Simon Josefsson via "Development of GNU Guix and the GNU System distribution." <[email protected]> writes:
> > Couldn't a git push hook have prevented this? We already have such hook in place. As for why it didn't help in this case, it was because of a mistake on my part, where I was playing with keyring branch some time ago and left my key there. guix git authenticate checks the local keyring branch and saw the key there, at a proper location. > > Or always push to 'main' and then some robot merges things to 'master' > if things verify. Interesting idea. But I think 'main' would be confusing (and also if guix does at some point move master to main, it would have to move) as it's a branch commonly used nowadays for the main branch. > > What is the end-user situation when this happen? What is the recovery > process? Maybe that is worth documenting somewhere, since I suspect > this may happen again (for justifiable reasons). Could you clarify recovery process of what exactly? The end users of Guix weren't affected by the force push. They were affected by the commit that was there (couldn't `guix pull` and stopped being affected when force push happened (now they could `guix pull`). It's true that for example if you had the repo cloned, did `git pull` with a commit that doesn't authenticate, then there is a force push, afterwards `git pull` won't work anymore. Is this what you mean, is there more maybe? Rutherther > > /Simon
