On Saturday, March 30th, 2024 at 15:06, Rob Landley <r...@landley.net> wrote:
> FYI, Microsoft Github disabled the xz repository because it became
> "controversial" (I.E. there was an exploit in the news).
> https://social.coop/@eb/112182149429056593
> https://github.com/tukaani-project/xz

They couldn't have removed commit access for the trojan horse and got on with 
their lives?

> I'm assuming if toybox ever has a significant bug, microsoft would respond by
> deleting the toybox repository. There's a reason that I have
> https://landley.net/toybox/git on my website, and my send.sh script pushes to
> that before pushing to microsoft github.

As much as it doesn't matter, I've wondered what git web frontend you use, The 
html source for
the massive table of commits doesn't give a copyright notice. Do you just have 
a script make
a table out of "git log"? Furthermore, have you considered using cgit or gitea 
or another
fancier git frontend for your own site?

There is also the issue of you not being able to push commits to the github 
repo because
github is forcing everyone to use 2FA.

> Luckily the xz guys don't seem to trust microsoft github either, because the
> upstream of the xz-embedded repo with the public domain code I cloned is:
> https://git.tukaani.org/xz-embedded.git
> Which is still available.

-   Oliver Webb <aquahobby...@proton.me>

Toybox mailing list

Reply via email to