From: Attila Lendvai <attila@lendvai.name>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 50814@debbugs.gnu.org
Subject: [bug#50814] [PATCH] guix: git-authenticate: Also authenticate the channel intro commit.
Date: Sun, 17 Oct 2021 10:09:24 +0000 [thread overview]
Message-ID: <RQVMMoKLN91IL7OY4XhljYSCt4hyEDqgKIcY9kOpNk6OHBTK46-oU78I6WzxpldpaaUSExfyl1vVXXpCaw0orq5fEYRhQOflzH1xM-snJU8=@lendvai.name> (raw)
In-Reply-To: <wd2szjiaeLK46fkuZuw5593yUyqo_N18oULu7hsDbGrZzHWTQw2H2cwlFs7-CemTb5CzENsmcrGKwB0yN2k8od--1tUTIsP-7rvxrAbq-Js=@lendvai.name>
> i'll investigate again later by running the test without the fix, and write
> up my results here, or better yet, in a better commit message.
i ran the test without my fix, and indeed it fails at two points:
1)
;; Should fail because it is signed with key2, not key1
(check-from "commit 3" #:should-fail? #true)
2)
;; It is not very intuitive why commit 1 and 2 should be trusted
;; at this point: commit 4 has previously been used as a channel
;; intro, thus it got marked as trusted in the ~/.cache/.
;; Because commit 1 and 2 are among its parents, it should also
;; be trusted at this point because of the cache. Note that
;; it's debatable whether this semantics is a good idea, but
;; this is how git-authenticate is and has been implemented for
;; a while (modulo failing to update the cache in the past when
;; taking certain code paths).
(check-from "commit 1")
(check-from "commit 2")
note that i have extended the above comments compared to what's in the
commits that i have sent previously (and i also fixed the check for
the warning). i suspect there are still things to discuss, so i'll
wait for any feedback before i resend the patches. i did not touch the
test code itself, so you can easily find these points in it.
> Yes please. In general, please start by reporting the bug: what you
> get, what you expected, and how to reproduce. That makes it easier
> to understand and evaluate proposed fixes.
understood. the problem is that it all started out as adding a
warning, and the rest were just side-quests... :)
> Alright. Please next time open one issue per topic: that’s a good
> way to maximize the chances that review happens in a timely fashion.
> :-)
can i mark dependencies between issues/patchsets?
because all that i could do here is split this into two sets of
commits (because of the dependencies between the commits):
1) the 3 test commits, and
2) the 2 guix commits.
i thought that separating the test that is exhibiting the bug, from
the fix that fixes it, would only hinder the process.
> I understand the behavior was surprising to you, but I’d like to see
> if we can pinpoint why. Can you think of anything that could be
> added to the documentation?
if we assume that everyone reads and internalizes every page of the
documentation of every software that they use, then i guess nothing
needs to be added.
but if our goal is to maximize the effectiveness of the users, then no
amount of static, free-flowing text can compete with a warning that is
signalled in close context to the issue.
i think the right question to ask here is how often would this warning
be superfluous. my assumption is that very rarely, if ever, but i may
not be aware of some use-cases.
looking forward to any feedback on how to improve this.
--
• attila lendvai
• PGP: 963F 5D5F 45C7 DFCD 0A39
--
If the source of fear is the unknown, and fear is the only way to be controlled, then knowledge is the only way to be free.
next prev parent reply other threads:[~2021-10-17 10:11 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-26 10:19 [bug#50814] [PATCH] guix: git-authenticate: Also authenticate the channel intro commit Attila Lendvai
2021-09-26 18:02 ` Leo Famulari
2021-10-09 13:44 ` Ludovic Courtès
2021-10-12 15:17 ` Leo Famulari
2021-09-26 18:14 ` Maxime Devos
2021-09-27 18:01 ` Attila Lendvai
2021-09-27 18:45 ` Attila Lendvai
2021-09-28 10:02 ` Maxime Devos
2021-09-28 1:05 ` [bug#50814] [PATCH 1/4] tests: Smarten up git repository testing framework Attila Lendvai
2021-09-28 1:05 ` [bug#50814] [PATCH 2/4] tests: Move keys into ./tests/keys/ and add a third ed25519 key Attila Lendvai
2021-09-28 1:05 ` [bug#50814] [PATCH 3/4] tests: Add failing test for .guix-authorizations and channel intro Attila Lendvai
2021-09-29 13:58 ` Maxime Devos
2021-09-28 1:05 ` [bug#50814] [PATCH 4/4] guix: git-authenticate: Fix authenticate-repository Attila Lendvai
2021-09-28 16:24 ` [bug#50814] [PATCH 1/5] tests: Smarten up git repository testing framework Attila Lendvai
2021-09-28 16:24 ` [bug#50814] [PATCH 2/5] tests: Move keys into ./tests/keys/ and add a third ed25519 key Attila Lendvai
2021-09-28 16:24 ` [bug#50814] [PATCH 3/5] tests: Add failing test for .guix-authorizations and channel intro Attila Lendvai
2021-09-28 16:24 ` [bug#50814] [PATCH 4/5] guix: Prepare the UI for continuable &warning exceptions Attila Lendvai
2021-09-29 14:13 ` Maxime Devos
2021-09-29 14:50 ` Attila Lendvai
2021-09-29 20:36 ` Maxime Devos
2021-09-29 21:22 ` Attila Lendvai
2021-09-29 22:03 ` Maxime Devos
2021-09-28 16:24 ` [bug#50814] [PATCH 5/5] guix: git-authenticate: Fix authenticate-repository Attila Lendvai
2021-09-29 23:14 ` Maxime Devos
2021-10-09 13:53 ` [bug#50814] [PATCH] guix: git-authenticate: Also authenticate the channel intro commit Ludovic Courtès
2021-10-09 15:31 ` Attila Lendvai
2021-10-12 9:39 ` Ludovic Courtès
2021-10-17 10:09 ` Attila Lendvai [this message]
2021-10-18 9:10 ` Ludovic Courtès
2021-10-18 15:27 ` Attila Lendvai
2021-10-10 14:15 ` [bug#50814] [PATCH] tests: Add test for .guix-authorizations and channel intro Attila Lendvai
2021-10-18 15:57 ` [bug#50814] [PATCH 1/5] tests: Smarten up git repository testing framework Attila Lendvai
2021-10-18 15:57 ` [bug#50814] [PATCH 2/5] tests: Move keys into ./tests/keys/ and add a third ed25519 key Attila Lendvai
2021-10-18 15:57 ` [bug#50814] [PATCH 3/5] guix: Prepare the UI for continuable &warning exceptions Attila Lendvai
2021-10-18 15:57 ` [bug#50814] [PATCH 4/5] guix: git-authenticate: Fix authenticate-repository Attila Lendvai
2021-10-18 15:57 ` [bug#50814] [PATCH 5/5] tests: Add test for .guix-authorizations and channel intro Attila Lendvai
2022-01-10 14:53 ` [bug#50814] [PATCH] guix: git-authenticate: Also authenticate the channel intro commit Ludovic Courtès
2022-04-04 6:47 ` Attila Lendvai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='RQVMMoKLN91IL7OY4XhljYSCt4hyEDqgKIcY9kOpNk6OHBTK46-oU78I6WzxpldpaaUSExfyl1vVXXpCaw0orq5fEYRhQOflzH1xM-snJU8=@lendvai.name' \
--to=attila@lendvai.name \
--cc=50814@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.