diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2024-05-07 15:54:44 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2024-05-25 16:23:56 +0200 |
| commit | 73b3f941d7d911a1b2bb2bf77d37cb3a12ed4291 (patch) | |
| tree | e9bad56f9dd556a77c7fe52ade2a418b14d49716 /doc/contributing.texi | |
| parent | 0efa1daad354216e9ce2adb078eb4d5254792e49 (diff) | |
| download | guix-73b3f941d7d911a1b2bb2bf77d37cb3a12ed4291.tar.gz | |
maint: Suggest ‘guix git authenticate’ for initial authentication.
The previous recommendation, running ‘make authenticate’, was insecure because it led users to run code from the very repository they want to authenticate: https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00252.html * Makefile.am (commit_v1_0_0, channel_intro_commit) (channel_intro_signer, GUIX_GIT_KEYRING, authenticate): Remove. * Makefile.am (.git/hooks/%): New target, generalization of previous ‘.git/hooks/pre-push’ target. (nodist_noinst_DATA): Add ‘.git/hooks/post-merge’. * doc/contributing.texi (Building from Git): Suggest ‘guix git authenticate’ instead of ‘make authenticate’. * etc/git/post-merge: New file. * etc/git/pre-push: Run ‘guix git authenticate’ instead of ‘make authenticate’. Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Reported-by: Skyler Ferris <skyvine@protonmail.com> Change-Id: Ia415aa8375013d0dd095e891116f6ce841d93efd
Diffstat (limited to 'doc/contributing.texi')
| -rw-r--r-- | doc/contributing.texi | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/doc/contributing.texi b/doc/contributing.texi index ecff6300bf..a0d6b5304a 100644 --- a/doc/contributing.texi +++ b/doc/contributing.texi @@ -276,25 +276,41 @@ From there on, you can authenticate all the commits included in your checkout by running: @example -make authenticate +guix git authenticate \ + 9edb3f66fd807b096b48283debdcddccfea34bad \ + "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA" @end example The first run takes a couple of minutes, but subsequent runs are faster. +On subsequent runs, you can run the command without any arguments since +the @dfn{introduction} (the commit ID and OpenPGP fingerprints above) +will have been recorded@footnote{This requires a recent version of Guix, +from May 2024 or more recent.}: -Or, when your configuration for your local Git repository doesn't match +@example +guix git authenticate +@end example + +When your configuration for your local Git repository doesn't match the default one, you can provide the reference for the @code{keyring} -branch through the variable @code{GUIX_GIT_KEYRING}. The following +branch @i{via} the @option{-k} option. The following example assumes that you have a Git remote called @samp{myremote} pointing to the official repository: @example -make authenticate GUIX_GIT_KEYRING=myremote/keyring +guix git authenticate \ + -k myremote/keyring \ + 9edb3f66fd807b096b48283debdcddccfea34bad \ + "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA" @end example +@xref{Invoking guix git authenticate}, for more information on this +command. + @quotation Note -You are advised to run @command{make authenticate} after every -@command{git pull} invocation. This ensures you keep receiving valid -changes to the repository. +By default, hooks are installed such that @command{guix git +authenticate} is invoked anytime you run @command{git pull} or +@command{git push}. @end quotation After updating the repository, @command{make} might fail with an error |