On Thu, Jun 22, 2017 at 11:45:26PM +0200, Ricardo Wurmus wrote:
>
> Mark H Weaver writes:
>
> > FWIW, I always check digital signatures when they're available, and I
> > hope that others will as well, but in practice we are putting our faith
> > in a large number of
Am 22.06.2017 um 23:05 schrieb Ludovic Courtès:
> Leo Famulari skribis:
>
>> On Thu, Jun 22, 2017 at 06:20:54PM +0200, Jonathan Brielmaier wrote:
>>> copying and compiling to
>>> '/gnu/store/ld6h1fc696q6iaxi9pax0khnm747hvgi-guix-latest' with Guile
>>> 2.0.12...
>>> loading...
Leo Famulari transcribed 2.4K bytes:
> On Thu, Jun 22, 2017 at 11:33:31AM -0400, Mark H Weaver wrote:
> > l...@gnu.org (Ludovic Courtès) writes:
> > > IOW, since we’re checking the integrity of the tarball anyway, and we
> > > assume developers checked its authenticity when writing the recipe,
Efraim Flashner skribis:
> On aarch64 the test 'test-package.sh' fails due to 'offload: command not
> found'
I think you mentioned on IRC that the problem vanished, right?
Ludo’.
Leo Famulari skribis:
> On Thu, Jun 22, 2017 at 06:20:54PM +0200, Jonathan Brielmaier wrote:
>> copying and compiling to
>> '/gnu/store/ld6h1fc696q6iaxi9pax0khnm747hvgi-guix-latest' with Guile
>> 2.0.12...
>> loading...12.6% of 605 filesice-9/psyntax.scm:3084:32: In
Leo Famulari skribis:
> On Thu, Jun 22, 2017 at 11:33:31AM -0400, Mark H Weaver wrote:
>> l...@gnu.org (Ludovic Courtès) writes:
>> > IOW, since we’re checking the integrity of the tarball anyway, and we
>> > assume developers checked its authenticity when writing the recipe,
Hi,
Jelle Licht skribis:
> The current ansible package is still brokenin the same way.
>
> Is there already an acceptable way of working around this problem?
> Otherwise I could send my (extremely hacky) workaround that adds a specific
> condition in the ansible source code to
On Thu, Jun 22, 2017 at 12:17:37PM -0400, Leo Famulari wrote:
> On Thu, Jun 22, 2017 at 02:44:11AM -0400, Mark H Weaver wrote:
> > Leo Famulari writes:
> > > Hm, I noticed the bootstrap binaries being downloaded, so I don't think
> > > this patch applies the graft without
On Thu, Jun 22, 2017 at 06:20:54PM +0200, Jonathan Brielmaier wrote:
> copying and compiling to
> '/gnu/store/ld6h1fc696q6iaxi9pax0khnm747hvgi-guix-latest' with Guile
> 2.0.12...
> loading... 12.6% of 605 filesice-9/psyntax.scm:3084:32: In procedure
> #:
> ice-9/psyntax.scm:3084:32: Syntax
Hello,
I tried to update my guix installation with `guix pull` but it failed.
As shell I use fish, System is Linux Mint 17.3.
$ guix pull
[...]
The following derivations will be built:
/gnu/store/lh7ja8hk54rlx7q3hrch6726cgrsqr8j-guix-latest.drv
On Thu, Jun 22, 2017 at 02:44:11AM -0400, Mark H Weaver wrote:
> Leo Famulari writes:
> > Hm, I noticed the bootstrap binaries being downloaded, so I don't think
> > this patch applies the graft without causing a full rebuild.
>
> It's likely that this is because of the new
On Thu, Jun 22, 2017 at 09:57:23AM +0200, Ludovic Courtès wrote:
> > Perhaps a MITM could send a huge file and fill up the disk or something
> > like that.
>
> I’m generally in favor of relying on X.509 certificates as little as
> possible, and in this case, while I agree that it could protect us
On Thu, Jun 22, 2017 at 11:33:31AM -0400, Mark H Weaver wrote:
> l...@gnu.org (Ludovic Courtès) writes:
> > IOW, since we’re checking the integrity of the tarball anyway, and we
> > assume developers checked its authenticity when writing the recipe, then
> > who cares whether downloads.xiph.org
The current ansible package is still brokenin the same way.
Is there already an acceptable way of working around this problem?
Otherwise I could send my (extremely hacky) workaround that adds a specific
condition in the ansible source code to check for .ansible-real.
Thanks,
Jelle
2017-05-03
l...@gnu.org (Ludovic Courtès) writes:
> The behavior of the source download is on purpose as noted in (guix
> download):
>
>;; No need to validate certificates since we know the
>;; hash of the expected result.
>
In a pelican directory after running pelican-quickstart:
egrep -nr "store"
…
pelicanconf.py:1:#!/gnu/store/bf54hnwd8mb63zmssc23fwslf5zvxpxs-python-wrapper-3.5.3/bin/python
develop_server.sh:1:#!/gnu/store/k7029k5va68lkapbzcycdzj7m5bjb4b8-bash-4.4.12/bin/bash
Leo Famulari skribis:
> On Wed, Jun 21, 2017 at 12:50:15PM +0200, Ludovic Courtès wrote:
>> Leo Famulari skribis:
>> > While working on some package updates, I found that the source code
>> > downloader will accept an X.509 certificate for an incorrect
Leo Famulari writes:
> On Wed, Jun 21, 2017 at 07:52:27PM -0400, Leo Famulari wrote:
>> On Wed, Jun 21, 2017 at 12:50:45PM +0300, Efraim Flashner wrote:
>> > Had to make a small change to the patch, it turns out it couldn't build
>> > the source for glibc@2.21, so I changed
18 matches
Mail list logo