Hi Ludovic,
Ludovic Courtès writes:
> Hi Edouard,
>
> Edouard Klein skribis:
>
>> I'm a huge fan of guix --container, and I created a system to use those
>> by default for network services. But the VPS these services run on has
>> only 2GB of RAM, and I just realized that a container, by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
-BEGIN PGP SIGNATURE-
iQJRBAEBCgA7FiEEpCB7VsJVEJ8ssxV+SZCXrl6oFdkFAmYHK0sdHGpvaG4ua2Vo
YXlpYXNAcHJvdG9ubWFpbC5jb20ACgkQSZCXrl6oFdkFRA//WaJMegtHd88wlq0V
QovAYD7+d6zj5DxgVTiGKXckyKWx7AceVJ0WVp9MB+WxU8dEXepEnd9AHOA4v/Fb
Hello,
On 2024-03-29 13:39:59 -0700, Felix Lechner via Development of GNU Guix and the
GNU System distribution. wrote:
> > Is there a way we can blacklist known bad versions?
>
> Having said all that, I am not sure Guix is affected.
>
> On my systems, the 'detect.sh' script shows no referece to
Hi Ryan,
On Fri, Mar 29 2024, Ryan Prior wrote:
> I'm reading today that a backdoor is present in xz's upstream tarball
> (but not in git), starting at version 5.6.0. Source:
> https://www.openwall.com/lists/oss-security/2024/03/29/4
Thanks for sending this! This is an extremely serious
I'm reading today that a backdoor is present in xz's upstream tarball (but not
in git), starting at version 5.6.0. Source:
https://www.openwall.com/lists/oss-security/2024/03/29/4
Guix currently packages xz-utils 5.2.8 as "xz" using the upstream tarball. Is
there a way we can blacklist known
Hello,
Ada Stevenson skribis:
>> diff --git a/guix/scripts/substitute.scm b/guix/scripts/substitute.scm
>> index 37cd08e289..3af0bf0019 100755
>> --- a/guix/scripts/substitute.scm
>> +++ b/guix/scripts/substitute.scm
>> @@ -494,7 +494,9 @@ (define* (download-nar narinfo destination
>>
Ludovic Courtès writes:
> Hi!
>
> Christopher Baines skribis:
>
>> Related to this, I've added options to the nar-herder to help change the
>> TTL being used, and reduced the TTL for bordeaux.guix.gnu.org to 10
>> minutes (from 180 days) [4]. This will at least mean that in the future,
>> the
Hi all,
Yes, I proposed the project because that was something I wanted to do
myself, but I didn't have the time for.
As Ludo suggests, start getting familiar with Guix's codebase and usage.
I can help you with contribution later.
When digging on the code, this talk by Josselin Poiret is
Hi!
Christopher Baines skribis:
> I've finally got around to starting to address the problems with
> disappearing nars discussed in [3]. The nar-herder now schedules nars
> which it's generated for removal and the time for removal is based on
> the TTL in use.
>
> 3:
Ludovic Courtès wrote:
> elaexuo...@wilsonb.com skribis:
>
> > Well, the catch 22 is that I've lost the original key and so can only sign
> > .guix-authorizations with the new one.
>
> Ah sorry, I misread the thing I quoted. :-)
>
> So, you have your new key. You add it to
Hi Zachary,
Zachary Liebl skribis:
> I am interested in taking on one of your Google Summer of Code projects. I
> have been a long time NixOS user, and I need an excuse to finally get
> involved with Guix, and I think this is it.
>
> I am particularly interested in the project "Add support
elaexuo...@wilsonb.com skribis:
> Well, the catch 22 is that I've lost the original key and so can only sign
> .guix-authorizations with the new one.
Ah sorry, I misread the thing I quoted. :-)
So, you have your new key. You add it to ‘.guix-authorizations’ in a
commit signed with that new
12 matches
Mail list logo
