Email or username:

Password:

Forgot your password?
92 posts total
Ludovic Courtès

“The Design of a Self-Compiling C Transpiler Targeting POSIX Shell” (2024)
doi.org/10.1145/3687997.369563

“We have developed pnut, a C to POSIX shell transpiler written in C that generates human-readable shell code. […] Together, pnut and the shell serve as the seed for a chain of builds that create increasingly capable compilers up to the most recent version of [GCC]”

(@monnier is among the authors 👋)

Cc: @janneke @stikonas

#bootstrapping #Guix

“The Design of a Self-Compiling C Transpiler Targeting POSIX Shell” (2024)
doi.org/10.1145/3687997.369563

“We have developed pnut, a C to POSIX shell transpiler written in C that generates human-readable shell code. […] Together, pnut and the shell serve as the seed for a chain of builds that create increasingly capable compilers up to the most recent version of [GCC]”

Ludovic Courtès

⚠ If you’re using #Guix, consider upgrading ‘guix-daemon’ now 👇
guix.gnu.org/en/blog/2024/buil

Fellow hacker Reepca (Caleb Ristvedt) found two related vulnerabilities allowing for a takeover of the build user accounts used by guix-daemon, which in turn could let anyone interfere with build processes.

Ludovic Courtès

Comrades, the #Guix Science channels have moved from GitHub to Codeberg 👇
codeberg.org/guix-science/

Migration was very easy and complete, with pull requests migrated without loss. We have yet to see how contributors can resume work on PRs opened pre-migration, but it looks great so far!

Ludovic Courtès

# #Guix trick borrowed from Nix folks: the comma shell function,
# fitting in a single toot, with comments.
#
# Run then given command via 'guix shell'.
function ,
{
pkg_ver="$(set -o pipefail; guix locate "$1" | grep /bin/ | head -1 | cut -f1)"
pkg="$(echo $pkg_ver | cut -d@ -f1)"
test -n "$pkg" && guix shell "$pkg" -- "$@"
}

Ludovic Courtès

So you can type “, supertuxkart” or “, objdump -T whatever” in your shell and it will do the right thing!

Pjotr Prins

@civodul checking - it is not April fools day?!

Ludovic Courtès

That feeling when you’re like “yay! that bug’s not in my code!”… and then you realize that you’re probably going to have to roll up your sleeves and fix it anyway.

Ludovic Courtès

Finn Landweber published their bachelor thesis on #Git repo authentication for #Nix, inspired by #Guix’s, and it’s well worth a read!
landweber.xyz/ba.pdf

Ludovic Courtès

Chapter 4 has all the implementation details of git-verify, itself available here:
codeberg.org/flandweber/git-ve

Ludovic Courtès

FFmpeg’s ‘configure’ suggests reporting bugs on IRC. Refreshingly casual.

(Maybe back in the day it said “call Fabrice at +33 6 1234”?)

Ekaitz Zárraga 👹

@civodul ahahah I'm going to add that kind of things in my software. No discord no shit. Let's go back to: send postal mail to this address

past oral no mad

@civodul Much rather see this than "join our Discord."

...or even using the GitHub issue tracker, these days.

Ludovic Courtès

With all its benefits over C/C++ in terms of memory safety, Rust still depends on itself to be built*, and Rust’s packaging approach is a nightmare for distros of a magnitude close to that of npm.

* This can be worked around but it doesn’t come for free: guix.gnu.org/en/blog/2018/boot

Ludovic Courtès

#Guix, the package manager that doesn’t need a SAT solver to figure out its dependency graph.

graywolf

@civodul I mean, while true, isn't it bit too simple way to put it? My understanding is that Guix does not need SAT solver because basically any single dependency is hard-coded version (via its package definition).

If your pip --freeze produced requirements.txt is full of only pkg==1.2.3 style records, you also technically do not require SAT solver to figure it out, no?

Actually, *most* linux package manager do not require SAT solver no? At least pacman and apk do not have it afaik. Which one does out of curiosity?

@civodul I mean, while true, isn't it bit too simple way to put it? My understanding is that Guix does not need SAT solver because basically any single dependency is hard-coded version (via its package definition).

If your pip --freeze produced requirements.txt is full of only pkg==1.2.3 style records, you also technically do not require SAT solver to figure it out, no?

Ludovic Courtès

Call for contributions to the #Guix infrastructure 👇
lists.gnu.org/archive/html/gui

Many areas where you can help, with different time commitments and prerequisites: funding & spending, hardware hosting, system administration, and coding.

Khleedril

@civodul This is a great way to learn best practices and see some real-world deployments of Guix.

Which do you consider more important for occasional contributors: contributing to infrastructure or reviewing patches to the Guix system itself?

Sharlatan

@civodul > Improve infra monitoring
I'm in the review of issues.guix.gnu.org/54560 which may help extended monitoring ability.

For balancing traffic there is HAProxy in the (gnu packages high-availability) module which misses written service. That module contains base packages for clustering as well, all missing services.

David Wilson

@civodul perhaps we need to organize a fundraising drive for infra costs? I can help organize and promote that!

