summary refs log tree commit diff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-07-11 12:42:58 +0200
committerLudovic Courtès <ludo@gnu.org>2020-07-11 12:42:58 +0200
commit62b8bbc2c2dd3c42ac5fff7bde846ff5047612bf (patch)
treef1e3d3bb346a0e9fb3950f497736faf180eff391
parent96bf434c70c4346c6402658d3ec57ef64a8e521e (diff)
downloadguix-62b8bbc2c2dd3c42ac5fff7bde846ff5047612bf.tar.gz
news: Add entry for 'guix git authenticate'.
* etc/news.scm: Add entry.
-rw-r--r--etc/news.scm16
1 files changed, 16 insertions, 0 deletions
diff --git a/etc/news.scm b/etc/news.scm
index 62ec68bab2..3279099ca2 100644
--- a/etc/news.scm
+++ b/etc/news.scm
@@ -13,6 +13,22 @@
 (channel-news
  (version 0)
 
+ (entry (commit "a98712785e0b042a290420fd74e5a4a5da4fc68f")
+        (title (en "New @command{guix git authenticate} command"))
+        (body
+         (en "The new @command{guix git authenticate} command authenticates a
+Git repository by verifying commit signatures and ensuring they all come from
+authorized parties, exactly like @command{guix pull} now does.
+
+This command is primarily useful to developers of channels.  It allows them to
+ensure, before pushing, that the channel only contains commits signed with
+authorized keys.  But this command is also useful anytime you use Git and want
+to allow people to authenticate code fetched from your repository.
+
+Run @command{info \"(guix) Invoking guix git authenticate\"} for more info,
+and see @uref{https://guix.gnu.org/blog/2020/securing-updates/} for details on
+these mechanisms.")))
+
  (entry (commit "43badf261f4688c8a7a7a9004a4bff8acb205835")
         (title (en "@command{guix pull} authenticates channels")
                (de "@command{guix pull} authentifiziert Kanäle")