-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
- [libcurl] enable Unicode #15195
- [libcurl] enable Unicode #15195
Conversation
Signed-off-by: SSE4 <[email protected]>
This comment has been minimized.
This comment has been minimized.
Signed-off-by: SSE4 <[email protected]>
This comment has been minimized.
This comment has been minimized.
Signed-off-by: SSE4 <[email protected]>
I detected other pull requests that are modifying libcurl/all recipe: This message is automatically generated by https://github.com/ericLemanissier/conan-center-conflicting-prs so don't hesitate to report issues/improvements there. |
@@ -226,7 +226,7 @@ def layout(self): | |||
def source(self): | |||
get(self, **self.conan_data["sources"][self.version], | |||
destination=self.source_folder, strip_root=True) | |||
download(self, "https://curl.haxx.se/ca/cacert.pem", "cacert.pem", verify=True, sha256="2cff03f9efdaf52626bd1b451d700605dc1ea000c5da56bd0fc59f8f43071040") | |||
download(self, "https://curl.se/ca/cacert-2023-01-10.pem", "cacert.pem", verify=True, sha256="fb1ecd641d0a02c01bc9036d513cb658bbda62a75e246bedbc01764560a639f0") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't it be better to download the last file + the corresponding checksum ( https://curl.se/ca/cacert.pem.sha256 ), and do the comparison?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One purpose of the checksum is to detect malicious tampering or modification if, at some time in the future, the server you're downloading the file from is compromised. It will no longer achieve this if you're just trusting the same server you're downloading the file from to give you the correct checksum. This is especially important for a file containing CA certificates as in this case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, thanks for explanation. It seems like it's worth doing this manually from time to time.
This comment has been minimized.
This comment has been minimized.
Is there something blocking this from getting merged? libcurl is broken and it is causing problems for my team. |
Same here, please let's hope this can get merged asap! Thx! |
Same here. |
Conan v1 pipelineAll green in build 6 (
|
* - [libcurl] enable Unicode Signed-off-by: SSE4 <[email protected]> * - update sha for cacert Signed-off-by: SSE4 <[email protected]> * - use a versioned cacert URL to avoid sudden SHA changes in future Signed-off-by: SSE4 <[email protected]> Signed-off-by: SSE4 <[email protected]>
closes: #15052
Specify library name and version: libcurl/all