diff options
author | Jakub Kądziołka <kuba@kadziolka.net> | 2020-07-23 21:43:06 +0200 |
---|---|---|
committer | Jakub Kądziołka <kuba@kadziolka.net> | 2020-07-23 21:43:06 +0200 |
commit | d726b954baaeff876ce9728e00920fa45f529f9a (patch) | |
tree | 4b767b7586a1082dd2691bc33c3e45ace044e6e5 /doc/contributing.texi | |
parent | 9a74a7db8626bc139307d115f5cec2648f5273ad (diff) | |
parent | e165a2492d73d37c8b95d6970d453b9d88911ee6 (diff) | |
download | guix-d726b954baaeff876ce9728e00920fa45f529f9a.tar.gz |
Merge branch 'master' into core-updates
Conflicts: gnu/packages/ruby.scm
Diffstat (limited to 'doc/contributing.texi')
-rw-r--r-- | doc/contributing.texi | 37 |
1 files changed, 17 insertions, 20 deletions
diff --git a/doc/contributing.texi b/doc/contributing.texi index 2a73d2c47a..f5d73e78aa 100644 --- a/doc/contributing.texi +++ b/doc/contributing.texi @@ -42,30 +42,27 @@ git clone https://git.savannah.gnu.org/git/guix.git @cindex authentication, of a Guix checkout How do you ensure that you obtained a genuine copy of the repository? -Guix itself provides a tool to @dfn{authenticate} your checkout, but you -must first make sure this tool is genuine in order to ``bootstrap'' the -trust chain. To do that, run: +To do that, run @command{guix git authenticate}, passing if the commit +and OpenPGP fingerprint of the @dfn{channel introduction} +(@pxref{Invoking guix git authenticate}): -@c XXX: Adjust instructions when there's a known tag to start from. +@c The commit and fingerprint below must match those of the channel +@c introduction in '%default-channels'. @example -git verify-commit `git log --format=%H build-aux/git-authenticate.scm` -@end example - -The output must look something like: - -@example -gpg: Signature made Fri 27 Dec 2019 01:27:41 PM CET -gpg: using RSA key 3CE464558A84FDC69DB40CFB090B11993D9AEBB5 -@dots{} -gpg: Signature made Fri 27 Dec 2019 01:25:22 PM CET -gpg: using RSA key 3CE464558A84FDC69DB40CFB090B11993D9AEBB5 -@dots{} +guix git authenticate 9edb3f66fd807b096b48283debdcddccfea34bad \ + "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA" @end example @noindent -... meaning that changes to this file are all signed with key -@code{3CE464558A84FDC69DB40CFB090B11993D9AEBB5} (you may need to fetch -this key from a key server, if you have not done it yet). +This command completes with exit code zero on success; it prints an +error message and exits with a non-zero code otherwise. + +As you can see, there is a chicken-and-egg problem: you first need to +have Guix installed. Typically you would install Guix System +(@pxref{System Installation}) or Guix on top of another distro +(@pxref{Binary Installation}); in either case, you would verify the +OpenPGP signature on the installation medium. This ``bootstraps'' the +trust chain. The easiest way to set up a development environment for Guix is, of course, by using Guix! The following command starts a new shell where @@ -277,7 +274,7 @@ trigger string @code{origin...}, which can be expanded further. The @cindex insert or update copyright @cindex @code{M-x guix-copyright} @cindex @code{M-x copyright-update} -Additionaly we provide insertion and automatic update of a copyright in +We additionally provide insertion and automatic update of a copyright in @file{etc/copyright.el}. You may want to set your full name, mail, and load a file. |