search

cernekee / ics-openconnect

Android UI for OpenConnect VPN client
GNU General Public License v2.0
358 stars 130 forks source link

git submodules should always use https:// connections #8

Closed eighthave closed 6 years ago

eighthave commented 8 years ago

Since git does not always verify the commits it downloads, submodules should always use HTTPS in order to improve the security of the build process.

diff --git a/.gitmodules b/.gitmodules
index ed5e55d..045eccf 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,6 +1,6 @@
 [submodule "external/openconnect"]
        path = external/openconnect
-       url = git://github.com/cernekee/openconnect
+       url = https://github.com/cernekee/openconnect
 [submodule "external/stoken"]
        path = external/stoken
-       url = git://github.com/cernekee/stoken
+       url = https://github.com/cernekee/stoken
cernekee commented 8 years ago

Since git does not always verify the commits it downloads

Won't the submodule checkout fail if git receives something that doesn't correspond to the SHA1 hashes that are stored for each submodule in the main repo?