How can this be done? Doing a EGIT_SUBMODULES=() fetch&checkout followed by patching .gitmodules and then calling fetch&checkout with real EGIT_SUBMODULES does not work as git-r3 always sources .gitmodules from the packed git clone.
This looks to me rather a good question for our support forums. https://www.gentoo.org/support/ However we can not discuss it on the bug tracker. -> closing.
This was supposed to be a feature request for the eclass.
Quick fix patch that should work for all Github repositories. --- /var/portage/tree/eclass/git-r3.eclass 2018-06-13 10:10:20.000000000 +0200 +++ ../../eclass/git-r3.eclass 2018-07-13 23:05:20.379380795 +0200 @@ -459,10 +459,14 @@ # TODO: check escaped names for collisions local enc_subname=${subname//[^a-zA-Z0-9-]/_} + local uri="$(echo "${data}" | git config -f /dev/fd/0 submodule."${subname}".url || die)" + printf "Submodule URI: ${uri}" + uri="${uri//git:\/\//https://}" + uri="${uri//http:\/\//https://}" + submodules+=( "${enc_subname}" - "$(echo "${data}" | git config -f /dev/fd/0 \ - submodule."${subname}".url || die)" + "$uri" "$(echo "${data}" | git config -f /dev/fd/0 \ submodule."${subname}".path || die)" ) @@ -575,10 +579,11 @@ local r for r in "${repos[@]}"; do if [[ ${r} == git:* || ${r} == http:* ]]; then - ewarn "git-r3: ${r%%:*} protocol is completely unsecure and may render the ebuild" - ewarn "easily susceptible to MITM attacks (even if used only as fallback). Please" - ewarn "use https instead." - ewarn "[URI: ${r}]" + eerror "git-r3: ${r%%:*} protocol is completely unsecure and may render the ebuild" + eerror "easily susceptible to MITM attacks (even if used only as fallback). Please" + eerror "use https instead." + eerror "[URI: ${r}]" + die "Refusing to clone repositories over insecure connections! [URI: ${r}]" fi done
Created attachment 540044 [details, diff] the above patch, for those who prefer using it.
