opendev/gerrit
Code Issues Proposed changes

Update git submodules

Browse Source 
* Update plugins/download-commands from branch 'stable-2.14'
  - CloneWithCommitMsgHook: Stop passing --insecure to curl
    
    Validating certs is an important feature of HTTPS that we should not
    disable, especially when downloading code that is going to be trusted.
    
    This "curl" invocation does not take place until after a successful
    "git clone", so the -k option would not be useful for dealing with
    misconfigured https servers.  Any configuration that needs -k would
    already be broken because of the "git clone" that comes before it.
    
    Reported-by: Gert van Dijk <gertvdijk@gmail.com>
    Bug: Issue 7562
    Change-Id: Ibe14bba5c1ce30a771515ff7985796aa1b8cdadf
This commit is contained in:
Jonathan Nieder 2017-10-25 14:19:06 -07:00 committed by Gerrit Code Review
parent a2c3c23258
commit 52ea902ef9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/download-commands

@ -1 +1 @@
Subproject commit 8357e942dd9da82884a4e1b6e4697479153d0496
Subproject commit b88b58b670be36f332285e1818695ac45b5be5b3