Re: secure URIs for Vcs fields?
On 26.03.2016 20:36, Christian T. Steigies wrote:
> Hi,
> there is a lintian warning when you use Vcs fields as described in:
> http://debian-science.alioth.debian.org/debian-science-policy.html
>
> But the browser and git fields are working with this setting.
>
> When I follow the lintian recommendation
> "Note that you can often just exchange e.g. git:// with https:// for repositories."
> from this page
> https://lintian.debian.org/tags/vcs-field-uses-insecure-uri.html
>
> the way several packages have already done, ie:
>
> Vcs-Browser: https://anonscm.debian.org/cgit/debian-science/packages/calculix-ccx.git
> Vcs-Git: https://anonscm.debian.org/debian-science/packages/calculix-ccx.git
>
> Vcs-Browser is working, however I think the Vcs-Git is not working:
>
> cts@bunny:~/t>git clone https://anonscm.debian.org/debian-science/packages/calculix-ccx.git
> Cloning into 'calculix-ccx'...
> fatal: repository 'https://anonscm.debian.org/debian-science/packages/calculix-ccx.git/' not found
>
> Or is it working, only I fail to understand it?
>
> I have already changed this for another package, following an octave-*
> package as example. This works (somehow) in the webbrowser, but not for git checkout
>
> https://alioth.debian.org/anonscm/git/collab-maint/madbomber.git/
>
> What is the recommended way (for debian-science packages) to handle Vcs-Git
> entries in a secure way?
>
> thanks,
> Christian
Vcs-Git: https://anonscm.debian.org/git/debian-science/packages/calculix-ccx.git
DS
--
4096R/DF5182C8
http://www.danielstender.com/blog/
Reply to: