[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design
From: |
Ludovic Courtès |
Subject: |
Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design |
Date: |
Wed, 06 Apr 2016 15:07:10 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Hello,
I believe these accusations are wrong, as I and others have already
tried to explain Jean-Louis on IRC.
To correct any misunderstandings, I’ll summarize a few relevant points
about Guix and that distinguish it from most other package managers.
• Guix is inherently a source-based tool: all it provides is a bunch
of executable recipes to build packages.
As an optimization, users can choose to fetch pre-built binaries as
substitutes for local builds. This is often a good idea since
building GCC, LibreOffice and all that takes a long time, but it can
be enabled/disabled at any time.
See
<https://www.gnu.org/software/guix/manual/html_node/Substitutes.html>.
• The source, including patches, used to build a package is specified
in the package definition:
<https://www.gnu.org/software/guix/manual/html_node/Defining-Packages.html>.
For instance, the ‘pulseaudio’ package has a couple of patches, as
can be seen at:
http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/pulseaudio.scm#n115
https://www.gnu.org/software/guix/packages/#pulseaudio
The ‘guix build --source foo’ command returns the source code of
‘foo’ with all patches applied.
• By design, Guix provides a direct correspondence between source and
build results. “Source” is taken very broadly: it includes source
tarballs, build scripts, and in fact the whole graph of dependencies
that produce the result.
This is the foundation of functional package management, explained
at:
https://www.gnu.org/software/guix/manual/html_node/Introduction.html
https://www.fsf.org/blogs/community/fsf-announces-support-for-gnu-guix
https://arxiv.org/pdf/1305.4584v1
• Thanks to this direct mapping, users who use substitutes do not have
to trust third-party binary servers. They can challenge binaries
that those servers provide using ‘guix build --check’ or ‘guix
challenge’.
See <https://savannah.gnu.org/forum/forum.php?forum_id=8407>, for a
discussion on this and reproducible builds.
I’m happy to answer additional questions!
Ludo’.
signature.asc
Description: PGP signature
Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, Riley Baird, 2016/04/06
Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design,
Ludovic Courtès <=
- Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, Jean Louis, 2016/04/06
- Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, Ludovic Courtès, 2016/04/06
- Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, Jean Louis, 2016/04/06
- Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, Joshua Gay, 2016/04/07
- Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, Jean Louis, 2016/04/08
- Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, Ludovic Courtès, 2016/04/09
- Re: [GNU-linux-libre] Violations of GPL in GuixSD packaging design, ng0, 2016/04/10