From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp2 ([2001:41d0:2:bcc0::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id mEf+OuKA/F65HAAA0tVLHw
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 01 Jul 2020 12:26:10 +0000
Received: from aspmx2.migadu.com ([2001:41d0:2:bcc0::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp2 with LMTPS
	id WLu/NuKA/F4GYgAAB5/wlQ
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 01 Jul 2020 12:26:10 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx2.migadu.com (Postfix) with ESMTPS id 65CB0680020
	for <larch@yhetil.org>; Wed,  1 Jul 2020 12:26:09 +0000 (UTC)
Received: from localhost ([::1]:54732 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	id 1jqboV-0005NY-4D
	for larch@yhetil.org; Wed, 01 Jul 2020 08:26:07 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:34562)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1jqboQ-0005Lq-8O
 for guix-patches@gnu.org; Wed, 01 Jul 2020 08:26:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:40938)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1jqboP-00088h-Ui
 for guix-patches@gnu.org; Wed, 01 Jul 2020 08:26:01 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jqboP-0008PC-Ph
 for guix-patches@gnu.org; Wed, 01 Jul 2020 08:26:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#42048] [PATCH 6/6] services: provenance: Save channel
 introductions.
Resent-From: Ricardo Wurmus <rekado@elephly.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Wed, 01 Jul 2020 12:26:01 +0000
Resent-Message-ID: <handler.42048.B42048.159360632232262@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 42048
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: 42048@debbugs.gnu.org
Received: via spool by 42048-submit@debbugs.gnu.org id=B42048.159360632232262
 (code B ref 42048); Wed, 01 Jul 2020 12:26:01 +0000
Received: (at 42048) by debbugs.gnu.org; 1 Jul 2020 12:25:22 +0000
Received: from localhost ([127.0.0.1]:52483 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1jqbnl-0008OI-PK
 for submit@debbugs.gnu.org; Wed, 01 Jul 2020 08:25:22 -0400
Received: from sender4-of-o51.zoho.com ([136.143.188.51]:21128)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1jqbnj-0008O7-Kf
 for 42048@debbugs.gnu.org; Wed, 01 Jul 2020 08:25:20 -0400
ARC-Seal: i=1; a=rsa-sha256; t=1593606311; cv=none; 
 d=zohomail.com; s=zohoarc; 
 b=izgF5ymD4v7AFCK9uAeoJKOzKQLko35MqrtGQVyiqM8JqlMxPsqJ5q4za/dN0t5JQJeTTU6EmafSbjKnVkv7axGBAD6jM4H17ghTyEj338tgVkN5cmINum0m/jVaL9QMyLmKANyKK2cZ2WxMb87Pnr5jeL8HfO1oXUFfTmHHGTY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc; t=1593606311;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
 bh=wBpTdnHeD1YclneT7lienLtGCMfKPcy9Edk862KvR9w=; 
 b=kyqoHBmF66NK9cBcMjaQcpbIMCEEAotDM/S84HeqPfXYZN14C+Xrh/X2OrZYpJwhBS80vZQ95R3imLopYwUKet7bpWzerTu7SyySlAwaYBnLlaZfxtPCutBGxeL4hNZDVPnxbTYjtafh7W/Ay40C9v0bJJSyofz7S4D/GqLxCbw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
 dkim=pass  header.i=elephly.net;
 spf=pass  smtp.mailfrom=rekado@elephly.net;
 dmarc=pass header.from=<rekado@elephly.net> header.from=<rekado@elephly.net>
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1593606311; 
 s=zoho; d=elephly.net; i=rekado@elephly.net;
 h=References:From:To:Cc:Subject:In-reply-to:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding;
 bh=wBpTdnHeD1YclneT7lienLtGCMfKPcy9Edk862KvR9w=;
 b=JH/1276MvT00QjnhxYACRyvK8XZQBq/1eXRj5k5hA8abhNgx07RSyeWuRbna4PL4
 C6i+Kmw0Qu9nDAQu0qdiwn1S3fjcC86YuFgCb+yEN2+4sAZqL/KSJXLy3kpI9i1dCaq
 NBGqYLQhTsulU6vjcIgHb/9FnrTCBhVk4ikvs560=
Received: from localhost (p54ad4b9b.dip0.t-ipconnect.de [84.173.75.155]) by
 mx.zohomail.com with SMTPS id 1593606308781624.4483809455573;
 Wed, 1 Jul 2020 05:25:08 -0700 (PDT)
References: <20200625211605.29316-1-ludo@gnu.org>
 <20200625211605.29316-6-ludo@gnu.org> <87v9j8mtx9.fsf@elephly.net>
 <87imf847sr.fsf@gnu.org>
User-agent: mu4e 1.4.10; emacs 26.3
From: Ricardo Wurmus <rekado@elephly.net>
In-reply-to: <87imf847sr.fsf@gnu.org>
X-URL: https://elephly.net
X-PGP-Key: https://elephly.net/rekado.pubkey
X-PGP-Fingerprint: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
Date: Wed, 01 Jul 2020 14:25:04 +0200
Message-ID: <87366bmnhb.fsf@elephly.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-ZohoMailClient: External
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-Spam-Score: -1.0 (-)
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+larch=yhetil.org@gnu.org>
X-Scanner: scn0
Authentication-Results: aspmx2.migadu.com;
	dkim=fail (rsa verify failed) header.d=elephly.net header.s=zoho header.b=JH/1276M;
	dmarc=none;
	spf=pass (aspmx2.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org
X-Spam-Score: 1.99
X-TUID: VqMbLkjpbC02


Ludovic Court=C3=A8s <ludo@gnu.org> writes:

> So yes, I suppose we would need to extend the =E2=80=98.guix-channel=E2=
=80=99 format for
> dependencies.  Luckily it should be quite simply because that format is
> extensible; older Guix versions would ignore the =E2=80=98introduction=E2=
=80=99 field.
> It would look something like this:
>
>      (channel
>       (version 0)
>       (dependencies
>        (channel
>         (name some-collection)
>         (url "https://example.org/first-collection.git")
>         (introduction (channel-introduction
>                         (version 0)
>                         (commit "=E2=80=A6")
>                         (signer "=E2=80=A6"))))
>        (channel
>         (name some-other-collection)
>         (url "https://example.org/second-collection.git")
>         (branch "testing"))))   ;not an authenticated channel
>
> It does mean that a channel can indirectly trick you into turning off
> authentication for a dependent channel.  But I think that=E2=80=99s withi=
n the
> expectations for channels: when you choose a channel, you trust it
> enough to run its code.
>
> WDYT?

This sounds reasonable.  I agree that you=E2=80=99ve got to trust the chann=
el
authors anyway, so allowing them to provide the introduction is fair.

--=20
Ricardo