[prev in list] [next in list] [prev in thread] [next in thread]
List: gentoo-dev
Subject: Re: [gentoo-dev] [PATCH 1/2] git-r3.eclass: Update docs to discourage unsafe protocols
From: Michał_Górny <mgorny () gentoo ! org>
Date: 2017-08-25 13:52:06
Message-ID: 1503669126.1016.5.camel () gentoo ! org
[Download RAW message or body]
W dniu sob, 19.08.2017 o godzinie 10∶25 +0200, użytkownik Michał Górny
napisał:
> ---
> eclass/git-r3.eclass | 14 +++++++++-----
> 1 file changed, 9 insertions(+), 5 deletions(-)
>
> diff --git a/eclass/git-r3.eclass b/eclass/git-r3.eclass
> index bc7d4d920299..42b586811368 100644
> --- a/eclass/git-r3.eclass
> +++ b/eclass/git-r3.eclass
> @@ -105,10 +105,14 @@ fi
> # @ECLASS-VARIABLE: EGIT_REPO_URI
> # @REQUIRED
> # @DESCRIPTION:
> -# URIs to the repository, e.g. git://foo, https://foo. If multiple URIs
> -# are provided, the eclass will consider them as fallback URIs to try
> -# if the first URI does not work. For supported URI syntaxes, read up
> -# the manpage for git-clone(1).
> +# URIs to the repository, e.g. https://foo. If multiple URIs are
> +# provided, the eclass will consider the remaining URIs as fallbacks
> +# to try if the first URI does not work. For supported URI syntaxes,
> +# read up the manpage for git-clone(1).
> +#
> +# URIs should be using https:// whenever possible. http:// and git://
> +# URIs are unsafe and their use (even if only as a fallback) makes
> +# MITM attacks possible.
> #
> # It can be overriden via env using ${PN}_LIVE_REPO variable.
> #
> @@ -116,7 +120,7 @@ fi
> #
> # Example:
> # @CODE
> -# EGIT_REPO_URI="git://a/b.git https://c/d.git"
> +# EGIT_REPO_URI="https://a/b.git https://c/d.git"
> # @CODE
>
> # @ECLASS-VARIABLE: EVCS_OFFLINE
Committed.
--
Best regards,
Michał Górny
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic