBqAbn CnWmRR6p2ofUq7zEbrCJVyA3tS9YT5IOR5GnVBdjdWvCQ3UZuN75y++ht6YRkto3yR18ZWu/EvX xRMwXx3n759K+4fkm99DtRK+plGcvZMDCPjR6RW9gwOvrSDWu2uNciZ1x/JChbs3j4ewsAXHpLK fUJzriuteQNrTaDDeMbFKFGA6UEVBamMd31XOJ2JiWHELGvGsyXYMBecD1yZ1FS95rlZn9T551J F2Aa+e3SjvMFwNtpVAVfgByVvvaH4DHVm8jP72OxTxmrnB4wVpEth0XawPsBpkahJMg= X-Google-Smtp-Source: AGHT+IGbcTzds78nd1ZCIoOQaWdBLtM4kNTOqXbbiNZWKtOUdtLpBZ5Fv151IopQl9YeT9evLLxrgg== X-Received: by 2002:a05:600c:35d6:b0:434:ea1a:e30c with SMTP id 5b1f17b1804b1-438e6f11988mr88406245e9.13.1738520601054; Sun, 02 Feb 2025 10:23:21 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-38c5c1b576csm10701869f8f.63.2025.02.02.10.23.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Feb 2025 10:23:20 -0800 (PST) Message-ID: Subject: Re: [bug#75981] [PATCH (WIP) v1.5 3/4] Add 'guix fork update'. From: Liliana Marie Prikler To: Maxim Cournoyer , 45mg <45mg.writes@gmail.com> Date: Sun, 02 Feb 2025 19:23:47 +0100 In-Reply-To: <87wme8iagd.fsf@gmail.com> References: <20c828d43d189914c7a5a3de58831f74b134e796.1738408683.git.45mg.writes@gmail.com> <87wme8iagd.fsf@gmail.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.48.4 MIME-Version: 1.0 X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Am Montag, dem 03.02.2025 um 01:21 +0900 schrieb Maxim Cournoyer: > So the idea is to avoid rewriting the fork's introductory > commit and instead rewriting (rebasing) the Guix upstream commits on > t [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (liliana.prikler[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:341 listed in] [list.dnswl.org] X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, Tobias Geerinckx-Rice , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?ISO-8859-1?Q?Court=E8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Am Montag, dem 03.02.2025 um 01:21 +0900 schrieb Maxim Cournoyer: > So the idea is to avoid rewriting the fork's introductory > commit and instead rewriting (rebasing) the Guix upstream commits on > t [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:341 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (liliana.prikler[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Am Montag, dem 03.02.2025 um 01:21 +0900 schrieb Maxim Cournoyer: > So the idea is to avoid rewriting the fork's introductory > commit and instead rewriting (rebasing) the Guix upstream commits on > top, which will resign them with the fork's authorized key, IIUC? >=20 > That's clever, but personally I much prefer to keep any work I've > done *rebased* on upstream so they are easily (re-)submitted, and > it's clear what extra work my fork has.=C2=A0 Seems like a good way for > "forks" to hide potentially bad commits hidden under thousands of > rust commits, obscuring them. >=20 > I think Liliana had that remark as well in the associated issue. I did remark that, yet :) The problem with rebasing on Guix is that you will have to update the introduction on each rebase (or indeed use an unauthenticated fork).=20 If you do record the introduction, say, in your own channels.scm, `guix pull` will break, which 45mg wants to avoid. As you wrote in your first message, it appears somewhat counter- productive to offer `guix fork` as a means of authoring such long-lived forks, but sentiments aside, that's precisely the goal of this series. Cheers From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 13:24:30 2025 Received: (at 75981) by debbugs.gnu.org; 2 Feb 2025 18:24:30 +0000 Received: from localhost ([127.0.0.1]:36245 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teedy-0007Hf-3k for submit@debbugs.gnu.org; Sun, 02 Feb 2025 13:24:30 -0500 Received: from mail-wr1-x441.google.com ([2a00:1450:4864:20::441]:43317) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1teedv-0007HM-Uz for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 13:24:28 -0500 Received: by mail-wr1-x441.google.com with SMTP id ffacd0b85a97d-3863703258fso2853348f8f.1 for <75981@debbugs.gnu.org>; Sun, 02 Feb 2025 10:24:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738520662; x=1739125462; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=IZrGhWIPZ+2gTzb9428zPhAYQb6QK4pFgq1UeeKS1Vk=; b=UnigQ1s1WanPhXv05iNiArTcfHuRYmqXZEDM3Pcvl99/onDQLnol3nooUpXi22USjR GxapZ4rr40gMk5WOVICmeqX/FdNiJVuYIK8yOAuwGo1GypS7+lbnX0RS1R1v3hmWj0Xg lwHrXmhD/RDgGqUxB4xgi3JpI/rHeA3xDCPrqP+hW25z699NvQj4LQB4temR8w5EXqWw doeoewSxZpDw8i5QMCDUMfA5EPCfAh90dP4A8Uq06w2INY4hIyNhWhMj3TTuGmL9dv8X j7oe/R94glRk4u1SZtUauzD4VzJwNV/PP5WH/OI1Y7pUIC7TqE31qSDVQ0fYXNhUT41r hodA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738520662; x=1739125462; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=IZrGhWIPZ+2gTzb9428zPhAYQb6QK4pFgq1UeeKS1Vk=; b=YDfLs89AgYz//9Lg1fWe/6jmIWMIoYhg99qiF6wCmLunOaPVTXlqs9af+AfcKTflz/ 68OfAECkDAaYx4MTrvJ6q/OhuSPnTZhdFMKw4cHpCLQOzTWM5xW5yYj55Ka5vgvmwG+n Ap3joPOJC89Bg9YEl8RaJwwoKTzmeU4cvxrqj9iCcOYW2Mc/mHnWPS4S8FebqIF8QAp5 gsLr/4h3OgJHQUahRJtsioANV5sYgii3u9FbWgZj4QTK92UNinxeKF3ReoIoAdr3DdJa fv5q/9skZtz6YhQZQqmNVF2LYsOU2cAj21UEbq7vO1pjDWYQupORPIE7/YU+edq+HC+0 OtwQ== X-Gm-Message-State: AOJu0Yymi5k/Jm43UEfJXQ3qckelegK/aRIf7BQOYN0G8m81TeAH9Gmb Q/j928yO5DYseerlTdvU326SVU4696htfqKNcWJkvMM2zfGjrxsd X-Gm-Gg: ASbGncsaQBRjnxNMC96bMaLuunLL30iGLixGBkOB1vkCcQhwrul7PuqV2jvUG/AqabP OwqOBbtXBEqwU2Fy1JTmaB2hCM/uOEKpvMLztRlbjwaa/bbmHVvH0hfTXGBmlbVmqJ6Dx08I719 4WIi7/dUjaAxmwQwgjgxmXaDzsgN7/qL5esSgzD2FKVlC+oC/BC8fOVs9ZeahKVwa88JfHWmfj6 iX7TyInSfzupkrW4J2SklrghR3HcdT6+bhDyN1wgDPt1QC+ReXuFuWusGDaB+q0UriCyUEKydb0 IPzcNasZwmGFxaCuu6toQ9bEv0URaiz1u/pZhSu8YCLKed1jzKOQEGFDV9TD2TqDgLY= X-Google-Smtp-Source: AGHT+IEejkkTfOeAUS/cvA/fIpbKjnT5KCOee/RvIvj0u1OCuWf9F6cKfLhRcJ9WTqwXUKhOmr3qJg== X-Received: by 2002:a05:6000:1f84:b0:38a:4df5:a08 with SMTP id ffacd0b85a97d-38c60f6585dmr8502668f8f.22.1738520661493; Sun, 02 Feb 2025 10:24:21 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-38c5c0ec369sm10429815f8f.8.2025.02.02.10.24.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Feb 2025 10:24:21 -0800 (PST) Message-ID: <92af9e3af160d3ed49030e1961b98f7b9e2e857f.camel@gmail.com> Subject: Re: [bug#75981] [PATCH (WIP) v1.5 3/4] Add 'guix fork update'. From: Liliana Marie Prikler To: Maxim Cournoyer , 45mg <45mg.writes@gmail.com> Date: Sun, 02 Feb 2025 19:24:48 +0100 In-Reply-To: References: <20c828d43d189914c7a5a3de58831f74b134e796.1738408683.git.45mg.writes@gmail.com> <87wme8iagd.fsf@gmail.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.48.4 MIME-Version: 1.0 X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Am Sonntag, dem 02.02.2025 um 19:23 +0100 schrieb Liliana Marie Prikler: > > I think Liliana had that remark as well in the associated issue. > I did remark that, yet :) s/yet/yes/ Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (liliana.prikler[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:441 listed in] [list.dnswl.org] X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, Tobias Geerinckx-Rice , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?ISO-8859-1?Q?Court=E8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Am Sonntag, dem 02.02.2025 um 19:23 +0100 schrieb Liliana Marie Prikler: > > I think Liliana had that remark as well in the associated issue. > I did remark that, yet :) s/yet/yes/ Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:441 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (liliana.prikler[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Am Sonntag, dem 02.02.2025 um 19:23 +0100 schrieb Liliana Marie Prikler: > > I think Liliana had that remark as well in the associated issue. > I did remark that, yet :) s/yet/yes/ From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 15:56:22 2025 Received: (at 75981) by debbugs.gnu.org; 2 Feb 2025 20:56:23 +0000 Received: from localhost ([127.0.0.1]:36455 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teh0w-0006CI-JA for submit@debbugs.gnu.org; Sun, 02 Feb 2025 15:56:22 -0500 Received: from mail-10624.protonmail.ch ([79.135.106.24]:39805) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1teh0t-0006C0-GT for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 15:56:21 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lendvai.name; s=protonmail3; t=1738529772; x=1738788972; bh=XLfqwvM3vHsQOKeb1EevIBPGYnV5OShOspIyR+jNwXA=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector:List-Unsubscribe:List-Unsubscribe-Post; b=Nl+8cvZ3/N1DKufguqAIWAM16qC9euvc/R0oTHGW02HGw23rVo9zSB3yhVrLSxLGe 3nIRN2MV7XDTvwH2YG9L89xBaXjHcbw4DVvYMKTs89ZBEk+nE7RWbHLais6+moSAsA UR4rfiYUGzDIRIhoVxrpKgF0NyhJilbwX3s1TH8FVxVx0tT7H/+f33osYGxIDmfXyk 72qr3QH0HHD7kEFxWAE89Ao+5rFdugplgmkgxPULLqqbSlvEIXQDacghAI06laaU9f drvhQoryNmeDE/9XjM+MhIz3iEgr4zWQX0hSHzq10jjdRHA/qI0IECH+TRPxAxI6AX 4bXl3RMgUbJdA== Date: Sun, 02 Feb 2025 20:56:07 +0000 To: Maxim Cournoyer From: Attila Lendvai Subject: Re: [bug#75981] [PATCH (WIP) v1.5 1/4] Add 'guix fork create'. Message-ID: <0lJyKFTNrG_gWbzcwgMn1ygmvYDbrcGQm9KZbFkiFBCR5dcPIwfXIdwk6LWmzfh-HZ5aLkaZkol4qmN9LdHlkXZz2OU1Vjq0QIJQti2uXUQ=@lendvai.name> In-Reply-To: <877c68jsr0.fsf@gmail.com> References: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> <877c68jsr0.fsf@gmail.com> Feedback-ID: 28384833:user:proton X-Pm-Message-ID: 1c5abcf5a04bdbfda671c0c9d11b896e7f708815 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: > My first thought was similar to Liliana's reply in the other > issue thread: putting lots of energy into making it convenient to fork > Guix instead of contributing to the review process (described [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [79.135.106.24 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [79.135.106.24 listed in bl.score.senderscore.com] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [79.135.106.24 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [79.135.106.24 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Tobias Geerinckx-Rice , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , =?utf-8?Q?Ludovic_Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: > My first thought was similar to Liliana's reply in the other > issue thread: putting lots of energy into making it convenient to fork > Guix instead of contributing to the review process (described [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [79.135.106.24 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [79.135.106.24 listed in bl.score.senderscore.com] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [79.135.106.24 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [79.135.106.24 listed in wl.mailspike.net] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager > My first thought was similar to Liliana's reply in the other > issue thread: putting lots of energy into making it convenient to fork > Guix instead of contributing to the review process (described as slow > and erratic, which appears to be the motivation here), appears > counter-productive. FWIW, i have long-lived patches that will never be incorporated into guix p= roper. some are simply kludges that enable me to do proceed, while some oth= ers are rejected by the maintainers. none of the above is solved by a better review process. for the curious, here are the patches that i'm currently dragging along gui= x HEAD: https://codeberg.org/attila-lendvai-patches/guix/commits/branch/attila -- =E2=80=A2 attila lendvai =E2=80=A2 PGP: 963F 5D5F 45C7 DFCD 0A39 -- =E2=80=9CTo eliminate statism is not to physically subdue the rulers, but t= o mentally liberate the ruled.=E2=80=9D =09=E2=80=94 Jakub Bo=C5=BCydar Wi=C5=9Bniewski From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 17:24:56 2025 Received: (at 75981) by debbugs.gnu.org; 2 Feb 2025 22:24:56 +0000 Received: from localhost ([127.0.0.1]:36579 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teiOe-0001sb-Dx for submit@debbugs.gnu.org; Sun, 02 Feb 2025 17:24:56 -0500 Received: from smtprelay08.ispgateway.de ([134.119.228.106]:38118) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1teiOb-0001sP-Jh for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 17:24:54 -0500 Received: from [195.52.158.165] (helo=milk) by smtprelay08.ispgateway.de with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98) (envelope-from ) id 1teiOW-000000005Jw-2xxi; Sun, 02 Feb 2025 23:24:48 +0100 From: Simon Streit To: Maxim Cournoyer Subject: Re: [bug#75981] [PATCH (WIP) v1.5 1/4] Add 'guix fork create'. In-Reply-To: <877c68jsr0.fsf@gmail.com> (Maxim Cournoyer's message of "Mon, 03 Feb 2025 00:01:07 +0900") References: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> <877c68jsr0.fsf@gmail.com> Gcc: nnfolder+archive:sent.2025-02 Date: Sun, 02 Feb 2025 23:24:46 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Df-Sender: c2ltb25AbmV0cGFuaWMub3Jn X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hello Maxim, Maxim Cournoyer writes: > My first thought was similar to Liliana’s reply in the other issue > thread: putting lots of energy into making it convenient to fork Guix > instead of contributing to the review process (describe [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [134.119.228.106 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [134.119.228.106 listed in bl.score.senderscore.com] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [134.119.228.106 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Tobias Geerinckx-Rice , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hello Maxim, Maxim Cournoyer writes: > My first thought was similar to Liliana’s reply in the other issue > thread: putting lots of energy into making it convenient to fork Guix > instead of contributing to the review process (describe [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [134.119.228.106 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [134.119.228.106 listed in bl.score.senderscore.com] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [134.119.228.106 listed in list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hello Maxim, Maxim Cournoyer writes: > My first thought was similar to Liliana=E2=80=99s reply in the other issue > thread: putting lots of energy into making it convenient to fork Guix > instead of contributing to the review process (described as slow and > erratic, which appears to be the motivation here), appears > counter-productive. I am all for contributing to the review process. It is only through recent discussions on this subject that I am forcing myself to be a bit more active within the community again. Thanks for getting me back in. I am also at fault my self. I have a personal channel running and the list is getting longer on patches that rather be submitted. I am nowhere close to be a contributor (yet). I simply don=E2=80=99t have = time and resources to be more active at the moment. At the same time I also don=E2=80=99t want to wait for months until certain patches =E2=80=93 which= have been submitted for review =E2=80=93 are pushed upstream. I do keep patches running on top of local branches that are constantly being re-based from upstream. While time consuming, it seems to be the most convenient at the moment. I don=E2=80=99t even want maintain a local fork. It is not that I really n= eed one. I use it for development, thus many branches are just dead ends that are kept for archival reasons. I have a local central repository where I usually push my work to be more independent from my devices =E2=80= =93 which is my issue. And here I only recently realised that I can=E2=80=99t = even push these branches to my central repository any more. Then I tried it the other day to set up a modified keyring and authenticate with my key and push it to my local repository as described in the manual. I failed for some reason and probably missed something. This time I felt it: The bar is now seriously high to work on Guix at the moment. While the authentication mechanism is useful and necessary to prove what is from Guix, it defeats the point to use Git as a decentralised tool. It should be possible to allow local modifications for personal use, also as unauthorised contributors. I am for it. Including a warning that I am pulling an unauthenticated fork. Kind regards --=20 Simon From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 02 20:14:52 2025 Received: (at 75981) by debbugs.gnu.org; 3 Feb 2025 01:14:53 +0000 Received: from localhost ([127.0.0.1]:36880 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tel35-0004Ul-Ns for submit@debbugs.gnu.org; Sun, 02 Feb 2025 20:14:52 -0500 Received: from mail-pj1-x102f.google.com ([2607:f8b0:4864:20::102f]:55622) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tel31-0004UQ-Nv for 75981@debbugs.gnu.org; Sun, 02 Feb 2025 20:14:49 -0500 Received: by mail-pj1-x102f.google.com with SMTP id 98e67ed59e1d1-2eeb4d643a5so6482740a91.3 for <75981@debbugs.gnu.org>; Sun, 02 Feb 2025 17:14:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738545280; x=1739150080; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=DPT2z24DaaPQpdPRRL23vuj5JLsNTjpCMI0SqWZeRWI=; b=OufsnpGozO7O9sAidKqEsbUhTTAgI0t0O8S80kJkL05m7H2ORUBq0+R+Qfuq6y6Kez r67vpZXkidc/Cy5qNMr6aXN6Hn8JXp6eD5OO+3HAHf+6f+dwNpnZpwE5Xj0VW0q5ya7T GSoiLF5o1P190FpNlXAWrBy4H1k2LK8+NFR2f/F76fnXoic2uwDMnWI/Y2ChTzFYUHeh 1BIggsl22sKWp4zlfWRWqrCAEu8BUzP4NyWJx9MgkVuWRAfTdm6orcEfTL5NJJGGEUMa i8PTKg3RqRf+SEZXeUS+AC4KctjNgTDDscU/pl3/SUbTz/tHiqoSwBoK8Os2kkpgQEJ6 i2rQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738545280; x=1739150080; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=DPT2z24DaaPQpdPRRL23vuj5JLsNTjpCMI0SqWZeRWI=; b=k8SeH/tkmf2kXHxnKYQtrk/EJ5NUv2+xZTq/wrxSehhIvbjETPJ5Lu3a+r9Hx2jAr/ 9JLzZgP/RyF7rFuVawGqC+71ys6rnWH/mJc/GYcjaqtEpPf566CvbCHY8ZjsQkAvrqJN jUrFdU3aahn01N8g2bOGWq/YE2OOiLpBinvv/Pfuk9vaXVzGvlzT6cQi6KCVK4xzhO33 Mo9HL+i6tuWzdzk+MldnkBK17vaIxal9gzu2y0Z+G3K8D68Wivl9WEQkDFk0oX4StgBg z4xtNnlxFgi07YXdat5M72G0DvJ1OGhoCcW/flLmYqoTTJYc/Wnlbg5FMof7hcWrXbtJ RP7g== X-Gm-Message-State: AOJu0YzzCZqWRmvVorhMBTh1IU7RrNmVBot7JM/0ofn7WxU3iZpdEfAV LEi1wq2NNn2cUuPjbGROXvdwfynUnAtMk+JjJPVkH3R9Cw6UmyDI X-Gm-Gg: ASbGncsny1RBv85XmpBPVRKwwXNkpvM5X6JjtG+WbmP1QdKEJgrBKsni15IhxHBNw2v YuzK+orV/AWn/X+O9LgLSCepCw/elbMwrP6Luhd4HLuj2z1qy5lnZ1zQm0ikOXNGwGGkokT0eyQ mdeTjN8HVZYG07bUSBMp3SSH2PKxHzme/6V6hNer9mbtI5AsaH1XTaUySY8BdrTa/BNcZRrju7/ uBoKnMVP+RTLsG7dmq6DsiYYCa2wdRICRhmYvCYEk1sIwklVx9AAOXMaQPV4E9Pxjslr7jcj9CP 6fCwN7kbdrse X-Google-Smtp-Source: AGHT+IG4Nifg/h8epMiS1CS5Hfec2XXgO+/HfcXzdkik9AcxvfMr2euFUa0bzlxU/ho5g72fyVPVEA== X-Received: by 2002:a17:90b:258c:b0:2ee:f687:6acb with SMTP id 98e67ed59e1d1-2f83abd9998mr29015066a91.13.1738545280003; Sun, 02 Feb 2025 17:14:40 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2f8489b01besm7818791a91.19.2025.02.02.17.14.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Feb 2025 17:14:39 -0800 (PST) From: Maxim Cournoyer To: 45mg <45mg.writes@gmail.com> Subject: Re: [bug#75981] [PATCH (WIP) v1.5 4/4] Document 'guix fork'. In-Reply-To: <49cb491b107b5f0899209905d7679ba389bc65e6.1738408683.git.45mg.writes@gmail.com> (45mg.writes@gmail.com's message of "Sat, 1 Feb 2025 17:13:26 +0530") References: <49cb491b107b5f0899209905d7679ba389bc65e6.1738408683.git.45mg.writes@gmail.com> Date: Mon, 03 Feb 2025 10:14:26 +0900 Message-ID: <87r04fj0ct.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hello! 