Nov 20, 2025 5:32:53 AM Maxim Cournoyer <[email protected]>:
Hi,
Ludovic Courtès <[email protected]> writes:
"Jodi Jodington (dev)" <[email protected]> skribis:
I then proceeded to
make a change and commit it locally
and then tried to push it to my fork. This resulted in an error
message about how my commit
isn't signed and blocked me from pushing.
I realized that as soon as you run:
./configure && make
a new ‘pre-push’ hook is installed and that one does not run ‘guix git
authenticate’ when pushing to an unofficial repository.
Indeed, I'm not sure I understand how Jodi got into that situation;
perhaps our checks are incorrect? But they look alright:
--8<---------------cut here---------------start------------->8---
# Only perform checks when pushing to upstream.
case "$2" in
*savannah.gnu.org*)
printf "ERROR: The repositories on Savannah are read-only
mirrors of our repos at <https://codeberg.org/guix>.\n" 1>&2
exit 1
;;
*.gnu.org*)
perform_checks
;;
# HTTPS Git remote.
*codeberg.org/guix/*)
perform_checks
;;
# SSH Git remote.
*codeberg.org:guix/*)
perform_checks
;;
*)
exit 0
;;
esac
--8<---------------cut here---------------end--------------->8---
--
Thanks,
Maxim
(Forgot to reply-all, so ill re-paste my response here, sorry about that)
Nov 20, 2025 5:32:53 AM Maxim Cournoyer <[email protected]>:
Indeed, I'm not sure I understand how Jodi got into that situation;
perhaps our checks are incorrect? But they look alright:
--8<---------------cut here---------------start------------->8---
# Only perform checks when pushing to upstream.
case "$2" in
*savannah.gnu.org*)
printf "ERROR: The repositories on Savannah are read-only
mirrors of our repos at <https://codeberg.org/guix>.\n" 1>&2
exit 1
;;
*.gnu.org*)
perform_checks
;;
# HTTPS Git remote.
*codeberg.org/guix/*)
perform_checks
;;
# SSH Git remote.
*codeberg.org:guix/*)
perform_checks
;;
*)
exit 0
;;
esac
--8<---------------cut here---------------end--------------->8---
--
Thanks,
Maxim
`./configure && make` doesn't replace the hook created by guix git
authenticate. I got into this situation simply by running guix git
authenticate before ./configure.
Heres a recreation:
jodi@jodi-pc ~/src/guix-fork [env]$ cat .git/hooks/pre-push
cat: .git/hooks/pre-push: No such file or directory
jodi@jodi-pc ~/src/guix-fork [env]$ guix git authenticate
guix git: upgrading hook '/home/jodi/src/guix-fork/.git/hooks/pre-push'
guix git: successfully authenticated commit
19fdda038f5051c038a3f3e52dcc27be3923a3aa
jodi@jodi-pc ~/src/guix-fork [env]$ cat .git/hooks/pre-push
#!/bin/sh
# Installed by 'guix git authenticate'.
set -e
# The "empty hash" used by Git when pushing a branch deletion.
z40=0000000000000000000000000000000000000000
while read local_ref local_oid remote_ref remote_oid
do
if [ "$local_oid" != "$z40" ]
then
guix git authenticate --end="$local_oid"
fi
done
jodi@jodi-pc ~/src/guix-fork [env]$ ./configure
---- SNIP ----
jodi@jodi-pc ~/src/guix-fork [env]$ make -j9
---- SNIP ----
jodi@jodi-pc ~/src/guix-fork [env]$ cat .git/hooks/pre-push
#!/bin/sh
# Installed by 'guix git authenticate'.
set -e
# The "empty hash" used by Git when pushing a branch deletion.
z40=0000000000000000000000000000000000000000
while read local_ref local_oid remote_ref remote_oid
do
if [ "$local_oid" != "$z40" ]
then
guix git authenticate --end="$local_oid"
fi
done
As you can see, the "correct" pre-push hook that you posted was never
installed for me since guix git authenticate's hook was installed first
and never overwritten
