summaryrefslogtreecommitdiff
path: root/SECURITY.md
diff options
context:
space:
mode:
authorAdam J. Stewart <ajstewart426@gmail.com>2022-03-23 02:50:00 -0500
committerGitHub <noreply@github.com>2022-03-23 08:50:00 +0100
commit5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34 (patch)
treeb8ef0badda8ff94202d35c5bebd80e3163d8cb70 /SECURITY.md
parent8f89932aad0bdba3e4ffad57e9973118f73a0bb6 (diff)
downloadspack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.tar.gz
spack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.tar.bz2
spack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.tar.xz
spack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.zip
Use stable URLs and `?full_index=1` for all github patches (#29239)
The number of commit characters in patch files fetched from GitHub can change, so we should use `full_index=1` to enforce full commit hashes (and a stable patch `sha256`). Similarly, URLs for branches like `master` don't give us stable patch files, because branches are moving targets. Use specific tags or commits for those. - [x] update all github patch URLs to use `full_index=1` - [x] don't use `master` or other branches for patches - [x] add an audit check and a test for `?full_index=1` Co-authored-by: Todd Gamblin <tgamblin@llnl.gov>
Diffstat (limited to 'SECURITY.md')
0 files changed, 0 insertions, 0 deletions