45mg <45mg.writes@gmail.com> writes: > * doc/guix.texi (Invoking guix fork): New node. > * doc/contributing.texi (Using Your Own Patches): New node. > > Change-Id: I06240f0fe8d1fe39f27130a72f5d0d92949c99da > --- > doc/contributing.texi | 50 ++++++++++++++ > doc/guix.texi | 150 ++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 200 insertions(+) > > diff --git a/doc/contributing.texi b/doc/contributing.texi > index c94ae940fa..bd4fd6c2ac 100644 > --- a/doc/contributing.texi > +++ b/doc/contributing.texi > @@ -35,6 +35,7 @@ Contributing > * Making Decisions:: Collectively choosing the way forward. > * Commit Access:: Pushing to the official repository. > * Reviewing the Work of Others:: Some guidelines for sharing reviews. > +* Using Your Own Patches:: Using your own work before it's accepted. > * Updating the Guix Package:: Updating the Guix package definition. > * Deprecation Policy:: Commitments and tools for deprecation. > * Writing Documentation:: Improving documentation in GNU Guix. > @@ -3095,6 +3096,55 @@ Reviewing the Work of Others > have reviewed more easily by adding a @code{reviewed-looks-good} usertag > for the @code{guix} user (@pxref{Debbugs Usertags}). > > +@node Using Your Own Patches > +@section Using Your Own Patches > + > +If you've taken the time to contribute code to Guix, chances are that > +you want the changes you've made to be reflected in your own Guix > +installation as soon as possible. Maybe you've added a package you want, > +and you want to start using it @emph{right now}. Or you've fixed a bug > +that affects you, and you want it to @emph{go away}. Eh :-). Please use double space between the sentences in doc and comments (including doc strings); that is a GNU convention we follow, and it makes sentence separation unambiguous, allowing editors such as Emacs to navigate between sentences. > +As described in the preceding sections, all contributions to Guix first > +go through a review process to ensure code quality. Sometimes, this can > +take longer than one would like. Ideally, the pace of the review process > +should not prevent you from benefiting from your own work. > + > +One way to work around this issue is to create an additional channel of > +your own (@pxref{Creating a Channel}), and add your code to it. For > +certain kinds of contributions, such as adding a new package, this is > +fairly straightforward - simply copy your new package definition(s) into Use triple hyphen for a em dash (longer variant), as described in info '(texinfo) Conventions': Use three hyphens in a row, =E2=80=98---=E2=80=99, to produce a long d= ash--like this (called an =E2=80=9Cem dash=E2=80=9D), used for punctuation in se= ntences. Use two hyphens, =E2=80=98--=E2=80=99, to produce a medium dash (called an= =E2=80=9Cen dash=E2=80=9D), used primarily for numeric ranges, as in "June 25-26". Use a single hyphen, =E2=80=98-=E2=80=99, to produce a standard hyphen used = in compound words. > +a new file in the channel, and remove them when your contribution is > +accepted. > + > +However, there may be cases where this is not convenient. Certain kinds > +of changes, such as those that need to modify existing Guix internals, > +may be more challenging to incorporate into a channel. Moreoever, the s/Moveoever/Moreover/ > +more substantial your contribution is, the more work it will be to do > +so. > + > +@cindex fork, of Guix > +For such cases, there is another option. Recall that the patch series > +that you sent (@pxref{Sending a Patch Series}) was created from a one or s/a one/one/ > +more commits on a checkout of the Guix repository (@pxref{Building from > +Git}). You could simply specify this repository (referred to as your > +`Guix fork', or simply `fork', from here onwards), and its relevant > +branch, as your `@code{guix}' channel (@pxref{Using a Custom Guix > +Channel}). Now `@code{guix pull}' will fetch your new commits, and It'd be more correct to use @samp{guix pull}, as that is not code (it's also not a @command per Texinfo, as these should only be used with the name of the command, without arguments). > +you'll see the changes you made reflected in your Guix installation! > + > +However, there's a potential complication to this approach - the issue > +of authentication (@pxref{Channel Authentication}). If your fork only > +exists on your local filesystem (a `local fork'), then you probably The chosen convention is 'file system' in Guix, as two words. > +don't need to worry about this, and can pull without authentication > +(@pxref{Invoking guix pull}). But other situations, such as a remotely > +hosted fork, may make it important for your fork to be authenticated, in > +the same way that all channels are expected to be. > + > +Guix provides a @command{guix fork} command in order to simplify and > +automate many details of creating and managing and authenticated s/and/an/ > +fork. For more information, @pxref{Invoking guix fork}. This should be @ref, since not used inside parentheses, and used at the end of a sentence (info '(texinfo) Cross Reference Commands'). > @node Updating the Guix Package > @section Updating the Guix Package > > diff --git a/doc/guix.texi b/doc/guix.texi > index b1b6d98e74..bbb5666d0a 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -311,6 +311,7 @@ Top > * Invoking guix pack:: Creating software bundles. > * The GCC toolchain:: Working with languages supported by GCC. > * Invoking guix git authenticate:: Authenticating Git repositories. > +* Invoking guix fork:: Creating and managing authenticated fork= s of Guix. > > Programming Interface > > @@ -5930,6 +5931,7 @@ Development > * Invoking guix pack:: Creating software bundles. > * The GCC toolchain:: Working with languages supported by GCC. > * Invoking guix git authenticate:: Authenticating Git repositories. > +* Invoking guix fork:: Creating and managing authenticated fork= s of Guix. > @end menu > > @node Invoking guix shell > @@ -7534,6 +7536,154 @@ Invoking guix git authenticate > @end table > > > +@node Invoking guix fork > +@section Invoking @command{guix fork} > + > +@cindex @command{guix fork} > + > +The @command{guix fork} command provides the means to quickly set up, > +authenticate, and keep up-to-date an authenticated fork of Guix. For keep up to date, without hyphens (not a compound adjective here; c.f.: https://idioms.thefreedictionary.com/keep+up+to+date). > +more information on authentication of a Guix checkout, @pxref{Invoking > +guix git authenticate}. s/@pxref/@ref/ > +Its syntax is: > + > +guix fork ACTION ARGS... > + > +ACTION specifies the fork-related action to perform. Currently, the > +following values are supported: > + > +@table @code > +@item create SIGNING_KEY [DIRECTORY OPTIONS...] > +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the introd= uctory > +commit. > +DIRECTORY defaults to ./guix. > + > +First, clone Guix into DIRECTORY, unless @code{--use-existing} is > +given. is given, in which case an existing Git checkout is expected to already exist in DIRECTORY. >Then, add SIGNING_KEY to the `@code{keyring}' branch of the > +repository. Finally, create a new `@code{fork}' branch based starting > +from the default branch, whose initial commit authorizes SIGNING_KEY s/starting from/based on/ > +alone (by adding it to @file{.guix-authorizations}) and is signed by it. to the @file{.guix-authorizations} file > + > +The new `@code{fork}' branch is intended to mirror upstream > +Guix. Updating the fork amounts to applying all new commits to it (see > +the `@code{update}' command below for further explanation). You can work /further explanation/more details/ > +on patches in branches based off of this one, in much the same way as I'd use 's/based off of/based on/' > +you would base them on Guix's default branch - every commit from the > +latter will be present in the former. > + > +To @command{guix pull} your changes, you could create a `build' branch s/@command/@samp/ and s/`build'/``build''/ Double quoting is to be used sparringly, using `` '' in Texinfo. > +starting from the initial fork commit, onto which you can cherry-pick or > +rebase commits from patch branches. This branch can then be specified > +for the `@code{guix}' channel (@pxref{Using a Custom Guix Channel}). Remove the ` ' quotes. > +Updating this channel can be done by merging the `@code{fork}' branch > +into it. Ditto. > +OPTIONS can be one or more of the following: > + > +@table @code > +@item --use-existing > +Use existing clone of Guix in DIRECTORY. This is useful if you've > +already created commits for a patch series (@pxref{Using Your Own > +Patches}). However, all commits to the default branch, as well as any > +branches that may be merged into it in the future, must have been signed > +with an authorized key; otherwise, authentication will fail later. > +@item --upstream=3DURI > +The repository to clone from. This defaults to the default URL for the > +Guix repository. > +@item --channel-url=3DURI > +Optional URI, which if given, will be used to replace the channel URL. > +Furthermore, the existing `origin' remote (which tracks s/`origin'/@code{remote}/ > +`@code{upstream}') is renamed to `upstream', and a new `origin' remote Use @code instead of ` '. Do not use both together. > +is created to track URI. > +@item --git-parameter PARAMETER > +Specify configuration PARAMETER for git, via `-c' option. You can pass s/`-c'/@samp{-c}/ > +this option multiple times. > +@end table > + > +@cindex authentication, of Guix forks > +@item authenticate UPSTREAM COMMIT SIGNER [OPTIONS...] > +Authenticate a Guix fork, using COMMIT and SIGNER as the fork > +introduction. > + > +First, authenticate new commits from UPSTREAM, using Guix's default > +introduction. Then authenticate the remaining commits using the fork > +introduction. > + > +As with @code{guix git authenticate}, all three of UPSTREAM, COMMIT and > +SIGNER will be cached in .git/config, so that you don't need to specify > +them after the first time. Instead of 'cached', I'd use 'persisted' or 'written', which sounds more accurate to me. > + > +OPTIONS can be one or more of the following: > + > +@table @code > +@item --repository=3DDIRECTORY > +@itemx -r DIRECTORY > +Authenticate the git repository in DIRECTORY, instead of the current > +directory. > +@item --upstream-commit=3DCOMMIT > +@itemx --upstream-signer=3DSIGNER > +Use COMMIT/SIGNER as the introduction for upstream > +Guix, instead of Guix's default channel introduction. > +@item --keyring=3DREFERENCE > +@itemx -k REFERENCE > +Load keyring for fork commits from REFERENCE, a Git branch (default > +`@code{keyring}'). Remove quotes. > +@item --upstream-keyring=3DREFERENCE > +Load keyring for upstream commits from REFERENCE, a Git branch (default > +`@code{keyring}'). Ditto. Perhaps this could be renamed '--keyring-branch', which is more des= criptive? > +@item --end=3DCOMMIT > +Authenticate fork commits up to COMMIT. > +@item --upstream-end=3DCOMMIT > +Authenticate upstream commits up to COMMIT. > +@item --cache-key=3DKEY > +@itemx --historical-authorizations=3DFILE > +@itemx --stats > +Identical to the correponding options in @command{guix git authenticate} > +(@pxref{Invoking guix git authenticate}). > +@end table > + > +@item update [OPTIONS...] > +Pull into this Guix fork's configured upstream branch (from running > +@command{guix fork authenticate}), then apply new commits onto the > +current branch. > + > +This approach may seem less convenient than simply merging the upstream > +branch into the fork branch. Indeed, it duplicates every upstream commit > +under a different commit hash, and applying a large number of commits > +can be slow. However, this is currently the only feasible approach due > +to the nature of Guix's authentication mechanism. Namely, merge commits > +can only be authenticated if both their parents are signed by an > +authorized key, meaning that you can only use the merge workflow if > +you're authorized to commit to upstream Guix. Idea for a refinement: detect if the users's key is authorized by upstream Guix, and use a merge in this situation? Perhaps offer a switch to force one flow or another, but error out when the user uses --merge-strategy=3Dmerge and their key is not authorized in upstream Guix (merge-strategy would default to rebase). > +For mapping commits on the fork branch to their equivalents on the > +upstream branch, you can use @command{guix fork identify} (see below). > + > +OPTIONS can be one or more of the following: > + > +@table @code > +@item --repository=3DDIRECTORY > +@itemx -r DIRECTORY > +Act in the Git repository in DIRECTORY. > +@item --fork-branch=3DBRANCH > +Apply new commits onto BRANCH instead of the current branch. > +@end table > + > +@item identify > +Coming soon! > + > +Given a commit hash from upstream Guix, print its equivalent on the fork > +branch, or vice versa. > +This uses the 'Change-Id:' line added to commit messages by Guix's @samp{Change-Id} git trailer (see 'man git-interpret-trailers'). > +'commit-msg' hook. I'd use @samp{commit-msg} or @code. > +The first invocation of this command will be slow, as the entire set of > +corresponding commits is built up as a hash table, and then > +cached. Subsequent invocations should be nearly instant. Apart from my above comment and the double period thing, this LGTM. It's obvious you've taken a lot of care/effort into producing this. I'm warming up to the idea. Thanks for the contribution. --=20 Maxim From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 03 11:04:34 2025 Received: (at 75981) by debbugs.gnu.org; 3 Feb 2025 16:04:34 +0000 Received: from localhost ([127.0.0.1]:40867 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1teyw6-0007GG-8e for submit@debbugs.gnu.org; Mon, 03 Feb 2025 11:04:34 -0500 Received: from mail-wm1-x32f.google.com ([2a00:1450:4864:20::32f]:43444) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1teyw3-0007Fn-Nu for 75981@debbugs.gnu.org; Mon, 03 Feb 2025 11:04:32 -0500 Received: by mail-wm1-x32f.google.com with SMTP id 5b1f17b1804b1-43626213fffso34858305e9.1 for <75981@debbugs.gnu.org>; Mon, 03 Feb 2025 08:04:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738598665; x=1739203465; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZqCRcfhdWjPubDEiqDwYrj6HvE/Ib8ausNgV2sZ9L10=; b=VhWc1t/X83KQs196LX7Scn1J+ndgmzEeYspgNz9p9iLnLq5i6y7kiJPxa/1dVASsAB JkwhpYAYRuPzP2OtQM3KcDRbpCpDHFtrBSR343B304DST4nNx89pcj5OAfJOmzxDFaTX Opg8MPq4OynmzoA9cDRWLP0L04hNY8A9N2dBipYbpTXYM7ZgYvkyiUju75n6dcHSgSW3 sH0DHoa6v0FniaXmbMWrObl86bBPcNkWcxU4NSi0mQLpEeAaLZ2m4QCB5uFSvJtL4S9R ZPXF1WroerbL2cHfvztmwUwNSymrtfWEbSEfsB6VvlHOUXgu2U1l1KEnWOlscXcIaZAv roTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738598665; x=1739203465; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZqCRcfhdWjPubDEiqDwYrj6HvE/Ib8ausNgV2sZ9L10=; b=bzpHfodlNZvyF65QXw/KD4YciLap5knehTE5327na7zbK2XGJAKg7J4y/LbtTpRYXk hqyHdH0K8NzB6xs8ntAaL7hmMDvx1w5EF0d/i3LrK4oQXLlMWNXBg6QGjZhcbhkRjb3y sRUBSKw96MNKAhMMWPY7wHNcEOLDkI2Htxr8hVjkoQ8p0hpVCx+aw5oR0eIZDtb6vfww BoLjYgQ/U4kTo2NDWW3d4gc7m/hdHTt2xhQP6UZD24gdp7ooQQsWrHjMBFWqdFKRJWOA SuQ1AqxiHlPaA8UIK6wWpOjId3Ut4GsIWfhbPtqeEnBv1HivtNqAE+RzbTxBtVIpibC3 Gl7g== X-Forwarded-Encrypted: i=1; AJvYcCWIuKrFAcx6YSflc7hXAvb9ET6NZBQe1uTGJipcwrCBCG/DTIGzal2a6UqBZ92lMTqherptUQ==@debbugs.gnu.org X-Gm-Message-State: AOJu0Yy+nE6vpbDZhXn0qlAgQXkgaN93Ag7GbmNpiuvk/js/GAzMv/q1 EvGnNVczp2qH2zRHdBYT85kzzva7fRonC88gbu6mGGRQ81+PYqL4 X-Gm-Gg: ASbGncuEvY+S1vE6QI1D5B7X/v4jO0pE9OkX9fWShbcm3oF3BOzfovf88mKiVqtz/Gs yN3Xh6XAcUNUZEqNjMzh5LFlpVtPbZfksiZvxG4zaOb/OjN15T3EC4wjpVf/drr0EI20DBXeAW1 KbxI5gCLrZTtuwaM2vgO+OzwwcaXl+/tr7gLghX/DUhmXOXBeTi4//kUlxLStxA12UkFemMp2ao g9Oobd9L49qXLzqOt+XMe9ZmPrNlXxVpGMcqSumFpf/YB1KJHwBm5kNRXm0wuF5iJWeE3ebSr+d zdKFdjfknl508E+m5aOhpcFnE24Jc4Enh2NQ89Y7Iigm6Xr3Ibey/wglVtBGPv7ujwzNV4xPlR4 E X-Google-Smtp-Source: AGHT+IFaS6cIc8gGT4RUBxRXmvWTckpoZT/581PidWzjhS9ajz6XsyCvWpvrZuOvWlJqS9Wx7ORhEQ== X-Received: by 2002:a05:600c:1da8:b0:434:f3d8:62db with SMTP id 5b1f17b1804b1-438e1e18200mr139759055e9.2.1738598665129; Mon, 03 Feb 2025 08:04:25 -0800 (PST) Received: from lili (roam-nat-fw-prg-194-254-61-40.net.univ-paris-diderot.fr. [194.254.61.40]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-438dcc1315esm191628635e9.6.2025.02.03.08.04.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 03 Feb 2025 08:04:24 -0800 (PST) From: Simon Tournier To: 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Subject: Re: [bug#75981] [PATCH (WIP) v1.5 1/4] Add 'guix fork create'. In-Reply-To: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> References: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> Date: Mon, 03 Feb 2025 16:15:22 +0100 Message-ID: <87a5b39i0l.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, On Sat, 01 Feb 2025 at 17:13, 45mg wrote: > * guix/scripts/fork.scm, guix/scripts/fork/create.scm: New files. [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (zimon.toutoune[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:32f listed in] [list.dnswl.org] X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Tobias Geerinckx-Rice , Nicolas Graves , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi, On Sat, 01 Feb 2025 at 17:13, 45mg wrote: > * guix/scripts/fork.scm, guix/scripts/fork/create.scm: New files. [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:32f listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (zimon.toutoune[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi, On Sat, 01 Feb 2025 at 17:13, 45mg <45mg.writes@gmail.com> wrote: > * guix/scripts/fork.scm, guix/scripts/fork/create.scm: New files. [...] > * guix/scripts/git/authenticate.scm I think this fork =E2=80=9Cfeature=E2=80=9D should not be yet another subco= mmand but this must be another subsubcommand: =E2=80=99guix git fork=E2=80=99. It would make more sense, IMHO. Cheers, simon From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 04 00:38:33 2025 Received: (at 75981) by debbugs.gnu.org; 4 Feb 2025 05:38:33 +0000 Received: from localhost ([127.0.0.1]:42241 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tfBdo-0007Lo-TJ for submit@debbugs.gnu.org; Tue, 04 Feb 2025 00:38:33 -0500 Received: from mail-pl1-x630.google.com ([2607:f8b0:4864:20::630]:42361) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tfBdm-0007La-Ia for 75981@debbugs.gnu.org; Tue, 04 Feb 2025 00:38:31 -0500 Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-2167141dfa1so90583485ad.1 for <75981@debbugs.gnu.org>; Mon, 03 Feb 2025 21:38:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738647504; x=1739252304; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=f9cYrzHBsF11BEaw8T1hH0JU/IziVirrE09mASGKNg8=; b=ahIMVsETq8JFCPGTMLpqhmw4J5f5Dr5KlKg36BpMK3zoJ6jmWE9Eo+d/5J4m6jdvJf JpPrJwkzQnUGEbcHUTh6VaJHX0ZSCj+DqcNPnBCAGcAF78GtlSh3M8KQyt3W/BeyVaxr SV+p5k3Z95Q3EKNWhcuPSnPmrSKCtHXH5KLhS8sze5DR99SWHAHVjWvJwSR3yZrWQzpT RpzxFusqhwZqSSzBQ/vrQ8MZ0BZt4TJ9A1emRNmdNRKOTqUTwdrQHdjcm1Eem+bEDr2S XdHJ/vbxK7NUhOwkeOs51C6NchSXP7myrNEaFeg2ZrYYVYdS0BSSSRPKTvzdskC0Xjb7 OeRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738647504; x=1739252304; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=f9cYrzHBsF11BEaw8T1hH0JU/IziVirrE09mASGKNg8=; b=W6DHelV6gQXPVbEctDDkHjN0jS/v8cO6XgFA6nFsjLdUexJhhYgV7Y5OQXL3Tfxxcd O+OsL8DqF5aeacH/yTl155XdxuMZzlFauMBxkaXk9UFgnt0sgw29VObQp5jMsC3coW0s ltqKCSde+zenNEQ2ctUS5LQiZV8HX8y427TfKXqzg7+DP+OHg3hdj6GMNf16RiCi64Xv ynLQIvNTPw0p9TWIBRES5+39xt5P0NHoTkjzclDV5wdOx227vvdo1XlQwX2sAOo0iPxq PQ9Nd6SSZSsjYMM6p0en+zW8D6hDoi4urwMz/aEHSiuUJgNMrV071F0mXygHgA/eObN3 L8HQ== X-Forwarded-Encrypted: i=1; AJvYcCW8Yy9ynjyNeh1yp81ep3swLHWvWDf+30ndMEwufvhuFJWzp9MMWqBS/tfJOcye+bNUWZ6Smw==@debbugs.gnu.org X-Gm-Message-State: AOJu0YzYkGSf/epopFB+nd+30twTgDqyUqTwTpI6vvPB7T048nH33H3d p5BhmeRgixUOwKgCoKptH4bLthrhzR2M3t8JbiK+Cms6Utont40I X-Gm-Gg: ASbGncuvB0Elto4PErVZDYNgPru5yms2YQIFXLm73dV10afK7WnYhQsw4Ouuw2I4ZZW hRdlB2k82iU0fNZNME81gLl06MVePUF5cGAs8iu8G2Qt9vTjDKRGAhV0yPKINGXwfGxE3KAgV3M XFd6jCwZGdz2Xj67l5/ZgWt6LRBgyTIZEC3FZX3lfFWpDaEhPSuIszK/IlCIMcHGqkS6yr4vo5t bWN5hNsVfW7Yamm+9FKIe847daCbS/+BrxB5QseErwHRoVXoBaVr2l/Kzyboojgs5BnVRfp2yUV xGsNuuCZ0Wnt X-Google-Smtp-Source: AGHT+IHmJTOnX9MlZDSNJkhe+T3WbwwfjNrmAdMtysIwrG75aBWMfLTUWFNIepeEZOTIs2bB5EUN4g== X-Received: by 2002:a17:902:fc85:b0:215:a808:61cf with SMTP id d9443c01a7336-21f01ce046fmr27067595ad.25.1738647502483; Mon, 03 Feb 2025 21:38:22 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21edddf883fsm69107395ad.4.2025.02.03.21.38.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 03 Feb 2025 21:38:21 -0800 (PST) From: Maxim Cournoyer To: Simon Streit Subject: Re: [bug#75981] [PATCH (WIP) v1.5 1/4] Add 'guix fork create'. In-Reply-To: (Simon Streit's message of "Sun, 02 Feb 2025 23:24:46 +0100") References: <590b269995eb83d8fe2b584a40a58fa9ed473c54.1738408683.git.45mg.writes@gmail.com> <877c68jsr0.fsf@gmail.com> Date: Tue, 04 Feb 2025 14:38:08 +0900 Message-ID: <87v7tqb77j.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Simon, Simon Streit writes: > Hello Maxim, > > Maxim Cournoyer writes: > >> My first thought was similar to Liliana’s reply in the other issue >> thread: putting lots of energy into making it convenient to fork Guix >> inste [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:630 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Tobias Geerinckx-Rice , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Simon, Simon Streit writes: > Hello Maxim, > > Maxim Cournoyer writes: > >> My first thought was similar to Liliana’s reply in the other issue >> thread: putting lots of energy into making it convenient to fork Guix >> inste [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:630 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (maxim.cournoyer[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi Simon, Simon Streit writes: > Hello Maxim, > > Maxim Cournoyer writes: > >> My first thought was similar to Liliana=E2=80=99s reply in the other iss= ue >> thread: putting lots of energy into making it convenient to fork Guix >> instead of contributing to the review process (described as slow and >> erratic, which appears to be the motivation here), appears >> counter-productive. > > I am all for contributing to the review process. It is only through > recent discussions on this subject that I am forcing myself to be a bit > more active within the community again. Thanks for getting me back in. > I am also at fault my self. I have a personal channel running and the > list is getting longer on patches that rather be submitted. I didn't mean to make anyone feel bad for having a channel, just to state that if someone wants to have an impact on the slow review process, the direction should be contributing toward that goal by providing more eyes and hands, not providing more tools to more comfortably doing our own things in our sandbox without interacting. So I'm glad if the result was to nudge you toward joining the review party ;-). > I am nowhere close to be a contributor (yet). I simply don=E2=80=99t hav= e time > and resources to be more active at the moment. At the same time I also > don=E2=80=99t want to wait for months until certain patches =E2=80=93 whi= ch have been > submitted for review =E2=80=93 are pushed upstream. There's no hiding it: reviewing is a (very) time consuming process, and is currently done by volunteers, so on their own limited time they probably would rather use to hack on things that personally matter more to them :-). The more hands we throw at it, the less time individual reviewers have to spend on it to keep the community happy and running smoothly. > I do keep patches running on top of local branches that are constantly > being re-based from upstream. While time consuming, it seems to be the > most convenient at the moment. > I don=E2=80=99t even want maintain a local fork. It is not that I really= need > one. I use it for development, thus many branches are just dead ends > that are kept for archival reasons. I have a local central repository > where I usually push my work to be more independent from my devices =E2= =80=93 > which is my issue. And here I only recently realised that I can=E2=80=99= t even > push these branches to my central repository any more. For development, I simply use git checkouts and force-push them around when I have to, or use './pre-inst-env guix deploy'. It's not as seamless as simply using 'guix', but it did the job when I needed it. I feel this feature here caters to more long-term forks that could have multiple users, thus requiring authentication. > Then I tried it the other day to set up a modified keyring and > authenticate with my key and push it to my local repository as described > in the manual. I failed for some reason and probably missed something. > This time I felt it: The bar is now seriously high to work on Guix at > the moment. I feel perhaps people are trying to replace Git by Guix :-). Or are operating outside what I'd call 'development', and want some fancier/better integrated distribution means for Guix as a whole. > While the authentication mechanism is useful and necessary to prove what > is from Guix, it defeats the point to use Git as a decentralised tool. > It should be possible to allow local modifications for personal use, > also as unauthorised contributors. > > I am for it. Including a warning that I am pulling an unauthenticated > fork. What do you mean unauthenticated? The point of this feature is to make authenticated forks easier to setup/work with, so you wouldn't get any warning, unless I'm missing something. Thanks for sharing your thoughts. --=20 Maxim From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 04 22:22:09 2025 Received: (at 75981) by debbugs.gnu.org; 5 Feb 2025 03:22:09 +0000 Received: from localhost ([127.0.0.1]:47497 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tfVzN-0003WH-4t for submit@debbugs.gnu.org; Tue, 04 Feb 2025 22:22:09 -0500 Received: from mail-pj1-x1044.google.com ([2607:f8b0:4864:20::1044]:61481) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tfVzH-0003VJ-Dx for 75981@debbugs.gnu.org; Tue, 04 Feb 2025 22:22:04 -0500 Received: by mail-pj1-x1044.google.com with SMTP id 98e67ed59e1d1-2efe25558ddso8182226a91.2 for <75981@debbugs.gnu.org>; Tue, 04 Feb 2025 19:22:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738725716; x=1739330516; darn=debbugs.gnu.org; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=LsoqWQOgLVhVoEea614U0RdTK7bH/DJiXnYNumko6+o=; b=AzO4Cd1r+nQMqfPpl/DBWAOZP8S9K53fvWa0zwDCutGvUHL6hhBIqT2sm7gcUk6g83 XHoysfKWcmMwqiAvW6UGHccGArDezXQ4FMRLGLoqACfdcglkg1y8Is4ExR60h31sVj7s Asm4IoQWl1haJ34X6XxsxuJAZVWV/YTRVmJuO1kHsEI0+v/Yjmmyr1J5gsiXs6uCWK3A SgYjXacIDZPT7p4b+11Lvz3Dj59u3d2IcMmZFNZheVqK1cytt9gfB5ZbBlcZsMaWr3qm 7On+XzFL0BA5/QSsjq0f0p1U5n5BtAD4mXeLy+AMV1wp94laIbgBF4c1Rv469kzp6ISS XW7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738725716; x=1739330516; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=LsoqWQOgLVhVoEea614U0RdTK7bH/DJiXnYNumko6+o=; b=aNW7yNhKUqMrMZsvn6KbcJFGF/K8CoMkkI0sjnehH2DtIDelJ6k9bEmnADvQYxkx2Z xm2XO3KXc9eYH5CkhlfabhYz/1shEAxLyV9Be4940vMsmwBkg5nygoIM9OCVC/B6+ddV sOcuJyZaQKC5r7TbaIzIEZVQA559UPqkWHrzg9O0IpsLz4YiepU+1peltN/XYXIcM5wV ND9WGgkm2YM0MwJ2MZRiJA5HNn9UcOrBpu6R7C7CbX6AiaELv9NM63LZ5bg/+pWDEnLL r7wdMAhKmcPcMZK5Cq8Wo2V7BxkFrk/7UtNeEnjOOGFcQoamslQqWgmKaOZivItH4H57 ZjTw== X-Gm-Message-State: AOJu0Yy0ITZGIl0DX/adUfYcQwzxgyv2XscfedB4y4bki8V9QmHlKJ/X AXOzX3PE78yymES3+Jcbda1XWx0Md0jEVGVfnJYbGN2V0jv9MSS3 X-Gm-Gg: ASbGncunsjRhqz58MihyYDXLFqjNobIWR2AP2hch2pQHI9qHACGyWD1acxI0bBMujBA /ZfWPUbvGoahpPVWPqTVa/Ah1z6e8+Iov4uSOD0pAkLY5d8+a4CbQsZoCNwrN7wk/AZ7ARGME2e eMGCdjnr5qvOwnOFWgfmd75Zm27ok8Q/lLbhetQg3VeIoUKh2NuQDYjCApobAplLAzhDel8kGWS u1UKw9IgMNziwaSSkIiL/oR6h321sA/Ypc6YLwqy7dSm0b4Qq2Vefe9udr6OtspOn+FIZj2llHu we4b035xhJUgWvy1 X-Google-Smtp-Source: AGHT+IFSAEv5EYbY85/z1jUjrDp/5vGBnYKteG22UaSLrur1mf/ATnmzpZWe6epd+XLtRn1ml3IR8Q== X-Received: by 2002:a17:90b:1d46:b0:2ee:f076:20f1 with SMTP id 98e67ed59e1d1-2f9e069cf12mr2426119a91.0.1738725716449; Tue, 04 Feb 2025 19:21:56 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2f9e1da8a24sm355884a91.37.2025.02.04.19.21.