Hi,
On +2021-04-04 17:05:57 -0400, Mark H Weaver wrote:
> Tobias Geerinckx-Rice writes:
>
> > Indeed, underscores were explicitly banned in 2014 (commit
> > 25083588). Why?
> >
> > Where's the advantage in renaming the following packages from
> > their canonical names?
>
> While I was not in
Tobias Geerinckx-Rice writes:
> Indeed, underscores were explicitly banned in 2014 (commit
> 25083588). Why?
>
> Where's the advantage in renaming the following packages from
> their canonical names?
While I was not involved in this decision, I think it's desirable to
standardize on a single
Hello,
On Sun, Apr 4, 2021 at 10:49 PM Tobias Geerinckx-Rice wrote:
> nsis-x86_64
> mingw-w64-x86_64
> mingw-w64-x86_64-winpthreads
That will make really strange names, at least for those
--
Vincent Legoll
Guix, Ludo',
I was surprised by this commit:
--8<---cut here---start->8---
commit 426ade6c8bdab243da719e369a887284368179bb (upstream/master)
Author: Xinglu Chen
import: go: Replace underscores with hyphens in package names.
As per section '16.4.2 Pack
Christopher Baines writes:
> Chris Marusich writes:
>
>> Christopher Baines writes:
>>
>>> In terms of looking at security from a project perspective, I'm thinking
>>> about these kinds of needs/questions:
>>>
>>> - What security issues affect this revision of Guix? (latest or otherwise)
>>>
>
Hi Maxime,
Maxime Devos writes:
> On Sun, 2021-03-28 at 18:33 -0400, Mark H Weaver wrote:
>> Earlier, I wrote:
>> > One thing to be very careful about is to only use 'gtk-doc/stable',
>> > 'dblatex/stable', and 'imagemagick/stable' in native-inputs, and
>> > moreover to make sure that no referen
Hi Ludovic,
Ludovic Courtès writes:
> Mark H Weaver skribis:
>
>> It occurs to me that we will need some tooling to ensure that no
>> references to these buggy "*/stable" packages end up in package outputs
>> that users actually use. Otherwise, it is likely that sooner or later,
>> a runtime r
Christopher Baines writes:
> Joshua Branson writes:
>
>> Christopher Baines writes:
>>
>>> 1: https://git.cbaines.net/guix/tooling-to-improve-security-and-trust/about/
>>
>> Are you using guix system to serve the above link? I didn't realize
>> that gitolite could render a README document so w
Hello Guix!
On the Guix-blog¹, Ludo already mentioned the lightning talk of Michael
Stapelberg on the “distri” package manager which installs packages
faster than common package managers by an order of magnitude.
Common package managers install a package by downloading it as an
(compressed)
Am Sonntag, den 04.04.2021, 11:32 +0200 schrieb Xinglu Chen:
> On Sat, Apr 03 2021, Leo Prikler wrote:
>
> > Your patch LGTM in a vaccum (except that package-version this-
> > package
> > could be abbreviated to just "version" IIUC), but I went for a
> > different fix, since emacsql tried to avoid
On Sun, Apr 04 2021, Christopher Baines wrote:
> Cool :) While it's not directly security related, I really want the
> subscriptions functionality I'm planning to work on to be done so that
> people can subscribe to things related to the packages they use, like
> new versions becoming available, o
On Sat, Apr 03 2021, Leo Prikler wrote:
> Your patch LGTM in a vaccum (except that package-version this-package
> could be abbreviated to just "version" IIUC), but I went for a
> different fix, since emacsql tried to avoid redundancies by putting in
> other redundancies.
>
> I ran a small test wit
Hello,
Hartmut Goebel writes:
> building sequoia is currently broken in master with
> "syn::export::ToTokens" not found.
>
> I tracked this down to 6513650d40f74 "gnu: rust-tempfile-3: Update to
> 3.2.0." (2021-02-16). The updated package also updates some
> dependency-requirements: cfg-if 0.1 -
Chris Marusich writes:
> Christopher Baines writes:
>
>> In terms of looking at security from a project perspective, I'm thinking
>> about these kinds of needs/questions:
>>
>> - What security issues affect this revision of Guix? (latest or otherwise)
>>
>> - How do Guix contributors find out
Léo Le Bouter writes:
> On Sat, 2021-04-03 at 11:41 +0100, Christopher Baines wrote:
>> Please let me know if you have any comments or questions!
>
> That's really really awesome Chris! I especially like that also users
> are invited to particpate in the process and the information is shared
> t
Joshua Branson writes:
> Christopher Baines writes:
>
>> Hey,
>>
>> In May last year (2020), I submitted an application to NLNet. The work I
>> set out wasn't something I was doing at the time, but something I hadn't
>> yet found time to work on, tooling specifically around security issues.
>>
16 matches
Mail list logo
