GNU logs - #46182, boring messages


Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: Leo Famulari <leo@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Sat, 30 Jan 2021 01:05:01 +0000
Resent-Message-ID: <handler.46182.B.161196866222391 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: report 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 46182 <at> debbugs.gnu.org
X-Debbugs-Original-To: guix-patches@HIDDEN
Received: via spool by submit <at> debbugs.gnu.org id=B.161196866222391
          (code B ref -1); Sat, 30 Jan 2021 01:05:01 +0000
Received: (at submit) by debbugs.gnu.org; 30 Jan 2021 01:04:22 +0000
Received: from localhost ([127.0.0.1]:53235 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1l5egW-0005p0-K7
	for submit <at> debbugs.gnu.org; Fri, 29 Jan 2021 20:04:22 -0500
Received: from lists.gnu.org ([209.51.188.17]:56264)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@HIDDEN>) id 1l5egT-0005oj-Oh
 for submit <at> debbugs.gnu.org; Fri, 29 Jan 2021 20:04:18 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:36332)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <leo@HIDDEN>) id 1l5egT-0003EJ-IW
 for guix-patches@HIDDEN; Fri, 29 Jan 2021 20:04:17 -0500
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:41245)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <leo@HIDDEN>) id 1l5egQ-0001Up-Qx
 for guix-patches@HIDDEN; Fri, 29 Jan 2021 20:04:17 -0500
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id 2025E5C00F0;
 Fri, 29 Jan 2021 20:04:14 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Fri, 29 Jan 2021 20:04:14 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=from:to:subject:date:message-id:mime-version:content-type
 :content-transfer-encoding; s=mesmtp; bh=wELDlHTBwBQZhGY4nITAAcL
 z6f+rcmgcByX/CabMoJo=; b=J9ZfW6BSmOBCUbU2jsKJWuwEKSAb1szgSzZ7YOy
 EbIsaCZegZ8TX20omKq1OuvzU6dgk4vzmd+A2BEfAVVFnCz3fSxX15rEnjAQ3Dsb
 a5Wm1qmqommfzmxOwdJFcI8G0q+HfkMtiHe0typGyt+aZdM8ls0oISHJ5JH/SzKp
 7uUw=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-transfer-encoding:content-type
 :date:from:message-id:mime-version:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=wELDlH
 TBwBQZhGY4nITAAcLz6f+rcmgcByX/CabMoJo=; b=EkNvm+UG4kWDQ3HkmXYuuY
 LSIrMvjAgaXODebob8aDu3ZE6zW8O+vW/Y3Unxpfk5RdfyoddFi8oBnMovjCCFMx
 pElGXiHUqVuQ6jMMrGdNCNnDkzzoVjFmdqXqGId6JMTmnZHPvUACe6N3fq4b+JC7
 9aBsG1Tgyga+egl5KRHGlxsQi82M9qFuFh9PLL5g8StJF5BV7cdissjpu7CLlhvU
 CIkjpWKJ3QUDvsiA4eOzj9AKHyVt28uXgS6Mb5cgb92LQrA4Bdj2uwD28q++by6H
 pPz0KcFSXXmX4GGBa2X7rGRAK3wGya4aXv2Csp3PJ0YFigbuz+kDl0ftNDQ9nQpw
 ==
X-ME-Sender: <xms:jbAUYEdhDIo6HhRQd4ufva1wbhToooJFgEmJSd9brbKOO5gmySUhkQ>
 <xme:jbAUYGNRFW74XADxDK6ulS6B0RewkEVSioeCr51mZOngY4VCAZnw2LAOl-KPPnryA
 v6ZnRL9nXzOUWN2ow>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfeefgddvkecutefuodetggdotefrodftvf
 curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
 uegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffogggtgfesthekredtre
 dtjeenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi
 rdhnrghmvgeqnecuggftrfgrthhtvghrnhepjeduveefledvveeikeetieekudevgeevue
 dujeetvdekgfevieejieetgfehtdejnecuffhomhgrihhnpehstghmtghhvggtkhdqghhi
 thdqphhrohhtohgtohhlnhgvfihprhhotggvughurhgvrdhlohgtrghlnecukfhppedutd
 dtrdduuddrudeiledruddukeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhep
 mhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv
X-ME-Proxy: <xmx:jbAUYFjx1t43GBu72Cl9i116iu6cqByWDlPyRZKzerUkY_qYFvvN4A>
 <xmx:jbAUYJ8-XRACfs6FKZoD9t3trvI8QKjX6ZTcB8Rfoe_2EphsaFVkTQ>
 <xmx:jbAUYAtIzpb-L9_LFgpnlTfOXawqyNcpPfGDZ5oO-nvTPueV2BnWCQ>
 <xmx:jrAUYO4NlzBQ1A0pw6vNXMMn8_ibuYy5dvKPc9sbXujqbayBTipa2w>
Received: from jasmine.lan (pool-100-11-169-118.phlapa.fios.verizon.net
 [100.11.169.118])
 by mail.messagingengine.com (Postfix) with ESMTPA id B543E24005C
 for <guix-patches@HIDDEN>; Fri, 29 Jan 2021 20:04:13 -0500 (EST)
From: Leo Famulari <leo@HIDDEN>
Date: Fri, 29 Jan 2021 20:04:06 -0500
Message-Id: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
X-Mailer: git-send-email 2.30.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=66.111.4.25; envelope-from=leo@HIDDEN;
 helo=out1-smtp.messagingengine.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.4 (-)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.4 (--)

We could also make it warn about use of the HTTP protocol (as opposed to
HTTPS). Your thoughts?

* guix/lint.scm (check-git-protocol): New procedure.
(%local-checkers): Add 'git-protocol' checker.
* doc/guix.texi (Invoking guix lint): Document it.
---
 doc/guix.texi |  6 +++++-
 guix/lint.scm | 25 ++++++++++++++++++++++++-
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index ff9e8da2e0..d17e2f2e96 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -28,7 +28,7 @@ Copyright @copyright{} 2014, 2015, 2016 Alex Kost@*
 Copyright @copyright{} 2015, 2016 Mathieu Lirzin@*
 Copyright @copyright{} 2014 Pierre-Antoine Rault@*
 Copyright @copyright{} 2015 Taylan Ulrich Bayırlı/Kammer@*
-Copyright @copyright{} 2015, 2016, 2017, 2019, 2020 Leo Famulari@*
+Copyright @copyright{} 2015, 2016, 2017, 2019, 2020, 2021 Leo Famulari@*
 Copyright @copyright{} 2015, 2016, 2017, 2018, 2019, 2020 Ricardo Wurmus@*
 Copyright @copyright{} 2016 Ben Woodcroft@*
 Copyright @copyright{} 2016, 2017, 2018 Chris Marusich@*
@@ -11736,6 +11736,10 @@ Parse the @code{source} URL to determine if a tarball from GitHub is
 autogenerated or if it is a release tarball.  Unfortunately GitHub's
 autogenerated tarballs are sometimes regenerated.
 