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 19:21:56 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: Re: [PATCH (WIP) v1.5 0/4] Add 'guix fork'. In-Reply-To: References: Date: Wed, 05 Feb 2025 03:21:52 +0000 Message-ID: <87wme53wkv.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi all, First of all, thanks to Maxim for the patch review! There are a lot of things that I'll need to address in there. And thanks to everyone else who's replied here. It's encouraging to see that people are paying attention to my work; I was worried there wouldn't be enough people who care about this issue. So far, my approach to Guix stuff in general has been to just dive in and work on things until they're done. But there's just so much work here that if I dive in right now, I don't know when I'll resurface. And I'm way too busy for that right now. So, rather than doing a typical inline reply to each message in this thread, I'm going to try to list out all the feedback I've gotten, and everything that's pending. Then I'll talk about how I plan to work on it. Feel free to comment on anything here. I will try to organize the feedback I've gotten so far below: 1. The argument that this doesn't belong upstream. The main arguments seem to be that we should improve the review process instead, or that channels are sufficient for anything you'd use a fork for. 2. Feature suggestions: a. If the user has commit access, then allow them to use a merge rather than rebase upstream commits. I hadn't thought of this before because I was thinking entirely from a non-committer's perspective. But I guess even committers might want a personal authenticated fork in some cases. As Attila pointed out, some things may be rejected from upstream and some may be temporary kludges to get things working until you can implement a proper solution. 3. Larger code corrections - things I need to actually spend some thought on. Here's a list: a. I've used a mix of Guile-Git and just shelling out to the Git CLI. The idea behind this was to provide transparency about what the commands are doing. For example, we could implement a `--dry-run` option for `create` and `update` that will just output the git commands that will be run rather than executing them. With that said, however, there are some places where it would clearly be cleaner to use Guile-Git, and doing so would not make `--dry-run` output less useful. For example, the `git symbolic-ref` invocations to get branch names, etc. So I need to make some judgement calls in that regard. b. The use of the `#:argument-handler` keyword of `parse-command-line`. It's not clear to me how this would simplify things, and I need to put some thought into it. c. Error handling. Replacing `leave` with proper exceptions (in `openpgp-fingerprint*` and `guix-fork-update`), handling possible exceptions (from gpg in `openpgp-fingerprint*`). I'm not familiar with exceptions, etc. in Guile, and it'll take some time for me to figure things out. d. Whether `openpgp-fingerprint*` belongs in guix/channels.scm. 4. Minor code corrections, eg. formatting. These don't really need further discussion, and I can just address them sequentially as I work on the v2 of this patch series. And here are the other things that are still pending: 5. Tests. These will be the first thing to work on, as it will likely speed up the development feedback loop a lot. 6. Implement `guix fork identify`. 7. Figure out how to make the existing git hooks 'fork-aware' - currently the post-merge hook runs where it shouldn't and fails, because it invokes `guix git authenticate` where it should be calling `guix fork authenticate`. Now, on to the plan of action. First of all, let's talk about '1.'. I think I may have addressed this in the original thread, but going by the responses here, clearly I didn't do so well enough. Now, as Maxim pointed out, I will probably need to submit a GCD to get this merged upstream. I think that would be the best place for me to state my argument. That way, we can discuss whether this patch series should be accepted at all, as well as the broader design - items '1.' and '2.' from the list above - in a separate thread. Simultaneously, we can use this thread for the concrete implementation - items '3.' to '7.'. That way, even when I don't have the time or energy to work on the code, I can still keep the discussion going, and collect feedback and opinions for when I do. Thoughts? I've never had to juggle so much discussion and feedback with implementation work like this (is this what a software career is going to feel like?), so I'm open to suggestions here. Thanks, 45mg From debbugs-submit-bounces@debbugs.gnu.org Wed Feb 05 23:46:36 2025 Received: (at 75981) by debbugs.gnu.org; 6 Feb 2025 04:46:36 +0000 Received: from localhost ([127.0.0.1]:53736 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tftmd-0006YZ-MZ for submit@debbugs.gnu.org; Wed, 05 Feb 2025 23:46:35 -0500 Received: from mail-pl1-x62e.google.com ([2607:f8b0:4864:20::62e]:51272) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tftma-0006YD-O2 for 75981@debbugs.gnu.org; Wed, 05 Feb 2025 23:46:34 -0500 Received: by mail-pl1-x62e.google.com with SMTP id d9443c01a7336-21f05693a27so7376735ad.2 for <75981@debbugs.gnu.org>; Wed, 05 Feb 2025 20:46:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738817186; x=1739421986; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=uEmk2ZA4589OvwPyStd/p/sM/TSmRA7Yadf0VQnRQmE=; b=WJDj1QOzw/wEhrR1iuf58l4AwirGNKWtAtrFh8gq0TNiFxkYYgYpGD9JAHpYJXzCfb ALRpiVbMdM9FJ8MIG+XMF99k0ysgR35HishRrGvF9nNsgVv0VGOzvga2bBbcSTR1tLZb OYRW+c4L35/M0dCH6l4ickVHZndvInD8iNK544t/CipejXN1V1IjP0GZvgvTHEIJJWqZ bJRGUy5t/G4nlHUdEnmHOH7+Vv3g539usSde9+xU8WaCQ3ycwXgYkJNfBQiTG2dkkJzA +9D5wSqGf+aiD9KT6zT2qvruW9fFQ/yKkvyYgxRBK+cZ2W/3ZcCE28Fh1O4Da/W3LCFn 2TMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738817186; x=1739421986; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=uEmk2ZA4589OvwPyStd/p/sM/TSmRA7Yadf0VQnRQmE=; b=gXl8f0lIfcFuhzMsWx7fJX7OrYGcKNVsHYmCgKmwq9wSUYFf9xcbEmex04hL/KWhTr MqtZUF89tSeO/bx73tEFsl7Wu+ocvPmZ/4gUQ6Yq+GUo4IANdzM9RMvnXE2zLP21KcDt gzWcNAIOzoIyHL7t9raUk7a9g2j47QuZJ8yJzY3m8SUNpMNPW6JkN80gWnmpKzmXjf7h osm/bZcwhmSguzRqfVZg+ujaPNzM6NEIQTXs2HLPEGdm6v9uaPui/ZfuzelLomMZPjmr pmaR9F1xoOYnKdLNjxcHHtofqKIYSYqxP/G7/eZvnn3MpaHIdF/bNqNONdsvank5TiLt 7r5Q== X-Gm-Message-State: AOJu0Yxthix2j9qIZuNyCloXtcGZ8215yKMhYb3yIt0On9vf+YCa7buC S9vulCWtuAj51JR4U06ho8+nelT4Um4i1DNeVnY//n/y8qAlzp9h X-Gm-Gg: ASbGnctdptGHEwkxA/exekHlKbyXAMzKnZVv1ELTbHmFeM9gjVIbidKVyeWl4rZlKcZ 63P0l0YVrbIVjKBUf62BNavCsUDI0l5QsZZDHPiQ3Whg/oo+PAX37J4xDoBUBQrhj8QB0Fh8Ksz EZf3YhT4lbe1OVISL7LxmeU6/3pOQpGcrsEAWfQAA65PIJW3lMEIiy2dXPGKQbutKJ64ybxT6Z/ qz/BT0SX8Ze3mT4q1VUZDAVWV6xQYUHslsT9UPMZ7D50BJFmelu67IWeCfHQWGVQ4tPTVDX14Pv qtgDMpa+XU/L X-Google-Smtp-Source: AGHT+IFrfH0nyXIGcNKoeJRcGZDssOnM+d2ZLP4Wt6i7RSwM8tppz00K9L1Eo7+4eVwmFwvY3Ob9zw== X-Received: by 2002:a05:6a20:9f48:b0:1ed:a72f:bed1 with SMTP id adf61e73a8af0-1ede88b16f8mr12300000637.32.1738817186517; Wed, 05 Feb 2025 20:46:26 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-ad51f0231d7sm95223a12.66.2025.02.05.20.46.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Feb 2025 20:46:26 -0800 (PST) From: Maxim Cournoyer To: 45mg <45mg.writes@gmail.com> Subject: Re: [PATCH (WIP) v1.5 0/4] Add 'guix fork'. In-Reply-To: <87wme53wkv.fsf@gmail.com> (45mg.writes@gmail.com's message of "Wed, 05 Feb 2025 03:21:52 +0000") References: <87wme53wkv.fsf@gmail.com> Date: Thu, 06 Feb 2025 13:46:13 +0900 Message-ID: <877c63adey.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi 45mg, 45mg <45mg.writes@gmail.com> writes: > Hi all, > > First of all, thanks to Maxim for the patch review! There are a lot of > things that I'll need to address in there. And thanks to everyone else > who's replied here. It's encouraging to see that people are paying > attention to my work; I was worried there wouldn't be enough people who > care about this issue. [...] > So, rather than doing a typical inline reply to each message in this > thread, I'm going to try to list out all the feedback I've gotten, and > everything that's pending. Then I'll talk about how I plan to work on > it. Feel free to comment on anything here. Before you go further, I'd propose you to explore whether the GUIX_EXTENSIONS_PATH mechanism could work for your new command. If it does, then that's even nicer, as I think in general it'd be preferable for something as particular as 'guix fork' to not be advertised as a top level guix command. A note could be added to the manual pointing to this extension, perhaps in a subsection of the section documenting channels, for the rarer cases where this is useful/necessary. We'd also need to document the GUIX_EXTENSIONS_PATH environment variable, and some usage guidance (I've never used an extension myself). -- Thanks, Maxim From debbugs-submit-bounces@debbugs.gnu.org Thu Feb 06 12:00:45 2025 Received: (at 75981) by debbugs.gnu.org; 6 Feb 2025 17:00:45 +0000 Received: from localhost ([127.0.0.1]:59274 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tg5F7-0000AA-7w for submit@debbugs.gnu.org; Thu, 06 Feb 2025 12:00:45 -0500 Received: from mail-pj1-x1044.google.com ([2607:f8b0:4864:20::1044]:58676) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tg5F4-00009r-IU for 75981@debbugs.gnu.org; Thu, 06 Feb 2025 12:00:43 -0500 Received: by mail-pj1-x1044.google.com with SMTP id 98e67ed59e1d1-2f9dbd7d80dso2296994a91.1 for <75981@debbugs.gnu.org>; Thu, 06 Feb 2025 09:00:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738861236; x=1739466036; darn=debbugs.gnu.org; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=ZqA+ZA2xjdpX7SkQJhoKxTb/iilwZ/RqPJTvgGNCeL4=; b=DXWDLm/8XMa8fJQATzm0okwCzamuvn5MevwHqIumtwiP8gqj6K2Rg6MVhVAVElWVRk EXiKKR6hEip40OK3IuWrhGaUGYVbGkaZ0fH7KJGs8RKSJ+ewMBf5xsdAvv4spu6z0svu NdIMWCEp6Gh2OBa4uJS2nEKH6YKDhoDoxOb0cTO9bPZUpgNAxIRcOwQ3c5hOPczOjglB HmaJ4y1dqNpH+ZfIclV8xX3zonR0RO9TxlKM2iePC8NyoIE6qiNknuagPNwzIqF6gMqF McQ3ScaXKdyY7WQ7pYzzyRncAIVJ5IoGtsEU5BoGHcEWFGaZFWFP2lwcKCtXcooqnw6t rNvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738861236; x=1739466036; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZqA+ZA2xjdpX7SkQJhoKxTb/iilwZ/RqPJTvgGNCeL4=; b=Mfd2uaVOfHC90N9B+16YO8aCnXsEKA2XyFhosGvdpxhg71AR4X+zphAVncmQxpJepQ h+aQHxPdE3vy9OuFqcRGsDyYA9E8Welb0kFtSOPldNDBN++fMpeHL+kSa1PZh8xhzQRx GLD24YeJ6JmbC/MJV1tRNnmYQ+IrDhuSpPYdeg4a5Gg8EGFp3AMIM+rYviXfHHt8HifL TCY+GSWXTP1JV8cFGI+emONMKVr874ZqEmNkgpE2e6bxnGvWwrdcCXtWajLK50e5RU5y aJoMKqxMyYffATMOaH+bSTXpaoy+D+aYwZP9vvfbauW+pSSHtDRsK+pYFkW0TtFSfoQ/ 99SA== X-Gm-Message-State: AOJu0YwNFxHJ10yFlB9xRl7FW776BfjCCbgNpEAZ3fpjN89Z66WYiNRG M7d89Av7Bqye4cm8H1m7JpZRJlsxGKIrzVPurmULplcD9/god+71 X-Gm-Gg: ASbGncsMVkXY7uPcLy2pdI/ShmYT1nywR7Zu/3ih3+ommAh4sqkRrrGDpnM6SfG6SYa lirJK+9+eslxZcq90yWPwm5nEuLEaabglXRCIV0sYcCwXzD7jgY2ibyE1B6dB9KOfR4PuSjEiKY 6+7ZTFlCS/Q8Vlk4YSfd7gusa7neoXgI0mYEBluWmuTsCRsvYpyqVzOjtXgrX2JMRNluuRcQkcq YXwCEptjXztn84P4Ijdfkc0Wwbsd40le3IcexShfrwFbDWe+H7gwSUGdN4Rgl3Q1L5d9xP7bPWo lDOEpvWFtWhf00lv X-Google-Smtp-Source: AGHT+IE34dZr2kFAR1eH6FSEOyjfk1+Sngf5oWA1sX2P2LHM/nZCykKIKODW5LtJixUCCk9JD7xz2w== X-Received: by 2002:a17:90a:d351:b0:2fa:17d2:166 with SMTP id 98e67ed59e1d1-2fa17d20563mr2071087a91.31.1738861235555; Thu, 06 Feb 2025 09:00:35 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2f9e1d77b68sm3940417a91.18.2025.02.06.09.00.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Feb 2025 09:00:35 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: Maxim Cournoyer , Simon Tournier , 45mg <45mg.writes@gmail.com> Subject: Re: [PATCH (WIP) v1.5 0/4] Add 'guix fork'. In-Reply-To: <877c63adey.fsf@gmail.com> References: <87wme53wkv.fsf@gmail.com> <877c63adey.fsf@gmail.com> Date: Thu, 06 Feb 2025 17:00:33 +0000 Message-ID: <87r04b2eku.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Maxim, Maxim Cournoyer writes: > Before you go further, I'd propose you to explore whether the > GUIX_EXTENSIONS_PATH mechanism could work for your new command. If it > does, then that's even nicer, Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1044 listed in] [list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Maxim, Maxim Cournoyer writes: > Before you go further, I'd propose you to explore whether the > GUIX_EXTENSIONS_PATH mechanism could work for your new command. If it > does, then that's even nicer, Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1044 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi Maxim, Maxim Cournoyer writes: > Before you go further, I'd propose you to explore whether the > GUIX_EXTENSIONS_PATH mechanism could work for your new command. If it > does, then that's even nicer, If I understand correctly how GUIX_EXTENSIONS_PATH is supposed to work, then yes, I could use it to get the Guix CLI to find my `fork` subcommand without it being in upstream Guix. But I'm trying to get it into upstream Guix, hence this patch series :) Regarding /why/ I want it upstream - I've started a draft of a GCD in which I intend to make a comprehensive argument for its inclusion; I believe it's more useful and important than you'd think, and I hope I'll be able to convince you and everyone else of this. (May take me a while to finish the GCD, though.) > as I think in general it'd be preferable for something as particular > as 'guix fork' to not be advertised as a top level guix command. If that's specifically what you're worried about - Simon was of the opinion (upthread) that I should have made this a subcommand of `guix git`. So, we'd have `guix git fork create`, `guix git fork update`, etc. That would mean it wouldn't show up under top-level `guix --help`. WDYT? Would that work for you? I chose `guix fork` because AFAIK all our commands so far are at most 3 'verbs' long (eg. `guix system list-generations`), and 4 verbs felt a bit too much. But I'm flexible on this point. > A note could be added to the manual pointing to this extension, > perhaps in a subsection of the section documenting channels, for the > rarer cases where this is useful/necessary. I don't really understand what you're proposing. Are you suggesting that we move guix/scripts/fork.scm and guix/scripts/fork/* to a separate directory from the other scripts, then ask people who want to use it to set GUIX_EXTENSIONS_PATH with that directory? IMO, that'd just make it needlessly difficult to use it. And honestly, what exactly is the harm in having a lesser-used top-level subcommand? We have `guix refresh`, which the manual explicitly states is mostly only relevant for packagers. > We'd also need to document the GUIX_EXTENSIONS_PATH environment > variable, and some usage guidance (I've never used an extension myself). Yup. Actually, this should be done regardless of what happens with my proposal. I had to search the mailing lists and track down the patch in which it was implemented [1] just to figure out what it was supposed to do (and even then I'm not entirely clear). > -- > Thanks, > Maxim [1] https://yhetil.org/guix/20210105101817.7576-1-rekado@elephly.net/ I /think/ this is the one? From debbugs-submit-bounces@debbugs.gnu.org Fri Feb 07 05:34:43 2025 Received: (at 75981) by debbugs.gnu.org; 7 Feb 2025 10:34:44 +0000 Received: from localhost ([127.0.0.1]:33021 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tgLh5-00037E-DD for submit@debbugs.gnu.org; Fri, 07 Feb 2025 05:34:43 -0500 Received: from mail-pj1-x102c.google.com ([2607:f8b0:4864:20::102c]:58711) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tgLh2-00036x-Si for 75981@debbugs.gnu.org; Fri, 07 Feb 2025 05:34:41 -0500 Received: by mail-pj1-x102c.google.com with SMTP id 98e67ed59e1d1-2f9dbd7d80dso3838616a91.1 for <75981@debbugs.gnu.org>; Fri, 07 Feb 2025 02:34:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738924475; x=1739529275; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=FJRYTm3zacz+j3cDnUggM3PT1zF1LvRg+f/Wxfo4dx8=; b=fyr/c/g8PyxLtwPtD/iXfawbfaZtV0WHE4Rd3WN62daagp0Zdf9v6F04PJ7BtRIlUn k5L+axhq31ahmiE/ALRIy7i1+ttMOKLjM0uQKOzUNoSO8Ot23cLHinQYiy72dzDMVluD dlvBokq1qACtvE451hYiQssf1ipDVjJzLZ63xM2sOw2dC6v1Da5nSdACZO+LYpDWl56g E0fiGVFKG51EFFZtDySx2ciyHZzxu87PZY7EJVc6Ci1tC6YtRjg0cVe1ZsNWbGpfpBuk MjtAAe4mRiXK3Geuqq1ZsFL0pqW71YHb0YMmVkLZHrXzMJl9tsRESBDlXDOMeHIDmvb8 gdAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738924475; x=1739529275; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=FJRYTm3zacz+j3cDnUggM3PT1zF1LvRg+f/Wxfo4dx8=; b=RZdARKQIKA51GmJD6ueJHOPT3PoGFwrbFOvRBpA6+hD6WRyimSN1755zydNqBW9ltN 2PXHlQSalv3PAtgRpg0vclR+/uH6TDFBNGPlcBoZhcAWNp2FKTUvSWdfp6Nynz3woFuc 6wkrPKGOLx/86jpgIi8Eebz7bwg8uCKNDY/vJsNG26aXm7LBJI8VmK/QjsYIwFITri1I gTQ1Z65Txuh3N1ljyziIvO6mRf7HJP0Ily4hNEk1DaHLR07fDwbfi+nRHTN+uacqo3UY SVLLY5rkeUH7j9Foqngf73REfvfGnqPOVlwh5mV9zaX+B2dwI/pXDVo+YMt2mrEYLL2Q 9gtg== X-Forwarded-Encrypted: i=1; AJvYcCWCu+kUgsTLZPEzxsI8e9hW9EIplZb/TU4b/TM23Cn2LnCmfBsq3N4s5NkmwmHm+yICKf5GHQ==@debbugs.gnu.org X-Gm-Message-State: AOJu0YzpTequx6bOipRh4s5L6/lNULlHBgTqWWjbMlMolXmymbVn6ngT CHLSGPvooBa6eZlXTVdx5DQHHfqrWCseo2jdklEhhvcZIskgipDQ X-Gm-Gg: ASbGncthyMrU+01JMiQRljnbf+h1NyaaPBDml51YuNiu14DbvbhqhnZOEnpiOLIwV8p Xxna0NnEndDv9kWzQZK7/MHFDzv8kMx46S90thxMVN0CSkuoYYi74snAjGYWskJgTMO57tgZItw Jg/zcf/IDXEcdQObBMpBwWp+1kkfHLZy+g2QqAIA+sN7cuUGa4M3x71VWgCI6m1H8UJt8huKTUa 6f5KgtXcgvkv/RhumQR4/RPupWoBR/DJ37y5HYjMutRv1bzkqjLfjzXEDDKRtJZ8Oufqf02ML5K edOIHrfuNdko X-Google-Smtp-Source: AGHT+IFQMB8Tnt8+i4SMlouO1IENANnL5uFYWfZbm/KTtsbQGD+r1PcGpgwKlOFG2g/ww9AYpazfsw== X-Received: by 2002:a17:90b:1d52:b0:2ee:53b3:3f1c with SMTP id 98e67ed59e1d1-2fa23f56cf6mr3709866a91.5.1738924474525; Fri, 07 Feb 2025 02:34:34 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21f3687f7afsm27288615ad.187.2025.02.07.02.34.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Feb 2025 02:34:33 -0800 (PST) From: Maxim Cournoyer To: 45mg <45mg.writes@gmail.com> Subject: Re: [PATCH (WIP) v1.5 0/4] Add 'guix fork'. In-Reply-To: <87r04b2eku.fsf@gmail.com> (45mg.writes@gmail.com's message of "Thu, 06 Feb 2025 17:00:33 +0000") References: <87wme53wkv.fsf@gmail.com> <877c63adey.fsf@gmail.com> <87r04b2eku.fsf@gmail.com> Date: Fri, 07 Feb 2025 19:34:20 +0900 Message-ID: <878qqi59hv.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hello! 