Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
cmd/go/internal/get: isSecure does not parse Git repository URIs correctly #23855
go version go1.9.4 darwin/amd64
When Git parses a URL, it checks to see that the
Here's how to reproduce:
The resulting error message is:
This is incorrect, the actual protocol here is SSH and
While it uses SSH, it does not provide any encryption (https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols). So does it still qualify as being secure?
@fraenkel I am unsure what you mean by "it does not provide any encryption" . SSH provides both authentication and encryption. The only problem here is that the URL is parsed incorrectly... it is parsed as a Git protocol URL, which is incorrect, because it is actually an SSH URL.