From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id 4K1qEfXPIWa/JgEA62LTzQ:P1 (envelope-from ) for ; Fri, 19 Apr 2024 03:59:17 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id 4K1qEfXPIWa/JgEA62LTzQ (envelope-from ) for ; Fri, 19 Apr 2024 03:59:17 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=GVNXp6sA; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1713491957; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=bHT7QKuflL7iLHn30fauZ+58g6V2VKVbVndcuzmpVMg=; b=nE9fKFE4XpY9+/P+gn6Gv9LZan29bOhtjlYDWMGbjHMOGb30776rmhzFf0mUUjTFMy7Bbh qiWskVRYx15xpnqzC/XCCRofihugGbiB9X0ETpLdomAJ//BFS7TbohRvLSZ2IJARFav1kw emKAQ5A+Wqg3onLhiE07Ld7pkEn9Q4HoRp6A9u76MufhhDSsbPV84XsQOOr0AfjLcNG6yV qHQI9R2xxKocNH93pIhi5ICaIfjkJybUxhYbHpZjo2EZoffUrU8h5x7/X6twjPdHGlhiMk WE0uX4Uw9ah2n5uKFuHhZGYIRAWtp44OD/4m1pt9tEKuVAcn/nUp3xhonTqY7A== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=GVNXp6sA; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1713491957; a=rsa-sha256; cv=none; b=dcTrDi4EVs/mssY/kgcXm/c5QSccyCt7GMyh6rtSPVSIPbfwQ7mNc44qOh2Nyaxbfk8kFr BuyEHnurUquait1Z6vqGwDmhDwDHzf36VS8sKgy9PmlK/OVfI357ohR3L/qfAiNJniGgg8 CjCfw5t26SRiUgisEfyzGIfIGDXN/1txJhpRUmfz4O9zda75FkjTyawjXeJ57nwFbfIXMG pq1zXPPMZd2QHsD9gLGU2dSZxGyIwRDxMHlwtt1jtgp8tVqgc2KpcLjDEYiIy06gYfruqe FePLMuCn3XAbRLdpeFTMYzRP6lDsP3NmcYs8EfR+NsR3m7Z3EO0v0l17zPHTEw== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 20C6463969 for ; Fri, 19 Apr 2024 03:59:16 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rxdWV-0007UE-V7; Thu, 18 Apr 2024 21:58:43 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rxdWT-0007Tp-NM for guix-devel@gnu.org; Thu, 18 Apr 2024 21:58:41 -0400 Received: from mail-qv1-xf2a.google.com ([2607:f8b0:4864:20::f2a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rxdWR-0003ua-58; Thu, 18 Apr 2024 21:58:40 -0400 Received: by mail-qv1-xf2a.google.com with SMTP id 6a1803df08f44-69b44071a07so12409496d6.3; Thu, 18 Apr 2024 18:58:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1713491917; x=1714096717; darn=gnu.org; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bHT7QKuflL7iLHn30fauZ+58g6V2VKVbVndcuzmpVMg=; b=GVNXp6sA5AY1p/Vt95Ob1aJiN94herdXNFJP8UjOnGJfrYc78Pv41/aDKwuPkS/JxB Le5jUtpCwKfW2RTHHByewjaRJRljC2DmABP+9paXLeBi4wOnZpxFBF6YU0TBQREmUA+J cfeWoB8ZzLR/ZSvMkMHtUBYluGFbax3Eei1MjEeUztlUoWfdTxXuzGlIFXdwx5SbtXBV yFMDrDozZllqZ8UJetu867KCxBP5vSqlHxXpRvP90YxUDVHwoxhA+EPlra4qMhgOEuyG +A2eKQXqd/Y5ynkqLxZdVBFkfujQDNFElYokQ+k9ijHy8lp+zyJrBMsf2ycaESRPC7op o9ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713491917; x=1714096717; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=bHT7QKuflL7iLHn30fauZ+58g6V2VKVbVndcuzmpVMg=; b=luJDnHoD1zXk9egFpe+8uBKkHjNz6lfQMOuFlPvLCtVwusvQrhnUY+3mhhhkz3f7az czJXXqtsd2rjbLHxJLr09QGMT0zgVdxIxaEZ4uqUdjuFZers8Z2fLQzSRYpSkbdhVQyX