45mg <45mg.writes@gmail.com> writes: > Hi Maxim, > > Maxim Cournoyer writes: > >> Before you go further, I'd propose you to explore whether the >> GUIX_EXTENSIONS_PATH mechanism could work for your new command. If it >> does, then that's even nicer, > > If I understand correctly how GUIX_EXTENSIONS_PATH is supposed to work, > then yes, I could use it to get the Guix CLI to find my `fork` > subcommand without it being in upstream Guix. But I'm trying to get it > into upstream Guix, hence this patch series :) Yes, that's the idea of extensions; they live as a separate package/project that can be combined with Guix to extend it. > Regarding /why/ I want it upstream - I've started a draft of a GCD in > which I intend to make a comprehensive argument for its inclusion; I > believe it's more useful and important than you'd think, and I hope I'll > be able to convince you and everyone else of this. > > (May take me a while to finish the GCD, though.) OK, I look forward to read it (and be convinced ;-)). >> as I think in general it'd be preferable for something as particular >> as 'guix fork' to not be advertised as a top level guix command. > > If that's specifically what you're worried about - Simon was of the > opinion (upthread) that I should have made this a subcommand of `guix > git`. So, we'd have `guix git fork create`, `guix git fork update`, etc. > That would mean it wouldn't show up under top-level `guix --help`. WDYT? > Would that work for you? > > I chose `guix fork` because AFAIK all our commands so far are at most 3 > 'verbs' long (eg. `guix system list-generations`), and 4 verbs felt a > bit too much. But I'm flexible on this point. If a Guix extension can do (and I think it should, since IIRC, extending the available commands of the command line was the original goal of the mechanism), then that's the best way to add a feature that, in my opinion, should be the very last resort for users to extend Guix, as it: 1. Obfuscate the actual changes in the fork by rebasing upstream Guix commits on top (bad for auditing it/security). 2. Can be more easily abused into doing anything nefarious to users since it can touch any area of the Guix code (duh, it's a fork). 3. Could be easily (?) mistaken as the canonical/better way to distribute changes made to Guix additions/improvements (instead of contributing them upstream or via the extension mechanism of the use of channels), especially if a prominent CLI command exists for it. >> A note could be added to the manual pointing to this extension, >> perhaps in a subsection of the section documenting channels, for the >> rarer cases where this is useful/necessary. > > I don't really understand what you're proposing. Are you suggesting that > we move guix/scripts/fork.scm and guix/scripts/fork/* to a separate > directory from the other scripts, then ask people who want to use it to > set GUIX_EXTENSIONS_PATH with that directory? If this work here becomes a Guix extension, it'd live outside of Guix itself in its main repository and be added as a package in Guix. For users, it'd be seemlessly picked up via the GUIX_EXTENSIONS_PATH search path, which *should* be automatically set in a profile, according to commit bbc1735be26 ("profiles: Implicitly set GUIX_EXTENSIONS_PATH.")). > IMO, that'd just make it needlessly difficult to use it. And honestly, > what exactly is the harm in having a lesser-used top-level subcommand? > We have `guix refresh`, which the manual explicitly states is mostly > only relevant for packagers. Maintenance, crowding the manual, crowding the command line, and the arguments I've mentioned above. >> We'd also need to document the GUIX_EXTENSIONS_PATH environment >> variable, and some usage guidance (I've never used an extension myself). > > Yup. Actually, this should be done regardless of what happens with my > proposal. I had to search the mailing lists and track down the patch in > which it was implemented [1] just to figure out what it was supposed to do > (and even then I'm not entirely clear). I think a good way to document it would be to show an example. There's already a 'guix-modules' Guix extension package available in Guix. --8<---------------cut here---------------start------------->8--- $ guix shell guix guix-modules -- guix module --help Usage: guix module COMMAND [OPTION]... Provide an "environment module" interface for Guix. Available commands: create convert packages to module files [...] --8<---------------cut here---------------end--------------->8--- It seems the commit I've referenced above is not enough for the GUIX_EXTENSIONS_PATH to be present, for some reason, which is why you need to include the 'guix' package, whose package defines a search path for it. That's not optimal, but you can see how easy it is to use Guix extensions. -- Thanks, Maxim From debbugs-submit-bounces@debbugs.gnu.org Fri Feb 14 18:52:06 2025 Received: (at 75981) by debbugs.gnu.org; 14 Feb 2025 23:52:06 +0000 Received: from localhost ([127.0.0.1]:52315 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tj5Ta-0002Zo-AB for submit@debbugs.gnu.org; Fri, 14 Feb 2025 18:52:06 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:55118) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1tj5TX-0002ZE-Mu for 75981@debbugs.gnu.org; Fri, 14 Feb 2025 18:52:04 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tj5TP-0007a1-6i; Fri, 14 Feb 2025 18:51:55 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=JeBAz12KCLDFebvLa8MkGGwQblzvRfSw6RDis7BBAjs=; b=Hmy5z7KRppzKQwVmh9Ou vB6RA5yuSfNzY14gIBoRNukoBrNGGjaTFWp+lMyoZnRauOQqi3jYvrvQJJnsdECjlpce1X6oNllm+ skSQf4u4zCtd6jHG4AaU6/UWBIxsZbNh1EM51iPKoIkW1niY8VmS9loHSS0CEi6IJQ7WnoGhBl+Iv Sj4PIjvSP9VJIar8jYl9R46Icxkg+1e6GYKeV2FXD8r371iny/g5D3f+ib+mu2Fd3SMbQXrcPmGao oGxzwCSJ8/9ROsSB6nZ960IcnD306GmvTmev7NaiVP5Aun14aNy4qnSdzmgNKwhNZsd5Pjy0kFNMk vadLT01CedoEiA==; From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: 45mg <45mg.writes@gmail.com> Subject: Re: bug#75981: [PATCH (WIP) v1 0/4] Add 'guix fork'. In-Reply-To: <2a950d7e5c42768724d1c8fe3bcea3ff54fb81bd.1738357415.git.45mg.writes@gmail.com> (45mg.writes@gmail.com's message of "Sat, 1 Feb 2025 02:48:44 +0530") References: <2a950d7e5c42768724d1c8fe3bcea3ff54fb81bd.1738357415.git.45mg.writes@gmail.com> Date: Sat, 15 Feb 2025 00:51:45 +0100 Message-ID: <87zfiow0dq.fsf_-_@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Tomas Volf <~@wolfsden.cz>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hello, One quick comment=E2=80=A6 45mg <45mg.writes@gmail.com> skribis: > + (info (G_ "Adding key to keyring branch...~%")) > + (invoke-git "switch" "keyring") > + (invoke "gpg" > + "--armor" "--export" > + "-o" (string-append directory "/" key-file-name) > + signing-key) > + (invoke-git "add" "--" key-file-name) > + (invoke-git "commit" "-m" "Add key for fork introduction.") > + > + (info (G_ "Setting up fork branch...~%")) > + (invoke-git "switch" "--create" "fork" "master") > + (when channel-url > + (update-channel-url (string-append directory "/.guix-channel") > + channel-url)) > + (rewrite-authorizations (string-append directory "/.guix-authoriza= tions") > + introduction-name signing-key) > + (invoke-git "add" "--" > + (string-append directory "/.guix-authorizations") > + (string-append directory "/.guix-channel")) > + (invoke-git "commit" > + (string-append "--gpg-sign=3D" signing-key) > + "-m" > + (string-append > + "Initial fork commit.\n\n" > + ".guix-authorizations: Allow only " introduction-name= "'s key." > + (if channel-url > + "\n.guix-channels: Update channel URL." > + ""))) Apologies for not following the initial discussions that led to this design. To make sure I understand, what this does is create =E2=80=98.guix-authorizations=E2=80=99 with a single key and then makes tha= t commit the introduction of the fork, right? The idea being that one would keep rebasing their fork and =E2=80=98guix fo= rk=E2=80=99 would take care of updating the introduction in =E2=80=98.git/config=E2=80= =99 so you can keep authenticating it, right? This looks interesting and a much needed improvement. There=E2=80=99s quit= e a bit to discuss about the implementation; in particular, it would be cool if we could avoid duplicating most of (guix scripts git authenticate) and if we could avoid shelling out to various commands, as in the snippet above, to the extent possible (for instance using Guile-Git). Thanks for your work! Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Fri Feb 21 02:47:42 2025 Received: (at 75981) by debbugs.gnu.org; 21 Feb 2025 07:47:42 +0000 Received: from localhost ([127.0.0.1]:51752 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tlNl7-00041d-LG for submit@debbugs.gnu.org; Fri, 21 Feb 2025 02:47:42 -0500 Received: from 16.mo581.mail-out.ovh.net ([46.105.72.216]:34485) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1tlNl3-00040q-Rc for 75981@debbugs.gnu.org; Fri, 21 Feb 2025 02:47:40 -0500 Received: from director8.ghost.mail-out.ovh.net (unknown [10.108.25.131]) by mo581.mail-out.ovh.net (Postfix) with ESMTP id 4Yzj074nWvz1NFy for <75981@debbugs.gnu.org>; Fri, 21 Feb 2025 07:47:35 +0000 (UTC) Received: from ghost-submission-5b5ff79f4f-fqjz5 (unknown [10.110.96.26]) by director8.ghost.mail-out.ovh.net (Postfix) with ESMTPS id 052201FEA1; Fri, 21 Feb 2025 07:47:33 +0000 (UTC) Received: from ngraves.fr ([37.59.142.102]) by ghost-submission-5b5ff79f4f-fqjz5 with ESMTPSA id MYKXNZUvuGdhGQAA70k2+g (envelope-from ); Fri, 21 Feb 2025 07:47:33 +0000 Authentication-Results: garm.ovh; auth=pass (GARM-102R004510cefcf-767e-42f1-bbfb-d4728fbb90a7, 94F4052D2D9A3500C11B15ADD6AE584288BF003F) smtp.auth=ngraves@ngraves.fr X-OVh-ClientIp: 193.51.120.250 From: Nicolas Graves To: Maxim Cournoyer , 45mg <45mg.writes@gmail.com> Subject: Re: [bug#75981] [PATCH (WIP) v1.5 0/4] Add 'guix fork'. In-Reply-To: <878qqi59hv.fsf@gmail.com> References: <87wme53wkv.fsf@gmail.com> <877c63adey.fsf@gmail.com> <87r04b2eku.fsf@gmail.com> <878qqi59hv.fsf@gmail.com> Date: Fri, 21 Feb 2025 08:47:33 +0100 Message-ID: <87frk7lox6.fsf@ngraves.fr> MIME-Version: 1.0 Content-Type: text/plain X-Ovh-Tracer-Id: 3429209644405482145 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeileegjecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvfevufgjfhffkfggtgesthdtredttddttdenucfhrhhomheppfhitgholhgrshcuifhrrghvvghsuceonhhgrhgrvhgvshesnhhgrhgrvhgvshdrfhhrqeenucggtffrrghtthgvrhhnpeffkedvjefhgfevffdutdeivdetleehudevtdevheeghfeutdejffdvjeefffevgeenucffohhmrghinhepshhrrdhhthenucfkphepuddvjedrtddrtddruddpudelfedrhedurdduvddtrddvhedtpdefjedrheelrddugedvrddutddvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepuddvjedrtddrtddruddpmhgrihhlfhhrohhmpehnghhrrghvvghssehnghhrrghvvghsrdhfrhdpnhgspghrtghpthhtohepuddprhgtphhtthhopeejheelkeduseguvggssghughhsrdhgnhhurdhorhhgpdfovfetjfhoshhtpehmohehkedumgdpmhhouggvpehsmhhtphhouhht DKIM-Signature: a=rsa-sha256; bh=Fp5H0zSkK2s2Q20v/Xy1fbWNpqtZW7WQ4HFLhxAtOe8=; c=relaxed/relaxed; d=ngraves.fr; h=From; s=ovhmo4487190-selector1; t=1740124055; v=1; b=AhldLhDkboaN7EccGH0HI0Rlno5i269gbWz+Bkbbj/fq5NTDTPZlMmLqD++I0ROBRMYFQqSD mQK8FeAKH3iWi2q2mz1SlXJmoZ6boZb3XwNMeU8EXQGZl9e+ZEl69xFynO/vWCGBSsUYDSjnzBQ rTkbJMUj10IFKaxdk8D4z6pZsnGYSH/6GoxT4RSEgnNxZpIbWPMijJf6snzfvTfrMhTH9RCSNFH 99qgLcNQY7E3iNpmc5vQpuwk0MQwimOuBRQfLd5NOIN/Mhk1DifxspKyKGr5sbTPC8Bo7d371vm J1cLRfa7t+X4vYoRCAq5IXtQr/nC8/gIPjVss5OGHoLPw== X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Simon Tournier , Tomas Volf <~@wolfsden.cz>, Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Adding my grain of salt, a bit late, but since I'm CCed :) I think having an extension is also a way to solidify and tests things before thinking of moving CLI functionalities upstream, when it will make sense for users. Like git or emacs extensions, when the idea is inevitable and sound enough, extensions or similar functionality eventually gets merged upstream. I also work on an extension of guix for working more easily on local repos. I do not advertise it now because it isn't polished. It doesn't have the same goal as`guix fork`, although it probably targets the same audience. The focus is on 1) reproducibility of guix with unmerged patches when you don't want a fork online (precisely to avoid accumulating unmerged patches in a fork, but still have your dozen patches when you need them), 2) performance gains from having profiles generated from compiled bytecode instead of recompiled from scratch) I find the format of extensions very adapted to that kind of need (for some users with a particular need, but building upon Guix). Guix extensions are still undocumented and missing some integration options (but being worked on in 74633). I probably won't try to upstream it, except if it makes sense down the line. For those curious, it's in the unlisted repo https://git.sr.ht/~ngraves/guix-stack I will announce it when I'll be happy with it myself. -- Best regards, Nicolas Graves From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 23 08:24:50 2025 Received: (at 75981) by debbugs.gnu.org; 23 Feb 2025 13:24:50 +0000 Received: from localhost ([127.0.0.1]:59888 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmByU-0000tH-2e for submit@debbugs.gnu.org; Sun, 23 Feb 2025 08:24:50 -0500 Received: from mail-pl1-x641.google.com ([2607:f8b0:4864:20::641]:47361) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmByP-0000sz-DT for 75981@debbugs.gnu.org; Sun, 23 Feb 2025 08:24:47 -0500 Received: by mail-pl1-x641.google.com with SMTP id d9443c01a7336-220d398bea9so53506805ad.3 for <75981@debbugs.gnu.org>; Sun, 23 Feb 2025 05:24:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740317079; x=1740921879; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=OU9CQvogo1LTxtnGjuYMtZvEwytvU4Ibv4pCgXElfrg=; b=ihOHPeVIdti105TcY/P3LsBWNmzs7exBpmMv/Vn0MtfeykpAAiua276T2Z1IFs+MTm DS7BkjFTSnjtP9eCd99Tv0CokeJ92bBX0MJqpQ2Yw8mAY+Yw0xnruhH/QTC4bvpkLPfL DUCiWCYgamupYafK1HKvV3iSMaHVJdW9GKcRu07hHx70n6k9OZqEa1+ZO1qdyY1BWBsV NFbQ3wvOSzgeIBwR0g8Wn4xIXR2NR5RJgYtZ6ZwbJULXinrLwJyAk/r4UkzOn0htJ9YI v805HGbO4y2DENxuhBV78EtHMZOWeJ4RqvmRLepEBSPpS/A2hHtnhegUPWqpBjAl5FiO rSMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740317079; x=1740921879; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OU9CQvogo1LTxtnGjuYMtZvEwytvU4Ibv4pCgXElfrg=; b=EL1QK7sW8hsWodHo3Z7u2zJLG4EUofsJZdcJVYMIRB56vlKqR0/K35BBe3PU2rqZgZ A0HooxZZOKgMQIoI+DXlBpI+LxHICyhVFCu2FX8XXP5rXmGknmkWlYa9/P3EknbC7f0U Ys48IwyweYbSrW6euU8iyJiJeStObYND/JWMy9Dr4HvfZIiTWB3E/WcKyQT1lecuMAO4 cUylZ8fGr53jz4BKJNQSKmMNR5+kE3D0ZytTznKP1DWBC8GOnKmbA/IccwmSp5603dJ7 eUWzxdxeXpI0oeDq2dUf4J9LFmp4rqpRJ64XbIPvvuL5liuDQ3wITMXvYsEN/W3/SQez peOQ== X-Gm-Message-State: AOJu0YwVlsUxCFqlGBe1v1yyh99qo+IcXpHF1RE24e5wxApggzlCc62q 2Ci1ka5SSMW1ZokOVY16lvdnWqus4baFFTDtfrktpm+4aIWCc8n0ayncMhhG X-Gm-Gg: ASbGncvQTxlAA/sJns5/Uvod2jWcmw8Zu2Ae77C2Lxt7cOT/4Vs+ntov5smEfG4naXx /zByalHoQHLuJFOKK28P2vlfOhpfmvB0IaiDOQHNj1o3ZOpQqm7ptNANspZ/iZvOXMvPUcGVfIh HE1oAS+sEYATxbM0v3691Cn95Wysnw2jPLaVlRZn73puQ+c60V7gQlgSPRqwJ18ORrW99wKX4zc scRoG3pGD10+ylY4D61herJiUo02si+IGwPhycIjgmggFSZa6QBzJAF2MGdGmi3eFL2Vy7/9BWo 8mf2DiJJ/yvhvHVN4wDmrlv+dy+qbLc+O10oalpk27Cjr29t X-Google-Smtp-Source: AGHT+IHc03MzAOE22rC0hfrdaMhbK4MJ8lTRPMi6xkU/b4R2ETSs8F1VwyWQTXCEIxD410RqgUqKEQ== X-Received: by 2002:a17:902:e88d:b0:21f:45b:6a4c with SMTP id d9443c01a7336-221a0ec9a53mr142084625ad.7.1740317078937; Sun, 23 Feb 2025 05:24:38 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-220d5349226sm165573075ad.24.2025.02.23.05.24.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Feb 2025 05:24:38 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH v2 0/2] Support authenticated forks. Date: Sun, 23 Feb 2025 18:50:47 +0530 Message-ID: X-Mailer: git-send-email 2.48.1 MIME-Version: 1.0 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Maxim Cournoyer , Simon Tournier , Tobias Geerinckx-Rice Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Guix, This revision is a major refactor of the previous one, v1.5 [1]. If you were one of those who felt that adding a entire command line was excessive, this one will make you happy :) The changes are as follows: Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:641 listed in] [list.dnswl.org] X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, =?UTF-8?q?Ludovic=20Court=C3=A8s?= , Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Guix, This revision is a major refactor of the previous one, v1.5 [1]. If you were one of those who felt that adding a entire command line was excessive, this one will make you happy :) The changes are as follows: Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:641 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi Guix, This revision is a major refactor of the previous one, v1.5 [1]. If you were one of those who felt that adding a entire command line was excessive, this one will make you happy :) The changes are as follows: * `guix fork create` is now `etc/fork.scm` I realized that Maxim was right when he pointed out that this command will rarely be used, so it shouldn't be a top-level command. Other changes made to the script: - Adds a `--dry-run` option that displays the commands that would be executed. - Adds a `--from` option to specify the base commit of the fork branch. - Use %default-guix-channel to determine the name of the default branch, instead of the horrific `git symbolic-ref` incantation that was used earlier. - We now create the fork in ../guix-fork, since the script will likely be run from the toplevel of a Guix checkout. - Addressed feedback from Maxim's review. * `guix fork authenticate` is now `guix git authenticate --branch` It turns out that `guix git authenticate` already supports branch-specific introductions. Quoting from "(guix) Invoking guix git authenticate": > Should you have branches that require different introductions, you > can specify them directly in ‘.git/config’. For example, if the branch > called ‘personal-fork’ has a different introduction than other branches, > you can extend ‘.git/config’ along these lines: > > [guix "authentication-personal-fork"] > introduction-commit = cabba936fd807b096b48283debdcddccfea3900d > introduction-signer = C0FF EECA BBA9 E6A8 0D1D E643 A2A0 6DF2 A33A 54FA > keyring = keyring It turns out this is all we really need for fork authentication. `guix fork authenticate` ended up duplicating a lot of code from `guix git authenticate` (as Ludovic pointed out), and all it really did differently was a. Authenticate a configured 'upstream' branch of the current branch first b. Configure a separate introduction Guix already has support for b., and in retrospect a. isn't really necessary because the existing post-merge hook should take care of it. So all we need is a way to configure a branch-specific introduction without having to manually edit .git/config. This is what patch 2/2 in this series provides, via the `--branch` option. * `guix fork update` has been removed There are two aspects of a solution to handle forks - fork /authentication/, which is what we've discussed so far; and fork /management/, which includes keeping a fork updated, rebasing patch branches onto the latest master, etc. I would like to keep this patch series restricted to the former, and avoid addressing the latter, for two main reasons. The first reason is that fork management is a fairly opinionated subject. For example, non-committers have to rebase upstream commits onto their fork branches to update them, but committers are able to and may prefer to merge. The second reason is that fork management bleeds into patch management, which is already addressed by tools like `b4` and the like; and we already have people working on it even within the Guix community [2]. As `guix fork update` falls more into fork management, I've removed it. All it really did anyway was rebase commits onto the fork branch, which is not that hard to to via the Git CLI. My aim is to have code related to fork authentication upstreamed, while code related to fork management can be developed as extensions (or better yet, as standalone tools). Prior experiments [3] have demonstrated that code which touches the authentication mechanism in any way has a high chance of introducing security issues, and the only real way to mitigate this is to have as many eyes on it as possible. The alternative, which we're already seeing [4], is that people will come up with their own solutions for fork authentication, which may or may not be secure, and may never be reviewed by anyone else. * Other changes - I've added tests, in tests/fork.sh. - I've removed the plans for `guix fork identify`, as it falls more into fork management, and anyway I haven't actually found a use-case for it so far. I will probably need to submit a GCD for this change, even though it no longer adds a new command line, given that last time some people weren't convinced that fork authentication should be supported. That'll probably take a while. In the meantime, as always, any feedback is appreciated. Regards, 45mg [1] https://yhetil.org/guix/cover.1738408683.git.45mg.writes@gmail.com/ [2] https://git.sr.ht/~ngraves/guix-stack [3] https://yhetil.org/guix/87bjwdpmyh.fsf@wolfsden.cz/ [4] Please do not take the inclusion of these solutions here as a judgement on their quality or on their originators. I am merely trying to demonstrate that people need a solution to this issue, and if we do not implement one upstream, we will end up with a bunch of unofficial solutions anyway. No disrespect is intended. https://yhetil.org/guix/871pw77ryg.fsf@lease-up.com/ https://yhetil.org/guix/D7QG7XS56NR6.2IWYZPP7TMEI1@disroot.org/ https://yhetil.org/guix/87a5bpqmpu.fsf@wolfsden.cz/ 45mg (2): etc: Add fork.scm. scripts: Add `guix git authenticate --branch`. Makefile.am | 3 +- doc/contributing.texi | 69 +++++++ doc/guix.texi | 15 +- etc/fork.scm | 286 ++++++++++++++++++++++++++++++ guix/scripts/git/authenticate.scm | 86 ++++++--- guix/utils.scm | 61 +++++++ tests/fork.sh | 166 +++++++++++++++++ 7 files changed, 654 insertions(+), 32 deletions(-) create mode 100755 etc/fork.scm create mode 100644 tests/fork.sh base-commit: 38b4358f4d84cafa54deff77dee6fafac3e03864 -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 23 08:25:16 2025 Received: (at 75981) by debbugs.gnu.org; 23 Feb 2025 13:25:16 +0000 Received: from localhost ([127.0.0.1]:59900 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmByn-0000yu-S2 for submit@debbugs.gnu.org; Sun, 23 Feb 2025 08:25:16 -0500 Received: from mail-pl1-x644.google.com ([2607:f8b0:4864:20::644]:59445) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmByk-0000tZ-Dx for 75981@debbugs.gnu.org; Sun, 23 Feb 2025 08:25:08 -0500 Received: by mail-pl1-x644.google.com with SMTP id d9443c01a7336-220bfdfb3f4so80521655ad.2 for <75981@debbugs.gnu.org>; Sun, 23 Feb 2025 05:25:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740317100; x=1740921900; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pNJD5qc8ul3tx5XWo3zK2vZ/nG3I/Pp7TEdw/n/qgEM=; b=ZbEtDBuKC8//8sq8N5Ql7XVDb5qpdoi/8h/KSj21SdAzotxi/YTn3ymn21p2ycVTfr uWgx7P+csWaAZINipjmLfKr2pgN6vJV0Ryaa0DAkC3FoghTbYpIir+3b0kfu6vMCvChv JTtD3+VOdBf8nJVe5DmKDSRw8NQzofSac6utvB1ZWcywy498H18+jpbjZq8MCc88xcS7 htj5i1awBW+dsqErZ5kbx/AJXfTEa6l6Gk3/7G36EVrhWN2p6KAhx6pKzLdxwlc26Qbm n3JZUFmv3O36GfllfrriYP0yICpgLPxjsXpq94S+jTSikkk/0fldloZjfcYTu9f/uQCY 3biA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740317100; x=1740921900; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pNJD5qc8ul3tx5XWo3zK2vZ/nG3I/Pp7TEdw/n/qgEM=; b=Y1NX/9XqlLVOXMVavQKaXRplKZQkYdZlY/hoHDMUaa0JZGMMN1CxcAC7uPxBIimOFE pGKv2NpLYqMqWZFV19Kzl3w3sFPzxc85R7f1BqegvvwxF3HkQgkEkw0j6veFReKHuW1F IwkDeznYUha9zwIF9K2qaFt+1z5SdI7QJ07YNLkBA4upgdBSs9dFWnYZxKLBt8gDl7Ax BUcaG8aYkEqhUA0u1sv0Pvy3b+4DL/ge8k20xrepIr1TeN+SiFxAgD2OTpybxqDCpyVn m2Ch3RfwldGHY6id8rcPC4AvnJdaL/r/8F9Q4r1boKeq6DMvFO6xoyh81/0+GmI14OJ9 iGPw== X-Gm-Message-State: AOJu0Yy5dpPGB2t6zr/49C+N0gbwMndpBThiK0k3J3NwTwdh8tLC6De4 o0q5+n2XL0OYYNKw0BKqz901p6aEVF/8k7Sm+OgN2dFePzxoxZ5ywiRdX2i+ X-Gm-Gg: ASbGncuUt7McOpcaBAi0bMo2TUH6SEvCTkjOlhsVw79Ac5XBYuzVFJJl32oikWzCQae FDnDb0l6QBMB+p9R0RkiVxAHtEGQUJdCc+wdblZbMxNzxpFgSdlvmrsmaI4hcz8GAXwu/e3BoPU TyWpd/NC9KSMacp14IcOCO0l7lWEmigW4UyPvkvQwO6qgXssRaC2slxjGdZ7Xmx7qHq8X5eT2S6 5VBmbfS0RoEM+JCmGYtMmg5uiBcsqgwjR0NVyZCGSgWwjYoBXduZpdENh2fUrNtUfQHXM7W5vcA ya2NvhRZCqcqKxK8ktrIgYq4T8UIo8O4JNk50L5b0ZwMMnMY X-Google-Smtp-Source: AGHT+IEik/L2MGWRlNPlohFmGqr260GGtgTBF8hpP2f8pKDJ/xUSSQnPwowvFIgUCjmaxrvMT1dB4w== X-Received: by 2002:a17:902:fc8f:b0:220:cd23:3cd with SMTP id d9443c01a7336-2219fff2ad7mr205206505ad.44.1740317099842; Sun, 23 Feb 2025 05:24:59 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-220d5349226sm165573075ad.24.2025.02.23.05.24.