On Jun 6, 2023, at 20:16, raf wrote: > That still leaves the question of how 10.6.8 hosts can download distfiles > from a non-https site (when https sites won't support TLS 1.0). Do distfiles > magically end up on http://distfiles.macports.org?
Yes. Well, it's not magical, but it is automatic. When commits are made to the master branch of macports-ports, a notification is sent by GitHub to our buildbot system. It evaluates each commit and determines which of the ports that were modified need to be built. For each one, it downloads its distfiles (if they haven't already been downloaded) to the distfiles area of a private fileserver, and then it builds it for each compatible macOS version. After a successful build, binary archives are uploaded to the packages area of the private fileserver. On an hourly basis, the contents of the private fileserver are mirrored to the public master fileserver, and within hours after that, the other MacPorts mirror servers synchronize their contents with the master. If you like to watch what the buildbot is doing you can visit https://build.macports.org/waterfall Each of our mirror servers have different capabilities and requirements when it comes to https. MacPorts is configured to know which mirror server is able to be reached via https on each version of macOS. The code that does that is here for distfiles: https://github.com/macports/macports-ports/blob/dbf0d04659eb119cdec6a4c3fef62473cccc45c6/_resources/port1.0/fetch/mirror_sites.tcl#L410-L464 and here for archives: https://github.com/macports/macports-ports/blob/dbf0d04659eb119cdec6a4c3fef62473cccc45c6/_resources/port1.0/fetch/archive_sites.tcl#L3-L55
