New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AVRO 2404: Fix insecure urls. #529
AVRO 2404: Fix insecure urls. #529
Conversation
I don't think that we should replace each http to https, especially not those which are in license header. We should only use secure URLs for downloading artifacts no? |
@nandorKollar We can do it that way. |
@nielsbasjes I see, though I'm not strongly agains replacing everything to secure URL, my concern in this case is that it can cause unwanted merge conflicts (especially during backporting). Does Rat check pass with the changed license header too? I'm not sure how did you replace the protocol to https, but maybe not every URL has a corresponding secure version, pointing to an invalid url after changing (in case you used script for this, then probably this is not a valid concern :) ). In addition, it looks like there are some URLs which still use http, but looks like have a secure endpoint too, for example http://www.exolab.org |
lang/csharp/src/apache/ipc.test/GeneratedFiles/org/apache/avro/test/All.cs
Show resolved
Hide resolved
{ | ||
// Presumably no match on the exception, throw the original | ||
throw error; | ||
try |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, for some reason Github tells that there was some modification, what? It seems unrelated to insecure urls.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Strange, When doing a git blame on my machine I only see the copyright url change near the top of the file.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Found it: There were trailing spaces on those lines. Although it appears that I introduced them ... strange.
@@ -87,8 +87,8 @@ public override object ReadResponse(Schema writer, Schema reader, Decoder decode | |||
|
|||
public override Exception ReadError(Schema writer, Schema reader, Decoder decoder) | |||
{ | |||
var response = new SpecificReader<object>(writer, reader).Read(null, decoder); | |||
|
|||
var response = new SpecificReader<object>(writer, reader).Read(null, decoder); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems unrelated too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Strange, When doing a git blame on my machine I only see the copyright url change near the top of the file.
The rat check passes because I added the config to allow the https link. |
@nielsbasjes any update on this? Great work so far, but I think we should get this in ASAP. |
4255501
to
3442c02
Compare
3442c02
to
7516358
Compare
Cleaned up the changes.
|
7516358
to
8ffef3e
Compare
I'm manually checking the documentation links.
|
To quickly find a usable list of remaining urls I used this bash command:
The only remaining this at this point is the same for both py and py3:
My python knowledge is to limited to know if this needs to be fixed or not. At least with this set of changes the entire build uses secured transport and we are now able to quickly find all insecure usecases more quickly. Please review |
8ffef3e
to
bda5c1d
Compare
Thanks Niels for taking care of this! 👏 |
@Fokko : This has been committed on master ONLY. |
Yes, we should |
I'm checking the cherry picked branch-1.9 edition against CI by simply creating a new pull request: #564 |
No description provided.