grepwood
commented
4 weeks ago Alright I found myself aliasing sops to sops --disable-version-check.
Open grepwood opened 4 weeks ago
grepwood
commented
4 weeks ago Alright I found myself aliasing sops to sops --disable-version-check.
felixfontein
commented
3 weeks ago Yes, if you don't want sops -v to contact GitHub, you need to pass --disable-version-check.
grepwood
commented
3 weeks ago What kind of REST API call is actually used to get this info? Perhaps I could emulate it from my side of the intranet
felixfontein
commented
3 weeks ago It tries two approaches (see https://github.com/getsops/sops/blob/main/version/version.go#L136):
c33s
commented
3 weeks ago can we please have an environment variable for that? quite uncool that a security tool leaks my ip address without consent.
nicklasfrahm
commented
16 hours ago @c33s What should the behaviour of that environment variable be? Would you like it to be an alternative to the --disable-version-check flag?
Can you check if #1684 solves your use-case? Any non-empty value to that environment variable will disable the remote version check.
c33s
commented
6 hours ago @nicklasfrahm yes #1684 is the behavior i was looking for.
still i would vote for opt-in instead of opt-out (eu gdpr): don't contact anything until i explicitly pass a --do-version-check flag or set the variable SOPS_ENABLE_VERSION_CHECK but i assume this would a different issue, would it?
I'm using sops in a network environment where I will never ever in a million years be able to contact github.com directly. I'd like to be able to call
sops -vwithout it complaining that it can't check what's the latest version.Is there any environment variable perhaps that controls this behavior?