lrIKqzx64aqg+AuYxZB9Bea0y8eLaqvi6+knR52ncaMoH0UjyZgJAHELhlFlHWA2xEVo tZGnq2bezW0Q1HH2zebn6CQEByBMbZdvj+6dkCyf63fxuB7WcdigHwUxpx0vuSGQk/nE VWszEbFm1ZlSVIqPYTbgNIZylGaOHNY8uWF3T/2DH0BIwkHnGN5w5DX3bZMwlRA/NL84 INJw== X-Gm-Message-State: AOJu0YzGPgTI/4UShZZySHmaapvSp6XFPZwoarfz5OQHR51kH/6Me1Ci O+Y7qPxPnlYfE7ijlihNDIjln4aginMqg5+IwrhH89hU6R0hVBJW X-Google-Smtp-Source: AGHT+IGGiV/xm3YtKgl+6O68bJi4NeBqhoeWPNNuGo3BSJgkfBUYkv/ofN383YFe2GM0YqOtOsXsbw== X-Received: by 2002:a05:6214:bc4:b0:6a0:5ac3:d6f1 with SMTP id ff4-20020a0562140bc400b006a05ac3d6f1mr716687qvb.10.1713491916732; Thu, 18 Apr 2024 18:58:36 -0700 (PDT) Received: from hurd (dsl-159-201.b2b2c.ca. [66.158.159.201]) by smtp.gmail.com with ESMTPSA id w17-20020a056214013100b0069b57111a98sm290818qvs.79.2024.04.18.18.58.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Apr 2024 18:58:36 -0700 (PDT) From: Maxim Cournoyer To: Ludovic =?utf-8?Q?Court=C3=A8s?= Cc: guix-devel , richard@freakingpenguin.com, tona_kosmicznego_smiecia@interia.pl, felix.lechner@lease-up.com Subject: Re: Should we include nss-certs out of the box? In-Reply-To: <87il0pjmps.fsf@gnu.org> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?= =?utf-8?Q?s?= message of "Wed, 10 Apr 2024 16:50:39 +0200") References: <874jciuxqq.fsf@gmail.com> <87il0pjmps.fsf@gnu.org> Date: Thu, 18 Apr 2024 21:58:35 -0400 Message-ID: <87jzkum7uc.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2607:f8b0:4864:20::f2a; envelope-from=maxim.cournoyer@gmail.com; helo=mail-qv1-xf2a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -7.17 X-Migadu-Scanner: mx11.migadu.com X-Spam-Score: -7.17 X-Migadu-Queue-Id: 20C6463969 X-TUID: q6opidkfnR9h Hello, Ludovic Court=C3=A8s writes: [...] >> It apparently even makes it impossible to run 'guix pull', if I am to >> believe bug#62026. > > I don=E2=80=99t think that=E2=80=99s the case: see use of =E2=80=98le-cer= ts=E2=80=99 in (guix scripts > pull). OK, good to know! > >> Should we do as in bug#62026 and have this package be part of the >> recommended basic installation? It'd be in the basic set of an >> operating-system packages (via its default %base-packages set). It >> could still be manipulated via the Guix API (filtered out/replaced with >> something else). >> >> Is anyone opposed to having nss-certs in %base-packages? > > No objection from me. I=E2=80=99m partly responsible for the initial cho= ice to > not include nss-certs by default, but as you write, most likely everyone > installs it these days. > > Note that we=E2=80=99ll also need to remove that choice from the installe= r in > (gnu installer services). I went ahead and have now done so, and included a news entry for it. I've adjusted the OSes templates accordingly, the doc, and the installer in 65e8472a4b6fc6f66871ba0dad518b7d4c63595e. Let me know if I've missed anything. --=20 Thanks, Maxim