<balduin>@OrangeShark: according to your link cmake will first look if APR_INLUCDE_DIR is specified in the CMAKE variable cache. Which can be specified with -D <var>:<type>=<value>. but I have no idea how to set it correctly
<sankey>in that case, guix challens should complain because the locally build firstname.lastname@example.org now differs from the substitute-provided email@example.com
<sankey>or do we just assume that guix challenge requires guix pull beforehand?
<sankey>OH i'm conflating the output hash with the hash of the definition
<lfam>sankey: The hash that uniquely names items in /gnu/store is roughly a hash of all the inputs to the package. Whereas `guix challenge` checks the hash of the content of the package itself.
<sankey>lfam: thanks for the clarification, that matches my guess
<ksjogo>Hi everyone, I installed GuixSD in addition to Ubuntu and Windows on my machine. Ubuntu Grub is running fine and I kept it for the moment, so I use (re)configure with --no-grub and add the GuixSD grub.cfg to Ubuntus. The problem then is, that GuixSD will not write the updated cfg after reconfigure. I can reconfigure without --no-grub, but that will stop due to pointing to a partition instead of a disk.
<ksjogo>Is there a way to configure reconfigure to write the grub.cfg but not attempt to write grub somewhere.
***Piece_Maker is now known as Acou_Bass
***Piece_Maker is now known as Acou_Bass
***fkz is now known as Guest79115
<rekado>very weird: when connecting to a bluetooth audio device with bluetoothctl my keyboard layout is reset to qwerty.
<rekado>I’ve been thinking about adding a service to start setxkbmap, but I’d like to ensure that the layout isn’t reset
<rekado>another big update with lots of rebuilds: fftw. Should this be pushed to core-updates?
<rekado>dhamidi: they will be part of the release tarball that you can generate with “make dist”
<dhamidi>ok, then that means calculating the hash for a git-reference should be done when those files are not present, correct?
<ng0>is there a quick git fix for when you discover that you just wrote https instead of http in 14 new perl modules? I don't know how to go back in git history to change tiny details and move on to the next commit without breaking the other commits. which commands should i read into?
<ng0>metacpan.org has https in search, cpan.org doesn't have it -.-
<janneke>i could imagine that with 200 packages you cover 80% of usage
<sankey>how do i get a text listing of all inputs for a package?
<sankey>sort of like guix graph, but a flat list (the full dependency closure) in plaintext
<pmikkelsen>phant0mas: You are the one working on the hurd port as a GSoC project, right?
<rekado>sankey: you can do this with a Scheme script.
<rekado>sankey: do you want to get the full list of dependencies down to the bootstrap binaries?
<philsnow>I was reading https://www.gnu.org/software/guix/manual/guix.html#Substitutes and it says "HTTPS is recommended because communications are encrypted; conversely, using HTTP makes all communications visible to an eavesdropper, who could use the information gathered to determine, for instance, whether your system has unpatched security vulnerabilities."
<philsnow>but it also says "When using HTTPS, the server’s X.509 certificate is not validated (in other words, the server is not authenticated), contrary to what HTTPS clients such as Web browsers usually do. This is because Guix authenticates substitute information itself, as explained above, which is what we care about (whereas X.509 certificates are about authenticating bindings between domain names and public keys.)"
<philsnow>it's cheap to verify x509, and doing so prevents an active MITM from eavesdropping. is there another reason for not verifying x509 ?
<philsnow>the most common reason i've seen is that then you have to depend on what certificate bundle is installed, but I think you can bootstrap to a known-good cert bundle + curl binary with just gpg-signed packages over http, and then switch to all-https with verification
<philsnow>and that would not leak much information, especially if that's what the standard bootstrap does
<lfam>ACTION works on Perl update for core-updates
<lfam>There are some changes in Perl to make it easier to build Perl software reproducibly