Hi, Commit f651b47 adds a “guix pull” command. It fetches a Guix source tarball, unpacks it, compiles Scheme code (so not the daemon), and changes ~/.config/guix/latest to point to it.
The commit also changes the ‘guix’ command to put ~/.config/guix/latest at the front of the search path (except when using ./pre-inst-env.) This way, it allows users to at the same time update package descriptions (like “apt-get update”) and the package manager itself. I considered other options, such as making a package for Guix and letting users install it in their profile. That would have provided roll-back and everything for free. However, I came to the conclusion that package management of the package manager itself deserves special treatment, and should not be in the way of users. The implementation has two main problems: it does not authenticate the tarball it downloads, and downloads a full tarball (~5 MiB) every time. We need a bit of infrastructure to fix that. We could have a process on hydra.gnu.org that automatically signs tarballs with a pre-defined key. For the second issue, there are Git, rsync, bsdiff, or even GNUnet that could help, but that requires more thought. Comments welcome! Thanks, Ludo’.
