* Idea: fallback for guix pull?
@ 2022-08-06 18:12 Christopher Rodriguez
2022-09-05 15:53 ` zimoun
0 siblings, 1 reply; 2+ messages in thread
From: Christopher Rodriguez @ 2022-08-06 18:12 UTC (permalink / raw)
To: guix-devel
[-- Attachment #1: Type: text/plain, Size: 941 bytes --]
I haven't looked at the code at all, but perhaps it would be useful to
users of Guix if, upon a guix pull with a commit that fails to
authenticate, guix pull would still pull up to the last in the chain of
successfully authenticated commmits?
Right now, it stops the entire operation if one commit from one channel
fails to authenticate, which has value (and might be useful as a setting
or flag, for those with greater security concerns or those maintaining
the channel).
But assuming the authentications are done in order, could we make the
default an effective "pin" to the last authenticated commit? This is
probably the way users /should/ deal with this kind of issue anyway
(disable-authentication is worrisome), and having the default be this
kind of fallback would make it so users are still able to pull other
channels they might have, or at least update to the last "good" commit.
What do You think?
--
Christopher Rodriguez
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Idea: fallback for guix pull?
2022-08-06 18:12 Idea: fallback for guix pull? Christopher Rodriguez
@ 2022-09-05 15:53 ` zimoun
0 siblings, 0 replies; 2+ messages in thread
From: zimoun @ 2022-09-05 15:53 UTC (permalink / raw)
To: Christopher Rodriguez, guix-devel
Hi,
Sorry for the late reply.
On sam., 06 août 2022 at 14:12, Christopher Rodriguez <yewscion@gmail.com> wrote:
> I haven't looked at the code at all, but perhaps it would be useful to
> users of Guix if, upon a guix pull with a commit that fails to
> authenticate, guix pull would still pull up to the last in the chain of
> successfully authenticated commmits?
>
> Right now, it stops the entire operation if one commit from one channel
> fails to authenticate, which has value (and might be useful as a setting
> or flag, for those with greater security concerns or those maintaining
> the channel).
>
> But assuming the authentications are done in order, could we make the
> default an effective "pin" to the last authenticated commit? This is
> probably the way users /should/ deal with this kind of issue anyway
> (disable-authentication is worrisome), and having the default be this
> kind of fallback would make it so users are still able to pull other
> channels they might have, or at least update to the last "good" commit.
Indeed, authentications are done in order (see ’authenticate-commits’
from (guix git-authenticate)) but the failure raises an error (see
’authenticate-commit’).
Note that the Git repository is already updated. So, some tweaks would
be necessary to implement your suggestion. Well, I am not convinced the
use-case is worth the effort.
However, I agree that a channel failing (for whatever reason) should not
be blocking for pulling all the others. As discussed in bug#57559 [1].
Cheers,
simon
1: <http://issues.guix.gnu.org/issue/57559>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-09-05 17:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-06 18:12 Idea: fallback for guix pull? Christopher Rodriguez
2022-09-05 15:53 ` zimoun
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).