+@item git-protocol
+Check if the package's source code is fetched using the insecure @code{git://}
+protocol.
+
 @item derivation
 Check that the derivation of the given packages can be successfully
 computed for all the supported systems (@pxref{Derivations}).
diff --git a/guix/lint.scm b/guix/lint.scm
index 311bc94cc3..5a609b0454 100644
--- a/guix/lint.scm
+++ b/guix/lint.scm
@@ -11,6 +11,7 @@
 ;;; Copyright © 2018, 2019 Arun Isaac <arunisaac@HIDDEN>
 ;;; Copyright © 2020 Chris Marusich <cmmarusich@HIDDEN>
 ;;; Copyright © 2020 Timothy Sample <samplet@HIDDEN>
+;;; Copyright © 2021 Leo Famulari <leo@HIDDEN>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -51,7 +52,7 @@
   #:use-module (guix gnu-maintenance)
   #:use-module (guix cve)
   #:use-module ((guix swh) #:hide (origin?))
-  #:autoload   (guix git-download) (git-reference?
+  #:autoload   (guix git-download) (git-reference? git-fetch
                                     git-reference-url git-reference-commit)
   #:use-module (guix import stackage)
   #:use-module (ice-9 match)
@@ -84,6 +85,7 @@
             check-source
             check-source-file-name
             check-source-unstable-tarball
+            check-git-protocol
             check-mirror-url
             check-github-url
             check-license
@@ -918,6 +920,23 @@ descriptions maintained upstream."
                     (origin-uris origin))
         '())))
 
+(define (check-git-protocol package)
+  "Emit a warning if PACKAGE's source URI protocol is 'git://'."
+  (define (check-source-uri-scheme uri)
+    (if (eqv? (uri-scheme uri) 'git)
+        (list
+         (make-warning package
+                       (G_ "the source URI should not use the git:// protocol")
+                       #:field 'source))
+        '()))
+
+  (let ((origin (package-source package)))
+    (if (and (origin? origin)
+             (eqv? (origin-method origin) git-fetch))
+        (check-source-uri-scheme
+          (string->uri (git-reference-url (origin-uri origin))))
+        '())))
+
 (define (check-mirror-url package)
   "Check whether PACKAGE uses source URLs that should be 'mirror://'."
   (define (check-mirror-uri uri)                  ;XXX: could be optimized
@@ -1476,6 +1495,10 @@ or a list thereof")
      (name        'source-unstable-tarball)
      (description "Check for autogenerated tarballs")
      (check       check-source-unstable-tarball))
+   (lint-checker
+     (name        'git-protocol)
+     (description "Check for use of the git:// protocol")
+     (check       check-git-protocol))
    (lint-checker
      (name            'derivation)
      (description     "Report failure to compile a package to a derivation")
-- 
2.30.0





Message sent:


Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.505 (Entity 5.505)
Content-Type: text/plain; charset=utf-8
X-Loop: help-debbugs@HIDDEN
From: help-debbugs@HIDDEN (GNU bug Tracking System)
To: Leo Famulari <leo@HIDDEN>
Subject: bug#46182: Acknowledgement ([PATCH] lint: Add 'check-git-protocol'
 checker.)
Message-ID: <handler.46182.B.161196866222391.ack <at> debbugs.gnu.org>
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
X-Gnu-PR-Message: ack 46182
X-Gnu-PR-Package: guix-patches
X-Gnu-PR-Keywords: patch
Reply-To: 46182 <at> debbugs.gnu.org
Date: Sat, 30 Jan 2021 01:05:01 +0000

Thank you for filing a new bug report with debbugs.gnu.org.

This is an automatically generated reply to let you know your message
has been received.

Your message is being forwarded to the package maintainers and other
interested parties for their attention; they will reply in due course.

Your message has been sent to the package maintainer(s):
 guix-patches@HIDDEN

If you wish to submit further information on this problem, please
send it to 46182 <at> debbugs.gnu.org.

Please do not send mail to help-debbugs@HIDDEN unless you wish
to report a problem with the Bug-tracking system.

--=20
46182: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D46182
GNU Bug Tracking System
Contact help-debbugs@HIDDEN with problems


Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: zimoun <zimon.toutoune@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Thu, 11 Mar 2021 00:18:02 +0000
Resent-Message-ID: <handler.46182.B46182.161542185225574 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Leo Famulari <leo@HIDDEN>
Cc: 46182 <at> debbugs.gnu.org
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.161542185225574
          (code B ref 46182); Thu, 11 Mar 2021 00:18:02 +0000
Received: (at 46182) by debbugs.gnu.org; 11 Mar 2021 00:17:32 +0000
Received: from localhost ([127.0.0.1]:52254 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lK91A-0006eP-5l
	for submit <at> debbugs.gnu.org; Wed, 10 Mar 2021 19:17:32 -0500
Received: from mail-wm1-f44.google.com ([209.85.128.44]:41725)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@HIDDEN>) id 1lK914-0006e8-QM
 for 46182 <at> debbugs.gnu.org; Wed, 10 Mar 2021 19:17:30 -0500
Received: by mail-wm1-f44.google.com with SMTP id
 t5-20020a1c77050000b029010e62cea9deso11749144wmi.0
 for <46182 <at> debbugs.gnu.org>; Wed, 10 Mar 2021 16:17:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=CwvPDYND/f2qTozWtPmCEpv0xPZi4aAGpzPr2qGxogI=;
 b=rzRSQRIxlS079ObdnUk+ZW9+FFFiQpHD1mhe8QHxPfRZEWSXN3tQUxaunXWVTinGo/
 eVKkE5ZIHde+f9LM3TPGCt+zQ60gsSf/+974Kn9eDEcnGvO1uqqy1bKczwQC9BxNE5I8
 pAMOjbWzGX5DBNQVBco8lN1hzP+JnDCerCOiDWyecaDKgnvOk9kzmWeSfjKuf6XsJ/z2
 oZJr0TByQYjE0XEEdY8tWsYEB5EcwG8JHlIXGffagWwF2Uxad+mAeJQ9YS4sY3kqiiON
 tDBN1BbMxmhEecf7LoO5BmEvkgkjSGrZymCmLXhXJFgAftlbZBSvJ+c56ebC4+H8RRIa
 X6ew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=CwvPDYND/f2qTozWtPmCEpv0xPZi4aAGpzPr2qGxogI=;
 b=aSd2xrC6YPzyT8Eh8+zDk7yWHYHrde+NwIFjOszCQndAfO9L+4AhrTHTTe0ZPsO9AK
 ObzPm6xzLueQMyOQKV7Y07RzY1l6+fcNn2RrG+BmsNKW7wWjMxjKTx9BvG2caDebHvPZ
 TCTQoVrvwJB0FPmjkgmuanLftl+BzkcinKa1KbdFUatkxGNIif4TVKj7t4PmDSpplceG
 455MNvUHEJyzLIufJgpeCzB1FmZZ1zTp5viIWGYZcKtRD1GQ9riU4g8CgOkzbQtcg5jX
 66wX+A/FJN15Gc649P5mJV0NCyPdMdF6wnIqRrEcXwxVg0Eg0hh2279qSSCq46tTIF2C
 55zg==
X-Gm-Message-State: AOAM532Db8CrLZIxggFL52jGe45le8WHNpMoz5eahXzfxGXQw70p7zPG
 HNl4rFP4Hqdb70PujyJYsCkWitNZdeA=
X-Google-Smtp-Source: ABdhPJwJ9AZDoxf3gLm9Glc/1zRhK5wvXxGjWgSIwKRcYZm/x+2Z//af6aYuPRKOi+KJM5dO3T4Rlg==
X-Received: by 2002:a05:600c:4844:: with SMTP id
 j4mr5548344wmo.179.1615421840911; 
 Wed, 10 Mar 2021 16:17:20 -0800 (PST)
Received: from lili ([2a01:e0a:59b:9120:65d2:2476:f637:db1e])
 by smtp.gmail.com with ESMTPSA id 12sm965322wmw.43.2021.03.10.16.17.19
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 10 Mar 2021 16:17:20 -0800 (PST)
From: zimoun <zimon.toutoune@HIDDEN>
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
Date: Thu, 11 Mar 2021 01:14:33 +0100
In-Reply-To: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 (Leo Famulari's message of "Fri, 29 Jan 2021 20:04:06 -0500")
Message-ID: <86a6rabl7a.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi Leo,

