Joshua Branson writes: > Christopher Baines writes: > >> Hey, >> >> In May last year (2020), I submitted an application to NLNet. The work I >> set out wasn't something I was doing at the time, but something I hadn't >> yet found time to work on, tooling specifically around security issues. >> >> The application got a bit lost, probably somewhat down to email issues >> on my end. Anyway, things picked up again in February of this year >> (2021), and this is now something I'm looking to do roughly over the >> next 8 months. > > Sweet action bro! Way to land a guix related job for the next 8 months! > That's awesome! Well, not quite a job, but some financial support specifically to work on Guix, which is still good! >> I've been working on stuff in and around Guix for I think around 5 years >> now, and in that time I have attempted some big projects, particularly >> things like the Guix Data Service and Guix Build Coordinator. I've fit >> all of that around a regular non-Guix related work. The support of NLNet >> means I'm able to set aside more time for Guix and this work, exactly >> how much more time I can dedicate is something I'm still working on. > > I'm looking forward to the tooling that you'll develop! I've heard cool > things about the Guix Data Service and the Build Coordinator. I've no > doubt that your security related tooling will be just as fantastic! Thanks! >> There's a more complete description of the aims and tasks here [1], this >> email is effectively the start of the work. I want to get lots of input >> and feedback on the plans I've set out, as well as checking if there's >> any related or overlapping work going on. >> >> 1: https://git.cbaines.net/guix/tooling-to-improve-security-and-trust/about/ > > Are you using guix system to serve the above link? I didn't realize > that gitolite could render a README document so well! I am, it's cgit which is doing the web stuff, and it can process the about content through a script, which is what I'm doing [1]. I'm using a script which either passes it through Emacs if it's an org file, and otherwise uses the about-formatting.sh script included in cgit. 1: https://paste.debian.net/plain/1192275 >> Please let me know if you have any comments or questions! >> >> Thanks, >> >> Chris > > It'll be interesting when people stop saying that "OpenBSD" has fixed > that security issue, and instead they say guix system fixed that > security flaw. :) :)