Hello,
In trying to upgrade via:
sudo port upgrade outdated
I encountered the following error:
---> Fetching netpbm
Error: Target org.macports.fetch returned: Subversion check out
failed
Log for netpbm is at: /opt/local/var/macports/logs/
_opt_local_var_macports_sources_rsync
.macports.org_release_ports_graphics_netpbm/netpbm/main.log
Error: Unable to upgrade port: 1
To report a bug, see
<http://guide.macports.org/#project.tickets>
When looking up the bug reports, I found a ticket issued against this
error designated as will not fix for the following reason:
Thank you for your report. However, I won't be making this
change.
I think that Subversion should not be used over HTTP at this time,
as there is no good way to assure that data has not been tampered
with. Portfiles that use HTTP to fetch regular tarfiles simply use a
checksum to verify the integrity of the downloaded file. This is not
an option when using Subversion. Transferring data over an encrypted
connection using HTTPS alleviates this problem somewhat, albeit not
completely fixing it (there might still have been an attack on the svn
server). Completely foregoing any security just as a workaround for
users whose network connection has isolated defects is not a good
idea, in my humble opinion.
How does this error get corrected if the maintainer is unwilling to
fix an obvious defect?
Frank J. R. Hanstick
[email protected]
_______________________________________________
macports-users mailing list
[email protected]
http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
