Hi, Thanks for this report. Sorry for the late reply.
On Thu, 09 May 2024 at 11:28, Simon Josefsson via <help-guix@gnu.org> wrote: > x) The 'name' field in .guix-authenticate doesn't seem to be necessary > at all? Maybe not even suggest including it. You mean the file ’.guix-authorizations’, right? Well, I think it’s useful for maintaining this list accurate; for quickly identifying authorized people, it’s easier for a human to check a name or nickname, say some human-key than long-sequence key. For instance, Guix has 44 people authorized and I have no clue if "705A 29B7 01EE 410E B6F9 236E 92F1 D22C 608E E7E5" is still active or not. I would need to check with GPG (import the key and identify who the person then check if this person is still active). From the nickname, it’s almost straightforward and ease the maintenance, IMHO. > x) While using s-exp's for .guix-authenticate are fine, I don't think > this will go down well with the git crowd. [...] > and $someone can write a new tool 'git-authenticate'. Well, S-exps are straightforward to manipulate with Guile/Scheme. Another format would require an extra step. Hence, we could imagine: let $someone implements the authentication strategy relying on the keyring branch etc. on the top of their preferred format. :-) Strategical laziness? ;-) > x) Running this command: > > guix git authenticate 2e6e8027c75942450a0e4ae0f58e876715782cae "B1D2 BD13 > 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE" > > sets up .git/config properly, but running it again with a different git > commit does not alter .git/config, which was a bit unexpected. Is this > intentional? The second invocation exit fine but running 'guix git > authenticate' again failed. Ah it does not fail for me. I do not know. > 5) The implementation seems confused by PGP subkeys. Verifying the > initial commit after adding .guix-authenticate works fine: > > jas@kaka:~/src/libntlm$ git log -1 -p > commit 2e6e8027c75942450a0e4ae0f58e876715782cae (HEAD -> master) > Author: Simon Josefsson <si...@josefsson.org> > Date: Thu May 9 10:34:15 2024 +0200 > > maint: Support guix git authenticate. > > diff --git a/.guix-authenticate b/.guix-authenticate Just to be sure, the file is ’.guix-authorizations’, right? To my knowledge, this name is hard-encoded in the Guile module ’(guix git-authenticate)’ that is called when running ’guix git authenticate’. Maybe I am missing something. Cheers, simon
