To allay concerns about adversary-in-the-middle attacks for people who
build from Git, I installed the attached.From 407d8af1164de70fb02fce2eea01160de13a0feb Mon Sep 17 00:00:00 2001
From: Paul Eggert <egg...@cs.ucla.edu>
Date: Sat, 4 Feb 2023 11:53:50 -0800
Subject: [PATCH] maint: prefer https: to git:
The idea is to defend against some adversary-in-the-middle attacks.
---
.gitmodules | 2 +-
HACKING | 4 ++--
README-hacking | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.gitmodules b/.gitmodules
index bb9e1baf5..9993f5527 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,3 @@
[submodule "gnulib"]
path = gnulib
- url = git://git.sv.gnu.org/gnulib.git
+ url = https://git.savannah.gnu.org/git/gnulib.git
diff --git a/HACKING b/HACKING
index 997dd90df..11f3967ec 100644
--- a/HACKING
+++ b/HACKING
@@ -20,7 +20,7 @@ Use the latest upstream sources
Base any changes you make on the latest upstream sources.
You can get a copy of the latest with this command:
- git clone git://git.sv.gnu.org/coreutils
+ git clone https://git.savannah.gnu.org/git/coreutils.git
cd coreutils
That downloads the entire repository, including revision control history
@@ -95,7 +95,7 @@ Make your changes on a private "topic" branch
=============================================
So you checked out coreutils like this:
- git clone git://git.sv.gnu.org/coreutils
+ git clone https://git.savannah.gnu.org/git/coreutils.git
Now, cd into the coreutils/ directory and run:
diff --git a/README-hacking b/README-hacking
index bc484638d..bd54844a2 100644
--- a/README-hacking
+++ b/README-hacking
@@ -27,7 +27,7 @@ few prerequisites, later, a plain 'git pull && make' typically suffices.
You can get a copy of the source repository like this:
- $ git clone git://git.sv.gnu.org/<packagename>
+ $ git clone https://git.savannah.gnu.org/git/<packagename>
$ cd <packagename>
where '<packagename>' stands for 'coreutils' or whatever other package
--
2.37.2
