Merge #16049: depends: switch to secure download of all dependencies

d8bc47fde4 depends: switch to secure download of all dependencies (Ulrich Kempken)

Pull request description:

  Even if we potentially check the integrity of the downloaded file via hash comparison, we should make use of SSL since it is available.

ACKs for commit d8bc47:
  jonasschnelli:
    utACK d8bc47fde46ca0711fa54a0d70ff5d066c708e50
  practicalswift:
    utACK d8bc47fde46ca0711fa54a0d70ff5d066c708e50
  dongcarl:
    tACK d8bc47fde46ca0711fa54a0d70ff5d066c708e50

Tree-SHA512: e47702f6d243ed7f498ca84c193244382f16f08df6a297caa224b4468f501f3da6fe542fcf3a0dd9c24ab1b0b38bbc51478068e6006a92854ded23abf90de3c8
This commit is contained in:
MarcoFalke 2019-05-22 07:39:26 -04:00 committed by Munkybooty
parent 07fb94ec6e
commit e5817f44a2
10 changed files with 12 additions and 11 deletions

View File

@ -14,8 +14,9 @@ Each package is required to define at least these variables:
placeholder such as 1.0 can be used. placeholder such as 1.0 can be used.
$(package)_download_path: $(package)_download_path:
Location of the upstream source, without the file-name. Usually http or Location of the upstream source, without the file-name. Usually http, https
ftp. or ftp. Secure transmission options like https should be preferred if
available.
$(package)_file_name: $(package)_file_name:
The upstream source filename available at the download path. The upstream source filename available at the download path.

View File

@ -1,6 +1,6 @@
package=bdb package=bdb
$(package)_version=4.8.30 $(package)_version=4.8.30
$(package)_download_path=http://download.oracle.com/berkeley-db $(package)_download_path=https://download.oracle.com/berkeley-db
$(package)_file_name=db-$($(package)_version).NC.tar.gz $(package)_file_name=db-$($(package)_version).NC.tar.gz
$(package)_sha256_hash=12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef $(package)_sha256_hash=12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef
$(package)_build_subdir=build_unix $(package)_build_subdir=build_unix

View File

@ -1,6 +1,6 @@
package=fontconfig package=fontconfig
$(package)_version=2.12.1 $(package)_version=2.12.1
$(package)_download_path=http://www.freedesktop.org/software/fontconfig/release/ $(package)_download_path=https://www.freedesktop.org/software/fontconfig/release/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=b449a3e10c47e1d1c7a6ec6e2016cca73d3bd68fbbd4f0ae5cc6b573f7d6c7f3 $(package)_sha256_hash=b449a3e10c47e1d1c7a6ec6e2016cca73d3bd68fbbd4f0ae5cc6b573f7d6c7f3
$(package)_dependencies=freetype expat $(package)_dependencies=freetype expat

View File

@ -1,6 +1,6 @@
package=freetype package=freetype
$(package)_version=2.7.1 $(package)_version=2.7.1
$(package)_download_path=http://download.savannah.gnu.org/releases/$(package) $(package)_download_path=https://download.savannah.gnu.org/releases/$(package)
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=3a3bb2c4e15ffb433f2032f50a5b5a92558206822e22bfe8cbe339af4aa82f88 $(package)_sha256_hash=3a3bb2c4e15ffb433f2032f50a5b5a92558206822e22bfe8cbe339af4aa82f88

View File

@ -1,6 +1,6 @@
package=libXau package=libXau
$(package)_version=1.0.8 $(package)_version=1.0.8
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/ $(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=fdd477320aeb5cdd67272838722d6b7d544887dfe7de46e1e7cc0c27c2bea4f2 $(package)_sha256_hash=fdd477320aeb5cdd67272838722d6b7d544887dfe7de46e1e7cc0c27c2bea4f2
$(package)_dependencies=xproto $(package)_dependencies=xproto

View File

@ -1,6 +1,6 @@
package=libxcb package=libxcb
$(package)_version=1.10 $(package)_version=1.10
$(package)_download_path=http://xcb.freedesktop.org/dist $(package)_download_path=https://xcb.freedesktop.org/dist
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=98d9ab05b636dd088603b64229dd1ab2d2cc02ab807892e107d674f9c3f2d5b5 $(package)_sha256_hash=98d9ab05b636dd088603b64229dd1ab2d2cc02ab807892e107d674f9c3f2d5b5
$(package)_dependencies=xcb_proto libXau $(package)_dependencies=xcb_proto libXau

View File

@ -1,6 +1,6 @@
package=miniupnpc package=miniupnpc
$(package)_version=2.0.20180203 $(package)_version=2.0.20180203
$(package)_download_path=https://miniupnp.tuxfamily.org/files $(package)_download_path=https://miniupnp.tuxfamily.org/files/
$(package)_file_name=$(package)-$($(package)_version).tar.gz $(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=90dda8c7563ca6cd4a83e23b3c66dbbea89603a1675bfdb852897c2c9cc220b7 $(package)_sha256_hash=90dda8c7563ca6cd4a83e23b3c66dbbea89603a1675bfdb852897c2c9cc220b7
$(package)_patches=dont_use_wingen.patch $(package)_patches=dont_use_wingen.patch

View File

@ -1,6 +1,6 @@
package=xcb_proto package=xcb_proto
$(package)_version=1.10 $(package)_version=1.10
$(package)_download_path=http://xcb.freedesktop.org/dist $(package)_download_path=https://xcb.freedesktop.org/dist
$(package)_file_name=xcb-proto-$($(package)_version).tar.bz2 $(package)_file_name=xcb-proto-$($(package)_version).tar.bz2
$(package)_sha256_hash=7ef40ddd855b750bc597d2a435da21e55e502a0fefa85b274f2c922800baaf05 $(package)_sha256_hash=7ef40ddd855b750bc597d2a435da21e55e502a0fefa85b274f2c922800baaf05

View File

@ -1,6 +1,6 @@
package=xproto package=xproto
$(package)_version=7.0.26 $(package)_version=7.0.26
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/proto $(package)_download_path=https://xorg.freedesktop.org/releases/individual/proto
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=636162c1759805a5a0114a369dffdeccb8af8c859ef6e1445f26a4e6e046514f $(package)_sha256_hash=636162c1759805a5a0114a369dffdeccb8af8c859ef6e1445f26a4e6e046514f

View File

@ -1,6 +1,6 @@
package=zlib package=zlib
$(package)_version=1.2.11 $(package)_version=1.2.11
$(package)_download_path=http://www.zlib.net $(package)_download_path=https://www.zlib.net
$(package)_file_name=$(package)-$($(package)_version).tar.gz $(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1 $(package)_sha256_hash=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1