[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#25975: Use HTTPS in `guix pull`
From: |
Kei Kebreau |
Subject: |
bug#25975: Use HTTPS in `guix pull` |
Date: |
Sun, 05 Mar 2017 14:42:58 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Leo Famulari <address@hidden> writes:
> On Sun, Mar 05, 2017 at 03:59:16PM +0100, Marius Bakke wrote:
>> Note that this uses 'nss-certs' for easy testing, but is intended to use
>> 'le-certs' from this thread:
>>
>> https://lists.gnu.org/archive/html/guix-devel/2017-02/msg01146.html
>
> I am ready to prepare the le-certs package, but I am waiting for one
> more Guix project member to reproduce the repository, as requested in
> the message linked above. We should not use a custom certificate store
> that has not been inspected by several people.
>
Reproduce the repository using
GIT_SSL_CAINFO="/tmp/le-certs/le-certs.pem" git clone --depth=1
https://git.savannah.gnu.org/git/guix.git?
If so, I just did successfully. If not, how can I help?
>> From 6667ea5a2ec3a26dd5c4fb5f792485eeb941a969 Mon Sep 17 00:00:00 2001
>> From: Marius Bakke <address@hidden>
>> Date: Wed, 1 Mar 2017 22:11:02 +0100
>> Subject: [PATCH] pull: Default to HTTPS.
>>
>> * guix/scripts/pull.scm (%snapshot-url): Use HTTPS.
>> (guix-pull): Add GNUTLS and NSS-CERTS to inputs when appropriate.
>
> It works for me! Like I said before, I'm hoping a stronger Schemer than
> me will review it.
>
> And we should think about how it might fail and try to work-around those
> issues before anybody hits them in practice.
signature.asc
Description: PGP signature
bug#25975: Use HTTPS in `guix pull`, Ludovic Courtès, 2017/03/08