On Sun, 2016-10-30 at 20:55 -0400, Dave Reisner wrote:
Hi all,
There's been a sizeable number of bugs filed over the past month or so about changin PKGBUILDs to acquire sources from https rather than http. Rather than continue to flood the bug tracker, would anyone mind if I wrote a script to find instances of this and start a TODO list? This would, of course, be low priority. Even if no one does anything, we at least have a statement of work and can avoid having these "bugs" littered around flyspray.
Unless there's strong opposition to this (and I'd be very interested to know why), I'll polish up my automation and create the list.
d
Hello, The few BR that reached me also requested the addition of a .sig. As I use a transparent http cache at home (2Mb/s bandwidth), so far I only added the signature, and not the https as it breaks the cache. Except the confidentiality of the request, what's the point to force https? Cheers, -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A