From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id 4Mu4GKOp116pJwAA0tVLHw (envelope-from ) for ; Wed, 03 Jun 2020 13:46:11 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id eP9pFKOp114xJQAA1q6Kng (envelope-from ) for ; Wed, 03 Jun 2020 13:46:11 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id AD418940039 for ; Wed, 3 Jun 2020 13:46:10 +0000 (UTC) Received: from localhost ([::1]:51002 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jgTia-0007jm-Ix for larch@yhetil.org; Wed, 03 Jun 2020 09:46:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55368) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jgTiU-0007je-MT for bug-guix@gnu.org; Wed, 03 Jun 2020 09:46:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:59093) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jgTiU-00022L-DD for bug-guix@gnu.org; Wed, 03 Jun 2020 09:46:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jgTiU-0003yz-9v for bug-guix@gnu.org; Wed, 03 Jun 2020 09:46:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#41604: guix pull impossible after rebasing a local repository Resent-From: John Soo Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Wed, 03 Jun 2020 13:46:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 41604 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 41604-submit@debbugs.gnu.org id=B41604.159119191215248 (code B ref 41604); Wed, 03 Jun 2020 13:46:02 +0000 Received: (at 41604) by debbugs.gnu.org; 3 Jun 2020 13:45:12 +0000 Received: from localhost ([127.0.0.1]:42406 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jgThg-0003xs-Bm for submit@debbugs.gnu.org; Wed, 03 Jun 2020 09:45:12 -0400 Received: from mail-pg1-f181.google.com ([209.85.215.181]:46292) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jgThW-0003wv-Vv for 41604@debbugs.gnu.org; Wed, 03 Jun 2020 09:45:11 -0400 Received: by mail-pg1-f181.google.com with SMTP id p21so1752758pgm.13 for <41604@debbugs.gnu.org>; Wed, 03 Jun 2020 06:45:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=asu-edu.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version:content-transfer-encoding; bh=KIYmWSo/ZBYOw8TFtKrUCcIYOMplwan/MjXBNrDL3/Q=; b=W1m9cIcp/FEN6ZqTuo95rimL0J8OK8Gyv+cHaHI47ag0GwcIQ6S4MCRApL3FY+w0X3 WRIA/N62GRRh9jovGrqryZgwuSo5Q7Au71QzibYWa5MWsbQc7RpXGpZbtHULlsEfIblB 8cLG0UJeLi+EIPKgh4q8zh4ovGwhKtUUizmqpp+fmps3j3DvJrsUIPPlNrQ0Oq8DW1WR I2A+QmKSN3BH7zRIhLNqlD/vRJqd35alPRf3f+pHftukWN7y4mJ2DDy2Qsm630/wE8B+ v1SuW0X9a4qHqu/Fr7m+EGaGj8vWALRrTQxAhGI8qhZeEAmt10mnGWTvZoZV4JwvtM2w uO0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version:content-transfer-encoding; bh=KIYmWSo/ZBYOw8TFtKrUCcIYOMplwan/MjXBNrDL3/Q=; b=HFc1h/vZGAlCG5seulGc84akPQWtfsQR5APM9y0WpPTf+zZgzrNBSVXLCWtp2mKT3o Vq8wm0ckKo6/odln8yPEB65zZYzNKH6jxgdRlBqb5ZoG6hDbJ6sx7NETF3H2wzhUT5iS Snxxx0JSvl/L4snKeSDZRFr7EtEL9Wz1vepugez7a5WvXmntHm+lcRl4k9drQ0g+caxN F87QzfjWQeBzuegLMjLudewchwSy0zPTmecb4BDBU5nqtJDJidPuZlqAiMRsWh/VMdmA wwLnSuy+r8HywpqB/wr7pemF/FDFAlZiAKxioGM2uEH9MGxYq916uUHrZfFXmURW3Qfs mK+w== X-Gm-Message-State: AOAM533xFh8hklRDzACZcpypzBUUKGnvvXu1ef4/om0em859N3pJP3VL 6IpXlTcnGRxfLUnGBrlVFviwqDiWjIU= X-Google-Smtp-Source: ABdhPJy5pStGpqySQElH2IEm/KQY5lDzeuVHDKpXTcugQymNcbM0GLlv/nUKy4sLgKqS+RgUFxnuRQ== X-Received: by 2002:a63:d04b:: with SMTP id s11mr27464443pgi.384.1591191896399; Wed, 03 Jun 2020 06:44:56 -0700 (PDT) Received: from ecenter ([2600:1700:83b0:8bd0:8e74:a824:70c:a859]) by smtp.gmail.com with ESMTPSA id q18sm1780477pgn.34.2020.06.03.06.44.55 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 03 Jun 2020 06:44:55 -0700 (PDT) From: John Soo References: <87zh9qofw7.fsf@asu.edu> <87a71kqyzw.fsf@gnu.org> Date: Wed, 03 Jun 2020 06:44:54 -0700 In-Reply-To: <87a71kqyzw.