diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-09-27 22:39:49 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-09-27 22:39:49 +0200 |
commit | 3b7bd8cc904dc7e550135aa81be05c6c64a84f07 (patch) | |
tree | d20b926a493178610952594a20f2de0584c1155a /doc | |
parent | 12871cc8db701a89f7f64303e1f16a8537a12561 (diff) | |
download | guix-3b7bd8cc904dc7e550135aa81be05c6c64a84f07.tar guix-3b7bd8cc904dc7e550135aa81be05c6c64a84f07.tar.gz |
doc: Move "Primary URL" after "Specifying Channel Authorizations".
* doc/guix.texi (Primary URL): Move after "Specifying Channel
Authorizations" since the audience is channel authors who've already
taken care of authorizations.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/guix.texi | 50 |
1 files changed, 25 insertions, 25 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index cc8214c257..d20b33cd9a 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -233,11 +233,11 @@ Channels * Using a Custom Guix Channel:: Using a customized Guix. * Replicating Guix:: Running the @emph{exact same} Guix. * Channel Authentication:: How Guix verifies what it fetches. -* Primary URL:: Distinguishing mirror to original. * Creating a Channel:: How to write your custom channel. * Package Modules in a Sub-directory:: Specifying the channel's package modules location. * Declaring Channel Dependencies:: How to depend on other channels. * Specifying Channel Authorizations:: Defining channel authors authorizations. +* Primary URL:: Distinguishing mirror to original. * Writing Channel News:: Communicating information to channel's users. Development @@ -4691,11 +4691,11 @@ updates. * Using a Custom Guix Channel:: Using a customized Guix. * Replicating Guix:: Running the @emph{exact same} Guix. * Channel Authentication:: How Guix verifies what it fetches. -* Primary URL:: Distinguishing mirror to original. * Creating a Channel:: How to write your custom channel. * Package Modules in a Sub-directory:: Specifying the channel's package modules location. * Declaring Channel Dependencies:: How to depend on other channels. * Specifying Channel Authorizations:: Defining channel authors authorizations. +* Primary URL:: Distinguishing mirror to original. * Writing Channel News:: Communicating information to channel's users. @end menu @@ -4852,29 +4852,6 @@ introduction from a trusted source since that is the root of your trust. If you're curious about the authentication mechanics, read on! -@cindex primary URL, channels -@node Primary URL -@section Primary URL - -Channel authors can indicate the primary URL of their channel's Git -repository in the @file{.guix-channel} file, like so: - -@lisp -(channel - (version 0) - (url "https://example.org/guix.git")) -@end lisp - -This allows @command{guix pull} to determine whether it is pulling code -from a mirror of the channel; when that is the case, it warns the user -that the mirror might be stale and displays the primary URL. That way, -users cannot be tricked into fetching code from a stale mirror that does -not receive security updates. - -This feature only makes sense for authenticated repositories, such as -the official @code{guix} channel, for which @command{guix pull} ensures -the code it fetches is authentic. - @cindex personal packages (channels) @cindex channels, for personal packages @node Creating a Channel @@ -5099,6 +5076,29 @@ authentication! Pay attention to merges in particular: merge commits are considered authentic if and only if they are signed by a key present in the @file{.guix-authorizations} file of @emph{both} branches. +@cindex primary URL, channels +@node Primary URL +@section Primary URL + +Channel authors can indicate the primary URL of their channel's Git +repository in the @file{.guix-channel} file, like so: + +@lisp +(channel + (version 0) + (url "https://example.org/guix.git")) +@end lisp + +This allows @command{guix pull} to determine whether it is pulling code +from a mirror of the channel; when that is the case, it warns the user +that the mirror might be stale and displays the primary URL. That way, +users cannot be tricked into fetching code from a stale mirror that does +not receive security updates. + +This feature only makes sense for authenticated repositories, such as +the official @code{guix} channel, for which @command{guix pull} ensures +the code it fetches is authentic. + @cindex news, for channels @node Writing Channel News @section Writing Channel News |