On Sat, 2022-02-05 at 21:06 -0500, Mike Frysinger wrote:
> On 05 Feb 2022 15:15, Alex Ameen wrote:
> > This is a good question. I plan on making a new release this month.
> >
> > When I first adopted the project I ambitiously thought I'd manage to
> > create a new release after about a month; but
FWIW, libtool is a particularly difficult code base to release. Long
history, many users, multi-platform, ...
I would personally recommend the "slow" process unless you are confident
this release will "do no harm". It was made for a reason, even if it
feels nobody is participating. Relax, p
On Sun, Feb 6, 2022 at 11:57 AM Daniel Herring wrote:
> I would personally recommend the "slow" process unless you are confident
> this release will "do no harm".
Hasn't it been slow enough already? Some say the project is finished.
On Sun, 6 Feb 2022, Daniel Herring wrote:
In my opinion, frequent slow releases are way better than rare fast releases.
That may be true for some software, but libtool has a really good test
suite so if tests pass, there is high confidence of quality for the
systems it has been executed on.
On 06 Feb 2022 11:56, Daniel Herring wrote:
> FWIW, libtool is a particularly difficult code base to release. Long
> history, many users, multi-platform, ...
>
> I would personally recommend the "slow" process unless you are confident
> this release will "do no harm". It was made for a reason,
The .gitmodules file contains:
[submodule "gnulib"]
path = gnulib
url = git://git.sv.gnu.org/gnulib.git
[submodule "bootstrap"]
path = gl-mod/bootstrap
url = https://github.com/gnulib-modules/bootstrap.git
but AFAIK, there is no host authentication done with the "g
On 2022-02-06 21:22:11 +0100, Vincent Lefevre wrote:
> The .gitmodules file contains:
>
> [submodule "gnulib"]
> path = gnulib
> url = git://git.sv.gnu.org/gnulib.git
> [submodule "bootstrap"]
> path = gl-mod/bootstrap
> url = https://github.com/gnulib-modules/boots
Hey, I can't claim to be an expert about this category of vulnerability;
but I appreciate you raising this concern.
So is your recommendation to use
https://git.savannah.gnu.org/git/gnulib.git instead of
git://git.sv.gnu.org/gnulib.git?
On 2/6/22 2:26 PM, Vincent Lefevre wrote:
On 2022-02-0
On 2022-02-06 14:59:00 -0600, Alex Ameen wrote:
> Hey, I can't claim to be an expert about this category of vulnerability; but
> I appreciate you raising this concern.
>
> So is your recommendation to use https://git.savannah.gnu.org/git/gnulib.git
> instead of git://git.sv.gnu.org/gnulib.git?
Ye
On 06 Feb 2022 14:59, Alex Ameen wrote:
> Hey, I can't claim to be an expert about this category of vulnerability;
> but I appreciate you raising this concern.
it requires more than a MITM to be successful. you'd also have to come up with
a sha1 collision which is non-trivial for most people. n
On 2022-02-06 16:43:47 -0500, Mike Frysinger wrote:
> it requires more than a MITM to be successful. you'd also have to
> come up with a sha1 collision which is non-trivial for most people.
> not out of the reach of nation states, but we prob aren't the target
> market :p.
I don't understand why y
On 07 Feb 2022 00:19, Vincent Lefevre wrote:
> On 2022-02-06 16:43:47 -0500, Mike Frysinger wrote:
> > it requires more than a MITM to be successful. you'd also have to
> > come up with a sha1 collision which is non-trivial for most people.
> > not out of the reach of nation states, but we prob are
12 matches
Mail list logo
