Marek Paśnikowski schreef op ma 04-04-2022 om 18:21 [+0200]: > 2. What ==is== the channel introduction?
From (guix)Channel Authentication:
As a user, you must provide a “channel introduction” in your
channels file so that Guix knows how to authenticate its first commit.
A channel specification, including its introduction, looks something
along these lines:
(channel
(name 'some-channel)
(url "https://example.org/some-channel.git";)
(introduction
(make-channel-introduction
"6f0d8cc0d88abb59c324b2990bfee2876016bb86"
(openpgp-fingerprint
"CABB A931 C0FF EEC6 900D 0CFB 090B 1199 3D9A EBB5"))))
It's the (make-channel-introduction [...]) thing. It's just a bunch of
information that Guix can use to authenticate the first commit of the
channel. Also see ...
> Which commit am I supposed to use?
The first commit that adds (or in your case, modifies) the .guix-
authorization file. From (guix)Specifying Channel Authorizations:
This authentication rule creates a chicken-and-egg issue: how do we
authenticate the first commit? Related to that: how do we deal with
channels whose repository history contains unsigned commits and lack
‘.guix-authorizations’? And how do we fork existing channels?
Channel introductions answer these questions by describing the first
commit of a channel that should be authenticated. The first time a
channel is fetched with ‘guix pull’ or ‘guix time-machine’, the command
looks up the introductory commit and verifies that it is signed by the
specified OpenPGP key. From then on, it authenticates commits
according to the rule above. Authentication fails if the target commit
is neither a descendant nor an ancestor of the introductory commit.
Greetings,
Maxime.
signature.asc
Description: This is a digitally signed message part
