Xinglu Chen schreef op di 08-06-2021 om 19:36 [+0200]: > On Tue, Jun 08 2021, Maxime Devos wrote: > > > Xinglu Chen schreef op di 08-06-2021 om 17:40 [+0200]: > > > Using ‘call-with-output-file*’ instead of ‘call-with-output-file’ and ‘chmod’ > > > will prevent secrets from being leaked. See > > > ;;. > > > > This procedure LGTM (but I didn't test). > > However, > > > > > diff --git a/guix/build/utils.scm b/guix/build/utils.scm > > > index 419c10195b..df960eee84 100644 > > > --- a/guix/build/utils.scm > > > +++ b/guix/build/utils.scm > > > @@ -5,6 +5,7 @@ > > > > Modifying (guix build utils) entails a world-rebuild, as > > (guix build utils) is used by the build code of practically > > every package. I would suggest placing it in (gnu build activation) > > instead. > > Oh, I didn’t think about that. Moving it to (gnu build activation) > seems like a good option. > > Should I create a new “Activation” section in the manual, or should I > keep it in the “Build Utilities” section? The procedure isn't available during package building (well, (gnu build activation) _could_ be imported in a package definition using #:imported-modules & #:modules but it is not supposed to be used like that), so ‘Build Utilities’ doesn't seem appropriate, thus I'd suggest creating an "Activation" section in the manual. Maybe under ‘Programming Reference’, or after ‘Defining Services’ in the ‘System configuration’ chapter? Greetings, Maxime.