Page MenuHomePhabricator

depends: switch to secure download of all dependencies

Authored by Fabien on Thu, Mar 19, 14:46.


Some dependency sources were downloaded via http, even though https
(SSL/TLS) options are available.
Even if we potentially check the integrity of the downloaded files via
hash comparison, we should make use of this additional security layer.

Backport of core PR16049.

Depends on D5504.

Test Plan

Run the Gitian build twice, check the result is deterministic.

Diff Detail

rABC Bitcoin ABC
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

Fabien created this revision.Thu, Mar 19, 14:46
Herald added a reviewer: Restricted Project. · View Herald TranscriptThu, Mar 19, 14:46
teamcity edited the summary of this revision. (Show Details)Thu, Mar 19, 14:47

[Bot Message]
One or more PR numbers were detected in the summary.
Links to those PRs have been inserted into the summary for reference.

deadalnix accepted this revision.Thu, Mar 19, 14:49
This revision is now accepted and ready to land.Thu, Mar 19, 14:49