Not 100% sure, but I think this applies to my situation:
"Pay attention to merges in particular: merge commits are
considered authentic if and only if they are signed by a key
present in the .guix-authorizations file of both branches."
My local (channel) repo is just the guix sources with some
patches, which obviously will lead to merge commits on almost
every pull.
Is this analysis correct?
If so, how do I change this? My goal is to have a local copy to
put patches in. This works easier in some cases rather than having
a manifest.
[Cayetano Santos]:
dim. 29 déc. 2024 at 14:04, Marcel van der Boom
<mar...@hsdev.com> wrote:
I have issues with this too. On every git pull and guix pull I
get messages that my key is
missing, although I did add it locally to the keyring branch.
Is there a procedure documented somewhere on how to make sure
the signature is present and
correct? It feels like I am just missing something small here.
Most up to date documentation is here,
https://guix.gnu.org/manual/devel/en/html_node/Specifying-Channel-Authorizations.html
Some unknowns for me:
- are subkeys supported? anything special needed?
- it seems there is a file-naming convention on the keyring
branch for the keys?
- do i need to pull the keyring in manually over time of does
the machinery take care of
this?
Have you checked with other public channels ?
