On Thu, 19 Mar 2020 14:39:13 +0200, Damyan Ivanov wrote: > > > But to fully measure the impact, it would be nice to have the number > > > of failing packages built with a patched HTTP::Tiny. > > I have one small concern: As the change is about checking remote SSL > > certs, and tests don't/can't/must not call out to the internet, is it > > possible that we won't really catch all potential issues? > Noted. The test rebuilds should be done without the usual isolation > from the Internet. > I guess a closer inspection of the affected packages is needed.
Hi Dam and all,
did you or anyone else get to look into this rebuild effort?
If not, Dom said that he could also try the rebuilds on
perl.debian.net.
Notes:
- HTTP::Tiny is in perl core and in libhttp-tiny-perl;
- The required change looks like a one-character-patch:
lib/HTTP/Tiny.pm: verify_SSL => $args{verify_SSL} ||
$args{verify_ssl} || 0, # no verification by default
- The tests should be run with internet enabled as much as possible.
Cheers,
gregor
--
.''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org
: :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06
`. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
`- NP: Simon & Garfunkel: Blessed
signature.asc
Description: Digital Signature
