bartronx7/guix
1
0
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2026-01-25 03:55:08 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix/guix
History
Morgan Arnold b5745a327e
publish: Prevent publication of non-substitutable derivation outputs. 
This commit prevents Guix substitute servers from distributing binaries
which are marked non-substitutable.  This prevents substitute servers
from accidentally committing copyright violations by distributing
binaries that are non-substitutable for copyright reasons.

* guix/scripts/publish.scm (render-nar): Query the derivers of
‘store-path’ and do nothing if one of them does not match
‘substitutable-derivation?’.
* tests/publish.scm ("non-substitutable derivation"): New test.

Change-Id: Iaca81f5bdb430a12a3ad41e9b83e0bcc535af607
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Modified-by: Ludovic Courtès <ludo@gnu.org>
2025-06-06 18:41:19 +02:00
..
build guix: gnu-dist: Fix distcheck. 2025-06-06 14:41:30 +03:00
build-system build-system: zig: Expose #:zig-build-target. 2025-05-26 10:41:03 +08:00
import import: texlive: Import the given version when specified. 2025-05-24 15:29:10 +02:00
platforms guix: Add loongarch platform. 2025-01-25 01:05:22 +08:00
scripts publish: Prevent publication of non-substitutable derivation outputs. 2025-06-06 18:41:19 +02:00
store
tests
android-repo-download.scm
avahi.scm
base16.scm
base32.scm
base64.scm
build-system.scm
bzr-download.scm
cache.scm cache: Remove unused import. 2025-04-14 17:31:49 +02:00
channels.scm maint: Change main repository URL to git.guix.gnu.org. 2025-05-23 11:19:07 +02:00
ci.scm
colors.scm
combinators.scm
config.scm.in
cpio.scm
cpu.scm guix: cpu: Add detection for znver5. 2024-09-30 13:38:33 +03:00
cve.scm
cvs-download.scm
d3.v3.js
deprecation.scm
derivations.scm derivations: Fix indentation. 2025-02-22 23:55:24 +09:00
describe.scm ui: Search channels for guix extensions 2025-03-08 17:40:58 +01:00
diagnostics.scm
discovery.scm
docker.scm pack: Include store parent directories in the Docker layer. 2025-06-03 15:09:54 +02:00
download.scm download: Remove unreachable mirror URL. 2025-04-03 22:28:10 +09:00
elf.scm
ftp-client.scm
gexp.scm gexp: Add symlink-to procedure. 2025-05-21 08:05:27 +09:00
git-authenticate.scm guix: Avoid ‘fdatasync’ call for caches and regular files. 2025-04-14 17:31:50 +02:00
git-download.scm git-download: Use C.UTF-8 and remove dependency on ‘glibc-utf8-locales’. 2024-08-31 10:44:46 +02:00
git.scm git: Remove code for Guile-Git < 0.10.0. 2025-05-18 22:55:53 +02:00
glob.scm
gnu-maintenance.scm import: Guard against potential type error. 2025-05-17 13:10:11 +09:00
gnupg.scm gnupg: Automatically fallback to 'always policy when non-interactive. 2025-02-28 13:36:44 +09:00
grafts.scm grafts: Allow file-like objects in the ‘replacement’ field of <graft>. 2025-01-28 14:56:14 +01:00
graph.js
graph.scm
hash.scm
hg-download.scm
http-client.scm guix: Avoid ‘fdatasync’ call for caches and regular files. 2025-04-14 17:31:50 +02:00
i18n.scm
inferior.scm inferior: Add #:verify-certificate? to ‘cached-channel-instance’. 2024-12-25 23:51:10 +01:00
ipfs.scm
least-authority.scm least-authority: Export default preserved environment variables. 2025-04-19 21:13:21 +09:00
licenses.scm licenses: Add blue-oak1.0.0. 2024-11-20 18:01:35 +08:00
lint.scm gnu: Rename texlive-updmap.cfg' into texlive-local-tree'. 2025-05-06 11:25:06 +02:00
man-db.scm man-db: Support mdoc-formatted man pages. 2025-04-11 12:18:02 +02:00
memoization.scm
modules.scm
monad-repl.scm
monads.scm gexp: ‘with-parameters’ properly handles ‘%graft?’. 2025-03-05 00:28:49 +01:00
nar.scm
narinfo.scm
openpgp.scm
packages.scm packages: Add riscv64-linux to %cuirass-supported-systems. 2025-04-25 20:25:27 +02:00
pki.scm
platform.scm
profiles.scm gnu: profiles.scm: Ignore ls-R databases when building font maps. 2025-05-06 11:25:06 +02:00
profiling.scm
progress.scm
quirks.scm
read-print.scm read-print: Attempt to indent package arguments less. 2025-02-09 01:00:00 +01:00
records.scm records: Fix ABI check in cross-compilation context. 2024-11-18 10:58:42 +01:00
remote.scm remote: Do not double-quote the repl-command. 2024-12-12 12:52:08 +01:00
repl.scm
rpm.scm
scripts.scm
search-paths.scm search-paths: $Add XDG_DATA_DIRS. 2025-03-18 16:12:38 +09:00
self.scm self: Install systemd ‘.service’ files. 2025-04-20 17:58:11 +02:00
serialization.scm
sets.scm
ssh.scm ssh: Add #:strict-host-key-check? option. 2025-02-09 18:20:42 +01:00
status.scm
store.scm gexp: ‘with-parameters’ properly handles ‘%graft?’. 2025-03-05 00:28:49 +01:00
substitutes.scm guix: Avoid ‘fdatasync’ call for caches and regular files. 2025-04-14 17:31:50 +02:00
svn-download.scm guix: download-multi-svn-to-store: Allow exporting from base URL. 2024-08-31 10:45:36 +02:00
swh.scm
tests.scm
transformations.scm transformations: Git source transformations honour RECURSIVE?. 2025-05-05 12:15:47 +02:00
ui.scm ui: Allow evaluating multi-expressions strings with read/eval. 2025-05-09 23:05:26 +09:00
upstream.scm upstream: Do not update to same version. 2025-04-27 13:01:48 +01:00
utils.scm utils: Add #:sync? parameter to ‘with-atomic-file-output’. 2025-04-14 17:31:49 +02:00
workers.scm