From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 8291F1396D0 for ; Sun, 20 Aug 2017 18:05:43 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4E2EFE0DC9; Sun, 20 Aug 2017 18:05:37 +0000 (UTC) Received: from mail-oi0-x243.google.com (mail-oi0-x243.google.com [IPv6:2607:f8b0:4003:c06::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id EAAB1E0C5C for ; Sun, 20 Aug 2017 18:05:36 +0000 (UTC) Received: by mail-oi0-x243.google.com with SMTP id j144so1665003oib.5 for ; Sun, 20 Aug 2017 11:05:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:mail-followup-to :references:mime-version:content-disposition:in-reply-to:user-agent; bh=A8OklVDsq4FpJ0Xrh4Q/7KuhfCT3n0DTj/OcrKE5LsU=; b=ONfAuQ1UB4yl4ePieldxPzNyZjVKRQdgM/57zeiXJB6E++bn/37cJgjH8qVrxx7ZqY 0GJepO2TLfAWvfuciHyl4+mEB6xZeLntklBoDjk31zpI0fD5iXHx2jQzBdn9vZePMgP8 p+WEJTV409A1NyBLZggpOVyXJeXicnDvCgdNfw4SSJWOTdqrdoJ9XjKvho7PM6ahtQpd 5mhVG3IuF6NgKGCGih9eROxDQhbdv2+mpZZl6Uqm0XCOr+X2e8f+ByJusFXti21jhSD5 xf++LK9fCgWWj1onzp1h8Ig1gCljHkNoZ00zVC09/pdrQsyU6zAmme1C8hW/B9Hq7UVk bmwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=A8OklVDsq4FpJ0Xrh4Q/7KuhfCT3n0DTj/OcrKE5LsU=; b=B/1e6o5FdJ5N6RiyHK4NcJWFonVxaH2p0TqR5t5dIwctXFVyaRLYfBSvtUT8go8hTB h32972bc/BOgkVvxOEdhaGX+oxzNMdfgnTsI8fRjBM3Cj2OW0Y8ch1gFuKDcX9UHrPS+ KvJcFbExS0yNzorsfju5Gpt/v5P+I8NiwQWjW2JyOnCeXWkXhZLr37L4kSWXnEo/rCD7 57khVJFTT7KXf8YTyi7nG9/iAvuzWPo1t6plWtjEGbAs5qA46lTZb2A921jp7bq8O0zw ISaG4qNAcJVVkOFKQO1PPL6NkklGkA8h2NI+gGCd0CfabnSKuqVE7YoGcUrSDmFCsr5R 7GkA== X-Gm-Message-State: AHYfb5g0TMqybrWBh3CLhi6PglFbIwG7l6HmEc7mPItNS+SmfFakSJa8 lke8QyXee9hEKJlG X-Received: by 10.202.51.3 with SMTP id z3mr14323964oiz.188.1503252335764; Sun, 20 Aug 2017 11:05:35 -0700 (PDT) Received: from linux1 (cpe-66-68-34-247.austin.res.rr.com. [66.68.34.247]) by smtp.gmail.com with ESMTPSA id w127sm11670327oia.22.2017.08.20.11.05.34 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 20 Aug 2017 11:05:35 -0700 (PDT) Sender: William Hubbs Received: (nullmailer pid 1127 invoked by uid 1000); Sun, 20 Aug 2017 18:05:34 -0000 Date: Sun, 20 Aug 2017 13:05:34 -0500 From: William Hubbs To: gentoo-dev@lists.gentoo.org Cc: =?utf-8?B?TWljaGHFgiBHw7Nybnk=?= Subject: Re: [gentoo-dev] [PATCH 1/2] git-r3.eclass: Update docs to discourage unsafe protocols Message-ID: <20170820180534.GA920@linux1.home> Mail-Followup-To: gentoo-dev@lists.gentoo.org, =?utf-8?B?TWljaGHFgiBHw7Nybnk=?= References: <20170819082502.27716-1-mgorny@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="BOKacYhQ+x31HxR3" Content-Disposition: inline In-Reply-To: <20170819082502.27716-1-mgorny@gentoo.org> User-Agent: Mutt/1.7.2 (2016-11-26) X-Archives-Salt: ddf9835b-c81d-48ab-8c65-82f66ef8a36a X-Archives-Hash: e02bd985e6946a1fe6428e96d6822194 --BOKacYhQ+x31HxR3 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Aug 19, 2017 at 10:25:01AM +0200, Micha=C5=82 G=C3=B3rny wrote: > --- > eclass/git-r3.eclass | 14 +++++++++----- > 1 file changed, 9 insertions(+), 5 deletions(-) >=20 > diff --git a/eclass/git-r3.eclass b/eclass/git-r3.eclass > index bc7d4d920299..42b586811368 100644 > --- a/eclass/git-r3.eclass > +++ b/eclass/git-r3.eclass > @@ -105,10 +105,14 @@ fi > # @ECLASS-VARIABLE: EGIT_REPO_URI > # @REQUIRED > # @DESCRIPTION: > -# URIs to the repository, e.g. git://foo, https://foo. If multiple URIs > -# are provided, the eclass will consider them as fallback URIs to try > -# if the first URI does not work. For supported URI syntaxes, read up > -# the manpage for git-clone(1). > +# URIs to the repository, e.g. https://foo. If multiple URIs are > +# provided, the eclass will consider the remaining URIs as fallbacks > +# to try if the first URI does not work. For supported URI syntaxes, > +# read up the manpage for git-clone(1). s/read up/read/ > +# URIs should be using https:// whenever possible. http:// and git:// > +# URIs are unsafe and their use (even if only as a fallback) makes > +# MITM attacks possible. > # > # It can be overriden via env using ${PN}_LIVE_REPO variable. s/overriden/overridden/ Thanks, William --BOKacYhQ+x31HxR3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQTVeuxEZo4uUHOkQAluVBb0MMRlOAUCWZnPaAAKCRBuVBb0MMRl OE35AJ9ft+1krTyYLZhDjgErpjGnM9AS3QCaAoKpUFe0UtmtnVF4a34szUsYhVw= =UP4K -----END PGP SIGNATURE----- --BOKacYhQ+x31HxR3--