Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

godl: only use git:// scheme as last option #97

Merged
merged 1 commit into from
Apr 6, 2022
Merged

godl: only use git:// scheme as last option #97

merged 1 commit into from
Apr 6, 2022

Conversation

thaJeztah
Copy link
Collaborator

The git:// protocol is insecure (equivalent of http://), and GitHub has
deprecated support for this, see:
https://github.blog/2021-09-01-improving-git-protocol-security-github/

Which causes vendoring with vndr to fail:

2022/03/31 09:29:01 Download dependencies
2022/03/31 09:29:02 Starting whole vndr cycle because no package specified
fatal: remote error:
  The unauthenticated git protocol on port 9418 is no longer supported.
Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
fatal: remote error:
  The unauthenticated git protocol on port 9418 is no longer supported.
Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
fatal: remote error:
  The unauthenticated git protocol on port 9418 is no longer supported.
Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
fatal: remote error:
  The unauthenticated git protocol on port 9418 is no longer supported.
Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
fatal: remote error:
  The unauthenticated git protocol on port 9418 is no longer supported.
Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
fatal: remote error:
  The unauthenticated git protocol on port 9418 is no longer supported.
Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.

This patch moves the git:// scheme to the end of the list of schemes to try,
so that https:// is used as default. I kept git:// in the list, to allow
it to be used for servers (other than GitHub) that still support it.

Signed-off-by: Sebastiaan van Stijn [email protected]

@thaJeztah thaJeztah closed this Mar 31, 2022
@thaJeztah thaJeztah reopened this Mar 31, 2022
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Mar 31, 2022
@thaJeztah
WIP: fix vndr for git:// deprecation
b8913a5 
Using my version from LK4D4/vndr#97

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah
Copy link
Collaborator Author

Failure on windows looks unrelated (perhaps we need a longer timeout);

Running [D:\a\_temp\b148c182-c1f8-4d83-be8f-79f325b53237\golangci-lint-1.42.0-windows-amd64\golangci-lint run --out-format=github-actions --path-prefix=src/github.com/LK4D4/vndr] in [D:\a\vndr\vndr\src\github.com\LK4D4\vndr] ...
level=error msg="Running error: context loading failed: failed to load packages: timed out to load packages: context deadline exceeded"
level=error msg="Timeout exceeded: try increasing it by passing --timeout option"

Error: golangci-lint exit with code 4
Ran golangci-lint in 61363ms

@thaJeztah
Copy link
Collaborator Author

@LK4D4 PTAL 🤗 👋

thaJeztah added a commit to thaJeztah/cli that referenced this pull request Mar 31, 2022
@thaJeztah
WIP: fix vndr for git:// deprecation
339c3cd 
Using my version from LK4D4/vndr#97

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah thaJeztah mentioned this pull request Mar 31, 2022
Open
@thaJeztah

This comment was marked as outdated.

Sign in to view
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Mar 31, 2022
@thaJeztah
WIP: fix vndr for git:// deprecation
c919297 
Using my version from LK4D4/vndr#97

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah

This comment was marked as outdated.

Sign in to view
@thaJeztah
godl: only use git:// scheme as last option
817ae4a 
The `git://` protocol is insecure (equivalent of `http://`), and GitHub has
deprecated support for this, see:
https://github.blog/2021-09-01-improving-git-protocol-security-github/

Which causes vendoring with `vndr` to fail:

    2022/03/31 09:29:01 Download dependencies
    2022/03/31 09:29:02 Starting whole vndr cycle because no package specified
    fatal: remote error:
      The unauthenticated git protocol on port 9418 is no longer supported.
    Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
    fatal: remote error:
      The unauthenticated git protocol on port 9418 is no longer supported.
    Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
    fatal: remote error:
      The unauthenticated git protocol on port 9418 is no longer supported.
    Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
    fatal: remote error:
      The unauthenticated git protocol on port 9418 is no longer supported.
    Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
    fatal: remote error:
      The unauthenticated git protocol on port 9418 is no longer supported.
    Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
    fatal: remote error:
      The unauthenticated git protocol on port 9418 is no longer supported.
    Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.

This patch moves the `git://` scheme to the end of the list of schemes to try,
so that `https://` is used as default. I kept `git://` in the list, to allow
it to be used for servers (other than GitHub) that still support it.

Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Mar 31, 2022
@thaJeztah
WIP: fix vndr for git:// deprecation
2a51e76 
Using my version from LK4D4/vndr#97

Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Mar 31, 2022
@thaJeztah
WIP: fix vndr for git:// deprecation
620075d 
Using my version from LK4D4/vndr#97

Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Mar 31, 2022
@thaJeztah
WIP: fix vndr for git:// deprecation
f3e5c40 
Using my version from LK4D4/vndr#97

Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Mar 31, 2022
@thaJeztah
WIP: fix vndr for git:// deprecation
294094c 
Using my version from LK4D4/vndr#97

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah
Copy link
Collaborator Author

oh, fun! I just found that there was a replace rule in our vendor.conf (docker/cli#3516), so looks like it's actually not vndr that defaulted to trying the protocol, or only because of that one 😂

Guess this change in itself wouldn't hurt (to use it as last option instead of the first one)

@LK4D4 LK4D4 merged commit fa1db97 into LK4D4:master Apr 6, 2022
@thaJeztah thaJeztah deleted the fix_git_proto branch April 7, 2022 06:00
@thaJeztah
Copy link
Collaborator Author

Thanks @LK4D4 ! (hope you're doing well! we should catch up!)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@thaJeztah @LK4D4