Nicolas Graves <ngra...@ngraves.fr> writes: > My last message to Saku basically agreed to this ;)
Yes, my bad for only noticing that message after having sent mine. Whoops. > I'm actually willing to improve that patch series if you have better > ideas/implementations, I was just building on what I know > (direnv/.dir-locals.el). As a direnv and .dir-locals.el user myself, I think there's some utility in doing things similarly, at least till we come up with a threat model on which we have some consensus and which motivates us to deviate from the norm. > Maybe we should only allow to automatically run when the manifest is > able to build without network access in container mode. I was under the impression that the build phase in guix is always containerized and without network access. Could you please elaborate on this? > Or include things like automatic git commit authentication on such > allowed repositories. But I'm not sure if they are convenient or easy > to implement, or make sense. While valuable, I believe if we do provide this, it should only be done in a manner that the user is able to disable if/as needed. -- Suhail
