... And anyway, the problem I was trying to debug turned out to be the GHC
library ID bug. :)
On Fri, Feb 26, 2016 at 10:11 AM Anand Patil <
anand.prabhakar.pa...@gmail.com> wrote:
> Never mind, figured it out: nix-shell ./nixpkgs -A
> packages.haskell.compiler.ghcjs . I was confused because
> The binary caches are signed by the build farm, i.e. the mapping from
> expressions to binaries is "safe". That's probably the only signing ATM.
> For transporting nix expressions we offer https.
>
> Disclaimer: I'm no security expert. And I dislike giving a false feeling
> of security.
>
>
Never mind, figured it out: nix-shell ./nixpkgs -A
packages.haskell.compiler.ghcjs . I was confused because nix-shell
./nixpkgs/pkgs/development/compilers/ghcjs was complaining that it didn't
have default values for all the arguments.
Anand
On Thu, Feb 25, 2016 at 7:18 PM Anand Patil
For anyone not following the issue tracker, there's a related discussion
going on there: https://github.com/NixOS/nix/issues/613
On Fri, Feb 26, 2016 at 7:06 AM, Eelco Dolstra
wrote:
> Hi,
>
> On 26/02/16 11:06, Vladimír Čunát wrote:
>
> > That is, assuming the ISOs
Hi,
On 26/02/16 11:06, Vladimír Čunát wrote:
> That is, assuming the ISOs are copied to the binary cache. I briefly
> looked for the latest 15.09 ones, and they seem not to be there:
> - latest channel revision: 922f03
> - the build: http://hydra.nixos.org/build/32068791#tabs-summary
> -
On 02/26/2016 12:16 PM, Oliver Charles wrote:
> You can only point to something if you can sign that pointer. Just
> telling me a narinfo without any more information (that is, signing
> that) puts us back to square one.
Ah, I didn't realize you wanted to sign the act of releasing another ISO
You can only point to something if you can sign that pointer. Just telling
me a narinfo without any more information (that is, signing that) puts us
back to square one.
On Fri, Feb 26, 2016 at 10:06 AM Vladimír Čunát wrote:
> On 02/26/2016 09:55 AM, Oliver Charles wrote:
> >
Heck, even Apple uses it: https://github.com/apple/swift/tree/master/docs
On Fri, Feb 26, 2016 at 10:05 AM, Freddy Rietdijk
wrote:
> It makes sense not to have multiple formats inside a single document. As
> Eelco mentioned, it makes it harder to move around fragments,
On 02/26/2016 09:55 AM, Oliver Charles wrote:
> Signed SHAs and the like give us a way to say "I am releasing this
> version, and you have a way to check that 'I' really said it".
We could point to the corresponding narinfo file. For any package
there's a signature of the build farm.
That is,
It makes sense not to have multiple formats inside a single document. As
Eelco mentioned, it makes it harder to move around fragments, and, as I
experienced now by using the `toDocbook` function, you still end up with
XML errors. Therefore, instead of having to debug errors related to one
format
I don't think S3 is looking for accountability but reproducibility. With
nothing signed it's unclear what you should really be expecting for the
release ISOs. Signed SHAs and the like give us a way to say "I am releasing
this version, and you have a way to check that 'I' really said it".
On Fri,
On 02/26/2016 08:19 AM, S3 wrote:
> So, as far as I can tell, nothing is signed.
The binary caches are signed by the build farm, i.e. the mapping from
expressions to binaries is "safe". That's probably the only signing ATM.
For transporting nix expressions we offer https.
Disclaimer: I'm no
On 02/25/2016 01:39 PM, zimbatm wrote:
> The output file wasn't exactly right, I had to replace ` id="something">` to `` tags and wrap it in a tag.
That's because pandoc uses an older version of docbook where some tags
are different. (IIRC I looked a few months ago and it didn't support the
13 matches
Mail list logo