Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8231870: CrossLibs script for armv6hf toolchain download fails #8
8231870: CrossLibs script for armv6hf toolchain download fails #8
Changes from all commits
bb4bcc9File filter...
Jump to…
kevinrushforthOct 7, 2019
Member
The use of
http://URLs to download artifacts is strongly discouraged, since it isn't secure. Is there a validhttps://URL that can be used instead? I note that just substitutinghttpwithhttpsin the above URL does not work.octylFractalOct 7, 2019
In general a lot of Debian package URLs are not HTTPS by default because of apt's built-in signature checking, https://whydoesaptnotusehttps.com/. However, it does seem like it should at least be supported, so it might be a bug in the
debian.orgserver config.Additionally, I see that the
getPackagescommand doesn't check these signatures. It probably should, but that's another PR.kevinrushforthOct 7, 2019
Member
Same comment hear about using an
httpsURL if possible.