[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2017-02-17 Thread Assaf Gordon
Update of sr #109093 (project administration): Status:None => Done Assigned to:None => agn Open/Closed:Open => Closed ___

[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2017-02-08 Thread David A. Wheeler
Follow-up Comment #6, sr #109093 (project administration): I also think this has been completed. At the least, I can now use https: to access the GNU make git repos, and I could not do that before. My congrats to the Savannah admin team!

[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2017-02-08 Thread Paul D. Smith
Follow-up Comment #5, sr #109093 (project administration): I believe this has been completed, thanks to the excellent (and tireless) work of Bob Proulx and others on the Savannah and FSF admin teams. Please double-check and verify if this can be resolved.

[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2016-10-18 Thread anonymous
Follow-up Comment #4, sr #109093 (project administration): I might want to add that this is also criteria C6 of the GNU ethical repository criteria. https://www.gnu.org/software/repo-criteria.html It appears that this issue was overlooked in the evaluation of Savannah (given an A grade) https:

[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2016-08-03 Thread Paul D. Smith
Follow-up Comment #3, sr #109093 (project administration): This is something that would be very nice to see available... ___ Reply to this item at: __

[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2016-07-30 Thread David A. Wheeler
Follow-up Comment #2, sr #109093 (project administration): I agree, supporting HTTPS on the repo is critically important. This lack makes it easy for someone to launch a MITM attack on the code supported by Savannah. Note that the Linux Foundation's "best practices" badge makes HTTPS a minimum r

[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2016-07-13 Thread Demi Obenour
Follow-up Comment #1, sr #109093 (project administration): (I am the "anonymous" who made the initial report.) This really should be top priority. Savannah **already** has the needed TLS certificates! This is a security vulnerability that makes Savannah unusable to many (those who refuse to ins

[savannah-help-public] [sr #109093] Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport

2016-07-13 Thread anonymous
URL: Summary: Support and require cloning via https:// instead of git://, http://, svn://, or other insecure transport Project: Savannah Administration Submitted by: None Submitted on: Wed 13 Jul