I haven't looked at the code at all, but perhaps it would be useful to users of Guix if, upon a guix pull with a commit that fails to authenticate, guix pull would still pull up to the last in the chain of successfully authenticated commmits?
Right now, it stops the entire operation if one commit from one channel fails to authenticate, which has value (and might be useful as a setting or flag, for those with greater security concerns or those maintaining the channel). But assuming the authentications are done in order, could we make the default an effective "pin" to the last authenticated commit? This is probably the way users /should/ deal with this kind of issue anyway (disable-authentication is worrisome), and having the default be this kind of fallback would make it so users are still able to pull other channels they might have, or at least update to the last "good" commit. What do You think? -- Christopher Rodriguez
signature.asc
Description: PGP signature
