From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id COqBCfpjWmSH1gAASxT56A (envelope-from ) for ; Tue, 09 May 2023 17:17:14 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id wFxcCfpjWmQmQQEAauVa8A (envelope-from ) for ; Tue, 09 May 2023 17:17:14 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 8B5C020045 for ; Tue, 9 May 2023 17:17:13 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pwP5M-0005bN-Fq; Tue, 09 May 2023 11:17:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pwP5K-0005bE-Ub for bug-guix@gnu.org; Tue, 09 May 2023 11:17:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pwP5K-0007jF-M3 for bug-guix@gnu.org; Tue, 09 May 2023 11:17:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1pwP5K-0004Pw-IT for bug-guix@gnu.org; Tue, 09 May 2023 11:17:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#63331: Guile-GnuTLS/Git circular dependency Resent-From: Vivien Kraus Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 09 May 2023 15:17:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 63331 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Simon Josefsson , Christopher Baines Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= , 63331@debbugs.gnu.org Received: via spool by 63331-submit@debbugs.gnu.org id=B63331.168364537716918 (code B ref 63331); Tue, 09 May 2023 15:17:02 +0000 Received: (at 63331) by debbugs.gnu.org; 9 May 2023 15:16:17 +0000 Received: from localhost ([127.0.0.1]:44163 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pwP4a-0004On-LL for submit@debbugs.gnu.org; Tue, 09 May 2023 11:16:16 -0400 Received: from planete-kraus.eu ([89.234.140.182]:57138) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pwP4W-0004Ob-OE for 63331@debbugs.gnu.org; Tue, 09 May 2023 11:16:15 -0400 Received: from planete-kraus.eu (localhost.lan [127.0.0.1]) by planete-kraus.eu (OpenSMTPD) with ESMTP id 139de7c9; Tue, 9 May 2023 15:16:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h= message-id:subject:from:to:cc:date:in-reply-to:references :content-type:content-transfer-encoding:mime-version; s=dkim; bh=dJUyP5w4jHQqVDVYYTt9XG68CCg=; b=fj0L0djMPSewNo699ebMS8RWurQ1 FuSEBzSbD+/YpU6emlbbEKKF3jOe2F0NxftK/ypirnmvteUfKMRcCswsZmYa2gCQ 9XPiApaUZAwz0UcH4zxe8hDTV85AH7Phe6HwA7/7WiFLduF1alLgY2JUsvPaPA8S /1Rt3R278KBFC+0= Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id 6e416b58 (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO); Tue, 9 May 2023 15:16:05 +0000 (UTC) Message-ID: Date: Tue, 09 May 2023 17:19:05 +0200 In-Reply-To: <38565615c520136e5ea70a07c13ed0c4bedb68f1.camel@josefsson.org> References: <877ctljs0m.fsf@inria.fr> <8735472aep.fsf@josefsson.org> <874jol4uje.fsf@cbaines.net> <38565615c520136e5ea70a07c13ed0c4bedb68f1.camel@josefsson.org> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.46.4 MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Vivien Kraus From: Vivien Kraus via Bug reports for GNU Guix Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: bug-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Seal: i=1; s=key1; d=yhetil.org; t=1683645433; a=rsa-sha256; cv=none; b=Mi6KvYr6aBr8GaHMaBwGQQ7EEiGt7mkyFJG5h5RwCSGPdZoIs5+AzYvJd+TRhbsgEMvu8u CDVBLIwm85PN0XiH4Kj0j+r5dT2b0rjiGLbyCmrOgcgSRW5BW1H0LVk1HaunVogQiHy/Q8 OedEcMi7K3/JVSpRXdf875ePi9ADl7yX55Dv7Qvn4sXx6G+ZzuoupuLX+wDnjHzlKZ7CMn OWZ9wt6c8qcOjReTATKELghHhrnS0Mx2d4ZuleYZ3XMgoeZ8cbjk4NXZWTahhNBe3WHvG5 lC6cKsvajNxumkI2anCi84mryvhKB3y8DvOOfBRS79Flse3BIbPJGXllzRSfdQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=planete-kraus.eu header.s=dkim header.b=fj0L0djM; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1683645433; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=fLBSSdvB41W5Yta4TAwEO+ht9vP1xOCIsmXox7dy+l8=; b=oHJ+DR1GQ4CSJdWqGDSRj2PEkp12NoSPbKXa77+ZvsijZ8FvvWbegUhGtgTmp9E5oQtHlk lSdgfbxJz2A9aVPxCVMpJj/ZfyAIYzLJiABWMJ+TuCe0XYfA+4Yggn9E3tOSLhw+fmxrF3 6JTTcVIVyJ0BRq2kSdP8Cqxs63vY1WSGr5RXWybq+NDKcAVxQiVg0nx7VT5DBw6S4IPxX6 wWroi758ljAHBoQ4A0pGWbepMWY3sGjJZIs2W7xCMAE3RPltf7ZMGOVCMDeWR/XG5hjKg1 I4XcHDEpoyJP9zrUA7lYsZYVm8L8a0zuOeRvplEZFE3wPNicaxfZt0zOaG0LRQ== X-Migadu-Scanner: scn1.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=planete-kraus.eu header.s=dkim header.b=fj0L0djM; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -2.18 X-Spam-Score: -2.18 X-Migadu-Queue-Id: 8B5C020045 X-TUID: i/zk4LRiZGkg Le mardi 09 mai 2023 =C3=A0 14:23 +0200, Simon Josefsson a =C3=A9crit=C2=A0= : > A GitLab CI/CD build check on Guix would be nice, does anyone publish > docker images for a Guix system? The guix builder uses linux tools to provide an isolated build environment. It is possible to run the guix build daemon without this protection, so as to run it within a docker container, but build scripts may behave incorrectly if they run outside of the sandbox. They could see libraries that they should not be able to see and by that configure incorrectly, or install things where they should not. Guix packagers do not usually care if a build script writes files outside of its correct store directory, because of the isolation provided by the daemon. Such problems are thus hard to detect, and broken packages could be anywhere. This is mostly a hypothetical issue, but opam (for ocaml) warns about build scripts doing unpredictable things: https://opam.ocaml.org/doc/FAQ.html#Why-does-opam-require-bwrap Aside from that, guix is painfully slow in a container, and uses a lot of disk space. Vivien