Giving a look to the bug tracker for the next release, I see this
bug. :-)


On Fri, 29 Jan 2021 at 20:04, Leo Famulari <leo@HIDDEN> wrote:
> We could also make it warn about use of the HTTP protocol (as opposed to
> HTTPS). Your thoughts?
>
> * guix/lint.scm (check-git-protocol): New procedure.
> (%local-checkers): Add 'git-protocol' checker.
> * doc/guix.texi (Invoking guix lint): Document it.

The doc/ does not apply anymore.


Instead of these =E2=80=99eqv?=E2=80=99

> +(define (check-git-protocol package)
> +  "Emit a warning if PACKAGE's source URI protocol is 'git://'."
> +  (define (check-source-uri-scheme uri)
> +    (if (eqv? (uri-scheme uri) 'git)

[...]

> +  (let ((origin (package-source package)))
> +    (if (and (origin? origin)
> +             (eqv? (origin-method origin) git-fetch))
> +        (check-source-uri-scheme
> +          (string->uri (git-reference-url (origin-uri origin))))
> +        '())))

I propose =E2=80=99match=E2=80=99 which is more coherent with the Guix styl=
e.  Well,
from my understanding. :-)

Patch attached.  Well, it could be nice to add a test in
tests/guix-lint.sh for that.  WDYT?


Cheers,
simon


--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline; filename=lint-git-protocol.patch
Content-Description: lint-git-protocol.patch

diff --git a/guix/lint.scm b/guix/lint.scm
index 311bc94cc3..980f77c736 100644
--- a/guix/lint.scm
+++ b/guix/lint.scm
@@ -51,7 +51,7 @@
   #:use-module (guix gnu-maintenance)
   #:use-module (guix cve)
   #:use-module ((guix swh) #:hide (origin?))
-  #:autoload   (guix git-download) (git-reference?
+  #:autoload   (guix git-download) (git-reference? git-fetch
                                     git-reference-url git-reference-commit)
   #:use-module (guix import stackage)
   #:use-module (ice-9 match)
@@ -84,6 +84,7 @@
             check-source
             check-source-file-name
             check-source-unstable-tarball
+            check-git-protocol
             check-mirror-url
             check-github-url
             check-license
@@ -918,6 +919,26 @@ descriptions maintained upstream."
                     (origin-uris origin))
         '())))
 
+(define (check-git-protocol package)
+  "Emit a warning if PACKAGE's source URI protocol is 'git://'."
+  (define (check-source-uri-scheme uri)
+    (match (uri-scheme uri)
+      ('git
+       (list
+         (make-warning package
+                       (G_ "the source URI should not use the git:// protocol")
+                       #:field 'source)))
+      (_ '())))
+
+  (match (package-source package)
+    ((? origin? origin)
+     (match (origin-method origin)
+       (git-fetch
+        (check-source-uri-scheme
+         (string->uri (git-reference-url (origin-uri origin)))))
+       (_ '())))
+    (_ '())))
+
 (define (check-mirror-url package)
   "Check whether PACKAGE uses source URLs that should be 'mirror://'."
   (define (check-mirror-uri uri)                  ;XXX: could be optimized
@@ -1476,6 +1497,10 @@ or a list thereof")
      (name        'source-unstable-tarball)
      (description "Check for autogenerated tarballs")
      (check       check-source-unstable-tarball))
+   (lint-checker
+     (name        'git-protocol)
+     (description "Check for use of the git:// protocol")
+     (check       check-git-protocol))
    (lint-checker
      (name            'derivation)
      (description     "Report failure to compile a package to a derivation")

