From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id 0FBxO9zK6WVMRgAA62LTzQ:P1 (envelope-from ) for ; Thu, 07 Mar 2024 15:10:37 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id 0FBxO9zK6WVMRgAA62LTzQ (envelope-from ) for ; Thu, 07 Mar 2024 15:10:37 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=futurile.net header.s=selector1 header.b=yy9Ibxwf; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1709820636; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=yajWlthXLZqbge+0qbiyUe78vLVWV9oXw+VjEcZTd8A=; b=GcLTQGNbdf62cqyeDvVqkGT+dESqTxYNIbb2PLRt9gLIUlp/2iKs7c3uSvHwDhhfBvBCEM qCjtVpWOviU0tdtD6zCWg/n/KyULYc9cdakCyYhCc6ZF5JlMocqT8hreL4383Cp0f4XErk S4ovu7ur30Eb27Q1IBwxMQfKszajW/g1YSJ2PFx3ENAsOwn5J2D05xvbG6m3779uF+IP/i vfkMJKTvZSu71bPAc2P7HfDh8SbGYVD4GWBEPY6eFlpZB+tJGETXBO03V/53d8xHhka5Zy ysTRnpgBPEg4LiX9FPZLtiP8PHfsO+I83bDubgkLROw+foYdyhtuJp3zDGKgHA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=futurile.net header.s=selector1 header.b=yy9Ibxwf; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1709820636; a=rsa-sha256; cv=none; b=SCwCZl0F3n952HBpxpgMaSm51V9wDQGbxOv+hWC/SLWNVPDyq9L1+NKU1UPR1D+uTN9g2+ KcEMYUBIgbjJBXkUJ3pl5qYz9T+ECyViF/Q4UCn5Q+C1j/29/+RE2zHiXHsb2bIgwclCzd qbuEUcCUoGc4oFGnteuL7kvNy5GX79ptlKgDxVKW/kqgIEQjwx9wwN0rcLwtqwzc9UVXw+ o0QHBz5fXxthbkDAjDUcQ20g7Rd4jzPlLfc01jJygcV878+dP3R4QA63wg9vcD70e5gBQM 9IVlxj38Axv3keHcPdpfV0veYeTg19ho1OkTJ/R2CK/6mAerixzmzxwjj/MMog== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 7E9DF605B0 for ; Thu, 7 Mar 2024 15:10:36 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1riERj-0004Cp-9e; Thu, 07 Mar 2024 09:10:07 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1riERe-0004CL-Ua for guix-devel@gnu.org; Thu, 07 Mar 2024 09:10:04 -0500 Received: from mailtransmit04.runbox.com ([2a0c:5a00:149::25]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1riERb-0000ke-J6 for guix-devel@gnu.org; Thu, 07 Mar 2024 09:10:02 -0500 Received: from mailtransmit03.runbox ([10.9.9.163] helo=aibo.runbox.com) by mailtransmit04.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1riERV-000W2P-SD; Thu, 07 Mar 2024 15:09:53 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=futurile.net; s=selector1; h=In-Reply-To:Content-Transfer-Encoding: Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=yajWlthXLZqbge+0qbiyUe78vLVWV9oXw+VjEcZTd8A=; b=yy9IbxwfFPLHxYFDYHEFbtbWe5 lfwODwPoKj4j/NIQq4yFwPGbR3j92udIWuwhc9VaAdaU+c9AzCEFfi4mJMgP5VIjpUaZr+aNLLyLb ZG2/AnPwx9kIPQ6DOkiKONg5kNIkDQ4Lu4uzmx/8dS7PxOP98F2utfoTL9SDvAicejX0QKHhzvm2B Y1zMzPStHKnmZA4qyFLq+5RCnBwTtYiYIS8ZTbaZ0/mnAIaYdBOVBhBkbB3p+rMfpkAtuuTA7YeKf Olu4omeRMH/bSLcSOepJZ3s02Fpx5tLPqA15gNNGvoxMjdTkHQ9GLR5mjr27pPJUtyNMCASGYV7iB +hwsXR9w==; Received: from [10.9.9.74] (helo=submission03.runbox) by mailtransmit03.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1riERV-0004Gh-9K; Thu, 07 Mar 2024 15:09:53 +0100 Received: by submission03.runbox with esmtpsa [Authenticated ID (641962)] (TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_256_GCM:256) (Exim 4.93) id 1riERL-000YWZ-0B; Thu, 07 Mar 2024 15:09:43 +0100 Date: Thu, 7 Mar 2024 14:09:32 +0000 From: Steve George To: =?utf-8?B?R8OhYm9y?= Boskovits Cc: Guix Devel , pjotr.public12@thebird.nl Subject: Re: GSoC 2024 Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Received-SPF: permerror client-ip=2a0c:5a00:149::25; envelope-from=steve@futurile.net; helo=mailtransmit04.runbox.