From: Konrad Hinsen <konrad.hinsen@fastmail.net>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: guix-devel@gnu.org
Subject: Re: Profiles/manifests-related command line interface enhancements
Date: Sun, 17 Nov 2019 11:44:55 +0100 [thread overview]
Message-ID: <m1imnisrx4.fsf@ordinateur-de-catherine--konrad.home> (raw)
In-Reply-To: <87d0drscng.fsf@gnu.org>
Hi Ludo,
> I’d like to think that writing Guile declarations for the OS config,
> manifest, etc. is not just for “power users”. After all people, or
> rather “computer-savvy” people in a broad sense, write JSON, YAML,
> custom config files etc. routinely, and I don’t think the typical config
> we propose is any “harder”. You may say I’m a dreamer, but I’m not the
> only one. 𝅗𝅥𝅘𝅥 ;-)
The problem with powerful formal languages (read: Turing-complete) is
not writing, but (1) debugging and (2) reading.
1. Writing a manifest file in Guile is no harder than writing a list
in YAML or whatever. But leave out the closing quote behind a
package name, and you will get an error message that will make
no sense to someone unfamiliar with the *complete* Scheme syntax.
For a small and simple file, you can usually spot the problem by
inspection (i.e. without the error message), but for more complex
files, it makes sense to use a more constrained language in order
to provide better error reporting.
BTW, the Racket team makes that point to argue for their rather
complex macro system. It takes much longer to master than traditional
Lisp or Scheme macros, but it supports writing macros with error
reporting that makes sense to someone who didn't read the macro code.
2. Power users will always write code in powerful languages that exceed
what less advanced users can deal with. And since power users are not
necessarily benevolent, this creates a trust issue for the less
advanced ones.
For a long version of these arguments, see
https://hal.archives-ouvertes.fr/hal-01966145/document
> I think we need to focus on specific scenarios though.
Definitely!
> IOW, users of a channel have to trust it to not be malicious,
> regardless of the fact that its Guile code runs unrestricted.
Yes. That's perhaps something that the manual should point out
explicitly. Also, a more specific user interface ("guix channel add
URL") could show a warning.
> For manifests shared over the net, the situation may be different: a
> manifest could refer to packages in the channels you trust, and thus
> there’s value in not having to trust the manifest code itself.
Exactly, and that's the idea that got me into this thread.
> It’s still a bit too abstract, but for the purposes of sharing and
> publishing “super packages” as you wrote, we could define a
> purely-declarative format (could be JSON, could be Guile code that can
> run under (ice-9 sandbox) or with ‘eval/container’) that people could
> use instead unrestricted as is currently the case.
Yes, that's one way to go. BTW, I didn't know about eval/container,
I'll have to look at it!
Cheers,
Konrad.
next prev parent reply other threads:[~2019-11-17 10:45 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-23 16:37 Profiles/manifests-related command line interface enhancements Pierre Neidhardt
2019-10-24 9:00 ` Mark H Weaver
2019-10-24 9:32 ` Pierre Neidhardt
2019-10-24 16:28 ` Pierre Neidhardt
2019-10-24 16:42 ` Danny Milosavljevic
2019-10-24 18:16 ` Pierre Neidhardt
2019-10-24 19:23 ` Mark H Weaver
2019-10-24 20:04 ` Pierre Neidhardt
2019-10-24 21:35 ` Mark H Weaver
2019-10-25 9:29 ` Pierre Neidhardt
2019-10-31 11:38 ` Pierre Neidhardt
2019-11-03 14:18 ` Ludovic Courtès
2019-11-04 10:39 ` Pierre Neidhardt
2019-11-04 11:06 ` zimoun
2019-11-05 6:26 ` Konrad Hinsen
2019-11-05 8:35 ` Hartmut Goebel
2019-11-05 9:03 ` Konrad Hinsen
2019-11-05 9:09 ` Hartmut Goebel
2019-11-05 9:22 ` Pierre Neidhardt
2019-11-05 15:36 ` zimoun
2019-11-05 16:05 ` Konrad Hinsen
2019-11-06 12:09 ` zimoun
2019-11-07 13:07 ` Konrad Hinsen
2019-11-06 17:07 ` Ludovic Courtès
2019-11-06 22:21 ` Bengt Richter
2019-11-07 13:52 ` Konrad Hinsen
2019-11-06 16:35 ` Ludovic Courtès
2019-11-07 7:46 ` Konrad Hinsen
2019-11-07 9:04 ` Pierre Neidhardt
2019-11-07 11:14 ` Konrad Hinsen
2019-11-07 11:36 ` Pierre Neidhardt
2019-11-09 17:59 ` Ludovic Courtès
2019-11-10 9:36 ` Konrad Hinsen
2019-11-11 15:56 ` A better XML, config is code (was Re: Profiles/manifests-related command line...) Giovanni Biscuolo
2019-11-13 15:28 ` Konrad Hinsen
2019-11-12 8:55 ` Profiles/manifests-related command line interface enhancements Andy Wingo
2019-11-12 20:07 ` Konrad Hinsen
2019-11-13 20:58 ` Bengt Richter
2019-11-16 22:02 ` Ludovic Courtès
2019-11-17 10:44 ` Konrad Hinsen [this message]
2019-11-18 14:25 ` zimoun
2019-11-19 10:24 ` Konrad Hinsen
2019-11-23 17:10 ` Ludovic Courtès
2019-11-25 11:06 ` Konrad Hinsen
2019-11-26 9:51 ` On DSLs Ludovic Courtès
2019-12-02 19:05 ` zimoun
2019-12-02 19:11 ` Julien Lepiller
2019-12-03 10:19 ` Konrad Hinsen
2019-12-03 14:12 ` Ricardo Wurmus
2019-12-03 15:46 ` zimoun
2019-12-04 6:33 ` Bengt Richter
2019-12-10 16:26 ` Ludovic Courtès
2019-12-08 8:48 ` Konrad Hinsen
2019-12-03 10:26 ` Konrad Hinsen
2019-12-03 12:00 ` zimoun
2019-11-11 14:13 ` Profiles/manifests-related command line interface enhancements Hartmut Goebel
2019-11-16 22:27 ` Ludovic Courtès
2019-11-17 11:30 ` Konrad Hinsen
2019-11-18 14:40 ` zimoun
2019-12-22 19:40 ` Andreas Enge
2019-12-22 20:39 ` Pjotr Prins
2019-11-18 14:15 ` zimoun
2019-11-26 9:36 ` Ludovic Courtès
2019-11-06 16:42 ` Ludovic Courtès
2019-11-07 12:57 ` zimoun
2019-11-17 10:35 ` Package inputs in manifests Ludovic Courtès
2019-11-17 23:11 ` Bengt Richter
2019-11-18 17:14 ` zimoun
2019-11-23 14:05 ` Ludovic Courtès
2019-11-24 5:49 ` Bengt Richter
2019-11-24 7:17 ` Timothy Sample
2019-11-25 3:42 ` Bengt Richter
2019-11-18 16:18 ` zimoun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1imnisrx4.fsf@ordinateur-de-catherine--konrad.home \
--to=konrad.hinsen@fastmail.net \
--cc=guix-devel@gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).