--=-=-=--




Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: Leo Famulari <leo@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Thu, 11 Mar 2021 01:47:01 +0000
Resent-Message-ID: <handler.46182.B46182.16154272051273 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: zimoun <zimon.toutoune@HIDDEN>
Cc: 46182 <at> debbugs.gnu.org
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.16154272051273
          (code B ref 46182); Thu, 11 Mar 2021 01:47:01 +0000
Received: (at 46182) by debbugs.gnu.org; 11 Mar 2021 01:46:45 +0000
Received: from localhost ([127.0.0.1]:52324 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lKAPV-0000KT-CC
	for submit <at> debbugs.gnu.org; Wed, 10 Mar 2021 20:46:45 -0500
Received: from out5-smtp.messagingengine.com ([66.111.4.29]:39059)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@HIDDEN>) id 1lKAPU-0000KH-1f
 for 46182 <at> debbugs.gnu.org; Wed, 10 Mar 2021 20:46:44 -0500
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id 9F0935C00CB;
 Wed, 10 Mar 2021 20:46:38 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163])
 by compute3.internal (MEProxy); Wed, 10 Mar 2021 20:46:38 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:content-transfer-encoding:in-reply-to; s=mesmtp;
 bh=80+iOLiJI20x4v99Gd3jTsgUsTegdLoJ0Vjcc11cFwI=; b=Kk6pVhTYUSvb
 ixXAn7s1qlU7wkgFDXm9hQNyX/ewhSWxt4cMNDQPhfT7BdmDZhPvtC27AUul3aSv
 45Pq7a4PIw8nYS4e8rJznbgOwN0qiv++u+O65W/un0FUBGqp4dIm1DBi/eCwj5Ae
 vn3XNIAIZQI1k/tSAGLTVwX33LDT8Vk=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-transfer-encoding:content-type
 :date:from:in-reply-to:message-id:mime-version:references
 :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
 :x-sasl-enc; s=fm2; bh=80+iOLiJI20x4v99Gd3jTsgUsTegdLoJ0Vjcc11cF
 wI=; b=XC3K7yXabsdh3RKznDp0inf91X6wnu8fwsVf8lR0gFKcwbgsAGHvBsViC
 IH8KfXbr4qkjwv57LHwT1JYC3qJNNV5kVbIKYHjAB5bVPxSLP+nKYPR1KP9UCTxL
 R4sX7D1cHDcRYmiKjWmfS0aVX5dd3PepqSvPMz7H817YT9b2WtSotiv5yCDadumX
 1bFQZBxptZQTeq/HaW7Dy9oYtrsIucE+PVt0LJoeY7LXpb0Q55twHtcZNY8tNkAk
 VBOq5FWl7YrT/CU0txi8E0jmXPAXLBzSbY9pbXZld7JnhUUpqLtQXe38KP9KSd1U
 ANmnXlxydjp1uJbIxm4n40zLagzIw==
X-ME-Sender: <xms:fnZJYOLOw-KqPJ-exeZGPiA8aL_dSVm67XsJL_THGaNXbyQVAv5UYw>
 <xme:fnZJYGI-jHXpwKlcbOjuITZhxLeooZw6Jvu9PKlR1hB_WODC28pKqASUkyi5jLUDQ
 9LKs3oe23ZTtr_dow>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudduledgfeekucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggugfgjsehtke
 ertddttdejnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhl
 rghrihdrnhgrmhgvqeenucggtffrrghtthgvrhhnpeegjeeggeehtddugfffuddtvdfffe
 ffjeekffffveffheegvddvuedtffekjeejjeenucfkphepuddttddruddurdduieelrddu
 udeknecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplh
 gvohesfhgrmhhulhgrrhhirdhnrghmvg
X-ME-Proxy: <xmx:fnZJYOvzeoKxzJP_7glXc65bCciKr5MNqDojRd17yPSWnQZ6zHYrWw>
 <xmx:fnZJYDZpBvFlbttTeNPxBvu_Bc8Y96ddlKsrA8Q327ygQuz1TvIflg>
 <xmx:fnZJYFYUTXBSIkomghaVW9cvfw7voEe3mgMgf_BJWDTSn51d0StRFg>
 <xmx:fnZJYH0bwZM05rgHxbSkdDHsCsExvjOl4dLBlrNjo4lfG6lpfjM9Pw>
Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net
 [100.11.169.118])
 by mail.messagingengine.com (Postfix) with ESMTPA id 2BCD31080066;
 Wed, 10 Mar 2021 20:46:38 -0500 (EST)
Date: Wed, 10 Mar 2021 20:46:36 -0500
From: Leo Famulari <leo@HIDDEN>
Message-ID: <YEl2fHXnDm6+GzFZ@HIDDEN>
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 <86a6rabl7a.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <86a6rabl7a.fsf@HIDDEN>
X-Spam-Score: -0.7 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

On Thu, Mar 11, 2021 at 01:14:33AM +0100, zimoun wrote:
> I propose ’match’ which is more coherent with the Guix style.  Well,
> from my understanding. :-)

I have heard that before, but I don't know how to use it 🤷

If this new patch is working for you, please push!




Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: zimoun <zimon.toutoune@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Thu, 11 Mar 2021 09:50:01 +0000
Resent-Message-ID: <handler.46182.B46182.161545616923222 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Leo Famulari <leo@HIDDEN>
Cc: 46182 <at> debbugs.gnu.org
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.161545616923222
          (code B ref 46182); Thu, 11 Mar 2021 09:50:01 +0000
Received: (at 46182) by debbugs.gnu.org; 11 Mar 2021 09:49:29 +0000
Received: from localhost ([127.0.0.1]:52606 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lKHwf-00062U-8G
	for submit <at> debbugs.gnu.org; Thu, 11 Mar 2021 04:49:29 -0500
Received: from mail-wm1-f47.google.com ([209.85.128.47]:33388)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@HIDDEN>) id 1lKHwc-00062F-JR
 for 46182 <at> debbugs.gnu.org; Thu, 11 Mar 2021 04:49:27 -0500
Received: by mail-wm1-f47.google.com with SMTP id
 w203-20020a1c49d40000b029010c706d0642so2657856wma.0
 for <46182 <at> debbugs.gnu.org>; Thu, 11 Mar 2021 01:49:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:in-reply-to:references:date:message-id
 :mime-version:content-transfer-encoding;
 bh=SihAkkbTDFhAqbGEYMx1xpn2zcxwDN3dSafVpCDrc6I=;
 b=oiKDtT0DuByyRKVTjBdKiI7ZfPiTZNSR3a1qKQtuDywtFAwZqsI+PVSHyiCrQ2C26Z
 rl7EIobX05GGOYXhqB4QxVG8OVG8s3naG4J0kroCqyxJfszLhErJyM77r+9RQ9OXQDBb
 q2GV3kWO/Pc9pUVVPXzNs7TcdmGvxx/X8Qvo+VKx69nfVgvmMflDg5WVF4088+DLvs62
 fNnMVo3xoHO2WDKgHVbWbw/WRZU3Cgh3QK5/++GJ/tjgTV99ns84qGiYgtCiATavRFRK
 onQCcJFLCSS7B3w9ABd0+OH3b6zDJg0tW8Wcs14UC4YhlpTbrEnAjmOLZ094DXWuaC8/
 prlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date
 :message-id:mime-version:content-transfer-encoding;
 bh=SihAkkbTDFhAqbGEYMx1xpn2zcxwDN3dSafVpCDrc6I=;
 b=qh4K8cAc9QJiGSu/xuealQHSbA7MeZ5lZXFs/lkhqRNPNVLcVvpbTg1DMTLD+tWKIo
 +MDk6eaY8ohO1RJLx66apoRm2Ruwgw5ilmClpKluyAH0IIaOiG5NAbBpb3gtNkYD3iuX
 ZUPddM1OhFlMddId7HUrOADEjhW9cxdCyp7WGyaiGX2utZV0Xp1W7r5htmG/RFQoCaPP
 NENrMBNsHfdHpS0P9oCOCn7fYuazaNfHeBfaE5nHXkbCUy1uxkTf5gCF2N1yuBuH+Nni
 GRKAZbA5D0sd/uiajK3knCjHEXHHNDNyjGDBao42hhDFATWNURCNU0OZ4g88bARoe2L8
 Qwhw==
X-Gm-Message-State: AOAM532kMxXHdhfWaFeP7ie6mJrIuCnGCOV4j5IL9pCnX38gbhtqu/7S
 7sz5GvCVVP7GMcC5oQ3SFbG90CXUc60=
X-Google-Smtp-Source: ABdhPJyLAV2aTGUrH+bOSD5n5HrCOtGvLgaGdD/NAS1iCMWmZl3zQGLECSNp9VRE/fl9yU411CcxXA==
X-Received: by 2002:a05:600c:290b:: with SMTP id
 i11mr7479264wmd.129.1615456160490; 
 Thu, 11 Mar 2021 01:49:20 -0800 (PST)
Received: from lili ([2a01:e0a:59b:9120:65d2:2476:f637:db1e])
 by smtp.gmail.com with ESMTPSA id d29sm2887190wra.51.2021.03.11.01.49.19
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 11 Mar 2021 01:49:20 -0800 (PST)
From: zimoun <zimon.toutoune@HIDDEN>
In-Reply-To: <YEl2fHXnDm6+GzFZ@HIDDEN>
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 <86a6rabl7a.fsf@HIDDEN> <YEl2fHXnDm6+GzFZ@HIDDEN>
Date: Thu, 11 Mar 2021 10:44:33 +0100
Message-ID: <86k0qe9g8u.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Leo,