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Feb 2025 05:24:59 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH v2 1/2] etc: Add fork.scm. Date: Sun, 23 Feb 2025 18:50:48 +0530 Message-ID: X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Maxim Cournoyer , Simon Tournier , Tobias Geerinckx-Rice Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: * guix/utils.scm (chain-cut, invoke/stdout): New procedures. * etc/fork.scm: New script. * tests/etc-fork.sh: Test it. * Makefile.am: Add etc-fork.sh. * doc/contributing.texi (Using Your Own Patches): [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:644 listed in] [list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, =?UTF-8?q?Ludovic=20Court=C3=A8s?= , Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: * guix/utils.scm (chain-cut, invoke/stdout): New procedures. * etc/fork.scm: New script. * tests/etc-fork.sh: Test it. * Makefile.am: Add etc-fork.sh. * doc/contributing.texi (Using Your Own Patches): [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager * guix/utils.scm (chain-cut, invoke/stdout): New procedures. * etc/fork.scm: New script. * tests/etc-fork.sh: Test it. * Makefile.am: Add etc-fork.sh. * doc/contributing.texi (Using Your Own Patches): New node. Change-Id: Ifcba59ac6b6a330056bcfd51f7b1b7f790f95cc8 --- Makefile.am | 3 +- doc/contributing.texi | 63 ++++++++++ etc/fork.scm | 286 ++++++++++++++++++++++++++++++++++++++++++ guix/utils.scm | 61 +++++++++ tests/fork.sh | 135 ++++++++++++++++++++ 5 files changed, 547 insertions(+), 1 deletion(-) create mode 100755 etc/fork.scm create mode 100644 tests/fork.sh diff --git a/Makefile.am b/Makefile.am index 8e142a4002..dc4da74334 100644 --- a/Makefile.am +++ b/Makefile.am @@ -664,7 +664,8 @@ SH_TESTS = \ tests/guix-graph.sh \ tests/guix-describe.sh \ tests/guix-repl.sh \ - tests/guix-lint.sh + tests/guix-lint.sh \ + tests/etc-fork.sh TESTS = $(SCM_TESTS) $(SH_TESTS) diff --git a/doc/contributing.texi b/doc/contributing.texi index ab4f30d54b..121f7eea9d 100644 --- a/doc/contributing.texi +++ b/doc/contributing.texi @@ -35,6 +35,7 @@ Contributing * Making Decisions:: Collectively choosing the way forward. * Commit Access:: Pushing to the official repository. * Reviewing the Work of Others:: Some guidelines for sharing reviews. +* Using Your Own Patches:: Using your own work before it's accepted. * Updating the Guix Package:: Updating the Guix package definition. * Deprecation Policy:: Commitments and tools for deprecation. * Writing Documentation:: Improving documentation in GNU Guix. @@ -3095,6 +3096,68 @@ Reviewing the Work of Others have reviewed more easily by adding a @code{reviewed-looks-good} usertag for the @code{guix} user (@pxref{Debbugs Usertags}). +@node Using Your Own Patches +@section Using Your Own Patches + +If you've taken the time to contribute code to Guix, chances are that +you want the changes you've made to be reflected in your own Guix +installation as soon as possible. Maybe you've added a package you want, +and you want to start using it @emph{right now}. Or you've fixed a bug +that affects you, and you want it to @emph{go away}. + +As described in the preceding sections, all contributions to Guix first +go through a review process to ensure code quality. Sometimes, this can +take longer than one would like. Ideally, the pace of the review process +should not prevent you from benefiting from your own work. + +One way to work around this issue is to create an additional channel of +your own (@pxref{Creating a Channel}), and add your code to it. For +certain kinds of contributions, such as adding a new package, this is +fairly straightforward --- simply copy your new package definition(s) +into a new file in the channel, and remove them when your contribution +is accepted. + +However, there may be cases where this is not convenient. Certain kinds +of changes, such as those that need to modify existing Guix internals, +may be more challenging to incorporate into a channel. Moreover, the +more substantial your contribution is, the more work it will be to do +so. + +@cindex fork, of Guix +For such cases, there is another option. Recall that the patch series +that you sent (@pxref{Sending a Patch Series}) was created from one or +more commits on a checkout of the Guix repository (@pxref{Building from +Git}). You could simply specify this repository (referred to as your +``Guix fork'', or simply ``fork'', from here onwards), and its relevant +branch, as your `@code{guix}' channel (@pxref{Using a Custom Guix +Channel}). Now `@samp{guix pull}' will fetch your new commits, and +you'll see the changes you made reflected in your Guix installation! + +However, there's a potential complication to this approach - the issue +of authentication (@pxref{Channel Authentication}). If your fork only +exists on your local filesystem (a `local fork'), then you probably +don't need to worry about this, and can pull without authentication +(@pxref{Invoking guix pull}). But other situations, such as a remotely +hosted fork, may make it important for your fork to be authenticated, in +the same way that all channels are expected to be. + +The steps needed to enable the authentication of a fork branch are: + +@itemize +@item +Add your public key to the `keyring' branch of the repository. (This is +the key that all future commits will be signed with). + +@item +Add a commit to the fork branch that modifies the +@file{.guix_authorizations} file to add your public key. This commit +will serve as the @dfn{fork introduction}. +@end itemize + +Guix provides a @file{etc/fork.scm} script that can automatically create +a fork for you, performing these steps as well as taking care of other +details. Run @samp{etc/fork.scm --help} for details. + @node Updating the Guix Package @section Updating the Guix Package diff --git a/etc/fork.scm b/etc/fork.scm new file mode 100755 index 0000000000..a31300072b --- /dev/null +++ b/etc/fork.scm @@ -0,0 +1,286 @@ +#!/bin/sh +# -*- mode: scheme; -*- +# Ensure that this script can run without guix being installed. +pre_inst_env_maybe= +command -v guix > /dev/null || pre_inst_env_maybe=./pre-inst-env +exec $pre_inst_env_maybe guix repl -- "$0" "$@" +!# + +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +;;; Commentary: +;;; +;;; Create a fork of Guix, by running a series of git commands. +;;; +;;; Code: + +(use-modules (guix build utils) + (guix channels) + (guix scripts) + (guix ui) + ((guix utils) #:select (chain-cut + invoke/stdout)) ;TODO move to (guix build utils) + (ice-9 exceptions) + (ice-9 match) + (ice-9 popen) + (ice-9 pretty-print) + (ice-9 string-fun) + (ice-9 textual-ports) + (srfi srfi-1) + (srfi srfi-13) + (srfi srfi-26) + (srfi srfi-37) + (srfi srfi-71)) + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '("upstream") #t #f + (lambda (opt name arg result) + (alist-cons 'upstream arg result))) + (option '("from") #t #f + (lambda (opt name arg result) + (alist-cons 'start arg result))) + (option '("channel-url") #t #f + (lambda (opt name arg result) + (alist-cons 'channel-url arg result))) + (option '("use-existing") #f #f + (lambda (opt name arg result) + (alist-cons 'use-existing? #t result))) + (option '("git-parameter") #t #f + (lambda (opt name arg result) + (let ((git-parameters (assoc-ref result 'git-parameters))) + (if git-parameters + (alist-cons 'git-parameters (cons arg git-parameters) result) + (alist-cons 'git-parameters (list arg) result))))) + (option '("dry-run") #f #f + (lambda (opt name arg result) + (alist-cons 'dry-run? #t result))))) + +(define %default-options + `((upstream . ,(channel-url %default-guix-channel)) + (start . ,(channel-branch %default-guix-channel)))) + +(define %usage + (format #f (G_ "Usage: etc/fork.scm SIGNING_KEY [DIRECTORY OPTIONS...] +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the introductory +commit. +DIRECTORY defaults to ../guix-fork. + + --upstream=URI the repository to clone from + (defaults to ~a) + --from=START create the fork branch starting from START, + a branch or commit + (defaults to starting from the '~a' branch) + --channel-url=URI optional URI, used to replace the channel URL + and the existing 'origin' remote (which is + renamed to 'upstream') + --use-existing Use existing clone of Guix in DIRECTORY + --git-parameter=PARAMETER + Specify configuration PARAMETER for git, via + '-c' option (can pass multiple times) + --dry-run Display what would be done, without doing it + + -h, --help display this help and exit +") + (assoc-ref %default-options 'upstream) + (assoc-ref %default-options 'start))) + +(define (show-help) + (display %usage) + (newline) + (show-bug-report-information)) + +(define (missing-arguments) + (info (G_ "hint: try etc/fork.scm --help~%")) + (leave (G_ "wrong number of arguments; \ +required SIGNING_KEY~%"))) + + +;;; +;;; Helper prodecures. +;;; + +(define (fingerprint->key-file-name fingerprint) + (let* ((listing (invoke/stdout "gpg" "--list-key" "--with-colons" + fingerprint)) + (uid (chain-cut listing + (string-split <> #\newline) + (filter (cut string-prefix? "uid:" <>) <>) + first + (string-split <> #\:) + tenth)) + (email-name (string-delete + (cut eq? <> #\.) + (substring uid + (1+ (or (string-index-right uid #\<) + -1)) ;no name in uid + (string-index uid #\@)))) + (key-id (chain-cut listing + (string-split <> #\newline) + (filter (cut string-prefix? "pub:" <>) <>) + car + (string-split <> #\:) + fifth + (string-take-right <> 8)))) + (string-append email-name "-" key-id ".key"))) + +(define (update-channel-url file channel-url dry-run?) + "Modify .guix_channel FILE. +Change the channel url to CHANNEL-URL. +If DRY-RUN? is true, only display what would be done." + (let ((channel-data (call-with-input-file file read))) + (assq-set! (cdr channel-data) 'url (list channel-url)) + + (define (writer port) + (display ";; This is a Guix channel.\n\n" port) + (pretty-print channel-data port)) + + (if dry-run? + (begin + (display "Modified .guix_channel:\n") + (writer (current-output-port))) + (call-with-output-file file writer)))) + +(define (rewrite-authorizations file name fingerprint dry-run?) + "Rewrite .guix-authorizations FILE to contain a single authorization +consisting of NAME and FINGERPRINT. +If DRY-RUN? is true, only display what would be done." + (let ((auth-data (call-with-input-file file read))) + (list-set! auth-data (1- (length auth-data)) + `((,fingerprint (name ,name)))) + + (define (writer port) + (display "\ +;; This file, which is best viewed as -*- Scheme -*-, lists the OpenPGP keys +;; currently authorized to sign commits in this fork branch. + +" port) + (pretty-print auth-data port)) + + (if dry-run? + (begin + (display "Rewritten .guix_authorizations:\n") + (writer (current-output-port))) + (call-with-output-file file writer)))) + + +;;; +;;; Entry point. +;;; + +(define (main . args) + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (with-error-handling + (let* ((signing-key directory (match (command-line-arguments options) + ((signing-key directory) + (values signing-key directory)) + ((signing-key) + (values signing-key "../guix-fork")) + (_ (missing-arguments)))) + (upstream (assoc-ref options 'upstream)) + (start (assoc-ref options 'start)) + (channel-url (assoc-ref options 'channel-url)) + (use-existing? (assoc-ref options 'use-existing?)) + (dry-run? (assoc-ref options 'dry-run?)) + (git-parameters (assoc-ref options 'git-parameters)) + (git-c-options ;'("-c" "param1" "-c" "param2" ...) + (let loop ((opts '()) (params git-parameters)) + (if (or (not params) (null-list? params)) + opts + (loop (append opts (list "-c" (first params))) + (drop params 1))))) + + (key-file-name (fingerprint->key-file-name signing-key)) + (introduction-name (car (string-split key-file-name #\-)))) + + (define (invoke* . args) + (if dry-run? + (display (string-append + (string-join (map (cut format #f "~s" <>) + args)) + "\n")) + (apply invoke args))) + + (define (invoke-git . args) + (apply invoke* `("git" ,@git-c-options "-C" ,directory ,@args))) + + (unless use-existing? + (info (G_ "Cloning from upstream ~a...~%") upstream) + (invoke* "git" "clone" upstream directory)) + + (when channel-url + (info (G_ "Renaming existing 'origin' remote to 'upstream'...~%")) + (invoke-git "remote" "rename" "origin" "upstream") + (info (G_ "Using provided channel URL for new 'origin' remote...~%")) + (invoke-git "remote" "add" "origin" channel-url)) + + (info (G_ "Adding key to keyring branch...~%")) + (invoke-git "switch" "keyring") + (invoke* "gpg" + "--armor" "--export" + "-o" (string-append directory "/" key-file-name) + signing-key) + (invoke-git "add" "--" key-file-name) + (invoke-git "commit" + ;; This commit does not need to be signed, but we might as + ;; well use the signing key we were given. + (string-append "--gpg-sign=" signing-key) + "-m" "Add key for fork introduction.") + + (info (G_ "Setting up fork branch...~%")) + (invoke-git "switch" "--create" "fork" start) + (when channel-url + (update-channel-url (string-append directory "/.guix-channel") + channel-url + dry-run?)) + (rewrite-authorizations (string-append directory "/.guix-authorizations") + introduction-name signing-key + dry-run?) + (invoke-git "add" "--" + (string-append directory "/.guix-authorizations") + (string-append directory "/.guix-channel")) + (invoke-git + "commit" + (string-append "--gpg-sign=" signing-key) + "-m" + (string-append + "Initial fork commit.\n\n" + ".guix-authorizations: Allow only " introduction-name "'s key." + (if channel-url + "\n.guix-channels: Update channel URL." + ""))) + + (info (G_ "Successfully created Guix fork in ~a.~%") + directory)))) + +(apply main (cdr (command-line))) diff --git a/guix/utils.scm b/guix/utils.scm index c7c23d9d5b..191d17c570 100644 --- a/guix/utils.scm +++ b/guix/utils.scm @@ -21,6 +21,8 @@ ;;; Copyright © 2023 Zheng Junjie <873216071@qq.com> ;;; Copyright © 2023 Foundation Devices, Inc. ;;; Copyright © 2024 Herman Rimm +;;; Copyright © 2025 Tomas Volf <~@wolfsden.cz> +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -44,6 +46,8 @@ (define-module (guix utils) #:use-module (srfi srfi-11) #:use-module (srfi srfi-26) #:use-module (srfi srfi-71) + #:use-module (srfi srfi-35) ;TODO remove after moving invoke/stdout + #:use-module (ice-9 popen) ;TODO remove after moving invoke/stdout #:use-module (rnrs io ports) ;need 'port-position' etc. #:use-module ((rnrs bytevectors) #:select (bytevector-u8-set!)) #:use-module (guix memoization) @@ -163,6 +167,9 @@ (define-module (guix utils) call-with-compressed-output-port canonical-newline-port + chain-cut + invoke/stdout ;TODO move to (guix build utils) + string-distance string-closest @@ -1193,6 +1200,60 @@ (define-syntax current-source-directory ;; raising an error would upset Geiser users #f)))))) + +;;; +;;; Higher-order functions. +;;; + +(define-syntax chain-cut + (lambda (x) + "Apply each successive form to the result of evaluating the previous one. +Before applying, expand each form (op ...) to (cut op ...). + +Examples: + + (chain-cut '(1 2 3) cdr car) + => (car (cdr '(1 2 3))) + + (chain-cut 2 (- 3 <>) 1+) + => (1+ ((cut - 3 <>) 2)) + => (1+ (- 3 2)) +" + (syntax-case x () + ((chain-cut init op) (identifier? #'op) + #'(op init)) + ((chain-cut init (op ...)) + #'((cut op ...) init)) + ((chain-cut init op op* ...) (identifier? #'op) + #'(chain-cut (op init) op* ...)) + ((chain-cut init (op ...) op* ...) + #'(chain-cut ((cut op ...) init) op* ...))))) + +;; Copied from (guix build utils); remove +(define-condition-type &invoke-error &error + invoke-error? + (program invoke-error-program) + (arguments invoke-error-arguments) + (exit-status invoke-error-exit-status) + (term-signal invoke-error-term-signal) + (stop-signal invoke-error-stop-signal)) +;; TODO move to (guix build utils) +(define (invoke/stdout program . args) + "Invoke PROGRAM with ARGS and capture PROGRAM's standard output. If PROGRAM +succeeds, return its standard output as a string. Otherwise, raise an +'&invoke-error' condition." + (let* ((port (apply open-pipe* OPEN_READ program args)) + (data (get-string-all port)) + (code (close-pipe port))) + (unless (zero? code) + (raise (condition (&invoke-error + (program program) + (arguments args) + (exit-status (status:exit-val code)) + (term-signal (status:term-sig code)) + (stop-signal (status:stop-sig code)))))) + data)) + ;;; ;;; String comparison. diff --git a/tests/fork.sh b/tests/fork.sh new file mode 100644 index 0000000000..f6c72dba73 --- /dev/null +++ b/tests/fork.sh @@ -0,0 +1,135 @@ +# GNU Guix --- Functional package management for GNU +# Copyright © 2020, 2022, 2024 Ludovic Courtès +# +# This file is part of GNU Guix. +# +# GNU Guix is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GNU Guix is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Guix. If not, see . + +# +# Test forking Guix using the etc/fork.scm script, and fork authentication via +# `guix git authenticate --branch`. +# + +set -e + +gpg_fingerprint() { + flag=--list-keys + [ "$2" == --file ] && flag=--show-keys + gpg --quiet --with-colons "$flag" --with-fingerprint "$1" | awk -F: '$1 == "fpr" {print $10;}' +} + +test_directory="$(mktemp -d)" +trap 'chmod -Rf +w "$test_directory"; rm -rf "$test_directory"' EXIT + +### Sanity checks + +# Skip if git is not available. +command -v git > /dev/null || exit 77 + +# Skip if gpg is not available. +command -v gpg > /dev/null || exit 77 + +# Skip if we're not in a Git checkout. +[ -d "$abs_top_srcdir/.git" ] || exit 77 + +# Skip if there's no 'keyring' branch. +guile -c '(use-modules (git)) + (member "refs/heads/keyring" (branch-list (repository-open ".")))' || \ + exit 77 + +### Create a dummy test key to sign commits with + +# Create a temporary substitute for ~/.gnupg +export GNUPGHOME="$test_directory"/.gnupg +mkdir -p $GNUPGHOME +# gpg expects correct perms +chmod 700 $GNUPGHOME +chown $(whoami) $GNUPGHOME + +# Generate a test key +gpg --quiet --batch --gen-key <) id 1tmByx-00010e-Jm for submit@debbugs.gnu.org; Sun, 23 Feb 2025 08:25:20 -0500 Received: from mail-pl1-x644.google.com ([2607:f8b0:4864:20::644]:56746) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmByu-0000zb-DG for 75981@debbugs.gnu.org; Sun, 23 Feb 2025 08:25:17 -0500 Received: by mail-pl1-x644.google.com with SMTP id d9443c01a7336-220e83d65e5so65677745ad.1 for <75981@debbugs.gnu.org>; Sun, 23 Feb 2025 05:25:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740317110; x=1740921910; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5t+Rj0rTck73ZLcEX/7OcquW/21SX1QIQrNZauvWaMM=; b=HCwNpYlkFYLqnNyYpJoCWVq0T3mdNNrcHqn5+FBMWtFCydcvsbmKyi0C6CPQeTc5GQ QJjI9Sz1Q62LEMY+fhizEIz4YLlca0ATdlsJBrWloOwVswO5A7nmRLG48MWvr51bAQXj BEp049sxXoiMeMublnaDXaJqxUZ8nS3Q+n9WlSK23N14xBdwl7YQ1AT3CJdhVqwwM35n Kcl7up5vNU4brp46cz+BzUAQuc0eZS8WF4ITZFlTbjqNFad7FgAaHRfaLnzQ66iiWEq6 8FsLhh5TpeDkHyj3cM5YFcPXsyN8k93p9ARlFh2DvnyePOLoqW/HYuG7m1+fMxYi7TPn lZng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740317110; x=1740921910; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5t+Rj0rTck73ZLcEX/7OcquW/21SX1QIQrNZauvWaMM=; b=pt+qJyHl4EqxbzyNoLonp2bQSdpHX6INuxG95KAVw5mO9odMfpr0mC4dQNFr4k5liR IR3jpiYPU6LOy2r1PmW39vlCmJfutboijFMwwYntOWZcFtQCmEIbD/CZqVtSpb76AaiO tdb117hxVKPKFCnY/Q9vuOwyGnkSSRNq3ZSa51B6dx4PVOoZm7wJHujrPG0uG+00NPnq TF+/85koEB0t+pUzTIg0QJNQpe0LS3rzjlErfR4AzYj6pEc1Xp5ZnMSDxK1JrPb5NoWD 5vD8CEEEBNACO4pxmo6oS88BqoEG0SF0Av5p5bEszP67H+dLcJ+rc9uBKSnXrpaYFqOT SiOg== X-Gm-Message-State: AOJu0Yzn6/57Qg8ErOv3rX2sFHazyNxluoD1/da2Xj3FoMxYuUyjhgPP I57aOI7mOA81b9zBil2G2rpPAZ4zwzj7XxsiaRtKrWb7prCTRf7NvOCsNpiE X-Gm-Gg: ASbGnct7uqFQitJAhSx6o4eM53AiVwNB1RpF37Bw6sIy5JM5NwF4N9XSNevt/pXjS52 3gDQwSTDytA/FXbD+wYcsO6i/JPdQ+e3rqsP9XrCHKKiT6hhhMPdWCXnVBc4hhuvqQiiBGQZ1cg j7nBukRJQd2NoVef4ia3pKJfrXx7sCMvNX3STk5+VplFiNUqDaLZzRWeyR/lGUBTPISqpJVTIp4 xDUSbxEBzFb6mIDpzc29moqVF9l2Yxs7wvO/OI2mkFep218eA8qfJYguC+mzNuCbQ7rVrVUx8r8 fWYih6mL3V0nn3pvWAD5ZcFGWSU0WUjzfpUyAIoFr0JYrtGU X-Google-Smtp-Source: AGHT+IHRsGwhspIGXOedfQjiq46P73qhSk30T1B6/rsANqxa2xxZ2aKN4ZSrLCFQWTWGrNBGOVnwrA== X-Received: by 2002:a17:903:2a8d:b0:21f:89e5:272d with SMTP id d9443c01a7336-2219ff32fcfmr183515445ad.10.1740317110235; Sun, 23 Feb 2025 05:25:10 -0800 (PST) Received: from localhost.localdomain (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-220d5349226sm165573075ad.24.2025.02.23.05.25.