Hi Mark, Ludo, and David, ludo@gnu.org (Ludovic Courtès) writes: > Hello, > > Chris Marusich skribis: > >> You've both said that you would prefer not to add git-fetch/impure to >> Guix. Can you help me to understand why you feel that way? I really >> think it would be nice if Guix could fetch Git repositories over SSH >> using public key authentication, so I'm hoping that we can talk about it >> and figure out an acceptable way to implement it. > > One argument against it would be that it encourages people (or at least > makes it very easy) to write origins that depend on external state, and > thus may be non-reproducible by others, and that Guix itself should > provide tools for writing reproducible build definitions. The impurity bothers me, too. If you don't have the right SSH key available or your SSH installation isn't configured in just the right way, then an origin defined using git-fetch/impure won't work. Could we eliminate the impurity by adding a feature to the guix-daemon that allows an administrator (i.e., root) to configure an SSH key for guix-daemon to use when fetching Git repositories over SSH? If it's possible, I think that would be preferable. What do you think of that idea? Also, here's a new version of the patch, which fixes/improves some random things I noticed. -- Chris