On Sun, 2016-10-30 at 20:55 -0400, Dave Reisner wrote: > Hi all, > > There's been a sizeable number of bugs filed over the past month or so > about changin PKGBUILDs to acquire sources from https rather than http. > Rather than continue to flood the bug tracker, would anyone mind if I > wrote a script to find instances of this and start a TODO list? This > would, of course, be low priority. Even if no one does anything, we at > least have a statement of work and can avoid having these "bugs" > littered around flyspray. > > Unless there's strong opposition to this (and I'd be very interested to > know why), I'll polish up my automation and create the list. > > d
Hello, The few BR that reached me also requested the addition of a .sig. As I use a transparent http cache at home (2Mb/s bandwidth), so far I only added the signature, and not the https as it breaks the cache. Except the confidentiality of the request, what's the point to force https? Cheers, -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A
signature.asc
Description: This is a digitally signed message part