mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-11-07 07:26:13 -05:00
73b3f941d7
The previous recommendation, running ‘make authenticate’, was insecure because it led users to run code from the very repository they want to authenticate: https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00252.html * Makefile.am (commit_v1_0_0, channel_intro_commit) (channel_intro_signer, GUIX_GIT_KEYRING, authenticate): Remove. * Makefile.am (.git/hooks/%): New target, generalization of previous ‘.git/hooks/pre-push’ target. (nodist_noinst_DATA): Add ‘.git/hooks/post-merge’. * doc/contributing.texi (Building from Git): Suggest ‘guix git authenticate’ instead of ‘make authenticate’. * etc/git/post-merge: New file. * etc/git/pre-push: Run ‘guix git authenticate’ instead of ‘make authenticate’. Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Reported-by: Skyler Ferris <skyvine@protonmail.com> Change-Id: Ia415aa8375013d0dd095e891116f6ce841d93efd |
||
|---|---|---|
| .. | ||
| completion | ||
| git | ||
| init.d | ||
| openrc | ||
| snippets | ||
| substitutes | ||
| teams | ||
| committer.scm.in | ||
| copyright.el | ||
| disarchive-manifest.scm | ||
| gnu-store.mount.in | ||
| guix-daemon.cil.in | ||
| guix-daemon.conf.in | ||
| guix-daemon.service.in | ||
| guix-gc.service.in | ||
| guix-gc.timer | ||
| guix-install.sh | ||
| guix-publish.conf.in | ||
| guix-publish.service.in | ||
| historical-authorizations | ||
| hurd-manifest.scm | ||
| kernels-manifest.scm | ||
| news.scm | ||
| release-manifest.scm | ||
| source-manifest.scm | ||
| system-tests.scm | ||
| teams.scm | ||
| time-travel-manifest.scm | ||