On Wed, 10 Mar 2021 at 20:46, Leo Famulari <leo@HIDDEN> wrote:
> On Thu, Mar 11, 2021 at 01:14:33AM +0100, zimoun wrote:
>> I propose =E2=80=99match=E2=80=99 which is more coherent with the Guix s=
tyle.  Well,
>> from my understanding. :-)
>
> I have heard that before, but I don't know how to use it =F0=9F=A4=B7

The section [1] in the manual is worth to read because running and
playing with the examples gives a good feeling on how to use it. :-)

> If this new patch is working for you, please push!

I do not have this power. :-)


Cheers,
simon




Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Thu, 11 Mar 2021 22:30:01 +0000
Resent-Message-ID: <handler.46182.B46182.161550179432683 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Leo Famulari <leo@HIDDEN>
Cc: 46182 <at> debbugs.gnu.org
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.161550179432683
          (code B ref 46182); Thu, 11 Mar 2021 22:30:01 +0000
Received: (at 46182) by debbugs.gnu.org; 11 Mar 2021 22:29:54 +0000
Received: from localhost ([127.0.0.1]:55313 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lKToY-0008V3-EL
	for submit <at> debbugs.gnu.org; Thu, 11 Mar 2021 17:29:54 -0500
Received: from eggs.gnu.org ([209.51.188.92]:48924)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>) id 1lKToW-0008Un-91
 for 46182 <at> debbugs.gnu.org; Thu, 11 Mar 2021 17:29:52 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:33602)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <ludo@HIDDEN>)
 id 1lKToR-0001B6-1U; Thu, 11 Mar 2021 17:29:47 -0500
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=57040 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@HIDDEN>)
 id 1lKToI-0004Yj-US; Thu, 11 Mar 2021 17:29:41 -0500
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
Date: Thu, 11 Mar 2021 23:29:37 +0100
In-Reply-To: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 (Leo Famulari's message of "Fri, 29 Jan 2021 20:04:06 -0500")
Message-ID: <87zgz9uxwu.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.7 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

Hi!

Leo Famulari <leo@HIDDEN> skribis:

> We could also make it warn about use of the HTTP protocol (as opposed to
> HTTPS). Your thoughts?
>
> * guix/lint.scm (check-git-protocol): New procedure.
> (%local-checkers): Add 'git-protocol' checker.
> * doc/guix.texi (Invoking guix lint): Document it.

Nice!  I think it=E2=80=99s OK to use =E2=80=98eqv?=E2=80=99 here (=E2=80=
=98eq?=E2=80=99, even).

One nit: it would be nice to add a positive and a negative test in
tests/lint.scm.  You can run =E2=80=9Cmake check TESTS=3Dtests/lint.scm=E2=
=80=9D then.

Otherwise LGTM!

Thanks,
Ludo=E2=80=99.




Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Sun, 22 May 2022 04:16:01 +0000
Resent-Message-ID: <handler.46182.B46182.165319293414122 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Leo Famulari <leo@HIDDEN>
Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@HIDDEN>, GNU Debbugs <control <at> debbugs.gnu.org>, 46182 <at> debbugs.gnu.org
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.165319293414122
          (code B ref 46182); Sun, 22 May 2022 04:16:01 +0000
Received: (at 46182) by debbugs.gnu.org; 22 May 2022 04:15:34 +0000
Received: from localhost ([127.0.0.1]:43384 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1nsd08-0003fa-8F
	for submit <at> debbugs.gnu.org; Sun, 22 May 2022 00:15:34 -0400
Received: from mail-qv1-f51.google.com ([209.85.219.51]:36376)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1nsd04-0003fH-GC; Sun, 22 May 2022 00:15:31 -0400
Received: by mail-qv1-f51.google.com with SMTP id y20so9967055qvx.3;
 Sat, 21 May 2022 21:15:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version:content-transfer-encoding;
 bh=Xx7tDCqXlx+1GCkXRSrp3UcQx8j2bWZAuR4xvHhBGCI=;
 b=f7A63CWSvSMEkmjD4IsTeHZ/g1DvsYHf/wkCO26MfPq+RY5xemzmRx6w5xDWnw78EO
 59wr2EYlBuIppw7eMsR0Awv8Wcd6606TNJmoMLPGx1EcYF8uWqxf1byyDVVgGmt3bcp+
 FyvJw1jLiWf/NAvx/tZGnVVtvJ7HolIG+VPqODd1kzXMLZ7ZHZD7kSexmVAJQ1lNEVL/
 tZXj4zWOKRimDzGND6GHO8YdjJI83oz0VfCNO85lcUynanP1LCWupmS9QNMyd5J4KUny
 PLsXHmUWhAq8Zt6H58JOGYf6F9xr27nDWTosPQxQFNqrxQT5QII5lEgVhhaBYDPLjP8m
 q86Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version:content-transfer-encoding;
 bh=Xx7tDCqXlx+1GCkXRSrp3UcQx8j2bWZAuR4xvHhBGCI=;
 b=rdcAwCJ/w6fP+Shb5p2PT7YiUJg4tAgsxVoy9OF9zdHuz5LG8DoYhGzc68xB5jwsIt
 RjnrUZIO3uF8sc0hjcfVTocc++Ctqud44BWNNL8r5iNsHArG0LQugeVVVilB9k0u52QI
 gXSdBnUy0NBmHLdDm7fc3erwfdcj4REWlYeNbesvj/J3+AdGU1fxmN+Gy6m4STtNL8ik
 MIAwhESaCyhjpuPhDAHxPCu3QAHVh2zUX8vWAcdWWnPV5/k3iN36UMJMnef+KzzaR23o
 Yu3zGVVZdvXiQxoj7AoWgY0sIWB4ftdwO0Xy4D0OOnivV9HFun//39NFC7/TsOFfmTls
 vQQQ==
X-Gm-Message-State: AOAM530KnmfhYvuray/TTJcQPLsBexwPinrP7Ic9v7WsllkWq24XI2sI
 g4AoUSA3KnA3L4CgeUI54e/6Qle+wnmtvmMN
X-Google-Smtp-Source: ABdhPJzI4KYH2sfH8jjUgUK3mDcQpF7IArCPqaPj4wwCeAKthWWP26bU1rNOSpCWd1iaOEF/dtpbwQ==
X-Received: by 2002:ad4:41c3:0:b0:461:d481:b540 with SMTP id
 a3-20020ad441c3000000b00461d481b540mr13307981qvq.108.1653192922949; 
 Sat, 21 May 2022 21:15:22 -0700 (PDT)
Received: from hurd (dsl-152-80.b2b2c.ca. [66.158.152.80])
 by smtp.gmail.com with ESMTPSA id
 l26-20020ac84cda000000b002f934764791sm416888qtv.80.2022.05.21.21.15.22
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 21 May 2022 21:15:22 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 <87zgz9uxwu.fsf@HIDDEN>
Date: Sun, 22 May 2022 00:15:21 -0400
In-Reply-To: <87zgz9uxwu.fsf@HIDDEN> ("Ludovic =?UTF-8?Q?Court=C3=A8s?="'s message of "Thu, 11 Mar 2021 23:29:37 +0100")
Message-ID: <87sfp26w4m.fsf_-_@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