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Feb 2025 05:25:09 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 75981@debbugs.gnu.org Subject: [PATCH v2 2/2] scripts: Add `guix git authenticate --branch`. Date: Sun, 23 Feb 2025 18:50:49 +0530 Message-ID: <8a5ccebe3c3aca1f728c702ec18a2379cdf77cb1.1740313892.git.45mg.writes@gmail.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: References: MIME-Version: 1.0 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Maxim Cournoyer , Simon Tournier , Tobias Geerinckx-Rice Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add an option to make `guix git authenticate` configure branch-specific introductions. This is an improvement over users having to configure them manually. * guix/scripts/git/authenticate.scm %options: Add --branch option. (show-help): Mention it. (guix-git-authenticate): Interpret and pass it to the below procedures. (configured?): Accept it as an optio [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:644 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, =?UTF-8?q?Ludovic=20Court=C3=A8s?= , Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add an option to make `guix git authenticate` configure branch-specific introductions. This is an improvement over users having to configure them manually. * guix/scripts/git/authenticate.scm %options: Add --branch option. (show-help): Mention it. (guix-git-authenticate): Interpret and pass it to the below procedures. (configured?): Accept it as an optio [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:644 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Add an option to make `guix git authenticate` configure branch-specific introductions. This is an improvement over users having to configure them manually. * guix/scripts/git/authenticate.scm %options: Add --branch option. (show-help): Mention it. (guix-git-authenticate): Interpret and pass it to the below procedures. (configured?): Accept it as an optional argument, to pass to (config-value). (config-value): Handle it as an optional argument. (record-configuration): Likewise. * tests/fork.sh: Test it. * doc/guix.texi (Invoking guix git authenticate): Document it. Change-Id: I0a64043448bec748be1117ffc24632279220ec7c --- doc/contributing.texi | 10 +++- doc/guix.texi | 15 ++++-- guix/scripts/git/authenticate.scm | 86 +++++++++++++++++++++---------- tests/fork.sh | 31 +++++++++++ 4 files changed, 109 insertions(+), 33 deletions(-) diff --git a/doc/contributing.texi b/doc/contributing.texi index 121f7eea9d..d3a4129617 100644 --- a/doc/contributing.texi +++ b/doc/contributing.texi @@ -3145,8 +3145,9 @@ Using Your Own Patches @itemize @item -Add your public key to the `keyring' branch of the repository. (This is -the key that all future commits will be signed with). +Add a commit to the `keyring' branch of the repository that adds your +public key. (This is the key that all future commits will be signed +with). @item Add a commit to the fork branch that modifies the @@ -3158,6 +3159,11 @@ Using Your Own Patches a fork for you, performing these steps as well as taking care of other details. Run @samp{etc/fork.scm --help} for details. +Additionally, the `--branch' option of @samp{guix git authenticate} +allows you to specify the fork introduction as a branch-specific +introduction, so that it will be used whenever you're on the fork +branch. For more information, @ref{Invoking guix git authenticate}. + @node Updating the Guix Package @section Updating the Guix Package diff --git a/doc/guix.texi b/doc/guix.texi index 59d9ae5dce..a121dd2a22 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -7490,9 +7490,10 @@ Invoking guix git authenticate @end example Should you have branches that require different introductions, you can -specify them directly in @file{.git/config}. For example, if the branch -called @code{personal-fork} has a different introduction than other -branches, you can extend @file{.git/config} along these lines: +specify them using the @option{--branch} option, or directly in +@file{.git/config}. For example, if the branch called +@code{personal-fork} has a different introduction than other branches, +you can extend @file{.git/config} along these lines: @smallexample [guix "authentication-personal-fork"] @@ -7541,6 +7542,14 @@ Invoking guix git authenticate commit that lacks @file{.guix-authorizations}. The format of @var{file} is the same as that of @file{.guix-authorizations} (@pxref{channel-authorizations, @file{.guix-authorizations} format}). + +@item --branch[=@var{branch}] +By default, the introduction is recorded under the @samp{[guix +"authentication"]} section of the @file{.git/config} file of your +checkout. This option will cause it to be recorded under @samp{[guix +"authentication-@var{branch}"]} instead, making it a +@dfn{branch-specific introduction}. @var{branch} defaults to the +current branch. @end table diff --git a/guix/scripts/git/authenticate.scm b/guix/scripts/git/authenticate.scm index e3ecb67c89..82ecc6ee2f 100644 --- a/guix/scripts/git/authenticate.scm +++ b/guix/scripts/git/authenticate.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2020, 2024 Ludovic Courtès +;;; Copyright © 2025 45mg <45mg.writes@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -69,6 +70,11 @@ (define %options (lambda (opt name arg result) (alist-cons 'historical-authorizations arg result))) + (option '("branch") #f #t + (lambda (opt name arg result) + (alist-cons 'branch + (or arg #t) + result))) (option '("stats") #f #f (lambda (opt name arg result) (alist-cons 'show-stats? #t result))))) @@ -85,28 +91,36 @@ (define (current-branch repository) (and (string-prefix? "refs/heads/" name) (string-drop name (string-length "refs/heads/")))))) -(define (config-value repository key) - "Return the config value associated with KEY in the 'guix.authentication' or -'guix.authentication-BRANCH' name space in REPOSITORY, or #f if no such config -was found." +(define* (config-value repository key #:optional branch) + "Return the config value associated with KEY in the +'guix.authentication-BRANCH' or 'guix.authentication' name space, in that +order, in REPOSITORY; or #f if no such config was found. +BRANCH defaults to the current branch; if this parameter is specified, look +only in the 'guix.authentication-BRANCH' name space." (let-syntax ((false-if-git-error (syntax-rules () ((_ exp) (catch 'git-error (lambda () exp) (const #f)))))) (let* ((config (repository-config repository)) - (branch (current-branch repository))) - ;; First try the BRANCH-specific value, then the generic one.` - (or (and branch - (false-if-git-error - (config-entry-value - (config-get-entry config - (string-append "guix.authentication-" - branch "." key))))) - (false-if-git-error - (config-entry-value - (config-get-entry config - (string-append "guix.authentication." - key)))))))) + (search-branch (or branch + (current-branch repository))) + (branch-specific + (and search-branch + (false-if-git-error + (config-entry-value + (config-get-entry config + (string-append "guix.authentication-" + search-branch + "." key))))))) + (if branch + branch-specific + ;; First try the BRANCH-specific value, then the generic one.` + (or branch-specific + (false-if-git-error + (config-entry-value + (config-get-entry config + (string-append "guix.authentication." + key))))))))) (define (configured-introduction repository) "Return two values: the commit and signer fingerprint (strings) as @@ -121,27 +135,34 @@ (define (configured-keyring-reference repository) "Return the keyring reference configured in REPOSITORY or #f if missing." (config-value repository "keyring")) -(define (configured? repository) - "Return true if REPOSITORY already container introduction info in its -'config' file." - (and (config-value repository "introduction-commit") - (config-value repository "introduction-signer"))) +(define* (configured? repository #:optional branch) + "Return true if REPOSITORY already contains introduction info in its +'config' file. +If BRANCH is given, look only for the BRANCH-specific introduction." + (and (config-value repository "introduction-commit" branch) + (config-value repository "introduction-signer" branch))) (define* (record-configuration repository + #:optional branch #:key commit signer keyring-reference) "Record COMMIT, SIGNER, and KEYRING-REFERENCE in the 'config' file of -REPOSITORY." +REPOSITORY, under [guix \"authentication\"]. +If BRANCH is given, record them under [guix \"authentication-BRANCH\"]." (define config (repository-config repository)) + (define section + (if branch + (string-append "guix.authentication-" branch) + "guix.authentication")) ;; Guile-Git < 0.7.0 lacks 'set-config-string'. (if (module-defined? (resolve-interface '(git)) 'set-config-string) (begin - (set-config-string config "guix.authentication.introduction-commit" + (set-config-string config (string-append section ".introduction-commit") commit) - (set-config-string config "guix.authentication.introduction-signer" + (set-config-string config (string-append section ".introduction-signer") signer) - (set-config-string config "guix.authentication.keyring" + (set-config-string config (string-append section ".keyring") keyring-reference) (info (G_ "introduction and keyring recorded \ in repository configuration file~%"))) @@ -227,6 +248,9 @@ (define (show-help) (display (G_ " --historical-authorizations=FILE read historical authorizations from FILE")) + (display (G_ " + --branch[=BRANCH] ensure BRANCH-specific introduction is used/configured + (BRANCH defaults to the current branch)")) (newline) (display (G_ " -h, --help display this help and exit")) @@ -285,6 +309,12 @@ (define (guix-git-authenticate . args) (let* ((show-stats? (assoc-ref options 'show-stats?)) (repository (repository-open (or (assoc-ref options 'directory) (repository-discover ".")))) + (branch (match (assoc-ref options 'branch) + (#t (or (current-branch repository) + (leave (G_ "\ +--branch specified, but cannot detect current branch; try --branch=BRANCH~%")))) + (#f #f) + (string string))) (commit signer (match (command-line-arguments options) ((commit signer) (values commit signer)) @@ -314,8 +344,8 @@ (define (guix-git-authenticate . args) #:cache-key cache-key #:make-reporter make-reporter)) - (unless (configured? repository) - (record-configuration repository + (unless (configured? repository branch) + (record-configuration repository branch #:commit commit #:signer signer #:keyring-reference keyring) (install-hooks repository)) diff --git a/tests/fork.sh b/tests/fork.sh index f6c72dba73..3791ccc838 100644 --- a/tests/fork.sh +++ b/tests/fork.sh @@ -133,3 +133,34 @@ guix git authenticate \ # Test that the fork branch fails to authenticate with the upstream # introduction, as it is not signed by an authorized key. ! guix git authenticate + +# Test that the fork introduction itself can be authenticated using the --branch +# argument (a rather trivial test). +# This should configure the branch-specific introduction, without which the +# next test will fail. +FORK_INTRO_COMMIT=$(git rev-parse HEAD) +guix git authenticate "$FORK_INTRO_COMMIT" "$TEST_KEY" --branch + +# The same test, but without any arguments, to see if the branch-specific +# introduction was recorded in the repository config file and is read +# correctly. +guix git authenticate + +# Add a few empty commits onto the 'fork' branch, signed with our key. +# Test that these can be authenticated. +git config user.name test-user +git config user.email test-user@no.mail +for i in A B C D E; do + git commit --quiet --allow-empty --gpg-sign="$TEST_KEY" -m "$i" +done +guix git authenticate + +# Test that we can pass a parameter with --branch. +guix git authenticate --branch=fork + +# Check out the previous commit, so that we're not on a branch (detached HEAD +# state). Then test that we can still authenticate by passing --branch=fork. +git checkout --quiet HEAD^ +guix git authenticate --branch=fork + +git checkout --quiet fork -- 2.48.1 From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 23 08:28:18 2025 Received: (at 75981) by debbugs.gnu.org; 23 Feb 2025 13:28:18 +0000 Received: from localhost ([127.0.0.1]:59920 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmC1q-000167-2I for submit@debbugs.gnu.org; Sun, 23 Feb 2025 08:28:18 -0500 Received: from mail-pj1-x1041.google.com ([2607:f8b0:4864:20::1041]:57778) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmC1m-00015t-WB for 75981@debbugs.gnu.org; Sun, 23 Feb 2025 08:28:15 -0500 Received: by mail-pj1-x1041.google.com with SMTP id 98e67ed59e1d1-2fc20e0f0ceso5407146a91.3 for <75981@debbugs.gnu.org>; Sun, 23 Feb 2025 05:28:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740317289; x=1740922089; darn=debbugs.gnu.org; h=mime-version:message-id:date:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=P2tuOiSPVbaLUvbqqv3gtPN/opeivl54xMFlLu6mgL4=; b=bvbSj+Es3jdrIfctS2bXfBzoDFHthFEikVox6MIvCcv/4Dt8qkXxAMti4PcCHQlZkb 2us+OBCduzDSfu63Tio21lPHVeHz+bIhnW42FBfL7z2F1yH4lVt5XNmKayRovXMWwATk ZqkWvSCAZ1M12ddXbI3gTx8BSRAPiFW4imDPWKuD2rk9jbT0UgipmrGnK3AnxEpL4xY9 LoXlEZiZY4dt68cG01liPLj8lBQMEC4wAOz0f+7ktqSAVdMEOP3w+io/ikVHroCNqk+s 1ejfCHesDEBVdU6CWQfPe8tVjnHgFACWYIKep2u43nOZbHqksLWfQn/KAavs/8cBlkUN aHgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740317289; x=1740922089; h=mime-version:message-id:date:subject:cc:to:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=P2tuOiSPVbaLUvbqqv3gtPN/opeivl54xMFlLu6mgL4=; b=SYwZhCFyX0L7hJauqcrvR9Kso5jNCfyrDZyz59+MgUgBk6SICVmYZDgM08nCvIvWD5 h8Z9Fs+WDYscsR0s7U5D2g6L1MDzGY/DlBcrg4xlDzYxR9qBjK7BHYEtVa4WtGNJto85 xn94pf5Tz6P9E0iFH+YL272Vhma6WE6CKYuVDn8yk/Gzj+dUgjuSU2avY+B/2c0Y8eB+ zm16l1utNIxQ7F+mLmn/CHfqE4sJIrYhQ8ZD3TmB1K90xBKb9iU8Y0xbdzxsv3RUSj8M 0M0uwDHNgXEC/7qF4ODreAePCRBncGLE4TUyfOoEu7gbybKDKp1GjFATdc0Y/Za0EOFQ ao8A== X-Gm-Message-State: AOJu0YzcfYD/7FDEFnlK8w6KGZr/t9GYTKiKAxmvX2WI1Cdr1PH1ZD1Q xDoeKHFFI10wg1a2ZeDpcNdWZVz4vSmwHMtRVsdtcXcQxKSEmZs1 X-Gm-Gg: ASbGncuqC5hpoVSegO0XIQkHOg8vBUh0hvDu7EbKQMvfbhHIWhr3pVvliPZcRh8Blv3 XUL0rJbT4NKJjb/cpSFTXMUttDvUqmycReOF1veSyxIDZ2OZoqAVJjwZLtTlbSs9kZXLEqCOPnA 02FpR5+CG1jdEeBY1vr+n38Mvv/Jznc8o1MaQoik3iN39bqttfjXXASegi+e+0+M+etx10DbMg6 UH8yorUsuxbQblbTlUkqbwAPw9AdZ1vt/uZ0XP8JZ/R8f8f0OUzmUFH3AG4xiswuV8xzDjME2vx hc/O/FVRNrp14fM51scRQ9Hnxrk= X-Google-Smtp-Source: AGHT+IHyJsHGrSPKvyIU2s3BeywRfUOudr5pNOAqJt94yHvXBxbOxFpfAit74HkNUrGLB1j1FnviDA== X-Received: by 2002:a17:90b:1a88:b0:2fa:200e:acd6 with SMTP id 98e67ed59e1d1-2fce7b1133emr16518313a91.28.1740317288849; Sun, 23 Feb 2025 05:28:08 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2fceb05f29csm4548107a91.21.2025.02.23.05.28.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Feb 2025 05:28:08 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: Maxim Cournoyer , 45mg <45mg.writes@gmail.com> Subject: Re: [bug#75981] [PATCH (WIP) v1.5 1/4] Add 'guix fork create'. Date: Sun, 23 Feb 2025 13:27:58 +0000 Message-ID: <87zficg59d.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Maxim, I've implemented most of your feedback in the v2 - at least, the feedback that still applies, since v2 is a pretty big refactor. I'm replying here to the things I /didn't/ address, to explain why. Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1041 listed in] [list.dnswl.org] X-Debbugs-Envelope-To: 75981 Cc: Josselin Poiret , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tomas Volf <~@wolfsden.cz>, Tobias Geerinckx-Rice , Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Christopher Baines , Attila Lendvai , Ludovic =?utf-8?Q?Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Maxim, I've implemented most of your feedback in the v2 - at least, the feedback that still applies, since v2 is a pretty big refactor. I'm replying here to the things I /didn't/ address, to explain why. Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1041 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Hi Maxim, I've implemented most of your feedback in the v2 - at least, the feedback that still applies, since v2 is a pretty big refactor. I'm replying here to the things I /didn't/ address, to explain why. Maxim Cournoyer writes: >> + >> +;;; >> +;;; Helper prodecures. >> +;;; >> + >> +(define (fingerprint->key-file-name fingerprint) >> + (let* ((listing (invoke/stdout "gpg" "--list-key" "--with-colons" fingerprint)) >> + (uid (chain-cut listing >> + (string-split <> #\newline) >> + (filter (cut string-prefix? "uid:" <>) <>) >> + first > > If there are no key for FINGERPRINT, `first' will fail with a cryptic > error here. It should ideally throw a useful exception. I tested it, and it doesn't, because 'invoke/stdout' has error handling: --8<---------------cut here---------------start------------->8--- scheme@(guile-user)> (fingerprint->key-file-name "3CE464558A84FDC69DB40CFB090B11993D9AEBB5") ;Ludo's key, which I have since I needed it to verify the Guix installer .iso $1 = "ludo-3D9AEBB5.key" scheme@(guile-user)> (fingerprint->key-file-name "abcdef") gpg: error reading key: No public key ice-9/boot-9.scm:1685:16: In procedure raise-exception: Wrong type (expecting exact integer): #<&invoke-error program: "gpg" arguments: ("--list-key" "--with-colons" "abcdef") exit-status: 2 term-signal: #f stop-signal: #f> --8<---------------cut here---------------end--------------->8--- I think this sufficiently indicates what the error is. > We prefer to use guile-git throughout Guix, as it has a proper Scheme > interface. Have you tried using it instead of shelling out to git? > Perhaps it was missing some features you needed? Yes, IIRC renaming remotes wasn't supported. But the main reason was that I wanted to implement a --dry-run option that would print the commands to be executed, which would help clarify what the script is doing. I've done that in v2. >> + (unless use-existing? >> + (info (G_ "Cloning from upstream ~a...~%") upstream) >> + (invoke "git" "clone" upstream directory)) > > Why not using the above defined invoke-git here? 'invoke-git' acts on the git repository in 'directory'. Here, we are creating that repository. >> >> @@ -1193,6 +1200,60 @@ (define-syntax current-source-directory >> ;; raising an error would upset Geiser users >> #f)))))) >> >> + >> +;;; >> +;;; Higher-order functions. >> +;;; >> + >> +(define-syntax chain-cut >> + (lambda (x) >> + "Apply each successive form to the result of evaluating the previous one. >> +Before applying, expand each form (op ...) to (cut op ...). >> + >> +Examples: >> + >> + (chain-cut '(1 2 3) cdr car) >> + => (car (cdr '(1 2 3))) >> + >> + (chain-cut 2 (- 3 <>) 1+) >> + => (1+ ((cut - 3 <>) 2)) >> + => (1+ (- 3 2)) >> +" >> + (syntax-case x () >> + ((chain-cut init op) (identifier? #'op) >> + #'(op init)) >> + ((chain-cut init (op ...)) >> + #'((cut op ...) init)) >> + ((chain-cut init op op* ...) (identifier? #'op) >> + #'(chain-cut (op init) op* ...)) >> + ((chain-cut init (op ...) op* ...) >> + #'(chain-cut ((cut op ...) init) op* ...))))) > > I'm not 100% convince on the above, as it seems it leads to bunching a > whole lot of procedures together and not paying attention to potential > exceptions/errors returned. But maybe that's OK if the whole form is > wrapped in an error handler. That's a fair point, but I think we're always going to have this tradeoff when we do a lot of function composition. For example: --8<---------------cut here---------------start------------->8--- scheme@(guile-user)> ((compose car car cdr) '(0 (1))) $1 = 1 scheme@(guile-user)> ((compose car car cdr) '(0 1)) ice-9/boot-9.scm:1685:16: In procedure raise-exception: In procedure car: Wrong type (expecting pair): 1 --8<---------------cut here---------------end--------------->8--- Here it's not immediately clear which 'car' failed. Ideally, we'd be able to make Guile give us a proper backtrace showing that the error originates in 'chain-cut'... but given my experience with Guile backtraces I doubt that's even possible :_) > That's it! This adding a whole new command line, and to get everyone > aware, I think going through the new GCD (Guix Common Document/RFC) > process is warranted before it is to be accepted/included in > Guix. > > -- > Thanks, > Maxim From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 23 08:41:42 2025 Received: (at 75981) by debbugs.gnu.org; 23 Feb 2025 13:41:42 +0000 Received: from localhost ([127.0.0.1]:59940 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmCEn-0001ki-S1 for submit@debbugs.gnu.org; Sun, 23 Feb 2025 08:41:42 -0500 Received: from mail-wm1-x342.google.com ([2a00:1450:4864:20::342]:46459) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tmCEl-0001kT-5g for 75981@debbugs.gnu.org; Sun, 23 Feb 2025 08:41:40 -0500 Received: by mail-wm1-x342.google.com with SMTP id 5b1f17b1804b1-438a3216fc2so34248015e9.1 for <75981@debbugs.gnu.org>; Sun, 23 Feb 2025 05:41:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740318093; x=1740922893; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=WEw04P4YHdsoganwlsdTg3B2N/KG9vc7kfP2qc2x1bA=; b=KBjXBZaVucNlkLdNeRzTKfmQqPvhijOc+4QnnlgxC81t/N7qpNKwHl0iBErR6s0dov 4qhHR+dbHCqa7ASVBXMPA5KsTwmSYVZSuwqPAk8egjrVJAf6JkeObtvAhl3hy3jK/oDg AGAcv/+k1IfT+hfYpzG230g0yp2XiFsC8BuKJacMLkStzDqjwTW3W5r7acPkSo1gRk9Z US1iaUoPe3qzf1z9GZgC2XNnCGfvEHJOvlTLqj45rqQ8QAUZ/BrajRntAPewHmYcuCqk PO3e3/Rv5m1biakIWUC2SJDYl9lfkikaG7xhLjG9JyOItVe5FNBCipmpsFK34gDSaMmP +P/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740318093; x=1740922893; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=WEw04P4YHdsoganwlsdTg3B2N/KG9vc7kfP2qc2x1bA=; b=vGuZw2GPB7KWeJBqWv4QJE6xGjJ33t7b3kBXbKOBMP7HsKC+R6lyL0yKQN/5laK/5f 0BEm6wLU3vOO++KZfLSKR9xBlvo9mt8l4+JAJ/qvM1xY6/LstA5tglChMn2IXi1gUxFM M7IO8If6Thqq/EGQAxSnXTfVbDU6fnhsx5OyR7uTxDiJMzJ7wUHcD0O9njLpbUU2P/wb VeMGKOndSpygGxZNJvWs9rNx38ZnR1ORS2donZrCvIx57QvKJLJX1VW9fbMt7MLMWBu9 2k7cXi6UYwVU3W/7cqKoS22fTOKUCo9vo049lyNANDEPIcBPZ6M0ZWIa8vHStdYNkaJi H82g== X-Forwarded-Encrypted: i=1; AJvYcCUB21jCbN+i+xI8D5HKBFhb0AyxmrFaafX/4EjVEEWajaBRBRGkTYvHqdnU4UIDGiI0cHxahg==@debbugs.gnu.org X-Gm-Message-State: AOJu0YwFl+7h15v0yg0wR27r4CXoJCX2ZYfWJ1Dgc5RJyp8vevdekqGu vDw/qKCoBSL54mBHaLwEerBZ/f0gSNmdg1UQSWEcXBHflim6jaTC X-Gm-Gg: ASbGncuzF3kb4vZK83SaUFYFzbN4EVBk1sMubxsGHpIS7at808y1nqm0EOw37Pn9Nw8 5G37tSe78dO5PGw2DhEgOLJtPaQSqoHHI+SooZgJCuK5dVip4XQREnq4J1hPC5OJjOv1esz9laR W1vOq1eANu0ZwIzBTzg9BENGhouT7T7P3iGAfZTHAgWtjmOmM9Pg4cm2tsvdgNv7xflm6GhSSSF sN+w2cLvwBKo9phiFq0JzLrpPPb29eqHbg5b/hFrxg5mQhimRQ2qxC6Pf0401FXG+wHx71ntH2q Mip44xoC9cEI2pGFtPrGSUonmhGvQysSUA6Bnk7Wq3PIfoH/sQ2Y9FR6xo+QgvhPZj4ztK2IZFF naA== X-Google-Smtp-Source: AGHT+IGA4hkelTJwJ9B3mUTfygs7FnX6kTtoJA3EfBsm9/lWAco7wlwLINgDWdXkzB/pvpObmxh5cw== X-Received: by 2002:a05:600c:350a:b0:439:9b82:d6b2 with SMTP id 5b1f17b1804b1-439aeb34f86mr93990255e9.16.1740318092769; Sun, 23 Feb 2025 05:41:32 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-38f259f7979sm28640520f8f.83.2025.02.23.05.41.