maint: Suggest ‘guix git authenticate’ for initial authentication. - guix

diff options

author	Ludovic Courtès <ludo@gnu.org>	2024-05-07 15:54:44 +0200
committer	Ludovic Courtès <ludo@gnu.org>	2024-05-25 16:23:56 +0200
commit	73b3f941d7d911a1b2bb2bf77d37cb3a12ed4291 (patch)
tree	e9bad56f9dd556a77c7fe52ade2a418b14d49716 /tests
parent	0efa1daad354216e9ce2adb078eb4d5254792e49 (diff)
download	guix-73b3f941d7d911a1b2bb2bf77d37cb3a12ed4291.tar.gz guix-73b3f941d7d911a1b2bb2bf77d37cb3a12ed4291.zip

maint: Suggest ‘guix git authenticate’ for initial authentication.

The previous recommendation, running ‘make authenticate’, was insecure because it led users to run code from the very repository they want to authenticate: https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00252.html * Makefile.am (commit_v1_0_0, channel_intro_commit) (channel_intro_signer, GUIX_GIT_KEYRING, authenticate): Remove. * Makefile.am (.git/hooks/%): New target, generalization of previous ‘.git/hooks/pre-push’ target. (nodist_noinst_DATA): Add ‘.git/hooks/post-merge’. * doc/contributing.texi (Building from Git): Suggest ‘guix git authenticate’ instead of ‘make authenticate’. * etc/git/post-merge: New file. * etc/git/pre-push: Run ‘guix git authenticate’ instead of ‘make authenticate’. Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Reported-by: Skyler Ferris <skyvine@protonmail.com> Change-Id: Ia415aa8375013d0dd095e891116f6ce841d93efd

Diffstat (limited to 'tests')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: