From debbugs-submit-bounces@debbugs.gnu.org Sun Jan 03 13:16:19 2021 Received: (at 45409) by debbugs.gnu.org; 3 Jan 2021 18:16:19 +0000 Received: from localhost ([127.0.0.1]:38583 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kw7vO-0000FB-Hk for submit@debbugs.gnu.org; Sun, 03 Jan 2021 13:16:18 -0500 Received: from mira.cbaines.net ([212.71.252.8]:40424) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kw7vM-0000F3-Oi for 45409@debbugs.gnu.org; Sun, 03 Jan 2021 13:16:17 -0500 Received: from localhost (92.41.186.20.threembb.co.uk [92.41.186.20]) by mira.cbaines.net (Postfix) with ESMTPSA id 0830427BC09; Sun, 3 Jan 2021 18:16:15 +0000 (GMT) Received: from capella (localhost [127.0.0.1]) by localhost (OpenSMTPD) with ESMTP id 2d7a6d26; Sun, 3 Jan 2021 18:16:13 +0000 (UTC) References: <87y2hn9l8j.fsf@cbaines.net> <20201224172221.21057-1-mail@cbaines.net> <87pn2m12s4.fsf@gnu.org> User-agent: mu4e 1.4.13; emacs 27.1 From: Christopher Baines To: Ludovic =?utf-8?Q?Court=C3=A8s?= Subject: Re: [bug#45409] [PATCH 1/3] guix: Move narinfo code from substitute script to module. In-reply-to: <87pn2m12s4.fsf@gnu.org> Date: Sun, 03 Jan 2021 18:16:13 +0000 Message-ID: <87turx998y.fsf@cbaines.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 45409 Cc: 45409@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Ludovic Court=C3=A8s writes: > Christopher Baines skribis: > >> This separation between the code for dealing with narinfos from the code= doing >> that for a purpose should make things clearer, and better support compon= ents >> other that the substitute script in using this code. >> >> This is just moving the code around, no code should have been significan= tly >> changed. >> >> * guix/scripts/substitute.scm (): Move record type to (guix nar= info). >> (fields->alist, narinfo-hash-algorithm+value, narinfo-hash->sha256, >> narinfo-signature->canonical-sexp, narinfo-maker, read-narinfo, >> narinfo-sha256, valid-narinfo?, write-narinfo, narinfo->string, >> string->narinfo, equivalent-narinfo?, supported-compression?, >> compresses-better?, narinfo-best-uri): Move procedures to (guix narinfo). >> (%compression-methods): Move variable to (guix narinfo). >> * guix/narinfo.scm: New file. >> * Makefile.am (MODULES): Add it. > > That=E2=80=99s a good idea! > > Please add guix/narinfo.scm to po/guix/POTFILES.in so it can be > translated. I've sent some updated patches now, and I've fixed this in them. >> +(define-module (guix narinfo) >> + #:use-module (guix ui) > > We should try and avoid (guix ui); is (guix diagnostics) enough? Yep, that seems to work fine. >> + #:use-module (guix scripts substitute) > > (guix =E2=80=A6) modules must not depend on (guix scripts =E2=80=A6). > > Perhaps that=E2=80=99s just for =E2=80=98%allow-unauthenticated-substitut= es?=E2=80=99, no? If > so, let=E2=80=99s just not refer to =E2=80=98%allow-unauthenticated-subst= itutes?=E2=80=99 here. > It=E2=80=99s a hack to allow for tests, so better keep it local to (guix = scripts > substitute). I've moved the commit where I fix this to be the first one, so this should be clearer now. >> +(define* (valid-narinfo? narinfo #:optional (acl (current-acl)) >> + #:key verbose?) >> + "Return #t if NARINFO's signature is not valid." >> + (or (%allow-unauthenticated-substitutes?) > > Yeah, let=E2=80=99s remove it from here. At worst, we can always use =E2= =80=98mock=E2=80=99 in > tests to make =E2=80=98valid-narinfo?=E2=80=99 return #t unconditionally. > > OK with these changes. > > After the change, please make sure =E2=80=9Cmake check=E2=80=9D and =E2= =80=9Cmake as-derivation=E2=80=9D > still pass. For =E2=80=9Cmake as-derivation=E2=80=9D, we should also mak= e sure > =E2=80=98guix-core=E2=80=99 doesn=E2=80=99t pull in everything via (guix = scripts substitute). Both seem to work for me. > (The zstd patches will conflict with this series but I=E2=80=99ll take ca= re of > it once it=E2=80=99s applied.) Sounds good. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl/yCe1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh aW5lcy5uZXQACgkQXiijOwuE9XdFeBAAgOEpwej4smaUvF8TdgtTLG1W90vw0FON xGsSRoznjwaFwiSeaT/RhJ7Fzq2T9Kn1ypt+Uz+KVDamYzxF++pjszkbS4YkNORL S6Tm2vmTktSZ71/dssEwmW+X+a+VvOkExvv0AKif+5zFELn4Tu9vZ5I9gz6JB0yu SGvD2VeNYuKIrnOOKFiNaoLuxhRMLcz3MpqUkSdgGm1mnqKAuzmHB3alROICSVNA PaYys23uumiFSWqbYh/i2EPC1yhL/+mkm5sivctDoTPyNJX6sl15zDdnbPiuGEEo MhSIPw/RK6iHz2Q0IiF4kvf7yK3UQq9WTBDZngX2u4zUe8UzmdN2xB3/y7JA0efV TBvYsfuqFwL0Iq2vp57MqmgNlf5Pv7PWDAqJ151cl80+oMNMvJcGethJj0ZwhXcx nYHzTBenJQ3JyBoN3AOoweVmGF1ES3zXDRnlGN/V4jON+wZn7EloHkvL24uN0lSu /1Smpe7cBMXc0CfEjC0NX5KNriKUX0+0lEB0v6Y5uDZfOocGYloMlMIjWDzubrFY b5O2I90OSZxu1/U62eciz1rDmx3m2GpK9bIS0Nh3CeQMulKI6D53jw5a4TmBJoIi rYL+PO4Vq+taC3UmlDcWXWsrREAvCyJwjs30iE6flEkrlSX2LMRA+umTsRGL9xtk Ysh0xm/ugXs= =banI -----END PGP SIGNATURE----- --=-=-=--