all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* Hacking ideas from the Reproducible Builds Summit
@ 2020-01-07 15:40 Ludovic Courtès
  2020-01-07 17:43 ` zimoun
  0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2020-01-07 15:40 UTC (permalink / raw)
  To: Guix-devel

[-- Attachment #1: Type: text/plain, Size: 228 bytes --]

Hello Guix!

I had taken note of some of the good ideas that were discussed at the
R-B Summit last month.  It’s very rough but I figured it can be useful
to share and might lead people to hack or to further brainstorm!


[-- Attachment #2: the notes --]
[-- Type: text/x-org, Size: 1249 bytes --]

#+TITLE: Reproducible Build Summit V (2019)

* reproducible builds

** TODO implement the “k out of n” policy in ‘guix substitute’

   - could read /etc/guix/policy.scm

** TODO add name tags to keys in /etc/guix/acl

** TODO make it easy to run CI

   - “guix ci -C channel.scm -m manifest.scm”

** TODO allow for “guix publish” publishing narinfos without any ‘URL’ field

   - to sign and publish hashes, without wasting bandwidth on nars

** TODO support IPFS in ‘guix publish’ and ‘guix substitute’

   - https://issues.guix.gnu.org/issue/33899

** TODO narinfo signatures only on the required fields

   - see %mandatory-fields in (guix scripts substitute)

** TODO keep narinfo signatures in the store database

   - check what Nix does

** TODO have ‘guix challenge’ automatically do “guix build --check” if needed (?)

* bootstrapping

** TODO use fixed-output derivations for “tar xf” like “guile-bootstrap” (?)

This would avoid complex dependencies on tar, xz, etc. in (gnu packages
bootstrap) & co.

** DONE create an <operating-system> where PID 1 spawns a build of the package graph
   - State "DONE"       from "TODO"       [2019-12-07 Sat 13:09]

[-- Attachment #3: Type: text/plain, Size: 12 bytes --]


Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2020-01-10 17:04 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-01-07 15:40 Hacking ideas from the Reproducible Builds Summit Ludovic Courtès
2020-01-07 17:43 ` zimoun
2020-01-08 10:42   ` Efraim Flashner
2020-01-10 17:04     ` Ludovic Courtès
2020-01-08 22:04   ` Ludovic Courtès

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.