Greetings, Clojure hackers. Due to the recent vulnerability in Bash[1], the scp-based deploy services on clojars.org has been disabled for the time being.
If you have been using this (as opposed to the HTTPS deploy used by `lein deploy clojars` and `maven deploy`), we'd be interested in hearing From you. In particular we would like to know reasons why you haven't upgraded, assuming it's not just "I started on scp and it worked well, so I never saw the need to change anything." If you haven't tried HTTPS-based deploys, now would be a great time to do so and see if they work for you. If not, let us know why, either here or on the Leiningen issue tracker[2]. The HTTPS-based deploys are definitely a superior implementation that we encourage. We would like to bring scp deploys back online in the near future, but as you know Clojars is a volunteer-run service without many resources, and we have no immediate timeline for this. -Phil [1] - http://seclists.org/oss-sec/2014/q3/650 [2] - https://github.com/technomancy/leiningen/issues/new
pgpptBQYBaGvv.pgp
Description: PGP signature
