From d40ec4a0d00df08ec4f866467080235f5a9fea87 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Wed, 6 Mar 2019 23:53:08 +0100 Subject: pack: Add '--save-provenance'. * guix/scripts/pack.scm (show-help, %options): Add '--save-provenance'. (guix-pack)[manifest-from-args]: Honor it. * doc/guix.texi (Invoking guix pack): Document it. --- doc/guix.texi | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 1b77881eb6..0f325fb542 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -4777,6 +4777,23 @@ symlink target. For instance, @code{-S /opt/gnu/bin=bin} creates a @file{/opt/gnu/bin} symlink pointing to the @file{bin} sub-directory of the profile. +@item --save-provenance +Save provenance information for the packages passed on the command line. +Provenance information includes the URL and commit of the channels in use +(@pxref{Channels}). + +Provenance information is saved in the +@file{/gnu/store/@dots{}-profile/manifest} file in the pack, along with the +usual package metadata---the name and version of each package, their +propagated inputs, and so on. It is useful information to the recipient of +the pack, who then knows how the pack was (supposedly) obtained. + +This option is not enabled by default because, like timestamps, provenance +information contributes nothing to the build process. In other words, there +is an infinity of channel URLs and commit IDs that can lead to the same pack. +Recording such ``silent'' metadata in the output thus potentially breaks the +source-to-binary bitwise reproducibility property. + @item --localstatedir @itemx --profile-name=@var{name} Include the ``local state directory'', @file{/var/guix}, in the resulting -- cgit v1.2.3