From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id KPWBOCDr32O20QAAbAwnHQ (envelope-from ) for ; Sun, 05 Feb 2023 18:45:05 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id eHCUNyDr32P7DAEAG6o9tA (envelope-from ) for ; Sun, 05 Feb 2023 18:45:04 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 7B54535913 for ; Sun, 5 Feb 2023 18:45:04 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pOj46-0001X2-Mg; Sun, 05 Feb 2023 12:44:34 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pOj43-0001WX-4v for guix-devel@gnu.org; Sun, 05 Feb 2023 12:44:31 -0500 Received: from mailout.easymail.ca ([64.68.200.34]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pOj40-0000V9-NJ; Sun, 05 Feb 2023 12:44:30 -0500 Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id A7E44E858F; Sun, 5 Feb 2023 17:44:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=bokr.com; s=easymail; t=1675619065; bh=Vmk9uXs7qF4yJsiYaNyYgN7VBizWWFvdfaOICScSxiQ=; h=From:Date:To:Cc:Subject:References:In-Reply-To:From; b=e4yAWSgBc5CWEwznLQjjEDK8jW8j9nCWhfbr0pRrPk893YmipebP2GZMqVQVbWTJ6 io1blt25secWPhSL6vFp5Ph7HN57MFmHqA/9UeqMquM8Ey6q9RB3iTwZU2R/mdg/+N +4zXV4OXT/+pVi/dp4EtZGajrOjBAP1j9zvo/OzdV/JRb23kImhsNnCBNr6/diZAwL OGVWCwagZp1ZSb7wIgyRYydZlaoy/sBGo6U2EuGaCeXfdK4snQdgOuzCWsUUlZhNz6 EwRQhSRujRD0cHOngCgDjX4FH5s0XZdQUKz7EA+vO42b6QB2jXP9YZooX43FmxBtUa Z4Xv95oyos9wg== X-Virus-Scanned: Debian amavisd-new at emo08-pco.easydns.vpn Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (emo08-pco.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fl1x1GJt6EiV; Sun, 5 Feb 2023 17:44:25 +0000 (UTC) Received: from localhost (m83-185-46-1.cust.tele2.se [83.185.46.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id 9912CE8475; Sun, 5 Feb 2023 17:44:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=bokr.com; s=easymail; t=1675619065; bh=Vmk9uXs7qF4yJsiYaNyYgN7VBizWWFvdfaOICScSxiQ=; h=From:Date:To:Cc:Subject:References:In-Reply-To:From; b=e4yAWSgBc5CWEwznLQjjEDK8jW8j9nCWhfbr0pRrPk893YmipebP2GZMqVQVbWTJ6 io1blt25secWPhSL6vFp5Ph7HN57MFmHqA/9UeqMquM8Ey6q9RB3iTwZU2R/mdg/+N +4zXV4OXT/+pVi/dp4EtZGajrOjBAP1j9zvo/OzdV/JRb23kImhsNnCBNr6/diZAwL OGVWCwagZp1ZSb7wIgyRYydZlaoy/sBGo6U2EuGaCeXfdK4snQdgOuzCWsUUlZhNz6 EwRQhSRujRD0cHOngCgDjX4FH5s0XZdQUKz7EA+vO42b6QB2jXP9YZooX43FmxBtUa Z4Xv95oyos9wg== From: bokr@bokr.com Date: Sun, 5 Feb 2023 18:44:10 +0100 To: Simon Tournier Cc: Ludovic =?utf-8?Q?Court=C3=A8s?= , Stephen Paul Weber , guix-devel@gnu.org, 0@psycoti.ca Subject: Re: git-fetch without a hash Message-ID: <20230205174410.GA2570@LionPure> References: <87h6xo2wz8.fsf@gnu.org> <87o7rf715e.fsf@gnu.org> <86pmbt8feb.fsf@gmail.com> <878ricrm90.fsf@gnu.org> <86zgap3x0u.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <86zgap3x0u.fsf@gmail.com> User-Agent: Mutt/1.10.1 (2018-07-13) Received-SPF: pass client-ip=64.68.200.34; envelope-from=bokr@bokr.com; helo=mailout.easymail.ca X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Seal: i=1; s=key1; d=yhetil.org; t=1675619104; a=rsa-sha256; cv=none; b=D2/GBOySFyXxCh9RApSDF6mJazD/1LZXIkHoyDtOWJYLkVx1SianL6+NqGvXssoO2aXzq6 EVwHbR7T6vTMOO8Y/jecobwVMzU3rnBUwhISRpWKvg0WJMSPmTOiqmDZsXNmSQ/nm+OyAM 3oWi3Z3o+z1UCA414Q+F7q5g064LY5wKsEyvjafgjHzrz2QqCQf7WdDnj7aGLFSiZC6vKE SllAuW6XzXvaGFq6FzfaWVlUdrZQtFjofnyN2sZxOBD/zqQs31I8xvnM+e4HrwdPOIEMf+ qoS5DYF259C9UE+1BS16fmCWIGsPAd2n/ETl8QnXCeeRXdPkwB8CimUJRVXCLw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=bokr.com header.s=easymail header.b=e4yAWSgB; dkim=fail ("headers rsa verify failed") header.d=bokr.com header.s=easymail