Hi!
John Kehayias skribis:
> In 2020, the "guix git authenticate" tool was added in order to secure
> updates (1). This protection is still intact! The tool also had the
> secondary effect of protecting developers against malicious commits
> while we are developing. In fact, the manual currently
Hi Guix-ers,
Please see the below message (and attached report for further details)
of a potential security issue and mitigation in Guix, from Skyler
Ferris. The very short version: 'make authenticate' is a potential
attack vector, which can be mitigated by using 'guix git authenticate'
in a devel
