diff options
author | Adam J. Stewart <ajstewart426@gmail.com> | 2022-03-23 02:50:00 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-23 08:50:00 +0100 |
commit | 5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34 (patch) | |
tree | b8ef0badda8ff94202d35c5bebd80e3163d8cb70 /SECURITY.md | |
parent | 8f89932aad0bdba3e4ffad57e9973118f73a0bb6 (diff) | |
download | spack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.tar.gz spack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.tar.bz2 spack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.tar.xz spack-5df10c04cd4ffe223f346b8bd9e5cd80dedbfe34.zip |
Use stable URLs and `?full_index=1` for all github patches (#29239)
The number of commit characters in patch files fetched from GitHub can change,
so we should use `full_index=1` to enforce full commit hashes (and a stable
patch `sha256`).
Similarly, URLs for branches like `master` don't give us stable patch files,
because branches are moving targets. Use specific tags or commits for those.
- [x] update all github patch URLs to use `full_index=1`
- [x] don't use `master` or other branches for patches
- [x] add an audit check and a test for `?full_index=1`
Co-authored-by: Todd Gamblin <tgamblin@llnl.gov>
Diffstat (limited to 'SECURITY.md')
0 files changed, 0 insertions, 0 deletions