[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#44612: Read standard input in `guix repl'
From: |
Bengt Richter |
Subject: |
bug#44612: Read standard input in `guix repl' |
Date: |
Fri, 13 Nov 2020 20:08:30 +0100 |
User-agent: |
Mutt/1.10.1 (2018-07-13) |
Hi Pierre,
On +2020-11-13 10:41:38 +0100, Pierre Neidhardt wrote:
> `guix repl` is a fantastic, hassle-free tool to bind Guix with
> third-party languages. I've done it here:
>
> https://github.com/atlas-engineer/nyxt/blob/2-pre-release-4/libraries/ospama/ospama-guix.lisp
>
> It just works!
>
> The only issue is that it needs to be passed a file, so I must create a
> temporary file so that I can call `guix repl` on it.
>
> It'd be better if we could send Guile code to the standard input of the
> `guix repl -` process to bypass file generation.
>
> Thoughts?
>
Would this enable people to type something like
wget -O - http:try.this.for.example.com/fun.mischief|guix repl -
and if so, can you suggest some options for automatic hash or signature
checking so that a paranoid could feel safe using a file pointed to
by a friend?
(I know one can already do silly stuff ... :)
I was hoping for a concise option that would enable a standard way of doing
integrity/trust checks by the stdin bufferful within guix. (Which I guess
implies
designing fun.mischief file syntax as some kind of container packet stream, with
individually verifiable packets -- what would that mean for input to guix
repl?).
Maybe a --paranoid option at the level of --dry-run or -n ?
(maybe configurable as default --paranoid=on :)
As far as avoiding file generation, a pipeline that needs file-size chunks to do
validation checks would only avoid file inode supply limits, right?
I guess YMMV per platform? IPC also has supply limits, IIRC.
Hm, what about an option for guix like
guix
--trust-manifest="file-containing-sufficient-verification-info-for-what-happens-next"
repl -
meaning e.g., sha256sum value for what would be passed via '-' and if that
contains references
to other files etc., than hashes or signatures etc for everything entailed.
> --
> Pierre Neidhardt
> https://ambrevar.xyz/
--
Regards,
Bengt Richter
bug#44612: Read standard input in `guix repl', Tobias Geerinckx-Rice, 2020/11/13