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_PERMERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -8.62 X-Spam-Score: -8.62 X-Migadu-Queue-Id: 7E9DF605B0 X-Migadu-Scanner: mx13.migadu.com X-TUID: 50lXXRnwuxQU Hi, I had a couple of ideas - but would need help from someone to mentor 1. Moldable development in Guix Exploratory REPL experience is one of the hall-marks of 'moldable' systems. This shortens the development cycle and improves the ability of users to explore Guix. The best REPL experience today is through Emacs. We have a modern nREPL implementation that is compatible with Guile. This needs further development and the Guix client side improved. * Develop a basic CLI Nrepl experience in guile-ares-rs (https://git.sr.ht/~abcdw/guile-ares-rs) * Add further CLI REPL functions to Guix * Stretch goal to add a Guix / Guile Scheme nrepl support to Conjure (https://github.com/Olical/conjure/issues/549) This would need co-ordination with Andrew Tropin (abcw) and Oliver Caldwell (Olical), and some help from a Guix mentor. 2. Improving Docker image output (guix pack) Docker containers are a common deployment method for applications. While they may be good for deployment, they have weak reproducibilty which Guix solves. Docker containers generated by Guix for deployment are large compared to similar deployments using Nix or Alpine. The purpose of this project is to optimise the build and deployment pipeline in Guix. * Examine the current 'guix pack' process for optimisations * Optimise the build process to add docker specific capabilities like multi-stage builds * Explore using grafts or masking to reduce final image size ** NOTE:** I know this is a bit weak - I don't know enough about this myself yet - is this even a good target - I think it's interesting for scientific computing? 3. Add sandboxing to guix packages Improving the security for end-users by implementing optional sandboxing for desktop applications. The likes of Bubblewrap and Flatseal are available for Linux. There's some existing Nix prior-art that could be a good starting point (https://nixos.wiki/wiki/Firejail) and (https://sr.ht/~fgaz/nix-bubblewrap/) * Figure out which of the available options is the most sustainable * Integrate policys and implementation into high-profile packages * Stretch would be to create a Guile native library / approach Anyone interested in these - willing to mentor/co-mentor with me? On 4 Mar, Gábor Boskovits wrote: > Hello guix, > > I coordinated with the GNU org admins, and we can still do this round, > but we have to go fast to make this happen. I have already taken the > initiative to try to get an ideas page up, now I would like to confirm > if the mentors from last year are still available, and that the ideas > are still valid. > > Hereby I quickly collected the projects with the respective mentors, > please pm me your availability: > > Decentralized substitute distribution > pukkamustard (pukkamustard [at] posteo [dot] net) > attila.lendvai (ethswarm.org, scheme) > > Robustify long-term support for Reproducible Research > Simon Tournier (zimoun) > > Develop a Web interface to configure Guix System > Ludovic Courtès (civodul) > > Trusted computing: Goblins for GNU Guix > Christopher Webber, Ludovic Courtès and Pjotr Prins > > Guix Data Service revision processing instrumentation and performance > Christopher Baines > > Guile based build-tool > Pjotr Prins > > GNU Guix system monitor > Pjotr Prins > > Booting via network > Danny Milosavljevic > > Syntax and semantics of systemd units in the Shepherd > Ludovic Courtès (civodul) > > GNUnet integration > no mentor available > > Adding modules in support of continuous integration to cuirass > Ludovic Courtès (civodul) > > Continue rewrite build daemon in Guile Scheme > Ludovic Courtès (civodul) > > I myself am available to co-mentor, and also to be the formal mentor > in case someone does not feel like doing the official dance with > Google. Currently I can commit to devoting two hours a week to this. > > Regards, > g_bor >