Coming from https://forums.gentoo.org/viewtopic-t-1010608.html ... As the http mirrors of overlay.gentoo.org are down for a while now (see http://infra-status.gentoo.org/) and I also need some overlays in http-proxied environments I already asked for adding a fallback to the mirror http://cgit.gentooexperimental.org/user into layman's repositories.xml. This is done already. But there are still some overlays missing on that mirror, but some have private github clones: vaca: https://github.com/hashashin/gentoo-vaca-overlay.git unity-gentoo: https://github.com/shiznix/unity-gentoo.git raiagent: https://github.com/leycec/raiagent.git rasdark: https://github.com/rasdark/overlay.git Please add to repositories.xml Reproducible: Always
Okay, as a new/old service is up again: http://anongit.gentoo.org/git/ This would be preferred as a central fall back of course instead of the private repos. Would be nice if this fallback would used by the generic url/protocol variations switcher layman already supports. If developers are pushing to their private repos in general and the gentoo.org mirrors are just pulling from there with some delay, having the original private repos as last fallback for every repo could be nice anyway, side by side with the project homepage already there.
This is a request to have all @gentoo.org based git repos in layman's repositories.xml be updated to include all available urls and protocol types possible by the servers serving them.
(In reply to Brian Dolbec from comment #2) > This is a request to have all @gentoo.org based git repos in layman's > repositories.xml be updated to include all available urls and protocol types > possible by the servers serving them. I have concerns on security with this approach. In short, git:// and http:// are vulnerable to man-in-the-middle attacks. While that alone is bad enough, users run ebuilds with root permissions. So I would rather get these protocols off the layman registry altogether, than adding new URLs of that scheme. I have raised the topic to the gentoo-dev mailing list: https://archives.gentoo.org/gentoo-dev/message/0876ab16faa7f2f778c4a41c73442a62 http://thread.gmane.org/gmane.linux.gentoo.devel/95343 Best, Sebastian
PS: I'd be very happy about https://, though.
To raise this up again, please add another overlay: rion: https://github.com/rion-overlay/rion-overlay
rion updated.
*** Bug 585790 has been marked as a duplicate of this bug. ***
Thanks, please update some more: $ for overlay in mva-overlay raiagent rainyday rasdark rion unity-gentoo vaca;do curl https://api.gentoo.org/overlays/repositories.xml 2>/dev/null |grep "<source.*http.*${overlay}.*</source>" >/dev/null && echo -e "${overlay} [OK]" || echo -e "${overlay} [Missing]";done mva-overlay [Missing] raiagent [Missing] rainyday [Missing] rasdark [Missing] rion [OK] unity-gentoo [Missing] vaca [Missing] mva-overlay: https://github.com/msva/mva-overlay raiagent: https://github.com/leycec/raiagent rainyday: https://github.com/iegor/rainyday rasdark: https://github.com/rasdark/overlay unity-gentoo: https://github.com/shiznix/unity-gentoo vaca: https://github.com/hashashin/gentoo-vaca-overlay
Please file a pull request @ https://github.com/gentoo/api-gentoo-org. Thanks.
-> https://github.com/gentoo/api-gentoo-org/pull/40
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/data/api.git/commit/?id=e1e9e9bbeccc45416cf663af761854fa8b4aaa07 commit e1e9e9bbeccc45416cf663af761854fa8b4aaa07 Author: Michael Palimaka <kensington@gentoo.org> AuthorDate: 2017-12-25 01:22:53 +0000 Commit: Michael Palimaka <kensington@gentoo.org> CommitDate: 2017-12-25 01:23:26 +0000 repositories: use https Closes: https://bugs.gentoo.org/542340 files/overlays/repositories.xml | 108 ++++++++++++++++++++-------------------- 1 file changed, 54 insertions(+), 54 deletions(-)