Ludovic Courtès

Glad to be joining the fine #Guix London Meetup crowd led by @futurile and @fabionatali for a discussion about Guix, Guile, and life at 7PM CEST today!
libreplanet.org/wiki/Group:Gui

Show previous comments
Anthk

@civodul @futurile @fabionatali
I wish Guile-Studio got an SICP-compat layer =)
With the sicp package it would be the ultimate game changer to learn Scheme (and computer science too).

avp

@civodul @futurile @fabionatali That's really good news indeed. I registered to the online meeting and notified my colleagues from Russian Guix community about the oncoming meeting too; maybe some of them will be joining as well.

Ludovic Courtès

Recently (past week?), #Guix proper passed the 30K package limit, all free software!
repology.org/repository/gnugui

Ludovic Courtès

Third-party channels bring tens of thousands more packages.

For scientific usage: hpc.guix.info/channels
General purpose: toys.whereis.xn--q9jyb4c/chann

Ludovic Courtès

It’s 2024. The ACM and its friends are still ripping public money, asking authors for $1,000 to make their paper “open access”.

One word: parasites.

gerry

@redstarfish @civodul It’s even more disgusting than that because #acm.org is a restricted access #Cloudflare site. Some people are allowed to reach it and some are not.

Ludovic Courtès

Good news for declarative config fans: finally there’s a #Guix System service to deploy home environments!
guix.gnu.org/manual/devel/en/h

Thanks to Richard Sent for implementing it, based on code by @abcdw.

Csepp 🌢

@civodul @abcdw This is cool, I wonder if it would be safe to combine this with the auto upgrade service. It would be cool if less technical (or just forgetful) users would get security updates automatically.

dave

@civodul @abcdw nice!! this should hopefully make things like pulseaudio -> pipewire easier since pipewire requires home services.

Ludovic Courtès

It’s now possible to create a #Guix System instance where the default ‘guix’ command sees the channels of your choosing:
guix.gnu.org/manual/devel/en/h

This is particularly useful if you want to create a ready-to-use system image.

Felix Lechner

@civodul Hi, thamks. That's great news! When and how does that "guix" get "pulled" please?

Felix Lechner

@civodul Also, I can't use the custom system channels yet because my Guix is several months behind. How do I disable authentication for the pull, please?

café au fait
@civodul i finally managed to give this a whirl over the last week, and it's very promising. however! the experience on my old desktop was pretty bad. it had to update its channels and rebuild guix's derivation *three* times each for "system build" and "system reconfigure", so it took well over an hour.

but this large annoyance hides a proper bug: since you have to be root to run "system reconfigure" and because that will trigger three separate channel updates and guix rebuilds over a potentially long period of time, it has a high likelihood leave behind root-owned files in the guix cache, requiring manual intervention to fix.

it's a promising start to a vision of being able to easily layer channels on bare guix, but the current implementation needs to stop constantly pulling channels and rebuilding guix. honestly, i don't think anything should ever pull guix except "guix pull". i assume there was some nasty thorn that made you have to do it this way?
@civodul i finally managed to give this a whirl over the last week, and it's very promising. however! the experience on my old desktop was pretty bad. it had to update its channels and rebuild guix's derivation *three* times each for "system build" and "system reconfigure", so it took well over an hour.
Ludovic Courtès

“Towards reproducible minimal source code tarballs?” by @jas4711:
blog.josefsson.org/2024/04/01/

I think “make dist”-generated tarballs are just one part of the xz debacle (and not the most frightening part), but at least we can do something about them: when they’re the byproduct of a build process, we can build them from source (like Debian does); when they add something that’s not in the VCS (such as .po files), we can at least ensure a reproducible build process as Simon advocates here.

“Towards reproducible minimal source code tarballs?” by @jas4711:
blog.josefsson.org/2024/04/01/

I think “make dist”-generated tarballs are just one part of the xz debacle (and not the most frightening part), but at least we can do something about them: when they’re the byproduct of a build process, we can build them from source (like Debian does); when they add something that’s not in the VCS (such as .po files),...

Vivien the Trumpeting Elephant

@civodul @jas4711 As I use the extended GNU build system for my own personal projects, I find it a bit frustrating that the PO files would not be present in the source tree, but I understand that if they were, then we would have a big bunch of undesirable “Update PO translation” commits.

As for Gnulib more specifically, I have noticed that in several places, you can safely commit (semi-)generated files, and rely on syntax-check to detect when they should be updated.

Janneke

@civodul @jas4711
The benefits of Reproducible tarballs are a no-brainer to me.

I've been carrying and developing reproducible source tarball patches for Autotools and GNU Mes for quite some time, party courtesy of Timothy Sample.

I'm embarrassed and confused that after over 10y of Reproducible Builds, GNU and Autotools still need to get used to these ideas (and don't seem to make any progress at all).

Ludovic Courtès

My friends, I made a terrific (terrible?) discovery that goes by the name ‘sdlpop’:
packages.guix.gnu.org/packages

I spent hours on this as a kid and it was great, even though I’m not sure I ever went past level 2 (I didn’t today).

Ludovic Courtès

“Adventures on the quest for long-term reproducible deployment”
guix.gnu.org/en/blog/2024/adve

On addressing build reproducibility problems on “old” packages, in particular time-related, to ensure #ReproducibleBuilds and #ReproducibleResearch with #Guix.

Cc: @reproducible_builds

Go Up