tags 46182 +moreinfo
thanks

Hello,

Ludovic Court=C3=A8s <ludo@HIDDEN> writes:

> Hi!
>
> Leo Famulari <leo@HIDDEN> skribis:
>
>> We could also make it warn about use of the HTTP protocol (as opposed to
>> HTTPS). Your thoughts?
>>
>> * guix/lint.scm (check-git-protocol): New procedure.
>> (%local-checkers): Add 'git-protocol' checker.
>> * doc/guix.texi (Invoking guix lint): Document it.
>
> Nice!  I think it=E2=80=99s OK to use =E2=80=98eqv?=E2=80=99 here (=E2=80=
=98eq?=E2=80=99, even).
>
> One nit: it would be nice to add a positive and a negative test in
> tests/lint.scm.  You can run =E2=80=9Cmake check TESTS=3Dtests/lint.scm=
=E2=80=9D then.
>
> Otherwise LGTM!

Gentle ping to Leo :-).

It looks near ready.

Thank you!

Maxim




Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Fri, 20 Oct 2023 02:24:02 +0000
Resent-Message-ID: <handler.46182.B46182.169776858725569 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: zimoun <zimon.toutoune@HIDDEN>
Cc: 46182 <at> debbugs.gnu.org, Leo Famulari <leo@HIDDEN>
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.169776858725569
          (code B ref 46182); Fri, 20 Oct 2023 02:24:02 +0000
Received: (at 46182) by debbugs.gnu.org; 20 Oct 2023 02:23:07 +0000
Received: from localhost ([127.0.0.1]:38305 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1qtfAI-0006eK-TA
	for submit <at> debbugs.gnu.org; Thu, 19 Oct 2023 22:23:07 -0400
Received: from mail-qt1-x834.google.com ([2607:f8b0:4864:20::834]:53708)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>) id 1qtfAH-0006do-40
 for 46182 <at> debbugs.gnu.org; Thu, 19 Oct 2023 22:23:05 -0400
Received: by mail-qt1-x834.google.com with SMTP id
 d75a77b69052e-41cc7379b23so1801801cf.3
 for <46182 <at> debbugs.gnu.org>; Thu, 19 Oct 2023 19:22:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1697768552; x=1698373352; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=syRQg4LycacE0ufY5hgkzvlnj24nhGYMmhkEMY+8Gyo=;
 b=GlIiZf5BgbRggE9v7jlbNhJ4AFTIXlCm0443R9jfCWuJDwWszNQrHTGV3sJK42McSS
 y4MEBOXmdJNR+8THgsc/nccuwmoYa4pOz0PRyDvXgXyB/QAz9QifFIUM3W9tkULStdjO
 N32+kZnsYmeIeaRzfj3ALhlXAmWlHJuGWHusOE0WduDrLcaKC0JNB4ewZhb/LZPFauq7
 KrUgfhRWYFKjNRwhk8WSDai2VfrKqV6RKArniFyYtd2lWqf/008Fndk2r31v/ukT1Hys
 bLyiMHwq0cb59SqRJB2PMylInzFFgOm+vpwCgSsUHMA+HiUIiYqA4FU8gISDuvDkOpos
 z4MQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1697768552; x=1698373352;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=syRQg4LycacE0ufY5hgkzvlnj24nhGYMmhkEMY+8Gyo=;
 b=Bx7cZRf5s2g/5sATVq7DOtYnSnaWaNBU0R03iUb+w81iKX14poyZTO9CbXx3hmS036
 410C47qX5HSk4bCei8F227fXEgTuEB2IzJf0YEkqqpDPF8cTYyZs6nxJLRvGcsGRJ9Je
 /63Tjz4ErpoZzzghbl9amPMfaD1o6LbR7XHWCx68Ij+vSSNmxBYz1unqYTk0rl3DDBnw
 eX0RL+DxwwWQR8QMfuY0NxKu7SlsTuwmpJTU4YSbxUQ4AMhVHCdLW8fZakPgedQilQ8B
 fVT9xzWHXNvD00yNkMONf4nmrl1FOFf/BeivO572ADOv+UDU8PHRQCML7MiHsiiv9iDp
 BEwg==
X-Gm-Message-State: AOJu0YyGjd7aiNY1J2SHOgoAODkpNdOAjIQf6okt2UEAkFhmCmn69KEE
 smlvJjRDO+45h9rxvGfaOOJ1uZdQ8vVGgw==
X-Google-Smtp-Source: AGHT+IHxYvlOlsHpNPS0jpI9+N0ohbBRiRotAQ/nf2s5TY51H+FkY0sWP7tp95y5h1fTg2kx88orgA==
X-Received: by 2002:a05:622a:105:b0:41c:bee2:883b with SMTP id
 u5-20020a05622a010500b0041cbee2883bmr426703qtw.67.1697768552346; 
 Thu, 19 Oct 2023 19:22:32 -0700 (PDT)
Received: from hurd (dsl-156-111.b2b2c.ca. [66.158.156.111])
 by smtp.gmail.com with ESMTPSA id
 e28-20020ac84b5c000000b0041cbb7139a9sm265063qts.65.2023.10.19.19.22.31
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 19 Oct 2023 19:22:31 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
In-Reply-To: <86k0qe9g8u.fsf@HIDDEN> (zimoun's message of "Thu, 11 Mar 2021
 10:44:33 +0100")
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 <86a6rabl7a.fsf@HIDDEN> <YEl2fHXnDm6+GzFZ@HIDDEN>
 <86k0qe9g8u.fsf@HIDDEN>
Date: Thu, 19 Oct 2023 22:22:30 -0400
Message-ID: <87pm1am3rt.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hello,

zimoun <zimon.toutoune@HIDDEN> writes:

> Hi Leo,
>
> On Wed, 10 Mar 2021 at 20:46, Leo Famulari <leo@HIDDEN> wrote:
>> On Thu, Mar 11, 2021 at 01:14:33AM +0100, zimoun wrote:
>>> I propose =E2=80=99match=E2=80=99 which is more coherent with the Guix =
style.  Well,
>>> from my understanding. :-)
>>
>> I have heard that before, but I don't know how to use it =F0=9F=A4=B7
>
> The section [1] in the manual is worth to read because running and
> playing with the examples gives a good feeling on how to use it. :-)
>
>> If this new patch is working for you, please push!
>
> I do not have this power. :-)

No longer true ;-).

