Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
cmd/go: security fix broke bzr-inside-bzr repos #22157
@arthursapek in #22125 (comment) reports:
Indeed it was, because we are confident about git protecting well enough against git-in-git. I am honestly not as confident in bzr, which seems to have far less attention paid to it. Anything we enable here ends up in the trusted computing base for cmd/go (that is, it allows attacks on cmd/go users), so I'm really pretty reluctant to add this back.
But creating the issue anyway.
referenced this issue
Oct 5, 2017
Is there really a Bazaar repository at the path corresponding to import path
Have you verified that the "go-import" tags are correctly served for the
When I do