aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-06-17 19:14:48 +0200
committerLudovic Courtès <ludo@gnu.org>2020-06-17 19:32:43 +0200
commitcb8c698e8d2ca4bdd1104255df47a92f7b42d475 (patch)
tree8930f595a9104aba33b0b021748a979827e33f2d
parentba8c09f289ecaced633a7889572ba8cc2167a654 (diff)
downloadguix-cb8c698e8d2ca4bdd1104255df47a92f7b42d475.tar
guix-cb8c698e8d2ca4bdd1104255df47a92f7b42d475.tar.gz
news: Add entry for authenticated channels.
* etc/news.scm: Add entry.
-rw-r--r--etc/news.scm13
1 files changed, 13 insertions, 0 deletions
diff --git a/etc/news.scm b/etc/news.scm
index d037734013..292a33f391 100644
--- a/etc/news.scm
+++ b/etc/news.scm
@@ -13,6 +13,19 @@
(channel-news
(version 0)
+ (entry (commit "43badf261f4688c8a7a7a9004a4bff8acb205835")
+ (title (en "@command{guix pull} authenticates channels"))
+ (body
+ (en "The @command{guix pull} and @command{guix time-machine} commands
+now authenticate the source code that they pull, unless the new
+@option{--disable-authentication} option is passed. What this means is that
+Guix ensures that each commit received is cryptographically signed by an
+authorized developer. This protects you from attempts to tamper with the Guix
+repository and from attempts to ship malicious code to users.
+
+This feature is currently limited to the @code{guix} channel but will soon be
+available to third-party channel authors.")))
+
(entry (commit "c924e541390f9595d819edc33c19d979917c15ec")
(title (en "@command{guix repl} adds support for running Guile scripts")
(de "@command{guix repl} kann Guile-Skripte ausführen")