From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id oLs2Dm9S+GW4ewEAe85BDQ:P1 (envelope-from ) for ; Mon, 18 Mar 2024 15:40:47 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id oLs2Dm9S+GW4ewEAe85BDQ (envelope-from ) for ; Mon, 18 Mar 2024 15:40:47 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Ss+X0DiP; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1710772847; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=3eN/xbE5Vn5sTCpbIAbglPVORQ7jTUdJxopSwhLkq9Y=; b=lLAFKJGvOaJB9TLnEvvhzSbBNsXG/71D34V/+iPSjocxJ3QtYDaNC1bIgsRrCRUAtjQyaL waW/gKsyTOqeFSNhDA198TGWRqHK+5oEsSxUjNY8Qx9VcVJH8on0NVaW+rg0BiQJp+ZI4V uXzAzKfyz159ELrNlxfPvIj3RsKXBlHIfgICSuKQEdrI4XPlPAFGG+JCSuhdNzGsSyCubr 3OBE0LaWslE+KEWD6iK1GUgPWkyg0VTHpQPMC5TieY9u7y1ZHjjbluMCd4Z/sDEwfPlrYY S/2a+Guc7Zg4IIRVAYPidCnIXLUPGdFAs4gCTyTS0hDyisc7M2UUo4PaaXQmbg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Ss+X0DiP; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=key1; d=yhetil.org; t=1710772847; a=rsa-sha256; cv=none; b=BT0gBS124QJUmSIWZI5zxRdVeZIHVpl0l+oC1n7Ov0GlCpGn5RtdTWz01jLj///k6G93vJ mkpXk0Mc33P/+bpwTv4EsIrOahd1xwQWSIEtF/HQdzNKpAFaifIekRz9jZfwXkg8OVI9z5 mYND2Z4bg03rt2v7biU5Ltdol2wNLdWI0KItw5VESYct0jL0iaKHyqW0tvtn9T3kdvV2EN hCZvJEEYrGXGd5OfgXyWxu7CtT2QS+0YcypgnnYwrwUktUDGCWc6HwKLT/qaz27pwEgc7V 1sKk+rDPDQXE3hYLD/6wyd/f1h4Ss1T27+y+xTxB7ZMI1OQ/d9/Jowu6Ogs95g== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 176DB67868 for ; Mon, 18 Mar 2024 15:40:47 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmE9j-0007bn-DJ; Mon, 18 Mar 2024 10:40:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmE9c-0007ai-C6 for guix-devel@gnu.org; Mon, 18 Mar 2024 10:39:56 -0400 Received: from mail-lf1-x136.google.com ([2a00:1450:4864:20::136]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rmE9T-0004JI-Rs for guix-devel@gnu.org; Mon, 18 Mar 2024 10:39:53 -0400 Received: by mail-lf1-x136.google.com with SMTP id 2adb3069b0e04-513ccc70a6dso7616661e87.1 for ; Mon, 18 Mar 2024 07:39:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710772783; x=1711377583; darn=gnu.org; h=content-transfer-encoding:mime-version:message-id:in-reply-to:date :subject:cc:to:from:user-agent:references:from:to:cc:subject:date :message-id:reply-to; bh=3eN/xbE5Vn5sTCpbIAbglPVORQ7jTUdJxopSwhLkq9Y=; b=Ss+X0DiPPjbM8L0Uol6HEUh+R0gq0YuYx0BogOw6rO1jLoDn9sLW80OUF0GMeDBZiO MEC7xeUXhsraG5kILrV1R+6hKsVC39382kYWt2U4tgW8q5GdCuUlDYYFbcW38nMAPkNf G544p5PdPwZcVKeHQG2EHSRhhbiSY/Hi0lacig4QXlePhDIJ2Nn1OnYr/QbTDYnM0sXD 8Zf5sh06hlARscJUX5o2dy9/P+m7gdKGZBwpj7ElNMPiWBeLb5LYrtWdiWJH/c6GNlsk sylteIm4N0PewpW9Ol4+ylqvRCksdLkbYAks7ttLEo/jDiyr2CH8jnxxJ/Zm955Oxaya 3B/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710772783; x=1711377583; h=content-transfer-encoding:mime-version:message-id:in-reply-to:date :subject:cc:to:from:user-agent:references:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=3eN/xbE5Vn5sTCpbIAbglPVORQ7jTUdJxopSwhLkq9Y=; b=u4SoqDpGqVca9ADa9lv2BVMx7cI842yALsCYrp0TA2rPdD31kHo3FVmgUCVyQLgG1y uvz0+jbHmNs/UYnNflmXWMhdFcSpoKfdf52gpZjeYjD863W3fDILGwEhtBNMvW/gByKl xjWZpbipAxXRenLzV+iVgj4HmeEs1HOZk8vzVyUCyNio9snAT0iyZsbuTkqOX2qGtDCW jzK1ez4DSD9zzcyrnqQzs7hdms30guafr75oXsXzzGCiBtRJEuP2z9ykYQb410+y6kLC