[DRE-maint] Bug#951008: gem2deb: dh-make-ruby generates insecure URLs
Marc Dequènes (duck)
duck at duckcorp.org
Sun Feb 9 18:36:25 GMT 2020
Package: gem2deb
Version: 1.0.4
Severity: important
Quack,
When updating a package with the recently updated "new-upstream" script
it calls dh-make-ruby. This results in the Homepage URL in
debian/control to switch to insecure, and the newly generated
debian/upstream/metadata file to contains insecure URLs.
Calling the script without --offline does not change anything (it might
have tested available URLs).
Anyway, I think nowadays insecure URLs are exceptions and our tools must
default to using HTTPS (and the maintainer can override if there is no
other way to reach upstream's website).
Regards.
\_o<
--
Marc Dequènes
More information about the Pkg-ruby-extras-maintainers
mailing list