From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-devel-bounces+larch=yhetil.org@gnu.org>
Received: from mp2.migadu.com ([2001:41d0:303:e16b::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms8.migadu.com with LMTPS
	id oLs2Dm9S+GW4ewEAe85BDQ:P1
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 18 Mar 2024 15:40:47 +0100
Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp2.migadu.com with LMTPS
	id oLs2Dm9S+GW4ewEAe85BDQ
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 18 Mar 2024 15:40:47 +0100
X-Envelope-To: larch@yhetil.org
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20230601 header.b=Ss+X0DiP;
	spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org";
	dmarc=pass (policy=none) header.from=gmail.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1710772847;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post:dkim-signature;
	bh=3eN/xbE5Vn5sTCpbIAbglPVORQ7jTUdJxopSwhLkq9Y=;
	b=lLAFKJGvOaJB9TLnEvvhzSbBNsXG/71D34V/+iPSjocxJ3QtYDaNC1bIgsRrCRUAtjQyaL
	waW/gKsyTOqeFSNhDA198TGWRqHK+5oEsSxUjNY8Qx9VcVJH8on0NVaW+rg0BiQJp+ZI4V
	uXzAzKfyz159ELrNlxfPvIj3RsKXBlHIfgICSuKQEdrI4XPlPAFGG+JCSuhdNzGsSyCubr
	3OBE0LaWslE+KEWD6iK1GUgPWkyg0VTHpQPMC5TieY9u7y1ZHjjbluMCd4Z/sDEwfPlrYY
	S/2a+Guc7Zg4IIRVAYPidCnIXLUPGdFAs4gCTyTS0hDyisc7M2UUo4PaaXQmbg==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20230601 header.b=Ss+X0DiP;
	spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org";
	dmarc=pass (policy=none) header.from=gmail.com
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1710772847; a=rsa-sha256; cv=none;
	b=BT0gBS124QJUmSIWZI5zxRdVeZIHVpl0l+oC1n7Ov0GlCpGn5RtdTWz01jLj///k6G93vJ
	mkpXk0Mc33P/+bpwTv4EsIrOahd1xwQWSIEtF/HQdzNKpAFaifIekRz9jZfwXkg8OVI9z5
	mYND2Z4bg03rt2v7biU5Ltdol2wNLdWI0KItw5VESYct0jL0iaKHyqW0tvtn9T3kdvV2EN
	hCZvJEEYrGXGd5OfgXyWxu7CtT2QS+0YcypgnnYwrwUktUDGCWc6HwKLT/qaz27pwEgc7V
	1sKk+rDPDQXE3hYLD/6wyd/f1h4Ss1T27+y+xTxB7ZMI1OQ/d9/Jowu6Ogs95g==
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 176DB67868
	for <larch@yhetil.org>; Mon, 18 Mar 2024 15:40:47 +0100 (CET)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-devel-bounces@gnu.org>)
	id 1rmE9j-0007bn-DJ; Mon, 18 Mar 2024 10:40:03 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <pinoaffe@gmail.com>)
 id 1rmE9c-0007ai-C6
 for guix-devel@gnu.org; Mon, 18 Mar 2024 10:39:56 -0400
Received: from mail-lf1-x136.google.com ([2a00:1450:4864:20::136])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <pinoaffe@gmail.com>)
 id 1rmE9T-0004JI-Rs
 for guix-devel@gnu.org; Mon, 18 Mar 2024 10:39:53 -0400
Received: by mail-lf1-x136.google.com with SMTP id
 2adb3069b0e04-513ccc70a6dso7616661e87.1
 for <guix-devel@gnu.org>; Mon, 18 Mar 2024 07:39:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1710772783; x=1711377583; darn=gnu.org;
 h=content-transfer-encoding:mime-version:message-id:in-reply-to:date
 :subject:cc:to:from:user-agent:references:from:to:cc:subject:date
 :message-id:reply-to;
 bh=3eN/xbE5Vn5sTCpbIAbglPVORQ7jTUdJxopSwhLkq9Y=;
 b=Ss+X0DiPPjbM8L0Uol6HEUh+R0gq0YuYx0BogOw6rO1jLoDn9sLW80OUF0GMeDBZiO
 MEC7xeUXhsraG5kILrV1R+6hKsVC39382kYWt2U4tgW8q5GdCuUlDYYFbcW38nMAPkNf
 G544p5PdPwZcVKeHQG2EHSRhhbiSY/Hi0lacig4QXlePhDIJ2Nn1OnYr/QbTDYnM0sXD
 8Zf5sh06hlARscJUX5o2dy9/P+m7gdKGZBwpj7ElNMPiWBeLb5LYrtWdiWJH/c6GNlsk
 sylteIm4N0PewpW9Ol4+ylqvRCksdLkbYAks7ttLEo/jDiyr2CH8jnxxJ/Zm955Oxaya
 3B/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1710772783; x=1711377583;
 h=content-transfer-encoding:mime-version:message-id:in-reply-to:date
 :subject:cc:to:from:user-agent:references:x-gm-message-state:from:to
 :cc:subject:date:message-id:reply-to;
 bh=3eN/xbE5Vn5sTCpbIAbglPVORQ7jTUdJxopSwhLkq9Y=;
 b=u4SoqDpGqVca9ADa9lv2BVMx7cI842yALsCYrp0TA2rPdD31kHo3FVmgUCVyQLgG1y
 uvz0+jbHmNs/UYnNflmXWMhdFcSpoKfdf52gpZjeYjD863W3fDILGwEhtBNMvW/gByKl
 xjWZpbipAxXRenLzV+iVgj4HmeEs1HOZk8vzVyUCyNio9snAT0iyZsbuTkqOX2qGtDCW