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Feb 2025 05:41:31 -0800 (PST) Message-ID: Subject: Re: [PATCH v2 1/2] etc: Add fork.scm. From: Liliana Marie Prikler To: 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Date: Sun, 23 Feb 2025 14:42:04 +0100 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.48.4 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Ludovic =?ISO-8859-1?Q?Court=E8s?= , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Am Sonntag, dem 23.02.2025 um 18:50 +0530 schrieb 45mg: > +(define %usage > +=C2=A0 (format #f (G_ "Usage: etc/fork.scm SIGNING_KEY [DIRECTORY > OPTIONS...] > +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the > introductory > +commit. > +DIRECTORY defaults to ../guix-fork. I would make DIRECTORY a mandatory argument and SIGNING_KEY an option (-S/--gpg-sign=3DKEY). The default value can be fetched from git config. Cheers From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 23 08:55:58 2025 Received: (at 75981) by debbugs.gnu.org; 23 Feb 2025 13:55:58 +0000 Received: from localhost ([127.0.0.1]:59972 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmCSb-0002Qu-GD for submit@debbugs.gnu.org; Sun, 23 Feb 2025 08:55:58 -0500 Received: from mail-wr1-x444.google.com ([2a00:1450:4864:20::444]:61949) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tmCSZ-0002Qc-K7 for 75981@debbugs.gnu.org; Sun, 23 Feb 2025 08:55:56 -0500 Received: by mail-wr1-x444.google.com with SMTP id ffacd0b85a97d-38f70170005so1919464f8f.3 for <75981@debbugs.gnu.org>; Sun, 23 Feb 2025 05:55:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740318949; x=1740923749; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=2BXczqLbif1PjET5UWCgkwgTjL1MG2PsEbqq+OubadA=; b=Eoi2/Pi8xanNbwkMQHNf9K2MXqmTAD5EroZ8/yrTQbyyvwnylQIdDCxNhS02kuJuqN uPYuDwpkZwaqnH1gSHzDZ3qdL0pfBi1m9SkFZx65UeJzG6mN3HL5wPR8VfYTDW1ZTyh/ DZ81w0cbg72ojumcMSrwVgqbL/RZ2m9o3okslLw5x+Gn41V+uZRe/2utLBamn5DOqJu8 aqZJQeM+/vZYzBa51HDF+xi/ADt8eqWFdiIkQenwgBwr9pH5ntm98/E1hJppt7INDV5I hTlPf46UrwdJX44Qjls8vx5E+7rHZweAN/foIt2tPphF3mnS9xZCPOV2NBXC0O9a6Bv7 z/Bw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740318949; x=1740923749; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=2BXczqLbif1PjET5UWCgkwgTjL1MG2PsEbqq+OubadA=; b=g73kgFnu68YS71E+6S1pjRoobcqEJ4XVLZQ5qfnhbYVM6xF/1//0+vlHALYWTnYuoS dEmJTjak3O1uVAlQSKkcoekTOBHn7UVBseF2CrXAgzwKCLBXL9I7IBHn4FSDz687IAO6 J15oNZsRcunQhpourE4cpCsyj+CFbaQBvC3Uo6ZZKWZxn9aWT0iVUSFpuvipkt/5230e AxrxYtZGYCQzSBwAy4CI2osIz5Fncl8m47NnqC5oypAwuJyrv62EU6LNITW0Hcql4INF FSlpjxHxIOV6cQZuI73MAkLSObG4YvpdFNM06/683IkwGTLSz35UmDdotK0GJOEmxAZA 2Jbw== X-Forwarded-Encrypted: i=1; AJvYcCWU/Yz9dobYTvxX5b+4Nm/oF5Xu+n4wlYiNauDTh61sE1ePg3V9Rfit4GqjaN4p8gRurnQkfQ==@debbugs.gnu.org X-Gm-Message-State: AOJu0YysWDuXWwJkHNGgoC6KCQ4ufmKWYVZfkJrBd0G/UlSbQZ3ukYhh eivGNomeu5juQkMEhNdpXW6KC7ITi/q9zKXnrOsCbxrTAh7YUYJs X-Gm-Gg: ASbGnctB1s1ln7HZ1HrXoSDxideN4UWwGLFncw5wHCu4VTo0vMWXxZsBcJj/6l3ybEB YQXeEXloZaGl3EMSCRpi2fnH3iPCxfAbfwBLHMXLuiYPuPlPU8IXcB22IhqVruzkBkiA/g44qjQ B5xS/toRfZ20tYIhLglzYaupOlwVkp7PkRtpL3drd5Q8F2rSaV9sCYRB/0VguU0M/Muoc4cXTw8 E6hiaMX8oTbU/3jtFNulo8HVwF0pbZEe9XS2XmPh37yNS4zZyk87O44Lt+5i4IKElCWFIeSXyAb a5R1s1shLvbzJn2Sw/jMjq7iZZINjmvnfo3cJcWaxfiBxMj9C+2QLMp74tNLWkFkfXsIajz4KKb LMQ== X-Google-Smtp-Source: AGHT+IGmI07ctDs+mm2craDkM1q/zkaZ3N1jd6sb21sPNmUKKS2Y6k0y0cIKm0z38rzovCZjzRrGdA== X-Received: by 2002:a5d:6c6d:0:b0:38d:bccf:f342 with SMTP id ffacd0b85a97d-38f6f0b129amr8401323f8f.43.1740318949247; Sun, 23 Feb 2025 05:55:49 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-439b02e4245sm77710505e9.18.2025.02.23.05.55.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Feb 2025 05:55:48 -0800 (PST) Message-ID: Subject: Re: [PATCH v2 2/2] scripts: Add `guix git authenticate --branch`. From: Liliana Marie Prikler To: 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Date: Sun, 23 Feb 2025 14:56:20 +0100 In-Reply-To: <8a5ccebe3c3aca1f728c702ec18a2379cdf77cb1.1740313892.git.45mg.writes@gmail.com> References: <8a5ccebe3c3aca1f728c702ec18a2379cdf77cb1.1740313892.git.45mg.writes@gmail.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: base64 User-Agent: Evolution 3.48.4 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Ludovic =?ISO-8859-1?Q?Court=E8s?= , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) QW0gU29ubnRhZywgZGVtIDIzLjAyLjIwMjUgdW0gMTg6NTAgKzA1MzAgc2NocmllYiA0NW1nOgo+ IMKgKGRlZmluZSogKHJlY29yZC1jb25maWd1cmF0aW9uIHJlcG9zaXRvcnkKPiArwqDCoMKgwqDC oMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgICM6b3B0 aW9uYWwgYnJhbmNoCj4gwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqAgIzprZXkgY29tbWl0IHNpZ25lciBrZXlyaW5nLQo+IHJlZmVy ZW5jZSkKPiDCoMKgICJSZWNvcmQgQ09NTUlULCBTSUdORVIsIGFuZCBLRVlSSU5HLVJFRkVSRU5D RSBpbiB0aGUgJ2NvbmZpZycgZmlsZQo+IG9mCj4gLVJFUE9TSVRPUlkuIgo+ICtSRVBPU0lUT1JZ LCB1bmRlciBbZ3VpeCBcImF1dGhlbnRpY2F0aW9uXCJdLgo+ICtJZiBCUkFOQ0ggaXMgZ2l2ZW4s IHJlY29yZCB0aGVtIHVuZGVyIFtndWl4IFwiYXV0aGVudGljYXRpb24tCj4gQlJBTkNIXCJdLiIK PiDCoMKgIChkZWZpbmUgY29uZmlnCj4gwqDCoMKgwqAgKHJlcG9zaXRvcnktY29uZmlnIHJlcG9z aXRvcnkpKQo+ICvCoCAoZGVmaW5lIHNlY3Rpb24KPiArwqDCoMKgIChpZiBicmFuY2gKPiArwqDC oMKgwqDCoMKgwqAgKHN0cmluZy1hcHBlbmQgImd1aXguYXV0aGVudGljYXRpb24tIiBicmFuY2gp Cj4gK8KgwqDCoMKgwqDCoMKgICJndWl4LmF1dGhlbnRpY2F0aW9uIikpCj4gwqAKPiDCoMKgIDs7 IEd1aWxlLUdpdCA8IDAuNy4wIGxhY2tzICdzZXQtY29uZmlnLXN0cmluZycuCj4gwqDCoCAoaWYg KG1vZHVsZS1kZWZpbmVkPyAocmVzb2x2ZS1pbnRlcmZhY2UgJyhnaXQpKSAnc2V0LWNvbmZpZy0K PiBzdHJpbmcpCj4gwqDCoMKgwqDCoMKgIChiZWdpbgo+IC3CoMKgwqDCoMKgwqDCoCAoc2V0LWNv bmZpZy1zdHJpbmcgY29uZmlnICJndWl4LmF1dGhlbnRpY2F0aW9uLmludHJvZHVjdGlvbi0KPiBj b21taXQiCj4gK8KgwqDCoMKgwqDCoMKgIChzZXQtY29uZmlnLXN0cmluZyBjb25maWcgKHN0cmlu Zy1hcHBlbmQgc2VjdGlvbgo+ICIuaW50cm9kdWN0aW9uLWNvbW1pdCIpCj4gwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIGNvbW1pdCkKPiAtwqDC oMKgwqDCoMKgwqAgKHNldC1jb25maWctc3RyaW5nIGNvbmZpZyAiZ3VpeC5hdXRoZW50aWNhdGlv bi5pbnRyb2R1Y3Rpb24tCj4gc2lnbmVyIgo+ICvCoMKgwqDCoMKgwqDCoCAoc2V0LWNvbmZpZy1z dHJpbmcgY29uZmlnIChzdHJpbmctYXBwZW5kIHNlY3Rpb24KPiAiLmludHJvZHVjdGlvbi1zaWdu ZXIiKQo+IMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKg wqDCoCBzaWduZXIpCj4gLcKgwqDCoMKgwqDCoMKgIChzZXQtY29uZmlnLXN0cmluZyBjb25maWcg Imd1aXguYXV0aGVudGljYXRpb24ua2V5cmluZyIKPiArwqDCoMKgwqDCoMKgwqAgKHNldC1jb25m aWctc3RyaW5nIGNvbmZpZyAoc3RyaW5nLWFwcGVuZCBzZWN0aW9uICIua2V5cmluZyIpCj4gwqDC oMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIGtleXJp bmctcmVmZXJlbmNlKQo+IMKgwqDCoMKgwqDCoMKgwqAgKGluZm8gKEdfICJpbnRyb2R1Y3Rpb24g YW5kIGtleXJpbmcgcmVjb3JkZWQgXAo+IMKgaW4gcmVwb3NpdG9yeSBjb25maWd1cmF0aW9uIGZp bGV+JSIpKSkKSSB3b3VsZCB1c2UgZ3VpeC5hdXRoZW50aWNhdGlvblsuQlJBTkNIXS5LRVkgZm9y IGNvbnNpc3RlbmN5LiAgWWVzLCB5b3UKY2FuIHVzZSBwZXJpb2RzIGluIEdpdCBjb25maWcgc3Vi c2VjdGlvbiBuYW1lcyBhcyBwZXIgWzFdOgo+IFN1YnNlY3Rpb24gbmFtZXMgYXJlIGNhc2Ugc2Vu c2l0aXZlIGFuZCBjYW4gY29udGFpbiBhbnkgY2hhcmFjdGVycwo+IGV4Y2VwdCBuZXdsaW5lIGFu ZCB0aGUgbnVsbCBieXRlLiAKCkNoZWVycwoKWzFdIGh0dHBzOi8vZ2l0LXNjbS5jb20vZG9jcy9n aXQtY29uZmlnCg== From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 24 07:42:04 2025 Received: (at 75981) by debbugs.gnu.org; 24 Feb 2025 12:42:04 +0000 Received: from localhost ([127.0.0.1]:38835 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmXme-0003lf-6I for submit@debbugs.gnu.org; Mon, 24 Feb 2025 07:42:04 -0500 Received: from mail-pj1-x1043.google.com ([2607:f8b0:4864:20::1043]:46424) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmXmb-0003lA-Ij for 75981@debbugs.gnu.org; Mon, 24 Feb 2025 07:42:02 -0500 Received: by mail-pj1-x1043.google.com with SMTP id 98e67ed59e1d1-2fc32756139so6616635a91.1 for <75981@debbugs.gnu.org>; Mon, 24 Feb 2025 04:42:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740400915; x=1741005715; darn=debbugs.gnu.org; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=PHpB979HxetnOo04Tw/fUU0coa/Em15N5eULf/w7mzQ=; b=MEvwwXqKoPz5QnPUmb+XQpOopoq7DtLPDESGRMdsjs1DlAaGj+ocbDaqRTfl5t3IYw keZFMileC2NvPMoxIbgkGlpS3d4DvDy9RoFTyK9neZMWUI/njPlzCgLCM+1hQJixHoXk voh5TuoTl9sm6IPvfoDaEuUXblmDyVgrlkM6/vZJyzG2i67zlgTfrrN1LOSUy0UF/RO2 0xX24390b2d2cup6TGIuNXapwhS2ia+hv0TSt1u2CJcnpzGNt8b/CqQbv4be8g8MTceh qVUUntM687y3gc0vZcyZ2jaaM6meY8QJFPnyAZqW/GYnAU/z8sXZAateoAjO1lMg/Pwy jOfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740400915; x=1741005715; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=PHpB979HxetnOo04Tw/fUU0coa/Em15N5eULf/w7mzQ=; b=tg6J83zNogw9XVWhjMW3RB0DKfdkxTljOhVGAYPkrztzTxKSssBp1GwcRh5aYgVDb4 Zcu3lCH2cMZ9GSpM5+0X3yJ+k9EGaWs27ld/B/5UFQL4SWSV9V0P880oB9nlceDh2UYK AjGjeKmcZA9yPULGq8iQi6RFES/yJ5VEl09x5DBSOEsQgK674lZrUw5Q2dS/zS8MMq9w WHSsBcuKzAFYvNzWwY+j2ekeW2Ctgo2zGWftR/kGt5y6QqYChXJE5durtBVhK3aVrpoG 97IAJqglYZ2G5a4M9ySUD/vJHOEp/0s/Xu1GM7zqa8nKQEm6HaBERPHTbsb3bopriIxd S3Hw== X-Forwarded-Encrypted: i=1; AJvYcCXDmp41zzEQbCfp5PLIkvNBrB926R25uplhImZCEyoQXaTfIHbfmhMzMChE/mCKnFLSj5NA7w==@debbugs.gnu.org X-Gm-Message-State: AOJu0YwV68xDqFD6i1M5DMKiR1fN/iPrMkSwo8Nn4lwD+rAxiAp/14XY lGwQx6bDKPHC5FmymErstXpu2yRGpZcGIT1gA5x8S5icy6tUdfc0 X-Gm-Gg: ASbGnctoltunvyn78uCWb5BytQnHQ+VV0T7IVZWv9aLcMCaj6pkNE7EB94GStQzJzKE byxnkfkjJVzRrWFGqRMyc3v3PjHhMGdkJL9f4fX90JjYyQ3OAtRhlqCP2Tu+WdyrQGk4zWjaiK/ G2l7P14JXRoceAzv15G6djNGTSqFGuCWPRmAyOFRz9xZ9oFJjOs418UpW9D+N0wXaX5zTnCp+1L VFmPulPcDce2GClecrYYj2vR/NqjxJ6TMmCoI1GVFoPCf+H+LXsmCghELzS3TG91eoJAjxIzIF0 nN5QdSQDQrHSEDm5xKg2++dfSj0= X-Google-Smtp-Source: AGHT+IFMWaH9iTYrRxJgqEEiTWgZXar37xNHl9IHnfVuAh8HdL0vdhNoxxxclDkzPACGUveJt79dag== X-Received: by 2002:a17:90b:4c10:b0:2ee:b4bf:2d06 with SMTP id 98e67ed59e1d1-2fce86d0e70mr19439813a91.19.1740400915371; Mon, 24 Feb 2025 04:41:55 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-220d5366855sm179770065ad.94.2025.02.24.04.41.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Feb 2025 04:41:55 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Subject: Re: [PATCH v2 0/2] Support authenticated forks. In-Reply-To: References: Date: Mon, 24 Feb 2025 12:41:46 +0000 Message-ID: <87wmdf1pmd.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: 45mg writes: > There are two aspects of a solution to handle forks - fork > /authentication/, which is what we've discussed so far; and fork > /management/, which includes keeping a fork updated, rebasing patch > [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1043 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, 45mg <45mg.writes@gmail.com>, Ludovic =?utf-8?Q?Court=C3=A8s?= , Liliana Marie Prikler , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: 45mg writes: > There are two aspects of a solution to handle forks - fork > /authentication/, which is what we've discussed so far; and fork > /management/, which includes keeping a fork updated, rebasing patch > [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1043 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager 45mg <45mg.writes@gmail.com> writes: > There are two aspects of a solution to handle forks - fork > /authentication/, which is what we've discussed so far; and fork > /management/, which includes keeping a fork updated, rebasing patch > branches onto the latest master, etc. I would like to keep this patch > series restricted to the former, and avoid addressing the latter, for > two main reasons. It just occurred to me that I should still have documented some of the issues that come up with fork management in Guix, even if I don't want to include any fancy tooling for it in this patch series. For instance, I should have mentioned how non-committers need to rebase upstream commits onto their fork branch instead of merging them in, and demonstrated how this can be done via the Git CLI. And in general, I should have walked users through the complexities of updating to new versions of patches, etc. without altering history (as altering history requires you to pull with `--allow-downgrades`). I guess that's something to address with v3, whenever I get around to it... From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 24 07:45:40 2025 Received: (at 75981) by debbugs.gnu.org; 24 Feb 2025 12:45:40 +0000 Received: from localhost ([127.0.0.1]:38843 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmXq8-0003xc-4S for submit@debbugs.gnu.org; Mon, 24 Feb 2025 07:45:40 -0500 Received: from mail-pl1-x644.google.com ([2607:f8b0:4864:20::644]:52538) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmXq5-0003xO-Tf for 75981@debbugs.gnu.org; Mon, 24 Feb 2025 07:45:38 -0500 Received: by mail-pl1-x644.google.com with SMTP id d9443c01a7336-220d28c215eso64495125ad.1 for <75981@debbugs.gnu.org>; Mon, 24 Feb 2025 04:45:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740401132; x=1741005932; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Q06r1+/+w+2cYi2PCDJsj5Yc17/XYeqBQuXyJ68AWpA=; b=kIKp34X+chMxDYvc1ONBuyo1oInm7XLjljkWQlpMOBx+Worn1FZ7RElGWS3MplPngM mF2lTNqqGimGgJs3AFHNMJMC/7B7yjHNEZPhv6fva4UGag2iQCqvQNdBLVtroOOdrTP5 eEO6f7joz+vaCVCZupdIQ6FdNb2DcTLK66H3gqnGL1bSlCpc22OwNMDEAXKxTMr7Izt2 YTAtWR1szT57dx9NdjlNvoA1cKeV0ZWufNflw2PNmzTH3FhPwjWsZXMf5kzmOgidNFZy 6aOmu4zKzPJV9NNtNAOAhW/dv+O53spuwxc6gMKUwQcxK/KocmnCsWmD4X9Ga7kZdWa8 oLog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740401132; x=1741005932; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Q06r1+/+w+2cYi2PCDJsj5Yc17/XYeqBQuXyJ68AWpA=; b=fhvfSHcv/awPMTf3WOt2owCCv4z+vpqAI0Ssz2u2VV0Lfw0fb1C3+EAXUGyDqbeK+w bbBXmXeXf5eEVeRToFOaColFOBJdDe7hEb05RoftiwEvUmECxEFP9LNTzgs7spkxvgqC /qEl4dkAIqO9KYoHye71VUKuWFVKPqVdB5vBIZxv4aVbZrFsXO3RKHvRgHwQPJ9y+SCY FXImMmLsJWpkt0MBybb9n+vF8qt07Z1ju/FmOWcQ3QhXsJ2TBNVmbPZTUexjf4To+JmE kmQsKkypIP3EIQE16DbncPTILD9YcWNhtKDBm7uL0j1KuXj7/hbomfHxpb94/5kGpYT9 RiLQ== X-Forwarded-Encrypted: i=1; AJvYcCXm+RA4JpqF6W3B2HCvziCp1oMluOg+kZyzIl0N1LY/EG4H5zrdHUrRycXHEM5CQd+I+h/Cww==@debbugs.gnu.org X-Gm-Message-State: AOJu0YxFP06qryZwBB1kpf3C4qo6WB7k+B3wpqrGoWfv+SzmI1j9w581 rDk1+l5i+bdr0ADulv2y6WwUnTZP+U6H0g39hJsdkyoxsgsm4RgIfhx2ZmxK X-Gm-Gg: ASbGnctKssf8qt+OE/qNtnL5HMuB2joQqDmt8WsiumWIiWVU49cQGc9mRB/FLgfD8TF ZkXYbrUVTvZI4n+/gJonJ6U+pyk0u7Jey5VKcuJAPN60OZxNxvUKPHr5BBjWCk+icUrcRHL8uRQ KF36heqPvj1VN6V0RNqXIQArMBuF8njl4ROGH12BG1uwECql8jRxkhIElRaLDHzBkWJZYp61NI+ ngi4G/TuQWsDeOQh1/e2vAQlpUAb9gyVj8Er7pODM/YJxZ671XZ0YEwWHpfbbuR2nuPxntwALAd mgasVMwj9EY8T3Osaxoq9MalGsQ= X-Google-Smtp-Source: AGHT+IGF2dVFzsO3h4tL5VOwjQDcn+9rls5rf6Dmi9l+h7WSpGeKMKqm3h5kbbiSkU1RSbHeaORVBw== X-Received: by 2002:a17:903:8c5:b0:216:794f:6d7d with SMTP id d9443c01a7336-2219fffaba2mr239256045ad.48.1740401131740; Mon, 24 Feb 2025 04:45:31 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-220d53490b6sm179154145ad.16.2025.02.24.04.45.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Feb 2025 04:45:31 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: Liliana Marie Prikler , 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Subject: Re: [PATCH v2 2/2] scripts: Add `guix git authenticate --branch`. In-Reply-To: References: <8a5ccebe3c3aca1f728c702ec18a2379cdf77cb1.1740313892.git.45mg.writes@gmail.com> Date: Mon, 24 Feb 2025 12:45:23 +0000 Message-ID: <87tt8j1pgc.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Liliana Marie Prikler writes: > Am Sonntag, dem 23.02.2025 um 18:50 +0530 schrieb 45mg: >>  (define* (record-configuration repository >> +                               #:optional branch >>      [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:644 listed in] [list.dnswl.org] X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Ludovic =?utf-8?Q?Court=C3=A8s?= , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Liliana Marie Prikler writes: > Am Sonntag, dem 23.02.2025 um 18:50 +0530 schrieb 45mg: >>  (define* (record-configuration repository >> +                               #:optional branch >>      [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:644 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager TGlsaWFuYSBNYXJpZSBQcmlrbGVyIDxsaWxpYW5hLnByaWtsZXJAZ21haWwuY29tPiB3cml0ZXM6 DQoNCj4gQW0gU29ubnRhZywgZGVtIDIzLjAyLjIwMjUgdW0gMTg6NTAgKzA1MzAgc2NocmllYiA0 NW1nOg0KPj4gwqAoZGVmaW5lKiAocmVjb3JkLWNvbmZpZ3VyYXRpb24gcmVwb3NpdG9yeQ0KPj4g K8KgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKg wqDCoCAjOm9wdGlvbmFsIGJyYW5jaA0KPj4gwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgIzprZXkgY29tbWl0IHNpZ25lciBrZXly aW5nLQ0KPj4gcmVmZXJlbmNlKQ0KPj4gwqDCoCAiUmVjb3JkIENPTU1JVCwgU0lHTkVSLCBhbmQg S0VZUklORy1SRUZFUkVOQ0UgaW4gdGhlICdjb25maWcnIGZpbGUNCj4+IG9mDQo+PiAtUkVQT1NJ VE9SWS4iDQo+PiArUkVQT1NJVE9SWSwgdW5kZXIgW2d1aXggXCJhdXRoZW50aWNhdGlvblwiXS4N Cj4+ICtJZiBCUkFOQ0ggaXMgZ2l2ZW4sIHJlY29yZCB0aGVtIHVuZGVyIFtndWl4IFwiYXV0aGVu dGljYXRpb24tDQo+PiBCUkFOQ0hcIl0uIg0KPj4gwqDCoCAoZGVmaW5lIGNvbmZpZw0KPj4gwqDC oMKgwqAgKHJlcG9zaXRvcnktY29uZmlnIHJlcG9zaXRvcnkpKQ0KPj4gK8KgIChkZWZpbmUgc2Vj dGlvbg0KPj4gK8KgwqDCoCAoaWYgYnJhbmNoDQo+PiArwqDCoMKgwqDCoMKgwqAgKHN0cmluZy1h cHBlbmQgImd1aXguYXV0aGVudGljYXRpb24tIiBicmFuY2gpDQo+PiArwqDCoMKgwqDCoMKgwqAg Imd1aXguYXV0aGVudGljYXRpb24iKSkNCj4+IMKgDQo+PiDCoMKgIDs7IEd1aWxlLUdpdCA8IDAu Ny4wIGxhY2tzICdzZXQtY29uZmlnLXN0cmluZycuDQo+PiDCoMKgIChpZiAobW9kdWxlLWRlZmlu ZWQ/IChyZXNvbHZlLWludGVyZmFjZSAnKGdpdCkpICdzZXQtY29uZmlnLQ0KPj4gc3RyaW5nKQ0K Pj4gwqDCoMKgwqDCoMKgIChiZWdpbg0KPj4gLcKgwqDCoMKgwqDCoMKgIChzZXQtY29uZmlnLXN0 cmluZyBjb25maWcgImd1aXguYXV0aGVudGljYXRpb24uaW50cm9kdWN0aW9uLQ0KPj4gY29tbWl0 Ig0KPj4gK8KgwqDCoMKgwqDCoMKgIChzZXQtY29uZmlnLXN0cmluZyBjb25maWcgKHN0cmluZy1h cHBlbmQgc2VjdGlvbg0KPj4gIi5pbnRyb2R1Y3Rpb24tY29tbWl0IikNCj4+IMKgwqDCoMKgwqDC oMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCBjb21taXQpDQo+PiAt wqDCoMKgwqDCoMKgwqAgKHNldC1jb25maWctc3RyaW5nIGNvbmZpZyAiZ3VpeC5hdXRoZW50aWNh dGlvbi5pbnRyb2R1Y3Rpb24tDQo+PiBzaWduZXIiDQo+PiArwqDCoMKgwqDCoMKgwqAgKHNldC1j b25maWctc3RyaW5nIGNvbmZpZyAoc3RyaW5nLWFwcGVuZCBzZWN0aW9uDQo+PiAiLmludHJvZHVj dGlvbi1zaWduZXIiKQ0KPj4gwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDC oMKgwqDCoMKgwqDCoMKgIHNpZ25lcikNCj4+IC3CoMKgwqDCoMKgwqDCoCAoc2V0LWNvbmZpZy1z dHJpbmcgY29uZmlnICJndWl4LmF1dGhlbnRpY2F0aW9uLmtleXJpbmciDQo+PiArwqDCoMKgwqDC oMKgwqAgKHNldC1jb25maWctc3RyaW5nIGNvbmZpZyAoc3RyaW5nLWFwcGVuZCBzZWN0aW9uICIu a2V5cmluZyIpDQo+PiDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDC oMKgwqDCoMKgwqAga2V5cmluZy1yZWZlcmVuY2UpDQo+PiDCoMKgwqDCoMKgwqDCoMKgIChpbmZv IChHXyAiaW50cm9kdWN0aW9uIGFuZCBrZXlyaW5nIHJlY29yZGVkIFwNCj4+IMKgaW4gcmVwb3Np dG9yeSBjb25maWd1cmF0aW9uIGZpbGV+JSIpKSkNCj4gSSB3b3VsZCB1c2UgZ3VpeC5hdXRoZW50 aWNhdGlvblsuQlJBTkNIXS5LRVkgZm9yIGNvbnNpc3RlbmN5LiAgWWVzLCB5b3UNCj4gY2FuIHVz ZSBwZXJpb2RzIGluIEdpdCBjb25maWcgc3Vic2VjdGlvbiBuYW1lcyBhcyBwZXIgWzFdOg0KPj4g U3Vic2VjdGlvbiBuYW1lcyBhcmUgY2FzZSBzZW5zaXRpdmUgYW5kIGNhbiBjb250YWluIGFueSBj aGFyYWN0ZXJzDQo+PiBleGNlcHQgbmV3bGluZSBhbmQgdGhlIG51bGwgYnl0ZS4gDQoNClRoaXMg d291bGQgaW5kZWVkIGJlIGNsZWFuZXIuIEJ1dCBhcyB5b3UgY2FuIHNlZSBpbiB0aGUgZGlmZnMg Zm9yDQpgY29uZmlnLXZhbHVlYCBhbmQgZ3VpeC50ZXhpLCAnZ3VpeC5hdXRoZW50aWNhdGlvbi1C UkFOQ0gnIHdhcyBhbHJlYWR5DQpjaG9zZW4sIGFuZCBJIGRpZG4ndCB3YW50IHRvIGJyZWFrIGFu eW9uZSdzIHdvcmtmbG93IGJ5IGNoYW5naW5nIGl0Lg0KDQo+IENoZWVycw0KPg0KPiBbMV0gaHR0 cHM6Ly9naXQtc2NtLmNvbS9kb2NzL2dpdC1jb25maWcNCg== From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 24 07:54:21 2025 Received: (at 75981) by debbugs.gnu.org; 24 Feb 2025 12:54:21 +0000 Received: from localhost ([127.0.0.1]:38882 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmXyX-0004JE-0w for submit@debbugs.gnu.org; Mon, 24 Feb 2025 07:54:21 -0500 Received: from mail-pl1-x644.google.com ([2607:f8b0:4864:20::644]:61531) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmXyV-0004Ix-6M for 75981@debbugs.gnu.org; Mon, 24 Feb 2025 07:54:19 -0500 Received: by mail-pl1-x644.google.com with SMTP id d9443c01a7336-221206dbd7eso85739695ad.2 for <75981@debbugs.gnu.org>; Mon, 24 Feb 2025 04:54:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740401653; x=1741006453; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=rJKMXMKw1XwWLqmKp67aTTS/06Gf6hw/ni5IhnsUbpU=; b=HYRTuaesPfAS67HFmaEW4VzuC2lyDqrZ9ESA/uoWYpabX3rv52jYoYVcZPQAo0P+ta FFFFfANjbUtPnd+JcTOlOMWHZOcj4TuMF2gST7jRALf4jLXqr0iCD9+dzSEBT4Y685Gq LL5kSWvlY6NlwTQ9PCEH3pb8bjtuiQK5UJQcVV56QYo+45Xic1v3A/SaxIe0766GTDFO Na0keQAV0UmSLin5OvvN4Hc3mZ0yCzXk32LhqVa6V7wYzbTb/SLdJXMZRZS02kryjLUa RjAD0SMAhbsxVHMQvQLCKOxzV0wN71pkKAvnh2jYwAk5+Y+Mu1Gv+hJ4glJzNkf7+lch sL5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740401653; x=1741006453; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rJKMXMKw1XwWLqmKp67aTTS/06Gf6hw/ni5IhnsUbpU=; b=JWjqx62wSAXKPpGB/aIUtOu5uPp/ON1GkWxL8tFGB8sKBo1z+i8hZAOu/9Cz4KtP9D lyiLYPxfxYlVfGLxfYQpEXCGxUbm2twtd/Rda00xtom52WBHELyz3RevU/Vcs16as1ph vu6OYe4hpYh4iSg0M/ArKOYpvm+lwLd7RrqmwIerQL5PTSUVEpgbM8/bF5Ggdl8grBbo o/yZcoQYBSfx1HZYtaDMDhHtc/neUioE+au7U8/IFQ+SsvTHZ+482zVvuh9abAMRr6G3 u5YFCPFWYT04OYpaUn765OWB4QIEIGxypQMANT1weeVCIAPOU2MSPAxUm17LUcct8v+8 Xc2w== X-Forwarded-Encrypted: i=1; AJvYcCVWRA0WfYp7Q125rApEPxUidUNB/9MSbpPto98r24E0Sf55pwL5ytmowSUTpg438HfXyLjI6A==@debbugs.gnu.org X-Gm-Message-State: AOJu0Yx6UM2QLODetROEWFEjjHzxPig+ZQabt66M6Vo9/682AJu6Z6BY RhCjBeW0UC5QN1GefOgXGwet2IYFJMrfChmAfow0q11LWIUtmatq X-Gm-Gg: ASbGncsRjzDbqx85pVCzVpK0tRdXw84Y5yTcDJVn11+Ln/yClnfDvb20+3cKIkWt9wv SBuwfdeF5b/3sthkVPT8srB5AkKjoCA3z1Ubrisc3siZu02T9VLvrxnU+ShRO1Lg6arEFaonH2x Pgc1OBGmxM2pWy+tuLcsN0gFbiAR8ZRcq/IYiJhcq2z+6PORV0lj3NTOXH4Lb99VMetPNvJiCEW PxZDxvLFXPplSSse27HSFEP5vmxj4Zo/dQN3FlzxEccVvRLL+YXTOd/C5K/3QaQE72tpt62d+jv 2bTcHYL5IRZW+o28OqfqAEyh3dc= X-Google-Smtp-Source: AGHT+IH3ToMVfGg5tGo3Y0G6USNIJqPJa6k04XwzVfbsLlt7sGH49vxSshQct6w9l0SLsdKcDkvoPg== X-Received: by 2002:a05:6a00:2e08:b0:730:76a1:3935 with SMTP id d2e1a72fcca58-73426ca8308mr20386875b3a.6.1740401652789; Mon, 24 Feb 2025 04:54:12 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73268d7d8b9sm16904955b3a.133.2025.02.24.04.54.