[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: secure URIs for Vcs fields?

On 26.03.2016 20:36, Christian T. Steigies wrote:
> Hi,
> there is a lintian warning when you use Vcs fields as described in:
> http://debian-science.alioth.debian.org/debian-science-policy.html
> 
> But the browser and git fields are working with this setting.
> 
> When I follow the lintian recommendation
> "Note that you can often just exchange e.g. git:// with https:// for repositories."
> from this page
> https://lintian.debian.org/tags/vcs-field-uses-insecure-uri.html
> 
> the way several packages have already done, ie:
> 
> Vcs-Browser: https://anonscm.debian.org/cgit/debian-science/packages/calculix-ccx.git
> Vcs-Git: https://anonscm.debian.org/debian-science/packages/calculix-ccx.git
> 
> Vcs-Browser is working, however I think the Vcs-Git is not working: 
> 
> cts@bunny:~/t>git clone https://anonscm.debian.org/debian-science/packages/calculix-ccx.git
> Cloning into 'calculix-ccx'...
> fatal: repository 'https://anonscm.debian.org/debian-science/packages/calculix-ccx.git/' not found
> 
> Or is it working, only I fail to understand it?
> 
> I have already changed this for another package, following an octave-*
> package as example. This works (somehow) in the webbrowser, but not for git checkout
> 
> https://alioth.debian.org/anonscm/git/collab-maint/madbomber.git/
> 
> What is the recommended way (for debian-science packages) to handle Vcs-Git
> entries in a secure way?
> 
> thanks,
> Christian

Vcs-Git: https://anonscm.debian.org/git/debian-science/packages/calculix-ccx.git

DS

-- 
4096R/DF5182C8
http://www.danielstender.com/blog/
Reply to: