On 21.03.2023 18:33, Demi Marie Obenour wrote: > Obtaining code over an insecure transport is a terrible idea for > blatently obvious reasons. Even for non-executable data, insecure > transports are considered deprecated. > > This patch enforces the use of secure transports for all xenbits.xen.org > URLs. All altered links have been tested and are known to work. > > Signed-off-by: Demi Marie Obenour <d...@invisiblethingslab.com>
A patch of (almost) this title was already committed and then partly reverted, as it had become clear that ... > --- a/Config.mk > +++ b/Config.mk > @@ -191,7 +191,7 @@ APPEND_CFLAGS += $(foreach i, $(APPEND_INCLUDES), -I$(i)) > EMBEDDED_EXTRA_CFLAGS := -fno-pie -fno-stack-protector > -fno-stack-protector-all > EMBEDDED_EXTRA_CFLAGS += -fno-exceptions -fno-asynchronous-unwind-tables > > -XEN_EXTFILES_URL ?= http://xenbits.xen.org/xen-extfiles > +XEN_EXTFILES_URL ?= https://xenbits.xen.org/xen-extfiles ... this really is part of the build system. Hence I wonder why this wasn't folded into patch 4 (as it should have been from the beginning, which then also would have avoided the noise about committing the patch too early). Jan
