[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Notice of upcoming changes to the behaviour of the anongit network
From: Ian Wadham <iandw.au () gmail ! com>
Date: 2020-04-13 2:24:30
Message-ID: 8BDFB5C7-B0EF-4040-A4FF-461B1EBC12F9 () gmail ! com
[Download RAW message or body]
Hi Ben,
> On 11 Apr 2020, at 8:14 pm, Ben Cooksley <bcooksley@kde.org> wrote:
>
> Hi all,
>
> As part of the preparations for the move to Gitlab, and the rewrite of
> our anongit tooling, one of the things we have looked into is how the
> anongit network in general operates.
>
> As part of this, it has been observed that the git:// protocol is
> unencrypted, and thus vulnerable to intercept and manipulation by
> hostile actors.
>
> We have therefore decided that support for the git:// protocol to
> access KDE Git repositories will cease following our migration to
> Gitlab.
>
> Going forward, all anonymous access should take place instead over
> https, which is encrypted, and has the added benefit of offering
> support for redirects (should those be needed)
>
> Should anyone have any questions regarding this, please let us know.
I am a former KDE developer but AFAIK my account and access have long since expired.
However I still hover on kde-devel, kde-games-devel and and Apple OSX list (MacPorts \
users) and am sometimes able to suggest solutions to problems that come up, for which \
I need read-only access to source code from anongit. I have some questions regarding \
how things will work in future.
1. Will the general public still have open access to browse KDE source code \
repositories on screens?
2. Will I be able to clone a read-only copy of a KDE repository (I have no intention \
of committing to central repos)?
3. Will I be able to do the above without having to know any account ID, password or \
encryption key?
Thanks and best regards,
Ian Wadham.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic