| Summary: | Allow read-only git clone over https | ||
|---|---|---|---|
| Product: | Libre-SOC Website | Reporter: | Jacob Lifshay <programmerjake> |
| Component: | website | Assignee: | Luke Kenneth Casson Leighton <lkcl> |
| Status: | RESOLVED FIXED | ||
| Severity: | enhancement | CC: | libre-soc-bugs, veerakumar.r |
| Priority: | --- | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | All | ||
| See Also: | https://bugs.libre-soc.org/show_bug.cgi?id=322 | ||
| NLnet milestone: | --- | total budget (EUR) for completion of task and all subtasks: | 0 |
| budget (EUR) for this task, excluding subtasks' budget: | 0 | parent task for budget allocation: | |
| child tasks for budget allocation: | The table of payments (in EUR) for this task; TOML format: | ||
|
Description
Jacob Lifshay
2020-03-25 22:12:49 GMT
A potentially useful reference (not known to be correct): http://swarm.cs.pub.ro/~razvan/blog/http-repository-sharing-asides-gitweb/ Showing the URL required for cloning is a good accessibility improvement. Yes. git protocol is insecure over untrusted network as documented in official git-scm.org site itself. Please use new protocol for http/https protocol and not the old dumb protocol. hmm really we should be doing git tag signing and/or git commit sign-off, with gpg keys. relying on HTTPS in particular for security just paints a bullseye on the server. changing the topic of this bugreport. (In reply to Luke Kenneth Casson Leighton from comment #4) > changing the topic of this bugreport. Luke changed back to avoid confusion. Sincere thanks for taking the extra time! |