Hi, Ricardo Wurmus skribis: > Ludovic Courtès writes: > >> In the end signing the commit/key pair does not buy us much. Someone >> publishing a valid but different commit/key pair would effectively be >> publishing a different channel, which could be a fork (made by a former >> authorized developer) or simply a mirror. In the latter case, there's >> nothing to be gained by publishing a different commit/key pair. >> >> * guix/channels.scm ()[signature]: Remove. >> (make-channel-introduction): Adjust accordingly. >> --- > […] >> (define (make-channel-introduction commit signer) >> "Return a new channel introduction: COMMIT is the introductory where >> authentication starts, and SIGNER is the OpenPGP fingerprint (a bytevector) of >> the signer of that commit." >> - (%make-channel-introduction commit signer #f)) >> + (%make-channel-introduction commit signer)) > > Do we still need this procedure at all? Looks like > %make-channel-introduction could simply be renamed to make-channel-introduction. ‘%make-channel-introduction’ is actually a macro, which is thus inlined. Exporting a procedure makes it easier to preserve ABI compatibility and allow for future extensions (keyword parameters, for instance). Ludo’.