Re: force pushing to guix master?

Fri, 12 Dec 2025 09:16:01 -0800 

Andreas Enge <[email protected]> writes:

> In this case, by accident we ended up with a commit on HEAD of master
> that was not properly signed (more precisely, for which the key was not
> properly added to the keyring branch). So it lacked authentication,
> and the (almost only, but certainly most reasonable) way of obtaining
> authenticated checkouts again was forcefully removing it.

Thank you for clarifying!

> It stayed on master only very shortly, but maybe we should in such a
> case nevertheless make an official announcement on the devel list?

Couldn't a git push hook have prevented this?

Or always push to 'main' and then some robot merges things to 'master'
if things verify.

What is the end-user situation when this happen?  What is the recovery
process?  Maybe that is worth documenting somewhere, since I suspect
this may happen again (for justifiable reasons).

/Simon

Attachment: signature.asc
Description: PGP signature

  • force pushing to ... Development of GNU Guix and the GNU System distribution.
    • Re: force pu... Andreas Enge
      • Re: forc... Development of GNU Guix and the GNU System distribution.
        • Re: ... Rutherther
          • ... Development of GNU Guix and the GNU System distribution.
            • ... Development of GNU Guix and the GNU System distribution.
              • ... Ludovic Courtès
    • Re: force pu... Rutherther
      • Re: forc... Development of GNU Guix and the GNU System distribution.
        • Re: ... Rostislav Svoboda
          • ... Tomas Volf
            • ... Rostislav Svoboda
              • ... Ricardo Wurmus

Reply via email to