Bug#812962: vcs-field-uses-insecure-uri sometimes misses things
Hi Paul!
* Paul Tagliamonte <paultag@debian.org>, 2016-01-27, 23:52:
| if ($parts[0] =~ m%^(?:git|http)://%) {
Which might miss some things, like "nosmart+http"[1].
I had a look at Vcs-* fields in the archive to see what we might be
missing.
* Arch: http:// only.
* Bzr: Apart from this "nosmart+"[0][2] thing, there are "lp:" URLs,
which bzr(1) seem to expand to http://bazaar.launchpad.net/; and if
you change it to https, it doesn't work. Ugh. :\
* CVS: All URLs in the wild are :pserver:, which I believe is
unencrypted and unauthenticated. Theoretically you could access CVS
via anonymous SSH but I don't know if any of these servers supports
this.
* Darcs: http:// and git://[1].
* Git: git://, http(s)://, SSH.
* Hg: http(s):// only.
* Monotone: Monotone is weird. Can be pretend that it doesn't exist for
the moment?
* Svn: http(s)://, svn://, SSH. I believe that svn:// is unencrypted and
unauthenticated.
[0] Is it documented anywhere? I couldn't find anything relevant.
[1] oO
[2] Hi, paultag![3]
[3] Did you know you can make a footnote loop?[4]
[4] Yes, you can![2]
--
Jakub Wilk
Reply to: