Am So., 11. Aug. 2024 um 21:12 Uhr schrieb Tomi Ollila <[email protected]>: > > On Sat, Aug 10 2024, David Bremner wrote: > > > Apparently recent security related changes for git have broken our setup > > for download of the notmuch repo via git:// protocol. I think not much > > people use that, as it's been broken for months and nobody noticed until > > recently.
I noticed, switched to https and went ahead. > > Anyway, it's on my list of things to fix, but it's not really a > > priority. I'd welcome _good_ reasons why people cannot switch to to > > https, that might cause me to re-prioritize Port-wise, https:// should be possible for even more people than git:// > I recall the git:// worked to pull 2024-06-15 14:54 -0300 Marc Fargas ... > > Since then this change > > #url = git://notmuchmail.org/git/notmuch > url = http://git.notmuchmail.org/git/notmuch Disabling git:// by default follows a step taken by github about 2 years ago. The point is that https:// is encrypted and the authenticity of the server endpoint is checked "in the ssl sense". Offering/using that via http works but defeats the purpose. [Also, setting up https:// user authentication may or may not be easier than ssh.] Cheers Michael _______________________________________________ notmuch mailing list -- [email protected] To unsubscribe send an email to [email protected]
