Re: Help! I messed up guix-past

[zimoun]

Hi Konrad,

On Fri, 09 Sep 2022 at 18:10, Konrad Hinsen <konrad.hinsen@fastmail.net> wrote:

> After reading the relevant sections of the Guix manual, I conclude that
> I can in fact neither fix this, nor set myself up for doing better next
> time. Someone already authorized would have to add my key to
> .guix-authorizations first (after I add it to the keyrings
> branch). Correct?

Well, authentication had been introduced in guix-past on July 2020 by
commit 3024ca58ee914e1be67729a28a3e0289acaa7cf3.

--8<---------------cut here---------------start------------->8---
+If you’re a committer, please do this:
+
+```sh
+cat > .git/hooks/pre-push <<EOF
+#!/bin/sh
+exec guix git authenticate 0c119db2ea86a389769f4d2b9c6f5c41c027e336 "3CE4 6455 
8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5"
+EOF
+chmod +x .git/hooks/pre-push
+```
+
+This will check whether your commits are signed by a key listed in
+`.guix-authorizations` before pushing.
--8<---------------cut here---------------end--------------->8---

Indeed, we screwed up!  Because we have not checked that all committers
had been aware of this change.  The only way is that one person of:

--8<---------------cut here---------------start------------->8---
 (("AD17 A21E F8AE D8F1 CC02  DBD9 F7D5 C9BF 765C 61E3"
   (name "andreas"))
  ("3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5"
   (name "civodul"))
  ("A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351"
   (name "efraim"))
  ("BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC"
   (name "rekado"))
  ("E576 BFB2 CF6E B13D F571  33B9 E315 A758 4613 1564"
   (name "niedzejkob"))))
--8<---------------cut here---------------end--------------->8---

remove the problematic unsigned commit.  Maybe you can do it yourself,
push force to go back at ecfb8af08eb8aa7d7b6a4b1edcc5fb1e177fa214.

Then ask to one of authenticated people to add your GPG key.


Cheers,
simon