04:29:39 <selsta> .merge+ 9709
04:29:39 <xmr-pr> Added
12:21:07 <selsta> .merge+ 9710
12:21:07 <xmr-pr> Added
21:07:50 <m-relay> <h​into:monero.social> tobtoht: couple questions on Guix
21:07:51 <m-relay> <h​into:monero.social> 1. does the current impl use any substitutes?
21:07:53 <m-relay> <h​into:monero.social> 2. is there a system that maps packages to their expected hashes similar to Cargo.lock that could be reused instead of bootstrapping each package? (or perhaps this is what the authorized key system does in practice with signatures?)
22:40:26 <m-relay> <t​obtoht:monero.social> 1. that's up to the person building. the official install script will ask if you want to enable substitutes.
22:40:27 <m-relay> <t​obtoht:monero.social> 2. packages are signed by the substitute server, but you trust it to not be compromised. i don't think guix has a Cargo.lock equivalent out of the box where hashes of built packages are pinned, but it should be quite easy to create something similar. either bootstrap the packages declared in your manifest or download them from a substitute server one time, then create a list of re<clipped message>
22:40:29 <m-relay> <t​obtoht:monero.social> quired store items by parsing the output of `guix graph -t references <profile>` and use a script to download them from a substitute server in order to populate the store when you want to set up a new machine for builds. alternatively, (and perhaps simpler) you could find a way to pin the profile hash in your build process.
22:40:40 <m-relay> <t​obtoht:monero.social> i haven't tried either option in practice. i might write a PoC for this later.
22:55:06 <m-relay> <t​obtoht:monero.social> ah, you can just pass `--profile=/gnu/store/<hash>-profile` to `guix environment` to pin the profile, which would in effect pin all packages exposed to the build container
23:57:49 <m-relay> <h​into:monero.social> I meant the impl within Monero, does `contrib/guix/guix-build` build using any substitutes?