Hi Ludo,
On Wed, 3 Jun 2020 at 17:14, Ludovic Courtès <ludo@gnu.org> wrote:
Toggle quote (11 lines)
> >> (This can be overridden this by passing ‘--allow-downgrades’.)
> >
> > Does '--allow-downgrades' support unrelated git histories? I tried that
> > flag and it did not work.
>
> It supports unrelated Git histories. It could really be called
> ‘--allow-anything’ but I thought it’d be less descriptive. :-)
>
> If you hit a problem with that, please report it (perhaps I just
> overlooked it in the other issue.)
I think it is not a bug and it is a feature* :-) but the behaviour has
changed for the commits which do not belong to the repo anymore.
That's why John has not seen the issue of his "rebase workflow"
before.
*feature: at least, it seems expected from what I understand of the code. :-)
Let remind the commit history. Instead of create a channel file, I
directly use the raw repo, but it is the same for any channel (Git
repo).
Toggle snippet (15 lines)
$ SRC=~/.cache/guix/checkouts/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq
$ git -C $SRC --no-pager log --oneline c873980d18^..8bd0b533b3
8bd0b533b3 gnu: libexif: Update to 0.6.22 [security fixes].
e451612602 gnu: libgphoto2: Update to 2.5.25.
9744cc7b46 pull: Protect against downgrade attacks.
872898f768 channels: 'latest-channel-instances' guards against
non-forward updates.
8d1d56578a git: 'update-cached-checkout' returns the commit relation.
9b049de84e channels: 'latest-channel-instances' doesn't leak internal state.
c098c11be8 git: Add 'commit-relation'.
86ac14b2f3 (HEAD -> master) gnu: protonvpn-cli: Tweak description.
c873980d18 gnu: Add protonvpn-cli.
Here, a first session from a commit before the "downgrade attacks"
commit. A commit is added, then pulled, then rebased where this
addition is totally deleted of the Git repo, then another pulled. No
error at all.
Toggle snippet (41 lines)
$ guix describe
Generation 34 Jun 05 2020 02:16:22 (current)
guix 86ac14b
repository URL: https://git.savannah.gnu.org/git/guix.git
commit: 86ac14b2f37efbb6f4a3ed1c3e183fbc9496b7a5
$ echo hello >> $SRC/README && git -C $SRC commit -am hello
[master 20e984e931] hello
1 file changed, 1 insertion(+)
$ guix pull --commit=$(git -C $SRC rev-parse HEAD)
Updating channel 'guix' from Git repository at
'https://git.savannah.gnu.org/git/guix.git'...
Building from this channel:
guix https://git.savannah.gnu.org/git/guix.git 20e984e
Computing Guix derivation for 'x86_64-linux'... /
$ guix describe
Generation 35 Jun 05 2020 02:32:43 (current)
guix 20e984e
repository URL: https://git.savannah.gnu.org/git/guix.git
commit: 20e984e9311404295c9c82b54eac1c277709b0a0
$ git -C $SRC reset --hard HEAD^
HEAD is now at 86ac14b2f3 gnu: protonvpn-cli: Tweak description.
$ git -C $SRC reflog expire --expire-unreachable=now --all
$ git -C $SRC gc --prune=now --quiet
$ git -C $SRC show 20e984e9311404295c9c82b54eac1c277709b0a0
fatal: bad object 20e984e9311404295c9c82b54eac1c277709b0a0
$ guix pull --commit=c873980d18
Updating channel 'guix' from Git repository at
'https://git.savannah.gnu.org/git/guix.git'...
Building from this channel:
guix https://git.savannah.gnu.org/git/guix.git c873980
Computing Guix derivation for 'x86_64-linux'... /
Now the same session after the introduction of '--allow-downgrades'.
Toggle snippet (39 lines)
$ guix describe
Generation 37 Jun 05 2020 01:28:52 (current)
guix 8bd0b53
repository URL: https://git.savannah.gnu.org/git/guix.git
commit: 8bd0b533b30d7ee5e03aee99a2eb96d5b0b1c836
$ echo hello >> $SRC/README && git -C $SRC commit -am hello
[master 09f6e9b34c] hello
1 file changed, 1 insertion(+)
$ guix pull --commit=$(git -C $SRC rev-parse HEAD)
Updating channel 'guix' from Git repository at
'https://git.savannah.gnu.org/git/guix.git'...
Building from this channel:
guix https://git.savannah.gnu.org/git/guix.git 09f6e9b
Computing Guix derivation for 'x86_64-linux'... /
$ guix describe
Generation 38 Jun 05 2020 02:57:13 (current)
guix 09f6e9b
repository URL: https://git.savannah.gnu.org/git/guix.git
commit: 09f6e9b34c6239bcdd8ca9e030d698b5244507a6
$ git -C $SRC reset --hard HEAD^
HEAD is now at 8bd0b533b3 gnu: libexif: Update to 0.6.22 [security fixes].
$ git -C $SRC reflog expire --expire-unreachable=now --all
$ git -C $SRC gc --prune=now --quiet
$ git -C $SRC show 09f6e9b34c6239bcdd8ca9e030d698b5244507a6
fatal: bad object 09f6e9b34c6239bcdd8ca9e030d698b5244507a6
$ guix pull --commit=e451612602 --allow-downgrades
Updating channel 'guix' from Git repository at
'https://git.savannah.gnu.org/git/guix.git'...
guix pull: error: Git error: object not found - no match for id
(09f6e9b34c6239bcdd8ca9e030d698b5244507a6)
Well, I admit it is an unexpected use-case. The solution here is to
'--roll-back' but it can be tedious if we are talking about several
commits which had been removed in the channel by the user. Therefore,
the best is to use "--list-generations" to find a generation with an
existing commit and switch to it with "guix pull
--switch-generation=NN". However, some '--news' will be lost. No
free lunch. ;-)
I do not think it will be worth to allow this kind of workflow but one
solution could be to add a flag, i.e., '--allow-downgrade=dangerous',
and bypass 'commit-relation' which is somehow the culprit here.
IMHO, it is better to document what to do when someone does a mistake
by removing the current commit where they is currently (describe).
WDYT?
All the best,
simon