guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authenticating Git checkouts: step #1

From: zimoun
Subject: Re: Authenticating Git checkouts: step #1
Date: Sat, 21 Dec 2019 02:33:14 +0100 
Hi Ludo,

To be honest, I do not clearly understand what the issue is concretely
about. So I am probably out-of-scope and/or irrelevant.

One milestone could be to have Git tags and "guix pull" would 'jump'
between these tags. For an end-user like me, tags ease:
 a. the commit range specification (#1)
 b. memorize what I have already verified (#6)

Moreover, it would feed a variant of OPAM path or Qubes path as you
summarized here [1] or mitigate attacks if I understand the answers
there [2] or [3].

[1] https://issues.guix.info/issue/22883#12
[2] https://issues.guix.info/issue/22883#15
[3] https://issues.guix.info/issue/22883#26


Thank you for all this work.

All the best,
simon
reply via email to
[Prev in Thread] Current Thread [Next in Thread]