ci security: Remove -c http.sslverify=false from git clone commands
#74
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
These lines disable TLS certificate verification:
Why this is insecure
Disabling
http.sslVerifyallows man-in-the-middle attacks: attackers can impersonate the server, tamper with downloaded code, or steal credentials (if auth is ever added).This creates supply-chain risk during CI/builds.
Fix
-c http.sslverify=falseca-certificatespackages so servers can verify GH and our website's certificates via root chain.jabber.developer referenced this issue2026-01-21 16:15:29 +00:00
jabber.developer referenced this issue2026-01-21 16:16:31 +00:00
jabber.developer referenced this issue2026-01-21 17:54:18 +00:00
Resolved by #75