Turns out that the bower registry doesn't actually support https. Git does - so we can prove authenticity of the code - but the address lookup that tells us which git url to pull from? Not so much.
I'm still digging, but unless we can get that fixed upstream (or can get everyone to be ok with not loading things over https), the best we can expect from bower is switching over to using git url's pointed at our xstatic packages. I'll put the rest of my findings on the review. Michael On Mon, Mar 9, 2015 at 12:33 PM Matthew Farina <m...@mattfarina.com> wrote: > Richard, thanks for sharing this. I hope we can move to bower sooner > rather than later. > > On Sat, Mar 7, 2015 at 5:26 PM, Richard Jones <r1chardj0...@gmail.com> > wrote: > >> On Sun, 8 Mar 2015 at 04:59 Michael Krotscheck <krotsch...@gmail.com> >> wrote: >> >>> Anyone wanna hack on a bower mirror puppet module with me? >>> >> >> BTW are you aware of this spec for bower/Horizon/infra? >> >> https://review.openstack.org/#/c/154297/ >> >> >> Richard >> >> >> __________________________________________________________________________ >> OpenStack Development Mailing List (not for usage questions) >> Unsubscribe: >> openstack-dev-requ...@lists.openstack.org?subject:unsubscribe >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
