The previous recommendation, running ‘make authenticate’, was insecure
because it led users to run code from the very repository they want to
authenticate:
https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00252.html
* Makefile.am (commit_v1_0_0, channel_intro_commit)
(channel_intro_signer, GUIX_GIT_KEYRING, authenticate): Remove.
* Makefile.am (.git/hooks/%): New target, generalization of previous
‘.git/hooks/pre-push’ target.
(nodist_noinst_DATA): Add ‘.git/hooks/post-merge’.
* doc/contributing.texi (Building from Git): Suggest ‘guix git
authenticate’ instead of ‘make authenticate’.
* etc/git/post-merge: New file.
* etc/git/pre-push: Run ‘guix git authenticate’ instead of ‘make
authenticate’.
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Reported-by: Skyler Ferris <skyvine@protonmail.com>
Change-Id: Ia415aa8375013d0dd095e891116f6ce841d93efd
This replaces Automake's `build-aux/mdate-sh' with our own
`build-aux/mdate-from-git.scm' to use reproducible timestamps from Git
instead.
* build-aux/mdate-from-git.scm: New script.
* bootstrap: Use it to replace build-aux/mdate-sh.
* Makefile.am (EXTRA_DIST): Add it.
Change-Id: I17d0a7de9ffea397129c0db1728f86e28a4e245f
This fixes VERSION being empty in ./configure, which may to documentation
having empty version strings.
* Makefile.am (EXTRA_DIST): Add build-aux/git-version-gen.
Change-Id: If127519811b25e2df0f5caa6a83a4f860fd34eb2
* Makefile.am: Use in_git_p conditional to disable Autotools' cache
consistency assert and removal when bulding from tarball.
(dist): Depend on doc-pot-update again when building from tarball.
(dist-hook): Remove dependencies on gen-ChangeLog and gen-AUTHORS when
building from tarball.
(gen-ChangeLog, gen-AUTHORS): Remove guarding for building from tarball.
Use set -e to avoid silently failing.
(gen-tarball-version): Use $(SOURCE_DATE_EPOCH) instead of re-generating it
using git; this also works running from a tarball.
Change-Id: I9ebdd28a70837f6a4db610c4816bb283d176e2d9
* build-aux/xgettext.scm: Move setting of environment variables to shell
header.
(main): Use SOURCE_DATE_EPOCH as fallback for timestamp. This fixes running
from a tarball.
* Makefile.am (EXTRA_DIST): Add it.
Change-Id: Ic487587b22495868fd2a21545a13dc9e3458299c
This is a follow-up to commit
8b972da068
Makefile.am: Auto-configure Git on 'make'.
* configure.ac (in_git_p): New conditional.
* Makefile.am (nodist_noinst_DATA): Use it to only enable this when building
from Git.
Change-Id: I09a90a59a4933a8cdb04124467d38209171f2a57
This is a follow-up to commit
b0c33b1997
maint: Use reproducible timestamps and name for tarball.
* Makefile.am (am__tar): Add --format=ustar.
Change-Id: I1e499c413703105704f49a84868ec10de69846fb
* doc/local.mk (doc-clean): New target.
(DIST_CONFIGURE_FLAGS): New variable.
(auto-clean): Use them in new target.
* Makefile.am (dist-doc-pot-update): Use it in new target.
(dist): Change to depend on it to clean possibly stale files, instead of
doc-pot-update directly.
Add a toplevel check to ensure that Autotools cache is up to date.
Change-Id: I2ff2d88db9fe1e708ab65e33e1f3d7ecee882cb4
* Makefile.am (gen-tarball-version): Add reproducible timestamp to tarball.
(am__tar): Use it in new variable, overriding the Automake default.
(GZIP_ENV): New variable, overriding the Automake default.
* Makefile.am (gen-ChangeLog): Check for existance of `.git', rather than it
being a directory.
(gen-AUTHORS): Likewise.
Change-Id: I1b7f8cc147084c1804deb7be9d36e5eeda2599cb
In the previous commit, we've added a patch that potentially messes with
how built-in (especially preloaded) Lisp libraries are loaded. Thus, we
might want to assert that these files still load fine, as reported when
querying the builtin documentation of functions provided by them.
* gnu/packages/aux-files/emacs/comp-integrity.el: New file.
* gnu/Makefile.am (dist_noinst_DATA): Register it here.
* gnu/packages/emacs.scm (emacs-no-x)[#:phases]: Add ‘validate-comp-integrity’.
* Makefile.am (.git/config): Invoke git config --replace-all with a
value-pattern instead of --add.
Change-Id: Id6e19b15d3772105128eb9b48d0f4e039ae3d988
Reported-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
Partially implements <https://issues.guix.gnu.org/66027>.
This will make it possible to track a merged commit back to its original
posting on the mailing list, and open the door to new opportunities such as
closing fully merged series automatically.
* Makefile.am (COMMIT_MSG_MAGIC): New variable.
(.git/hooks/commit-msg): New target.
* etc/git/commit-msg: New file.
* doc/contributing.texi (Configuring Git): Document Change-Id.
Series-changes: 3
- Clarify documentation text, as suggested by Simon
Change-Id: Ia92fa958eae600fdd4e180bad494c85db8bb4dd6
Reviewed-by: Simon Tournier <zimon.toutoune@gmail.com>
This breaks-up packages into five chunks of ~150,000 lines, allowing guix
build --target=i586-pc-gnu from an x86 host.
This is a followup to 1aa7ee52c6.
* Makefile.am (first_half): Rename to...
(first_quart): ...this, and also split into...
(second_quart): ...this.
(third_quart, MODULES_PACKAGES3, MODULES_PACKAGE4): New variables.
(make-packages3-go, make-packages4-go): New targets.
(make-packages-go): Add them.
* doc/guix.texi (Invoking guix time-machine): Document limitation.
* guix/inferior.scm (cached-channel-instance): New VALIDATE-CHANNELS
argument. Use it to validate channels when there are no cache hit.
* guix/scripts/time-machine.scm
(%options): Tag the given reference with 'tag-or-commit instead of 'commit.
(%oldest-possible-commit): New variable.
(guix-time-machine) <validate-guix-channel>: New nested procedure. Pass it to
the 'cached-channel-instance' call.
* tests/guix-time-machine.sh: New test.
* Makefile.am (SH_TESTS): Register it.
Suggested-by: Simon Tournier <zimon.toutoune@gmail.com>
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
Reviewed-by: Simon Tournier <zimon.toutoune@gmail.com>
The `pam-mount-volumes-service-type' adds additional volumes to the
pam-mount-service-type in addition to any that are already specified in
`pam-mount-rules'.
* doc/guix.texi (PAM Mount Volume Service): add documentation for
`pam-mount-service-type'.
* gnu/services/pam-mount.scm: new file.
* Makefile.am: add pam-mount tests
* tests/services/pam-mount.scm: new tests
Signed-off-by: Ludovic Courtès <ludo@gnu.org>