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Feb 2025 04:54:12 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: Liliana Marie Prikler , 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Subject: Re: [PATCH v2 1/2] etc: Add fork.scm. In-Reply-To: References: Date: Mon, 24 Feb 2025 12:54:04 +0000 Message-ID: <87r03n1p1v.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 3.0 (+++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Liliana Marie Prikler writes: > Am Sonntag, dem 23.02.2025 um 18:50 +0530 schrieb 45mg: >> +(define %usage >> +  (format #f (G_ "Usage: etc/fork.scm SIGNING_KEY [DIRECTORY >> OPTIONS...] >> +Create a fork of Guix in DIRECTORY, us [...] Content analysis details: (3.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:644 listed in] [list.dnswl.org] X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Maxim Cournoyer , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Ludovic =?utf-8?Q?Court=C3=A8s?= , Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Liliana Marie Prikler writes: > Am Sonntag, dem 23.02.2025 um 18:50 +0530 schrieb 45mg: >> +(define %usage >> +  (format #f (G_ "Usage: etc/fork.scm SIGNING_KEY [DIRECTORY >> OPTIONS...] >> +Create a fork of Guix in DIRECTORY, us [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:644 listed in] [list.dnswl.org] 3.0 MANY_TO_CC Sent to 10+ recipients -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (45mg.writes[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Liliana Marie Prikler writes: > Am Sonntag, dem 23.02.2025 um 18:50 +0530 schrieb 45mg: >> +(define %usage >> +=C2=A0 (format #f (G_ "Usage: etc/fork.scm SIGNING_KEY [DIRECTORY >> OPTIONS...] >> +Create a fork of Guix in DIRECTORY, using SIGNING_KEY to sign the >> introductory >> +commit. >> +DIRECTORY defaults to ../guix-fork. > I would make DIRECTORY a mandatory argument and SIGNING_KEY an option > (-S/--gpg-sign=3DKEY). The default value can be fetched from git config. While that could be convenient, I think a lot of people may not have set up automatic commit signing before creating their fork (I was one of those people). > Cheers From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 24 15:21:30 2025 Received: (at 75981) by debbugs.gnu.org; 24 Feb 2025 20:21:30 +0000 Received: from localhost ([127.0.0.1]:42893 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmexF-0000Ei-JM for submit@debbugs.gnu.org; Mon, 24 Feb 2025 15:21:29 -0500 Received: from mail-wr1-x444.google.com ([2a00:1450:4864:20::444]:56427) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tmexD-0000EI-8U for 75981@debbugs.gnu.org; Mon, 24 Feb 2025 15:21:27 -0500 Received: by mail-wr1-x444.google.com with SMTP id ffacd0b85a97d-38f378498b0so4045253f8f.0 for <75981@debbugs.gnu.org>; Mon, 24 Feb 2025 12:21:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740428481; x=1741033281; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:to:from:subject:message-id:from:to:cc:subject:date :message-id:reply-to; bh=VE1hniJXJFMryxxyl8LQ3lokyeZrh9nQ1HxetwWki50=; b=YBu1alebCUDWT07tldLGzbkj0ncaXuSLg+sPTKQaI5OQSCe/92NnTrWD/coeOVQUpP 8+fzZmECF+uHatqcCApNByDcdROlFzITDL7eUFSuZ1NWSUyJe5knsPDRlFsBSzwIb/n/ +xg9NcO6qdHblRfrkWUhMgO7LcmqHJJl+C4D0BQiLthGBV//wF2t930EUHnrj3NgL963 WJm9ILsGN8Hg2UlwBvX6zRgp0OpHTs8tAqlvyVC/J0SXe9SOfVOauq6tzetHoNPgTBb0 SPTgop23R4o37JtSMpkTMke9JdY6USrHE8pQzxdiQwrjN9zefASJlMvqcBJwN4VqMLTV YuJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740428481; x=1741033281; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:to:from:subject:message-id:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=VE1hniJXJFMryxxyl8LQ3lokyeZrh9nQ1HxetwWki50=; b=qaSHoSt56IxGQFBpwVxvvgO2qHozDuh6rYnR/uMDZRitfLicspOKT5PFfyEKqEdWNt pU8N57EdzDs4Mux0m5MDlQM94KKqG/MSFzao7VdLuT/Pi0H3dwP/LnaCzN7HFqroFvio WieVhvOj+envIVOa9cnczskahU8Z1PRxtJWu/3/ogcWfZPLRNq0VU2XO93+6tjv+ZsCC tynmeVY2/dDCtB916ZZNqhjytiUgNEObpcL2U7FlFGmsizOSNYm7Cq+dkP3Pj6zXbYwi DgqlrSlxh+7+xmCe11QL0Ri/dySy7rga89aYILIEeGCYKAnk6VkbEPOaBnO97VWJ4qOD KO6g== X-Forwarded-Encrypted: i=1; AJvYcCV3AUGL28m3cMqrQB9wsz/Rx7A7j/XMJmat/FsQG6fKTgJyRLoHToJ0DC8/KJ4TsX6h29DmKQ==@debbugs.gnu.org X-Gm-Message-State: AOJu0YzZ+fK5CLNCvmt/yWxfQwf5mG9ujd8HWPidqmE1OJW8bjup3xiJ TiMZ8nLuK9ctWN9lPaSH7xhkigB6Tg3QqN7vFVPmwRK4xWWp+jRX X-Gm-Gg: ASbGnctKHZ5/tfvh8UC7XhZ+uBUwoe5gd8xs9mzLSGqmY+FfjOyzp8lgI2nkGlGzFe2 r88/h/WNtnCPj2XZvcQWEBsGK//6YON3eVUhzL4tuEOskW1V8gvwWoR9DhNwjAA4lC/gbgHNJK6 o7sHGuxtFFBXsFvLN5CsZBZtC6yB3eCVBukL7tK57q3l7eqZ9HhOMcQ4y18XnNIwCQ+kNAQr9hH JPJ4Fx5dlcxQ6AjqpWHD+pyySAwYdGtYU0q3dxGcKLoH6QuGnCp4mgRSF9XGMTtexqnShyK2lVY X96gEl7+1FxVdQKBlQBK6aJV3OqoY9tzjbC1Nu2iWlx0uEvDAziVtC1RaawmtIu09w1xjuOE2OX FDw== X-Google-Smtp-Source: AGHT+IHLAf6+CZDGpogA11VCa4n17fmK+xYEJDw4zKpsSiWecKEj9oMek2Ib8tQQPhrf5wOZLqpmrQ== X-Received: by 2002:a5d:64ad:0:b0:38f:2766:759f with SMTP id ffacd0b85a97d-38f6f09bfdbmr12641693f8f.41.1740428480890; Mon, 24 Feb 2025 12:21:20 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43ab153a3eesm2040675e9.14.2025.02.24.12.21.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Feb 2025 12:21:20 -0800 (PST) Message-ID: Subject: Re: [PATCH v2 2/2] scripts: Add `guix git authenticate --branch`. From: Liliana Marie Prikler To: 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Date: Mon, 24 Feb 2025 21:22:17 +0100 In-Reply-To: <87tt8j1pgc.fsf@gmail.com> References: <8a5ccebe3c3aca1f728c702ec18a2379cdf77cb1.1740313892.git.45mg.writes@gmail.com> <87tt8j1pgc.fsf@gmail.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: base64 User-Agent: Evolution 3.48.4 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) QW0gTW9udGFnLCBkZW0gMjQuMDIuMjAyNSB1bSAxMjo0NSArMDAwMCBzY2hyaWViIDQ1bWc6Cj4g TGlsaWFuYSBNYXJpZSBQcmlrbGVyIDxsaWxpYW5hLnByaWtsZXJAZ21haWwuY29tPiB3cml0ZXM6 Cj4gCj4gPiBBbSBTb25udGFnLCBkZW0gMjMuMDIuMjAyNSB1bSAxODo1MCArMDUzMCBzY2hyaWVi IDQ1bWc6Cj4gPiA+IMKgKGRlZmluZSogKHJlY29yZC1jb25maWd1cmF0aW9uIHJlcG9zaXRvcnkK PiA+ID4gK8KgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoCAjOm9wdGlvbmFsIGJyYW5jaAo+ID4gPiDCoMKgwqDCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCAjOmtleSBjb21taXQgc2ln bmVyIGtleXJpbmctCj4gPiA+IHJlZmVyZW5jZSkKPiA+ID4gwqDCoCAiUmVjb3JkIENPTU1JVCwg U0lHTkVSLCBhbmQgS0VZUklORy1SRUZFUkVOQ0UgaW4gdGhlICdjb25maWcnCj4gPiA+IGZpbGUK PiA+ID4gb2YKPiA+ID4gLVJFUE9TSVRPUlkuIgo+ID4gPiArUkVQT1NJVE9SWSwgdW5kZXIgW2d1 aXggXCJhdXRoZW50aWNhdGlvblwiXS4KPiA+ID4gK0lmIEJSQU5DSCBpcyBnaXZlbiwgcmVjb3Jk IHRoZW0gdW5kZXIgW2d1aXggXCJhdXRoZW50aWNhdGlvbi0KPiA+ID4gQlJBTkNIXCJdLiIKPiA+ ID4gwqDCoCAoZGVmaW5lIGNvbmZpZwo+ID4gPiDCoMKgwqDCoCAocmVwb3NpdG9yeS1jb25maWcg cmVwb3NpdG9yeSkpCj4gPiA+ICvCoCAoZGVmaW5lIHNlY3Rpb24KPiA+ID4gK8KgwqDCoCAoaWYg YnJhbmNoCj4gPiA+ICvCoMKgwqDCoMKgwqDCoCAoc3RyaW5nLWFwcGVuZCAiZ3VpeC5hdXRoZW50 aWNhdGlvbi0iIGJyYW5jaCkKPiA+ID4gK8KgwqDCoMKgwqDCoMKgICJndWl4LmF1dGhlbnRpY2F0 aW9uIikpCj4gPiA+IMKgCj4gPiA+IMKgwqAgOzsgR3VpbGUtR2l0IDwgMC43LjAgbGFja3MgJ3Nl dC1jb25maWctc3RyaW5nJy4KPiA+ID4gwqDCoCAoaWYgKG1vZHVsZS1kZWZpbmVkPyAocmVzb2x2 ZS1pbnRlcmZhY2UgJyhnaXQpKSAnc2V0LWNvbmZpZy0KPiA+ID4gc3RyaW5nKQo+ID4gPiDCoMKg wqDCoMKgwqAgKGJlZ2luCj4gPiA+IC3CoMKgwqDCoMKgwqDCoCAoc2V0LWNvbmZpZy1zdHJpbmcg Y29uZmlnCj4gPiA+ICJndWl4LmF1dGhlbnRpY2F0aW9uLmludHJvZHVjdGlvbi0KPiA+ID4gY29t bWl0Igo+ID4gPiArwqDCoMKgwqDCoMKgwqAgKHNldC1jb25maWctc3RyaW5nIGNvbmZpZyAoc3Ry aW5nLWFwcGVuZCBzZWN0aW9uCj4gPiA+ICIuaW50cm9kdWN0aW9uLWNvbW1pdCIpCj4gPiA+IMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCBjb21t aXQpCj4gPiA+IC3CoMKgwqDCoMKgwqDCoCAoc2V0LWNvbmZpZy1zdHJpbmcgY29uZmlnCj4gPiA+ ICJndWl4LmF1dGhlbnRpY2F0aW9uLmludHJvZHVjdGlvbi0KPiA+ID4gc2lnbmVyIgo+ID4gPiAr wqDCoMKgwqDCoMKgwqAgKHNldC1jb25maWctc3RyaW5nIGNvbmZpZyAoc3RyaW5nLWFwcGVuZCBz ZWN0aW9uCj4gPiA+ICIuaW50cm9kdWN0aW9uLXNpZ25lciIpCj4gPiA+IMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCBzaWduZXIpCj4gPiA+IC3C oMKgwqDCoMKgwqDCoCAoc2V0LWNvbmZpZy1zdHJpbmcgY29uZmlnICJndWl4LmF1dGhlbnRpY2F0 aW9uLmtleXJpbmciCj4gPiA+ICvCoMKgwqDCoMKgwqDCoCAoc2V0LWNvbmZpZy1zdHJpbmcgY29u ZmlnIChzdHJpbmctYXBwZW5kIHNlY3Rpb24KPiA+ID4gIi5rZXlyaW5nIikKPiA+ID4gwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIGtleXJpbmct cmVmZXJlbmNlKQo+ID4gPiDCoMKgwqDCoMKgwqDCoMKgIChpbmZvIChHXyAiaW50cm9kdWN0aW9u IGFuZCBrZXlyaW5nIHJlY29yZGVkIFwKPiA+ID4gwqBpbiByZXBvc2l0b3J5IGNvbmZpZ3VyYXRp b24gZmlsZX4lIikpKQo+ID4gSSB3b3VsZCB1c2UgZ3VpeC5hdXRoZW50aWNhdGlvblsuQlJBTkNI XS5LRVkgZm9yIGNvbnNpc3RlbmN5LsKgIFllcywKPiA+IHlvdQo+ID4gY2FuIHVzZSBwZXJpb2Rz IGluIEdpdCBjb25maWcgc3Vic2VjdGlvbiBuYW1lcyBhcyBwZXIgWzFdOgo+ID4gPiBTdWJzZWN0 aW9uIG5hbWVzIGFyZSBjYXNlIHNlbnNpdGl2ZSBhbmQgY2FuIGNvbnRhaW4gYW55Cj4gPiA+IGNo YXJhY3RlcnMKPiA+ID4gZXhjZXB0IG5ld2xpbmUgYW5kIHRoZSBudWxsIGJ5dGUuIAo+IAo+IFRo aXMgd291bGQgaW5kZWVkIGJlIGNsZWFuZXIuIEJ1dCBhcyB5b3UgY2FuIHNlZSBpbiB0aGUgZGlm ZnMgZm9yCj4gYGNvbmZpZy12YWx1ZWAgYW5kIGd1aXgudGV4aSwgJ2d1aXguYXV0aGVudGljYXRp b24tQlJBTkNIJyB3YXMKPiBhbHJlYWR5IGNob3NlbiwgYW5kIEkgZGlkbid0IHdhbnQgdG8gYnJl YWsgYW55b25lJ3Mgd29ya2Zsb3cgYnkKPiBjaGFuZ2luZyBpdC4KVWht4oCmIGlmIEkgcmVhZCB0 aGlzIGNvcnJlY3RseSwgdGhpcyBpcyBzdGlsbCBhIHBhdGNoIGluIHByb2dyZXNzIGFuZApub3Qg KnRoYXQqIHdpZGVseSB1c2VkLCBubz8gIElzIHRoZXJlIHByaW9yIGFydCB0byBnbyBieT8KCkNo ZWVycwo= From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 25 01:45:32 2025 Received: (at 75981) by debbugs.gnu.org; 25 Feb 2025 06:45:32 +0000 Received: from localhost ([127.0.0.1]:44475 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tmohA-0008Vb-HL for submit@debbugs.gnu.org; Tue, 25 Feb 2025 01:45:32 -0500 Received: from mail-pl1-x642.google.com ([2607:f8b0:4864:20::642]:51579) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <45mg.writes@gmail.com>) id 1tmoh7-0008VJ-Co for 75981@debbugs.gnu.org; Tue, 25 Feb 2025 01:45:30 -0500 Received: by mail-pl1-x642.google.com with SMTP id d9443c01a7336-220f4dd756eso108553865ad.3 for <75981@debbugs.gnu.org>; Mon, 24 Feb 2025 22:45:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740465923; x=1741070723; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=j9YAodipO3v20zlO/l4FAGDbjOhm3X0g6siu3KwT1S4=; b=ehjoAf8uze0z80mquntBmk8Y5Bt3DsiC6GNVTz1tE5gYtEfDWA8v+LbN2vu20L9PHh MSGEF89lPKSNGZixB6Ky3ei78HFk3zmqmRfrw/aDaojGiNga/VJdFd6fONNq63LSHU90 jlwwg000+st0XL83jXaAjLr819cyFMYTtSQ5aiLjW6KsPUlDe2bXlnueUk79jwV3fEfc bXOV8DPEjEyHrRkyB3/0+FbTxsJafkx5RB2FQH5idcuHOJCoLyScdgzoJANW9//D1UIm QOAli56MVqFl5pOxsFanm+JX92vq6yPMJr+7prrliFfvw7it8YFEbrv1Ik+v1W8gQRvZ A7HA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740465923; x=1741070723; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:to:from:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=j9YAodipO3v20zlO/l4FAGDbjOhm3X0g6siu3KwT1S4=; b=J62Uu1S4iyUwbOEpOTWv2PkYRnKdAb0SEZ/43YHPnpeH713FtJfrqGtF+lkgRbSCVh c7yQtKj0wb9emcp296V5EFE71BYhmcEYmqVU3KaxWeqiSZPp7jgehMCoFipqJJZd48Et jHdtyN1x1mnCkx9NRySar89sPlJeMqJ0lFM4HvsuoXsyj/re0ljiMxQr2I9dwaP4lW4i tOD+If9wxyDTgVT3OBvoEIxQKvJLFGPJhgP5xxVK569FOh8PbMXAk0vuMk2yO/gW2NXW p/J073gPrzsNj0mLxxueenkpbvHI3Saq5sePPsw7v46afGLH/7MPMD4Nyu82xox4tGus GJxw== X-Forwarded-Encrypted: i=1; AJvYcCUfp2Xp4crDKZBHFK02M9Dbi6viz8Ik2xqR+UurhvOS7181bgnWHG3iZtnV9m+NUKk/Y1w+tQ==@debbugs.gnu.org X-Gm-Message-State: AOJu0Yz7hwWW6ZfdEYv8ed3VtPtubKJHN29dUTnEchJiz69poHMPaoWi 77axya3qiEPuHdv3TlpWW/zbljCXjv1b5g6T1NYziM4V42bELvDMZhfQvHd1 X-Gm-Gg: ASbGncsVkmo8AOMKEVr9MlwSG7SpSnXjLOJpRcBpgwcMXAUQScxAMuZDWr9t8b95A/j WURH6D/U9rf9uqsUGwm1W+yHr+ujC1E4CpZsI5chJEzk4LB1eQQh7dEOnSvksmr/xNn9si/vPXm LqJ1LMd9UPeInS2zsHuk31Y/Vent8/Y08AbA0+0N1rWjmPdAPSDXo5+vBVlG+Dj6/sQr7EieVYI oCDGmaux51QaKcA9ZhYAPiv4fXwI3FOKRbfusfQL+9oud4I+oZTYkmZi6LNHxTLY7fnzRy27YP0 EeRXMaWUOjytW/pDPeNSm0xUHYM= X-Google-Smtp-Source: AGHT+IEuoKB4pAUP3x0t+/Nr0j//9X6tB4o6feNf5z8xl/lWCbNBAQFxxA2E4aIRD4JBSIT/fRE9bg== X-Received: by 2002:a17:903:2344:b0:215:b75f:a18d with SMTP id d9443c01a7336-22307b4554dmr38187305ad.11.1740465922620; Mon, 24 Feb 2025 22:45:22 -0800 (PST) Received: from guix1 (utm3.nitt.edu. [14.139.162.2]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2230a0a3c09sm6988855ad.171.2025.02.24.22.45.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Feb 2025 22:45:22 -0800 (PST) From: 45mg <45mg.writes@gmail.com> To: Liliana Marie Prikler , 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Subject: Re: [PATCH v2 2/2] scripts: Add `guix git authenticate --branch`. In-Reply-To: References: <8a5ccebe3c3aca1f728c702ec18a2379cdf77cb1.1740313892.git.45mg.writes@gmail.com> <87tt8j1pgc.fsf@gmail.com> Date: Tue, 25 Feb 2025 06:45:12 +0000 Message-ID: <87wmde5xqf.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Liliana, Liliana Marie Prikler writes: > Am Montag, dem 24.02.2025 um 12:45 +0000 schrieb 45mg: > Uhm=E2=80=A6 if I read this correctly, this is still a patch in progress = and > not *that* widely used, no? Is there prior art to go by? > Sorry if it wasn't clear - guix.authentication-BRANCH is already supported /in upstream Guix/, and has been since long before I started work on v1. Here's the bit from "(guix) Invoking guix git authenticate" that I quoted in the cover letter: > Should you have branches that require different introductions, you > can specify them directly in =E2=80=98.git/config=E2=80=99. For example,= if the branch > called =E2=80=98personal-fork=E2=80=99 has a different introduction than = other branches, > you can extend =E2=80=98.git/config=E2=80=99 along these lines: > > [guix "authentication-personal-fork"] > introduction-commit =3D cabba936fd807b096b48283debdcddccfea3900d > introduction-signer =3D C0FF EECA BBA9 E6A8 0D1D E643 A2A0 6DF2 A33A 54FA > keyring =3D keyring From debbugs-submit-bounces@debbugs.gnu.org Tue Feb 25 14:07:16 2025 Received: (at 75981) by debbugs.gnu.org; 25 Feb 2025 19:07:16 +0000 Received: from localhost ([127.0.0.1]:48514 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tn0Gy-0004w8-0Z for submit@debbugs.gnu.org; Tue, 25 Feb 2025 14:07:16 -0500 Received: from mail-wm1-x344.google.com ([2a00:1450:4864:20::344]:61530) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tn0Gw-0004vu-39 for 75981@debbugs.gnu.org; Tue, 25 Feb 2025 14:07:14 -0500 Received: by mail-wm1-x344.google.com with SMTP id 5b1f17b1804b1-4397dff185fso52427565e9.2 for <75981@debbugs.gnu.org>; Tue, 25 Feb 2025 11:07:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740510428; x=1741115228; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:to:from:subject:message-id:from:to:cc:subject:date :message-id:reply-to; bh=wc0fJ4qvZGoR04E34JG4UdpaFC7jtE0hKyLNagXdqWo=; b=GGJWnspa+USA+GQ9aYmAoVBHwueLr6Ns/4tpmN1KXfNJjW8dC5j6fLfeio5js6T7tf 9uJ2MM2WWk5d0a4CTr+oooyYgP+9fYSRCYSR0B9eMTWbUdTp+WnLJmHl8bvXCUFle9DZ zz/W5ML3W5Q2pdA90SSl6xr5oaLaqO7uD+KxwUz/R9oFX01tQEwos5E3paqHeu99rs7Z Cba353xhBX8Ueh6zzAD996/Cqx4gcQ/ylhm1xHyPh4Uu0+sxScRZntl3YPn4IncsGj+S 7w3lsdKCbRURH3Baf+njMH1CGikxLa322WAak5WYwLRsAxMnk6qgqoGrVTVqD8wYefiN /gyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740510428; x=1741115228; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:to:from:subject:message-id:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=wc0fJ4qvZGoR04E34JG4UdpaFC7jtE0hKyLNagXdqWo=; b=Ahj5pDVHMK7lO544i0yGk1uH1L5KOn71w+Eg9VfuvO8Jsz4ZjGSE/izepxrdLgq9aX NOJK/SZs/f+l5/Yh9RZ9AjzPU6SooMgah7RCDjUlms4Q0UCoY5t2VtJDwIMslXRNbUYY Wxo7cvGzGH9jOMetuqwYkc0KKTAh17Kz5a/R0gmqxWKBn7f1oRudrQpB0IutzgPwXl4Y Z7fzVkRXSGvYUcHc6ZzWWY2TX7aa9xtC9ju3YYlnPdgq4BOCo2EE2tfeLDuc7TPnZwDJ 7sa6u17BXlORhVKwMoHaLv1Kf+zdYeRZ8T9MBFDIoD51iI5590HSjEL4O34jIQF6hk7E /w9g== X-Forwarded-Encrypted: i=1; AJvYcCWH9h0TtJ0p/Zpt4OKYalk8A9SsMfAwFbtmgietOXBVB+uzQ5s1Em/QsVur5ETUgDK9vqKhjQ==@debbugs.gnu.org X-Gm-Message-State: AOJu0YyEjHrn+tcQPx28cUwdWwlYBd/wShiu6CO/oQqiuy6MjXIgeBUA upkCUIQJVCD3vRxT92FtUUhLMEKuE2gNEwsDfUZJOBi340X/Ziu0 X-Gm-Gg: ASbGncutzl1ffQuWGs442tuzLIOfVU2+2rvV9eGUyMUW/2XE8/udzdCrqiOpKbNAfbz eORz6+XG3Eqdq9562Q5/of70HBt3PAV7gGaYBnJwGpP8rlny7MtSNLch24Q7bjt9BdmOvvrfYll bWmgnZo/ZXUDiqii2GsDVmdNBSNRvHoUv33skCZLxoD/7bhFtbn63ggc1epipN/p8ppzHwc7Qr9 uR9nPRT5YqW6pWEHySfxwTQwQAbvySJOUTqmWiGnA7gSFAm1xwcfuxmcfjOlK9lpa0PErwuw1T2 UUHhrdcfeWQpX0CrwGUUcVR3XvbtZGby79uhA9z+xL5PInRAT7lnFsyJiZkFqfiaS7BazCkK2Bl NOQ== X-Google-Smtp-Source: AGHT+IHxIpBqZOkAu87BRO0WTDAWnrApsETI8JvJ8J4oL5Za8S/3+AZOS4Gy3IiNk0XQgOWpo1zMQA== X-Received: by 2002:a5d:64ef:0:b0:38d:da11:df19 with SMTP id ffacd0b85a97d-390d4f8b635mr339129f8f.41.1740510427701; Tue, 25 Feb 2025 11:07:07 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43ab1546f22sm36000155e9.19.2025.02.25.11.07.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 11:07:06 -0800 (PST) Message-ID: <3132be12d353c282a36ab4f7895bd384d2e183ef.camel@gmail.com> Subject: Re: [PATCH v2 2/2] scripts: Add `guix git authenticate --branch`. From: Liliana Marie Prikler To: 45mg <45mg.writes@gmail.com>, 75981@debbugs.gnu.org Date: Tue, 25 Feb 2025 20:08:03 +0100 In-Reply-To: <87wmde5xqf.fsf@gmail.com> References: <8a5ccebe3c3aca1f728c702ec18a2379cdf77cb1.1740313892.git.45mg.writes@gmail.com> <87tt8j1pgc.fsf@gmail.com> <87wmde5xqf.fsf@gmail.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.48.4 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Am Dienstag, dem 25.02.2025 um 06:45 +0000 schrieb 45mg: > Hi Liliana, >=20 > Liliana Marie Prikler writes: >=20 > > Am Montag, dem 24.02.2025 um 12:45 +0000 schrieb 45mg: >=20 > > Uhm=E2=80=A6 if I read this correctly, this is still a patch in progres= s > > and > > not *that* widely used, no?=C2=A0 Is there prior art to go by? > >=20 >=20 > Sorry if it wasn't clear - guix.authentication-BRANCH is already > supported /in upstream Guix/, and has been since long before I > started work on v1. >=20 > Here's the bit from "(guix) Invoking guix git authenticate" that I > quoted in the cover letter: >=20 > > Should you have branches that require different introductions, you > > can specify them directly in =E2=80=98.git/config=E2=80=99.=C2=A0 For e= xample, if the > > branch > > called =E2=80=98personal-fork=E2=80=99 has a different introduction tha= n other > > branches, > > you can extend =E2=80=98.git/config=E2=80=99 along these lines: > >=20 > > [guix "authentication-personal-fork"] > > introduction-commit =3D cabba936fd807b096b48283debdcddccfea3900d > > introduction-signer =3D C0FF EECA BBA9 E6A8 0D1D=C2=A0 E643 A2A0 6DF2 A= 33A > > 54FA > > keyring =3D keyring Ahh, thanks. In that case never mind. Cheers From debbugs-submit-bounces@debbugs.gnu.org Thu Feb 27 10:16:36 2025 Received: (at 75981) by debbugs.gnu.org; 27 Feb 2025 15:16:36 +0000 Received: from localhost ([127.0.0.1]:36005 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tnfcp-00012n-JZ for submit@debbugs.gnu.org; Thu, 27 Feb 2025 10:16:36 -0500 Received: from mail-pl1-x630.google.com ([2607:f8b0:4864:20::630]:45421) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tnfcn-000129-4B for 75981@debbugs.gnu.org; Thu, 27 Feb 2025 10:16:33 -0500 Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-22355618fd9so14152315ad.3 for <75981@debbugs.gnu.org>; Thu, 27 Feb 2025 07:16:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740669387; x=1741274187; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=+oslR5ySB4Ksr/75UKG3jfLPwU6SVV3L6AKGOQ7V+2U=; b=bfpXeAnVbMXm7YhRXvWfgwOf511hlhBz2NXlHQPITBCUwqrd2/3XVmeaX0cLv9DAOO fonqOT86jSh3P3PN/ePFlL3mhpQ3gawA5hHmPTwDfIhJWUKf5BmYHUa8V4p8D/gCsWiD vouM/DLg9FUr85VY4Z9G3fmquynoSW6fSiv2w8Ik9nUfN4ER02ck1XKunYLdpiQPsYXW m0y2sokHwpeK6C0RYPPe1LYSEJ4oKct0+srFaZ1jis/DDs3LHwh0HQNskqsSui/dztWr mjRtmzcbrBU8fSWGrEbycPP8Q3fDCIRBHufuCNrlPJagvY7sCsEKZdobrnSQgqrdpmg8 Ys3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740669387; x=1741274187; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=+oslR5ySB4Ksr/75UKG3jfLPwU6SVV3L6AKGOQ7V+2U=; b=xUhVBcwJl31gnNy/lgbBOo1HW+bJZuQIe8yBj8uqMuxSxRP+QR59DSxBJBoE98Uizc zNssAemaKeLkRVI08cMXUVkRdr8qElXCNoahpk3bgrKShuoRDs+jPTT/tjRY25N/6NO5 yrohU3867E2h1QCAsIWgTXF5NCVTD0Y0zzDd9PnxJwxKVd/KY90BtpimNbprjphUhcs9 3kTsasyNBI1fGcJioHtICAr7vF6kRDSXNbPKdXirwuds/v7aO235m9lQYjJkkK6TDGHS Cfp8NXxRN/LMRI4zNMa+PklsbZ7vHXo4i77ymWJg69mjm57Obd4C5P79tm2ib/e+7ukC zbmQ== X-Gm-Message-State: AOJu0Yy9nseBJbg9cDeed/h1u8U39PYFus8AHbpb80EA5RCQjYYm/H13 PC9+YPfqcDN7hpJScRPKyBh6dtAigx70VAkNeWz0ivheVdV3MKE0 X-Gm-Gg: ASbGncve1uqMIEuwJNc2naQGmCKYKXe5wriAJGyslUaxokyTD90JLeKgjWE0FxxYIr1 7XHbDGRyAlzgyt8k0Ax0RFPX9uI3RlU++BI4rY3IyBg3t4B+Pby54Ue0dWWD3OkP/PMQ12oPNPm E8xshyl8acaXxvQ2f9Xp0vgTIeiwCufBghtMt5nlybzXuqtmoncMMlsUiZpT4BctVvL9cVP61bg KuDfFtaCWikdqj8h+QDMoE80F28vVUzZ8uTnbfiWgw/vlY/sHiXxVrdW6oc9xp0bWAjsxStKg7T glNTIDFVvWKFXzFjCRepkwHa X-Google-Smtp-Source: AGHT+IEcBtU2RO8KLeAeC+fzz2hrKn4iRpQWdhVG7hnZSBFrZx00mAqTLSO9z9RxsCkHLqEcP/FLiA== X-Received: by 2002:a05:6a20:8405:b0:1ee:d9bc:4ae with SMTP id adf61e73a8af0-1eef3c88accmr44781046637.14.1740669386943; Thu, 27 Feb 2025 07:16:26 -0800 (PST) Received: from terra ([2405:6586:be0:0:83c8:d31d:2cec:f542]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-aee7de19d71sm1555170a12.19.2025.02.27.07.16.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2025 07:16:26 -0800 (PST) From: Maxim Cournoyer To: 45mg <45mg.writes@gmail.com> Subject: Re: [PATCH v2 0/2] Support authenticated forks. In-Reply-To: (45mg.writes@gmail.com's message of "Sun, 23 Feb 2025 18:50:47 +0530") References: Date: Fri, 28 Feb 2025 00:16:11 +0900 Message-ID: <87frjzju4k.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 75981 Cc: Nicolas Graves , Simon Tournier , Tomas Volf <~@wolfsden.cz>, Ludovic =?utf-8?Q?Court=C3=A8s?= , Liliana Marie Prikler , 75981@debbugs.gnu.org, Ricardo Wurmus , Attila Lendvai , Simon Streit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi 45mg, 45mg <45mg.writes@gmail.com> writes: > Hi Guix, > > This revision is a major refactor of the previous one, v1.5 [1]. If you > were one of those who felt that adding a entire command line was > excessive, this one will make you happy :) > > The changes are as follows: > > * `guix fork create` is now `etc/fork.scm` That's a good stop gap solution, but even better would be to have it work as a proper Guix extension; this way it could find its place as a top level Guix command for its users, without burdening upstream Guix. Could you please take a look and see if that would be workable? The extension could be referred to in the manual if you worry about discoverability. -- Thanks, Maxim