Le 11/03/2017 à 19:32, Eitan Adler a écrit : > On 11 March 2017 at 09:13, Tijl Coosemans <t...@freebsd.org> wrote: >> On Sat, 11 Mar 2017 12:18:51 +0000 (UTC) jbe...@freebsd.org (Jan Beich) >> wrote: >>> Tijl Coosemans <t...@freebsd.org> writes: >>>> On Sat, 11 Mar 2017 10:53:01 +0100 (CET) Gerald Pfeifer >>>> <ger...@pfeifer.com> wrote: >>>>> As some of you may have seen, I have done a bit of work on >>>>> bsd.sites.mk recently. >>>>> >>>>> One question I ran into: If a site offers both HTTPS and HTTP, >>>>> which of the two do we prefer? (Or do we want to list both?) >>>> https first for people that run 'make makesum'. >>> It was made MITM-friendly sometime ago. >>> >>> https://svnweb.freebsd.org/changeset/ports/324051 >> Ugh, can portmgr approve the attached patch? > I can't approve on behalf of portmgr but I'd like to echo this > request on behalf of ports-secteam. Maintainers rarely verify the > hashes that makesum generates. > > I wish we can go further and filter out non-HTTPS sites during makesum.
This should be pretty easy to do with the existing MASTER_SORT feature. -- Mathieu Arnold
signature.asc
Description: OpenPGP digital signature