Thinking about this change though; why is it bad to fetch from git
places?  There may be repos out there where it's the only offered way,
and as long as we're talking fixed output derivations, it seems moot
whether you use HTTPS, HTTP or X to retrieve the files (unless you are
worried about your traffic being monitored, but that's not in scope, I'd
say).

--=20
Thanks,
Maxim




Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: Simon Tournier <zimon.toutoune@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Fri, 20 Oct 2023 15:27:02 +0000
Resent-Message-ID: <handler.46182.B46182.16978155791575 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Cc: 46182 <at> debbugs.gnu.org, Leo Famulari <leo@HIDDEN>
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.16978155791575
          (code B ref 46182); Fri, 20 Oct 2023 15:27:02 +0000
Received: (at 46182) by debbugs.gnu.org; 20 Oct 2023 15:26:19 +0000
Received: from localhost ([127.0.0.1]:41201 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1qtrOE-0000PC-72
	for submit <at> debbugs.gnu.org; Fri, 20 Oct 2023 11:26:19 -0400
Received: from mail-wr1-x42f.google.com ([2a00:1450:4864:20::42f]:38051)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@HIDDEN>) id 1qtrOB-0000Ou-BU
 for 46182 <at> debbugs.gnu.org; Fri, 20 Oct 2023 11:26:17 -0400
Received: by mail-wr1-x42f.google.com with SMTP id
 ffacd0b85a97d-32da42b8225so154505f8f.0
 for <46182 <at> debbugs.gnu.org>; Fri, 20 Oct 2023 08:25:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1697815542; x=1698420342; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=ninTY+nhRtnptVEcxhdfxVNJ5uPn1aDBUnCoyyZNZ50=;
 b=etOk2riQwMcqn4QUCg+R4B5pjfQWt4BuMcSgMPW3SIqaqFtbtL+nvcaNU6ouAucCyj
 JqpfUsGJBtCNdhBGCOwgn0FVp0QePzDhatmzl0sZxIoAcJhMG9VLo7GRDLWrZZVOcDgm
 optA1u343zA0ZUAJQBd5eyQVMdwVKwGSDkEN/r77190ukuzPf1zQJU2uYahf2BS1mEKJ
 W0lSrXGraf65h2c9bSiM/RB0pccebGeOTXR632Yjw9OE0P+oaDvInCkDhP74uB90QZMd
 2nX/uzC2F6IJNGl9vjSNvPNtIht1ys4fTp5UWtyrOf21s1tQyiYfXUCfhCGbKpu8lyyI
 7nxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1697815542; x=1698420342;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=ninTY+nhRtnptVEcxhdfxVNJ5uPn1aDBUnCoyyZNZ50=;
 b=b+Uy7UYS0vGL905qkat2Tq/lTZJ1NNQYehD5kibr5VW6dcRrWXeRhfclBTU9+egsu7
 Jxc3nQbHJAwxB4fc7pTfJT2XV7horq+2CTxXkwVjrPl8YkArQHENc1PZGT4wDs/74jyF
 1pabNoVLk5eQktnV4hFeKyE4li8lX/hz5kEa9C704aFMRadzhlVVco7Tg6dhSUtHRPuY
 V/eq3PNM+oXIokuO3hv1vmLUPkvZiblreChOPQLH6OI9mYmxNkCjSWzpm4B3Ud6q8ltj
 yiDN4/C9uxfsLepoPQwAYPCH9Vvi51OD2nU5aSnL6NzemLSsaDMwusrICbZGCw6EpZV9
 eucg==
X-Gm-Message-State: AOJu0Yz+j8w/uaPN4N4N7BFRyYczmlqZ8lVjBMI5ncmKSMJ95e95KbYx
 7MwQnvAuXcM756r/sCL97Ig=
X-Google-Smtp-Source: AGHT+IEnlED73V8GAPiijEynE1bsfRKGMAy3QSqmfxwH46WVi8QXCGisNb+zzuPAaHfeoAAsyapXQg==
X-Received: by 2002:adf:a48f:0:b0:32d:d9a8:53df with SMTP id
 g15-20020adfa48f000000b0032dd9a853dfmr1574182wrb.3.1697815541810; 
 Fri, 20 Oct 2023 08:25:41 -0700 (PDT)
Received: from pfiuh07 ([193.48.40.241]) by smtp.gmail.com with ESMTPSA id
 f6-20020a5d50c6000000b003258934a4bcsm1905067wrt.42.2023.10.20.08.25.41
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 20 Oct 2023 08:25:41 -0700 (PDT)
From: Simon Tournier <zimon.toutoune@HIDDEN>
In-Reply-To: <87pm1am3rt.fsf@HIDDEN>
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 <86a6rabl7a.fsf@HIDDEN> <YEl2fHXnDm6+GzFZ@HIDDEN>
 <86k0qe9g8u.fsf@HIDDEN> <87pm1am3rt.fsf@HIDDEN>
Date: Fri, 20 Oct 2023 14:45:57 +0200
Message-ID: <87v8b1mph6.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Maxim,

On Thu, 19 Oct 2023 at 22:22, Maxim Cournoyer <maxim.cournoyer@HIDDEN> w=
rote:

> Thinking about this change though; why is it bad to fetch from git
> places?  There may be repos out there where it's the only offered way,
> and as long as we're talking fixed output derivations, it seems moot
> whether you use HTTPS, HTTP or X to retrieve the files (unless you are
> worried about your traffic being monitored, but that's not in scope, I'd
> say).

Why would not it be in scope?

Being able to strongly verify (sha256) that the content you fetch is the
data you expect does not imply that the protocol for communicating
cannot be exploited for other means.

Well, git:// protocol is not supported by well-known forges.  Quoting
Pro Git book:

        The Cons

        Due to the lack of TLS or other cryptography, cloning over
        git:// might lead to an arbitrary code execution vulnerability,
        and should therefore be avoided unless you know what you are
        doing.

        https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols

And I do not have enough imagination to find a way to exploit the git://
protocol.  However, it appears to me a good practise to warn when this
protocol is used.  Somehow, a lint message is a recommendation =E2=80=93 a =
good
practise =E2=80=93 and not an absolute truth. :-)

In short, from my point of view, the general rule reads: avoid git://
protocol if you can.  Obviously, if you cannot because it is the only
offered way by some repositories, then let make an exception; but it
does mean that=E2=80=99s a good practise.

