We don't have a global configuration for mercurial yet. So at least a template with comments would be useful. In my opinion at least our CA [1] should be enabled here if we thrust our app-misc/ca-certificates: $ cat /etc/mercurial/hgrc [web] cacerts = /etc/ssl/certs/ca-certificates.crt [1] http://mercurial.selenic.com/wiki/CACertificates
Good idea.
*** Bug 437964 has been marked as a duplicate of this bug. ***
Agreed with Massimo Burcheri we just rediscovered this solution and created duplicate bug here :P someone take action on it please
(In reply to comment #0) > $ cat /etc/mercurial/hgrc I think "/etc/mercurial/hgrc.d/ca-certificates.rc" would be much better
Created attachment 329400 [details] files/cacerts.rc
Created attachment 329404 [details] mercurial-2.1.1-r1.ebuild ca-certs for stable version
Since ca-certificates.crt is not part of the @system set, we'd probably need to add a dependency on app-misc/ca-certificates. I think it's a good idea, and I'd be happy to implement it (/etc/mercurial/hgrc.d/ca-certificates.rc sounds like a good name), so I'll try to do that as soon as I get to it. In the meantime, any other developer should feel free to go ahead and do it.
Hello, I'm facing the same issue for a long long time. But that solution isn't full for me... seems like. * Updating /usr/portage/distfiles/hg-src/todo/ctodo from https://bitbucket.org/Cynede/ctodo warning: bitbucket.org certificate with fingerprint 24:9c:45:8b:9c:aa:ba:55:4e:01:6d:58:ff:e4:28:7d:2a:14:ae:3b not verified (check hostfingerprints or web.cacerts config setting) >>cat /etc/mercurial/hgrc.d/ca-certificates.rc [web] cacerts = /etc/ssl/certs/ca-certificates.crt#
(In reply to comment #8) > Hello, I'm facing the same issue for a long long time. But that solution > isn't full for me... seems like. > > * Updating /usr/portage/distfiles/hg-src/todo/ctodo from > https://bitbucket.org/Cynede/ctodo > warning: bitbucket.org certificate with fingerprint > 24:9c:45:8b:9c:aa:ba:55:4e:01:6d:58:ff:e4:28:7d:2a:14:ae:3b not verified > (check hostfingerprints or web.cacerts config setting) > > >>cat /etc/mercurial/hgrc.d/ca-certificates.rc > [web] > cacerts = /etc/ssl/certs/ca-certificates.crt# Same here with cacerts in /etc or /root/.hgrc >>ebuild pygments-9999.ebuild configure >>> Unpacking source... * Updating /media/SHARE/distfiles/hg-src/pygments/pygments-main from https://bitbucket.org/gentoo90/pygments-main warning: bitbucket.org certificate with fingerprint 24:9c:45:8b:9c:aa:ba:55:4e:01:6d:58:ff:e4:28:7d:2a:14:ae:3b not verified (check hostfingerprints or web.cacerts config setting) Seems like hg cant read its configs when runned from ebuild. Maybe its something about sandbox? ¯\(°_o)/¯
> Seems like hg cant read its configs when runned from ebuild. Maybe its > something about sandbox? ¯\(°_o)/¯ Sorry, wrong guess. It's because mercurial.eclass exports $HGRCPATH variable with empty value (line 87): >># Should be set but blank to prevent using $HOME/.hgrc >>export HGRCPATH= If this variable is present hg reads it. If not - it uses default set of directories: ['/usr/etc/mercurial/hgrc', '/etc/mercurial/hgrc', '/etc/mercurial/hgrc.d/cacerts.rc', '/root/.hgrc']
Oh. Thank you for that find. Now I guess I can solve it at least for myself.
Fixed in mercurial-2.4.1-r1.