[bug#41767] [PATCH 9/9] DROP? channels: Add prehistorical authorizations to <channel-introduction>.

[Ludovic Courtès]

Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:

> Ludovic Courtès <ludo@gnu.org> writes:
>
>> This allows users to authenticate commits that were made before
>> '.guix-authorizations' was introduced.
>>
>> * guix/channels.scm (<channel-introduction>)[prehistorical-authorizations]:
>> New field.
>> (%guix-historical-committers): New variable.
>> (openpgp-fingerprint->bytevector): New procedure.
>> (%guix-channel-introduction): Add 'prehistorical-authorizations' field.
>> (authenticate-channel): Honor it.  Pass it as #:default-authorizations
>> to 'authenticate-commits'.
>> * build-aux/git-authenticate.scm (%historical-committers)
>> (%historical-authorized-signing-keys, commit-short-id): Remove.
>> * build-aux/git-authenticate.scm (git-authenticate): Rewrite to use
>> 'authenticate-channel'.
>> * tests/channels.scm ("authenticate-channel, wrong first commit signer")
>> ("authenticate-channel, .guix-authorizations"): Adjust accordingly.
>
> I'd be in favor of dropping this commit, to not be burdened by legacy
> complexity, which I'm doubtful would see much use anyway.  This means
> that a channel require all its commits to have a .guix-authorizations
> file to be authenticated.  I think that's fine.

Yeah, makes sense to me.

> The series LGTM.  I haven't tested it locally, but the tests give me
> confidence.

Cool.  I’ll reply to your other comments soonish.

Anyhow, I’ll leave a few more days for people to weigh in before going
further.

Thanks for reviewing!

Ludo’.