[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#41767] [PATCH 0/9] Authenticate channels
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#41767] [PATCH 0/9] Authenticate channels |
|
Date: |
Tue, 09 Jun 2020 09:15:35 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) |
Ludovic Courtès <ludo@gnu.org> skribis:
> This patch series does it! It integrates checkout authentication
> with (guix channels). Now, ‘guix pull’, ‘guix time-machine’ etc.
> automatically authenticate the commits they fetch and raise an
> error if they find an unsigned commit or a commit signed by an
> unauthorized party¹.
[...]
> ¹ https://issues.guix.gnu.org/issue/22883#64
Something we didn’t discuss is that this model forbids a merge-request
kind of workflow, or at least the person who merges must sign the
commits, rewriting the merged branch.
I think it’s a reasonable tradeoff in this space, but it’s worth
keeping in mind.
Ludo’.
- [bug#41767] [PATCH 4/9] channels: 'latest-channel-instance' authenticates Git checkouts., (continued)
[bug#41767] [PATCH 7/9] channels: Automatically add introduction for the official 'guix' channel., Ludovic Courtès, 2020/06/08
[bug#41767] [PATCH 9/9] DROP? channels: Add prehistorical authorizations to <channel-introduction>., Ludovic Courtès, 2020/06/08
[bug#41767] [PATCH 3/9] tests: Move OpenPGP helpers to (guix tests gnupg)., Ludovic Courtès, 2020/06/08
[bug#41767] [PATCH 6/9] .guix-channel: Add 'keyring-reference'., Ludovic Courtès, 2020/06/08
[bug#41767] [PATCH 8/9] pull: Add '--disable-authentication'., Ludovic Courtès, 2020/06/08
[bug#41767] [PATCH 5/9] channels: Make 'validate-pull' call right after clone/pull., Ludovic Courtès, 2020/06/08
[bug#41767] [PATCH 0/9] Authenticate channels,
Ludovic Courtès <=
[bug#41767] [PATCH 0/9] Authenticate channels, zimoun, 2020/06/09
[bug#41767] [PATCH 0/9] Authenticate channels, Ludovic Courtès, 2020/06/13
bug#41767: [PATCH 0/9] Authenticate channels, Ludovic Courtès, 2020/06/16