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Wed, 03 Jun 2020 11:28:51 +0200") Message-ID: <878sh41cx5.fsf@asu.edu> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 41604@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=asu-edu.20150623.gappssmtp.com header.s=20150623 header.b=W1m9cIcp; dmarc=fail reason="SPF not aligned (relaxed)" header.from=asu.edu (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: 0.09 X-TUID: hiVXC0WLRbwl Hi Ludo! I hope you are well. Ludovic Court=C3=A8s writes: > What happens is that =E2=80=98guix pull=E2=80=99 ensures that it only eve= r makes > =E2=80=9Cfast-forward=E2=80=9D updates by default, in Git parlance. The = goal is to > detect obvious =E2=80=9Cdowngrade attacks=E2=80=9D: > > https://issues.guix.gnu.org/41425 Oh I see, I'm sorry I did not participate in that issue, now. That makes sense and I'm glad to know this is part of the design. > (This can be overridden this by passing =E2=80=98--allow-downgrades=E2=80= =99.) Does '--allow-downgrades' support unrelated git histories? I tried that flag and it did not work. > The rebase workflow you describe unavoidably triggers the error because > every time you pull, you do a non-fast-forward pull (because the commit > you were previously using, as shown in =E2=80=98guix describe=E2=80=99, h= as been > rewritten and no longer exists in the new commit graph.) So at least, > it shows that the machinery works as advertised. :-) Totally. I think I understand the design goal now. > What I would recommend is for your channel to be a regular =E2=80=9Cfork= =E2=80=9D: you > create a branch containing your patches and regularly merge upstream > master back into your branch. That way, you don=E2=80=99t need to rewrite > history and =E2=80=98guix pull=E2=80=99 is happy. So far the need to avoid downgrade attacks makes sense. Here are the things I think should be considered: I have branches based on master in savannah that contain specific patch sets associated to patch requests upstream. I think I have 3 or 4 right now. My patches are also in the branch I have in channels.scm. I do that for a few reasons: 1. To test the patches 2. To workaround or use bugs/features/packages I want but are not upstream = yet. That means I tend to want to use my patches whether or not they are upstream yet. In fact I stopped working on my channel because it was so easy to just make patches on upstream to contribute back. It can take many months for patches to be merged. That is expected since we are all volunteers. Rebasing the patches is the easiest way to keep them up to date so they can be applied cleanly. There are two design and community goals I love about Guix: hackability and inclusivity. I feel that disallowing linear history makes the easiest way to contribute to, hack on, and participate in Guix much harder without proper support. For instance: instead of making patches on top of upstream it is now easier just to work on my channel. Certainly some tradeoffs should be made for security and I think your recent commit authentication work does that elegantly. Perhaps we can easily have hackability and security with a flag like --allow-downgrades called --allow-unrelated that allows the rebase workflow. WDYT? > Alternately, if you like to have linear history (for example because you > intend to eventually submit your patches upstream), you could use > TopGit, which roughly allows you to version-control your rebases. Hmm. I am unaware of TopGit but I find rebasing to be the simplest and easiest way to do my work. I'll look into it but I would rather not have to use another tool for simplicity's sake. > From a pure Guix perspective, it=E2=80=99s =E2=80=9Cnot-a-bug=E2=80=9D. = If one of the above > suggestions works for you, I think we can close this issue. I think I understand the reasoning now. I do hope a flag like --allow-unrelated might solve all the things. > HTH! Thanks as always. I really appreciate your communications. - John