secure URIs for Vcs fields?
Hi,
there is a lintian warning when you use Vcs fields as described in:
http://debian-science.alioth.debian.org/debian-science-policy.html
But the browser and git fields are working with this setting.
When I follow the lintian recommendation
"Note that you can often just exchange e.g. git:// with https:// for repositories."
from this page
https://lintian.debian.org/tags/vcs-field-uses-insecure-uri.html
the way several packages have already done, ie:
Vcs-Browser: https://anonscm.debian.org/cgit/debian-science/packages/calculix-ccx.git
Vcs-Git: https://anonscm.debian.org/debian-science/packages/calculix-ccx.git
Vcs-Browser is working, however I think the Vcs-Git is not working:
cts@bunny:~/t>git clone https://anonscm.debian.org/debian-science/packages/calculix-ccx.git
Cloning into 'calculix-ccx'...
fatal: repository 'https://anonscm.debian.org/debian-science/packages/calculix-ccx.git/' not found
Or is it working, only I fail to understand it?
I have already changed this for another package, following an octave-*
package as example. This works (somehow) in the webbrowser, but not for git checkout
https://alioth.debian.org/anonscm/git/collab-maint/madbomber.git/
What is the recommended way (for debian-science packages) to handle Vcs-Git
entries in a secure way?
thanks,
Christian
Reply to: