On 2022-02-06 14:59:00 -0600, Alex Ameen wrote:
> Hey, I can't claim to be an expert about this category of vulnerability; but
> I appreciate you raising this concern.
>
> So is your recommendation to use https://git.savannah.gnu.org/git/gnulib.git
> instead of git://git.sv.gnu.org/gnulib.git?
Yes, I've tried (see attached patch), and I couldn't see any issue.
BTW, in addition to security, https is now the recommended protocol.
Perhaps one day, "git:" will be abandoned at gnu.org, so that the
change would be needed anyway.
--
Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
diff --git a/.gitmodules b/.gitmodules
index 571bed63..8b4b1020 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,6 +1,6 @@
[submodule "gnulib"]
path = gnulib
- url = git://git.sv.gnu.org/gnulib.git
+ url = https://git.savannah.gnu.org/git/gnulib.git
[submodule "bootstrap"]
path = gl-mod/bootstrap
url = https://github.com/gnulib-modules/bootstrap.git