 jzK1ez4DSD9zzcyrnqQzs7hdms30guafr75oXsXzzGCiBtRJEuP2z9ykYQb410+y6kLC
 t9oJsu9tEWHhohqzqPTioPr29AxW2FdophbH0T5XAr5vkYi4FBALEeCVc2q6apXOco/u
 xrEA==
X-Forwarded-Encrypted: i=1;
 AJvYcCWwJZXY3cPD0KO6ttjBxIKrL25kp8KTBgXaobtt0HxxASKXj8LYVVhH1W+b9oJHMCGkpjtRk6cXINPrl44e2PGUuH4=
X-Gm-Message-State: AOJu0YypwweFsoL6JPDBrsm4EseHcepMyqOslrz4lsP3Z4i0/OJKFBCJ
 MBpamPwqe9Ss8UUElwZCTJX+/G97j7PnOpTo4LM/QCkmlSweKMaj
X-Google-Smtp-Source: AGHT+IE5/fsIFi1jT9hPEgWTiVype0OPCymT9jec7UmMzAB4kWIHEKi9FAGJNBu02VjqA/2VWUSauQ==
X-Received: by 2002:ac2:5f53:0:b0:513:24ba:466a with SMTP id
 19-20020ac25f53000000b0051324ba466amr5301539lfz.53.1710772783159; 
 Mon, 18 Mar 2024 07:39:43 -0700 (PDT)
Received: from localhost (h120217.upc-h.chello.nl. [62.194.120.217])
 by smtp.gmail.com with ESMTPSA id
 d26-20020a1709067f1a00b00a46a643b6fbsm2810169ejr.15.2024.03.18.07.39.42
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 18 Mar 2024 07:39:42 -0700 (PDT)
References: <87il1mupco.fsf@meson>
 <loEV1z9AXI7XsesnD5ZlILTLVKdYqF_lMH0BUWTpXGg7ae2W35XJov4AaOIrQJfiDbrH1NSgYx2vn4ZkcrlWYb6oL1y_qFvGvkhjSE9-wr0=@protonmail.com>
 <Zfa6VRoZJSA7JB-e@noor.fritz.box>
User-agent: mu4e 1.10.8; emacs 29.1
From: pinoaffe <pinoaffe@gmail.com>
To: Lars-Dominik Braun <lars@6xq.net>
Cc: Ryan Prior <rprior@protonmail.com>, Ian Eure <ian@retrospec.tv>,
 guix-devel@gnu.org
Subject: Re: Concerns/questions around Software Heritage Archive
Date: Mon, 18 Mar 2024 15:04:35 +0100
In-reply-to: <Zfa6VRoZJSA7JB-e@noor.fritz.box>
Message-ID: <87cyrrtxht.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=2a00:1450:4864:20::136;
 envelope-from=pinoaffe@gmail.com; helo=mail-lf1-x136.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: guix-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org
Sender: guix-devel-bounces+larch=yhetil.org@gnu.org
X-Migadu-Flow: FLOW_IN
X-Migadu-Country: US
X-Migadu-Spam-Score: -6.59
X-Spam-Score: -6.59
X-Migadu-Queue-Id: 176DB67868
X-Migadu-Scanner: mx13.migadu.com
X-TUID: T6kUWeHzZocr


Lars-Dominik Braun <lars@6xq.net> writes:
>> I have heard folks in the Guix maintenance sphere claim that we
>> never rewrite git history in Guix, as a matter of policy. I believe we
>> should revisit that policy (is it actually written anywhere?) with an
>> eye towards possible exceptions, and develop a mechanism for securely
>> maintaining continuity of Guix installations after history has been
>> rewritten so that we maintain this as a technical possibility in the
>> future, even if we should choose to use it sparingly.
>
> the fallout of rewriting Guix=E2=80=99 git history would be devastating. =
It
> would break every single Guix installation, because
>
> a) `guix pull` authenticates commits and we might lose our trust anchor
> if we rewrite history earlier than the introduction of this feature,
> b) `guix pull` outright rejects changes to the commit history to prevent
> downgrade attacks.
>
> Additionally it would break every single existing usage of the
> time machine and thereby completely defeat the goal of providing
> reproducible software environments since the commit hash is used to
> identify the point in time to jump to.
>
> I doubt developing =E2=80=9Cmechanisms=E2=80=9D =E2=80=93 whatever they l=
ook like =E2=80=93 would
> be worth the effort. Our contributors matter, but so do our users. Never
> ever rewriting our git history is a tradeoff we should make for our users.

There may come a time where we don't really have another option but to
rewrite (part of) history (e.g., if someone vandalizes the repository
using incriminating/illegal files) - I hope that such vandalism would be
caught quickly so that most guix installations would not be infected,
but it may be a good idea to plan what to do in the unfortunte event that
it is necessary to rewrite guix history