Bug#812962: vcs-field-uses-insecure-uri sometimes misses things

[Jakub Wilk <jwilk@debian.org>]

Hi Paul!

* Paul Tagliamonte <paultag@debian.org>, 2016-01-27, 23:52:
> | if ($parts[0] =~ m%^(?:git|http)://%) {
>
> Which might miss some things, like "nosmart+http"[1].

I had a look at Vcs-* fields in the archive to see what we might be 
missing.

* Arch: http:// only.

* Bzr: Apart from this "nosmart+"[0][2] thing, there are "lp:" URLs, 
which bzr(1) seem to expand to http://bazaar.launchpad.net/; and if 
you change it to https, it doesn't work. Ugh. :\

* CVS: All URLs in the wild are :pserver:, which I believe is 
unencrypted and unauthenticated. Theoretically you could access CVS 
via anonymous SSH but I don't know if any of these servers supports 
this.

* Darcs: http:// and git://[1].

* Git: git://, http(s)://, SSH.

* Hg: http(s):// only.

* Monotone: Monotone is weird. Can be pretend that it doesn't exist for 
the moment?

* Svn: http(s)://, svn://, SSH. I believe that svn:// is unencrypted and 
unauthenticated.


[0] Is it documented anywhere? I couldn't find anything relevant.
[1] oO
[2] Hi, paultag![3]
[3] Did you know you can make a footnote loop?[4]
[4] Yes, you can![2]

--
Jakub Wilk