While we are at it, we should maybe also take about SSL to avoid these kinds of downloads in future.
-Marco Aaron Markham <aaron.s.mark...@gmail.com> schrieb am Mi., 17. Juli 2019, 01:20: > Hi Hen, > We still have all of the these models that are referenced in this > issue: https://github.com/apache/incubator-mxnet/issues/15410 > I think it's a pretty big security breach to have systems that do > automatic downloading point to a malware site. Anything that fetches > binary data should be well secured and it really lowers trust if > assets send customers to malware sites. > There might be more. > > On Sat, Jul 13, 2019 at 1:00 PM Hen <bay...@apache.org> wrote: > > > > Nice work :) > > > > What other links does the project have that are outside Apache Infra > > control and have this risk? > > > > Outside of github.com/dmlc which is well known and iiuc in process for > > resolving. > > > > Hen > > > > > > On Tue, Jul 9, 2019 at 4:46 PM Aaron Markham <aaron.s.mark...@gmail.com> > > wrote: > > > > > The PR has passed CI. Please take a look. > > > https://github.com/apache/incubator-mxnet/pull/15454 > > > We really need to get rid of those malware links, and this does that, > > > restores the Julia docs with a local build, has CI coverage, and a new > > > Ubuntu guide (since I had to figure out how to use Julia and found our > > > docs for that were kind of broken). > > > Cheers, > > > Aaron > > > > > > On Thu, Jul 4, 2019 at 8:09 PM Iblis Lin <ib...@hs.ntnu.edu.tw> wrote: > > > > > > > > Hi, > > > > > > > > I will add +1 to the micro-site approach. > > > > Since I have tried to take the generated MD outputs from > > > > Julia's doc system, but the syntax is incompatible with > > > > the MD plugin of Sphinx. > > > > > > > > Iblis Lin > > > > 林峻頤 > > > > > > > > On 7/4/19 12:12 PM, Aaron Markham wrote: > > > > > Hi dev@, > > > > > In case you missed the issues with the dmlc.ml domain, it was let > go > > > > > or sniped and now goes to a malware site. [1] Several assets like > > > > > models and the Julia documentation were hosted there. > > > > > > > > > > I made some progress getting the Julia docs generated as part of > the > > > > > regular website build flow. [2] It'll work as long as you have > Julia > > > > > installed and configured with MXNet. I don't imagine you can use > it to > > > > > build the website natively on your mac or windows box at this point > > > > > because all of the CI and related instructions appear to be only > for > > > > > Ubuntu. That being said, I added an option to dev_menu.py so you > can > > > > > build the Julia docs with docker on whatever host you're on. > > > > > > > > > > I tried to bring in the markdown files and have the website theme > > > > > applied to them. Many things were then broken - in large part due > to > > > > > some bugs in the website code related to post processing and > injection > > > > > of dom elements. This would require a rewrite of the Julia docs to > > > > > workaround the existing website bugs. Rather than do this, I just > took > > > > > the Julia site output, which has its own look and feel and nested > in > > > > > Julia's API directory. This is much like how the scala docs and the > > > > > java docs are - using their own look and feel as a micro-site. I > feel > > > > > that this is the better approach for now. > > > > > > > > > > The PR for the Julia docs is here: > > > > > https://github.com/apache/incubator-mxnet/pull/15454 > > > > > > > > > > Ivy and I created several new issues to cover the broken links that > > > > > will need fixing. Models that need to be recovered or recreated and > > > > > uploaded to a new location. I have an s3 bucket that I've been > using > > > > > for some public assets like this, but I can't make progress on > fixing > > > > > those links when the models just don't exist. And I don't have the > > > > > bandwidth to regenerate the model zoo and validate the models. > > > > > > > > > > Any thoughts or suggestions are appreciated. > > > > > Happy 4th of July! > > > > > > > > > > [1] https://github.com/apache/incubator-mxnet/issues/15410 > > > > > [2] https://github.com/apache/incubator-mxnet/pull/15454 > > > > > > > > >