t9oJsu9tEWHhohqzqPTioPr29AxW2FdophbH0T5XAr5vkYi4FBALEeCVc2q6apXOco/u xrEA== X-Forwarded-Encrypted: i=1; AJvYcCWwJZXY3cPD0KO6ttjBxIKrL25kp8KTBgXaobtt0HxxASKXj8LYVVhH1W+b9oJHMCGkpjtRk6cXINPrl44e2PGUuH4= X-Gm-Message-State: AOJu0YypwweFsoL6JPDBrsm4EseHcepMyqOslrz4lsP3Z4i0/OJKFBCJ MBpamPwqe9Ss8UUElwZCTJX+/G97j7PnOpTo4LM/QCkmlSweKMaj X-Google-Smtp-Source: AGHT+IE5/fsIFi1jT9hPEgWTiVype0OPCymT9jec7UmMzAB4kWIHEKi9FAGJNBu02VjqA/2VWUSauQ== X-Received: by 2002:ac2:5f53:0:b0:513:24ba:466a with SMTP id 19-20020ac25f53000000b0051324ba466amr5301539lfz.53.1710772783159; Mon, 18 Mar 2024 07:39:43 -0700 (PDT) Received: from localhost (h120217.upc-h.chello.nl. [62.194.120.217]) by smtp.gmail.com with ESMTPSA id d26-20020a1709067f1a00b00a46a643b6fbsm2810169ejr.15.2024.03.18.07.39.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Mar 2024 07:39:42 -0700 (PDT) References: <87il1mupco.fsf@meson> User-agent: mu4e 1.10.8; emacs 29.1 From: pinoaffe To: Lars-Dominik Braun Cc: Ryan Prior , Ian Eure , guix-devel@gnu.org Subject: Re: Concerns/questions around Software Heritage Archive Date: Mon, 18 Mar 2024 15:04:35 +0100 In-reply-to: Message-ID: <87cyrrtxht.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2a00:1450:4864:20::136; envelope-from=pinoaffe@gmail.com; helo=mail-lf1-x136.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -6.59 X-Spam-Score: -6.59 X-Migadu-Queue-Id: 176DB67868 X-Migadu-Scanner: mx13.migadu.com X-TUID: T6kUWeHzZocr Lars-Dominik Braun writes: >> I have heard folks in the Guix maintenance sphere claim that we >> never rewrite git history in Guix, as a matter of policy. I believe we >> should revisit that policy (is it actually written anywhere?) with an >> eye towards possible exceptions, and develop a mechanism for securely >> maintaining continuity of Guix installations after history has been >> rewritten so that we maintain this as a technical possibility in the >> future, even if we should choose to use it sparingly. > > the fallout of rewriting Guix=E2=80=99 git history would be devastating. = It > would break every single Guix installation, because > > a) `guix pull` authenticates commits and we might lose our trust anchor > if we rewrite history earlier than the introduction of this feature, > b) `guix pull` outright rejects changes to the commit history to prevent > downgrade attacks. > > Additionally it would break every single existing usage of the > time machine and thereby completely defeat the goal of providing > reproducible software environments since the commit hash is used to > identify the point in time to jump to. > > I doubt developing =E2=80=9Cmechanisms=E2=80=9D =E2=80=93 whatever they l= ook like =E2=80=93 would > be worth the effort. Our contributors matter, but so do our users. Never > ever rewriting our git history is a tradeoff we should make for our users. There may come a time where we don't really have another option but to rewrite (part of) history (e.g., if someone vandalizes the repository using incriminating/illegal files) - I hope that such vandalism would be caught quickly so that most guix installations would not be infected, but it may be a good idea to plan what to do in the unfortunte event that it is necessary to rewrite guix history