From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id SHWNGX669mWwSQAA62LTzQ:P1 (envelope-from ) for ; Sun, 17 Mar 2024 10:40:14 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id SHWNGX669mWwSQAA62LTzQ (envelope-from ) for ; Sun, 17 Mar 2024 10:40:14 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=6xq.net header.s=MBO0001 header.b=KPcaE4wR; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=6xq.net ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1710668414; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=3fHZYEh7p2kjhEo9E3RpvaDhQD9/ZQ3XP6JPGy/4HZk=; b=VkPo3x57VG/AwHPpUr8u0p0o47LT4OeRNdurwdGIFLY2wNhLcxZ7nrLGsX1HVx4ncmsUIN WTqD6utMJ9JL8ESyu/N8NMXSXzUzjQHCMzi5Z7U8QaWfXZck3GR8A4tawAjxbFOczMCjoO bK3EOwiZZGkWgltc92EQj+12unADwDB5htSIeoapVkV3d9G4HUKygS+fGN4TKAnivjq2AH oWlLTV7QQx9DCYmaN1MnhlhW261BcZyIT1UFBVA1q0oV1DYIIfYuxoyGvBE/e1VxwJGuXP 1yW9YKjoKVNZF1VlHX7VB7j1nBjBy2dMFaxkRlP3/4Bwt879rYN72QJXquPGhQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=6xq.net header.s=MBO0001 header.b=KPcaE4wR; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=6xq.net ARC-Seal: i=1; s=key1; d=yhetil.org; t=1710668414; a=rsa-sha256; cv=none; b=qD0KYQuXhex4/Qjekbp7GTFJzTPes4Yv6FZa1hLNDNmlolhbZMlAS7qD5gfWrXTtvT4NmT wekgbElrgRMjjhngia0uur/tJFmH8WL6Lh6O2dztxi5BO9KI87lK7AdUSD0wRG/lyngQk0 C/tqJBOrzzLdjyrvGKUqyS7x44QOtZjv9bdkEis9bO5tlweZMAlOpQisFu/+0QOGBz5vyl G8489ZFXj66Y1HsoLJvroOCOplKIX6dXhzkEnxuvQbKXK1HNn93jyLs+ViPddRafUAeE6t W0ZiKuBLVLfaIvJUuXD/vIEVpFbily0jaRZ6/AdFGsRRp8h69OJbezX/3SB+HA== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2CDBA1A661 for ; Sun, 17 Mar 2024 10:40:14 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rlmzb-0000Xa-Ai; Sun, 17 Mar 2024 05:39:47 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rlmzY-0000X8-U4 for guix-devel@gnu.org; Sun, 17 Mar 2024 05:39:44 -0400 Received: from mout-p-103.mailbox.org ([2001:67c:2050:0:465::103]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from ) id 1rlmzX-0000BV-0o for guix-devel@gnu.org; Sun, 17 Mar 2024 05:39:44 -0400 Received: from smtp2.mailbox.org (smtp2.mailbox.org [10.196.197.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-103.mailbox.org (Postfix) with ESMTPS id 4TyCcm37bVz9scd; Sun, 17 Mar 2024 10:39:36 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=6xq.net; s=MBO0001; t=1710668376; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3fHZYEh7p2kjhEo9E3RpvaDhQD9/ZQ3XP6JPGy/4HZk=; b=KPcaE4wR3V+e6eNWFhcEFr4hDyAd7Sjlv7DMfXBxzHP9balHOvnbeNPQW6R3qt2kAMdHp1 a5plxKcHM7b9Vk2zNP+9cDiaVGdQ5Ppf631j9yWIt1o1ST5IMu+bw2f5kJOrljOSsGE4TL rGGE4TiQq57s2QV/i/FkBPDe9HY7SZGpToiBoA6QQ2tMQTf4IOYpA/KMQZMbTc8FChQG13 4YOuQ5n98ACfSwus9br5C+1kHbVwdpOFT3wVtm/Y9Qp83yBI/GKnounmVOS657j53uBW08 zEy7imR+mcmF50VdrSYTgw7id7XagRomKrq0OnPuQz2kJkL12GlxiPdWRwXIZg== Date: Sun, 17 Mar 2024 10:39:33 +0100 From: Lars-Dominik Braun To: Ryan Prior Cc: Ian Eure , guix-devel Subject: Re: Concerns/questions around Software Heritage Archive Message-ID: References: <87il1mupco.fsf@meson> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Received-SPF: pass client-ip=2001:67c:2050:0:465::103; envelope-from=lars@6xq.net; helo=mout-p-103.mailbox.org X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Scanner: mx12.migadu.com X-Migadu-Spam-Score: -4.65 X-Spam-Score: -4.65 X-Migadu-Queue-Id: 2CDBA1A661 X-TUID: 4IwKlihlIJly Hey, > I have heard folks in the Guix maintenance sphere claim that we never rewrite git history in Guix, as a matter of policy. I believe we should revisit that policy (is it actually written anywhere?) with an eye towards possible exceptions, and develop a mechanism for securely maintaining continuity of Guix installations after history has been rewritten so that we maintain this as a technical possibility in the future, even if we should choose to use it sparingly. the fallout of rewriting Guix’ git history would be devastating. It would break every single Guix installation, because a) `guix pull` authenticates commits and we might lose our trust anchor if we rewrite history earlier than the introduction of this feature, b) `guix pull` outright rejects changes to the commit history to prevent downgrade attacks. Additionally it would break every single existing usage of the time machine and thereby completely defeat the goal of providing reproducible software environments since the commit hash is used to identify the point in time to jump to. I doubt developing “mechanisms” – whatever they look like – would be worth the effort. Our contributors matter, but so do our users. Never ever rewriting our git history is a tradeoff we should make for our users. Lars