header.b=e4yAWSgB; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1675619104; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=DZqO+nn/zc6P12Gw1N4U0gZzHnG2rZ+qNhHo8g1Htjc=; b=qmT1U5Zq1qnI8Ozy1nkieu/0HxdkdBuendgCBN9Q3YZRh/kc7H1aUCYryu8z1dMd5syQeV c9ChW7xwGL6jlCx3qkxN1aLpPayTLU2s1+jyu8AF72DLEZvWFlNNsKDFcEfm7DrivNvfVa /zV0njPYcnZfIRYLZWmu8EJD6elMSYlK+uMLtMd3MvLMBEIKAwViPIo/XT9w/H6Sh9KLdQ CUmQkKfuZQPkzt5VG/TCeKKpslh2xClg9/gwOjbvreWXTOF+xZAfauxpZ7RN+u4DjEtV+7 NTKzrVNr5NkmAq36ZOMrGqCJK7/+0ymZ5zUGyHB+8ek/Kurbg9j9UYHFBLBnIA== Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=bokr.com header.s=easymail header.b=e4yAWSgB; dkim=fail ("headers rsa verify failed") header.d=bokr.com header.s=easymail header.b=e4yAWSgB; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Scanner: scn1.migadu.com X-Migadu-Spam-Score: 1.41 X-Spam-Score: 1.41 X-Migadu-Queue-Id: 7B54535913 X-TUID: RLipWRGksreK Hi, On +2023-01-11 16:34:41 +0100, Simon Tournier wrote: > Hi, > > On Mon, 09 Jan 2023 at 12:16, Ludovic Courtès wrote: > > Simon Tournier skribis: > > > >> Maybe my question is naive but what is the use case for this (sha256 #f) > >> in the first place? Because maybe it could just error using some > >> ’sanitize’ for the hash record field. > > > > There’s a couple of uses: Chromium, IceCat, and Linux-libre (IIRC). > > > > I don’t like that, but I’m not sure what it would take to change these > > to or something like that. > > Well, from (gnu packages linux) > > --8<---------------cut here---------------start------------->8--- > (origin > (method computed-origin-method) > (file-name (string-append "linux-libre-" version "-guix.tar.xz")) > (sha256 #f) > --8<---------------cut here---------------end--------------->8--- > > and from (gnu packages gnuzilla) > > --8<---------------cut here---------------start------------->8--- > (origin > (method computed-origin-method) > (file-name (string-append "icecat-" %icecat-version ".tar.xz")) > (sha256 #f) > --8<---------------cut here---------------end--------------->8--- > > but not from Chromium, if I read correctly. > > From my understanding, we could have something like, > > (sha256 (no-hash)) > > where ’no-hash’ would return a string, say > "0000000000000000000000000000000000000000000000000000" or whatever else > that would satisfy this hypothetical ’sha256’ sanitizer. > > > Cheers, > simon > For portability to any hash algorithm that returns a hex string, how about letting them hash a zero-length string (which can never represent a package tarball or other archive), and using the resulting strings as no-hash flags? These strings must be unique for whatever hash algorithm, so a short table could be used to recognize them as no-hash indicators. --8<---------------cut here---------------start------------->8--- $ sha256sum /dev/null e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 /dev/null $ sha256sum <(echo -n '') e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 /dev/fd/63 $ echo -n ''|sha256sum e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 - $ echo -n ""|sha256sum e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 - --8<---------------cut here---------------end--------------->8--- For other hash values on your system, probably the below will show most. Translating from hex to various base32 and other-base alphabets is then trivial, (and open, i.e. permitting new hash representation strings). --8<---------------cut here---------------start------------->8--- $ ls -1d /usr/bin/*sum|while read hasher;do \ echo;echo "$hasher:"; "$hasher" /dev/null;done --8<---------------cut here---------------end--------------->8--- WDYT? -- Regards, Bengt Richter