Cheers,
simon








Message sent to guix-patches@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: [bug#46182] [PATCH] lint: Add 'check-git-protocol' checker.
Resent-From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: guix-patches@HIDDEN
Resent-Date: Fri, 20 Oct 2023 15:39:01 +0000
Resent-Message-ID: <handler.46182.B46182.16978163153362 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 46182
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Simon Tournier <zimon.toutoune@HIDDEN>
Cc: 46182 <at> debbugs.gnu.org, Leo Famulari <leo@HIDDEN>
Received: via spool by 46182-submit <at> debbugs.gnu.org id=B46182.16978163153362
          (code B ref 46182); Fri, 20 Oct 2023 15:39:01 +0000
Received: (at 46182) by debbugs.gnu.org; 20 Oct 2023 15:38:35 +0000
Received: from localhost ([127.0.0.1]:41234 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1qtra6-0000s9-QK
	for submit <at> debbugs.gnu.org; Fri, 20 Oct 2023 11:38:35 -0400
Received: from mail-qv1-xf2a.google.com ([2607:f8b0:4864:20::f2a]:44435)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>) id 1qtra3-0000rp-By
 for 46182 <at> debbugs.gnu.org; Fri, 20 Oct 2023 11:38:33 -0400
Received: by mail-qv1-xf2a.google.com with SMTP id
 6a1803df08f44-66cfd3a0e61so5852666d6.1
 for <46182 <at> debbugs.gnu.org>; Fri, 20 Oct 2023 08:38:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1697816278; x=1698421078; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=yzREb6IJoVO4fDRfo3gNXKRRdkef1Uo+kiVM5/HrMW4=;
 b=KC12uFyQEMYYc60KVTkuMTALuqAlzO1KLcPiBqAQKAcfOg7NKcboPO4wlRwxt2XPBX
 p+GDDGE7a5WtbeRUD0/68pnCGAaXZ8BW2U5VcufgS20xCEwDibuQHl9XZzUdLDr+1EIn
 +0EXw3HUNsRL7dmJK8dZDIH7ITZ+KTWg4LBBVljyhvDXbTjqA5TlryVKbf0Tn7e+jAus
 0HgZL//dtrSCo6BYvCabqIQV3SDk5Gj/SEVZdXM/OCMYh3xIYgzI9leeZ7yyJuRGeItv
 uqZ2OH2Ak7ZqwFpNqN5ONoythcN1yridhdCB7/Ldk5hf3kqJec6ib7Ds+8qYZHKcvisp
 s2xA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1697816278; x=1698421078;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=yzREb6IJoVO4fDRfo3gNXKRRdkef1Uo+kiVM5/HrMW4=;
 b=Uq1f2pZ0y9DB3CyENeSKa76mwayOqzTxeZY7Z3g8RdWBtVC6o35JQvty6Jsixbxvu9
 zgFsKQyfsNK4YLCrYxICgwVxLOlQmonRqN6Oyp4LEGQHEyscQP3QFqho56oo4YirD5eN
 V+bKwmD0k8M1PitGx5gTlPt+OiR0vbwHGe40opnelXyCGdH++FT7oLCmzZifPGtwsBSg
 edlUn3c5O61DKTu08DNhLVgDZ2oiLtm0DfsPDi4G84ZTyTJ5Vtzbxn+SzJiZx9Mm+JtB
 6sRdJa+rGbjSQZxYQUPYSfqDwp83rjz4cwhEnowFQHltUObsC0uZmy+F492T8VtiMb8B
 Qqig==
X-Gm-Message-State: AOJu0Yych1E4ISI35Ov7s0VzckN9RuG8Ls1mZIy/A9TRuIbvzRKgzRFh
 LPVXDnaBc/DxBgUnk/PmZ8M=
X-Google-Smtp-Source: AGHT+IGXjPXsQe7kgxh8qZ3vrnybNnJa9YX13mrXaio1VT4YUYSrKFGp+5usRCf2yeX0sl29PaVdhw==
X-Received: by 2002:ad4:5c4a:0:b0:66d:627e:24c0 with SMTP id
 a10-20020ad45c4a000000b0066d627e24c0mr2840424qva.38.1697816278592; 
 Fri, 20 Oct 2023 08:37:58 -0700 (PDT)
Received: from hurd (dsl-156-111.b2b2c.ca. [66.158.156.111])
 by smtp.gmail.com with ESMTPSA id
 oi1-20020a05621443c100b0066d0d3daa58sm762462qvb.24.2023.10.20.08.37.57
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 20 Oct 2023 08:37:58 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
In-Reply-To: <87v8b1mph6.fsf@HIDDEN> (Simon Tournier's message of "Fri, 20
 Oct 2023 14:45:57 +0200")
References: <f9137838eca39b768e49f4ee7852dd32edce7e8c.1611968623.git.leo@HIDDEN>
 <86a6rabl7a.fsf@HIDDEN> <YEl2fHXnDm6+GzFZ@HIDDEN>
 <86k0qe9g8u.fsf@HIDDEN> <87pm1am3rt.fsf@HIDDEN>
 <87v8b1mph6.fsf@HIDDEN>
Date: Fri, 20 Oct 2023 11:37:56 -0400
Message-ID: <877cnhi9t7.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi,

Simon Tournier <zimon.toutoune@HIDDEN> writes:

> Hi Maxim,
>
> On Thu, 19 Oct 2023 at 22:22, Maxim Cournoyer <maxim.cournoyer@HIDDEN>=
 wrote:
>
>> Thinking about this change though; why is it bad to fetch from git
>> places?  There may be repos out there where it's the only offered way,
>> and as long as we're talking fixed output derivations, it seems moot
>> whether you use HTTPS, HTTP or X to retrieve the files (unless you are
>> worried about your traffic being monitored, but that's not in scope, I'd
>> say).
>
> Why would not it be in scope?
>
> Being able to strongly verify (sha256) that the content you fetch is the
> data you expect does not imply that the protocol for communicating
> cannot be exploited for other means.
>
> Well, git:// protocol is not supported by well-known forges.  Quoting
> Pro Git book:
>
>         The Cons
>
>         Due to the lack of TLS or other cryptography, cloning over
>         git:// might lead to an arbitrary code execution vulnerability,
>         and should therefore be avoided unless you know what you are
>         doing.
>
>         https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols
>
> And I do not have enough imagination to find a way to exploit the git://
> protocol.  However, it appears to me a good practise to warn when this
> protocol is used.  Somehow, a lint message is a recommendation =E2=80=93 =
a good
> practise =E2=80=93 and not an absolute truth. :-)
>
> In short, from my point of view, the general rule reads: avoid git://
> protocol if you can.  Obviously, if you cannot because it is the only
> offered way by some repositories, then let make an exception; but it
> does mean that=E2=80=99s a good practise.

OK, fair.  I remove my objection, but I dislike warnings when they
cannot be acted upon (e.g. 'no coverage in software heritage' -- OK
neat, but I can't do anything about it, and it may not even support that
tarball ingestion yet).

--=20
Thanks,
Maxim





Last modified: Fri, 20 Oct 2023 15:45:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.