depends: switch to secure download of all dependencies
Some dependency sources were downloaded via http, even though https (SSL/TLS) options are available. Even if we potentially check the integrity of the downloaded files via hash comparison, we should make use of this additional security layer. bdb.mk fontconfig.mk freetype.mk libX11.mk libXau.mk libXext.mk libxcb.mk native_cctools.mk native_cdrkit.mk xcb_proto.mk xextproto.mk xproto.mk xtrans.mk zlib.mk miniupnp was switched to official project mirror with SSL support
This commit is contained in:
Ulrich Kempken
parent
7263424458
commit
d8bc47fde4
|
|
@ -14,8 +14,9 @@ Each package is required to define at least these variables:
|
|||
placeholder such as 1.0 can be used.
|
||||
|
||||
$(package)_download_path:
|
||||
Location of the upstream source, without the file-name. Usually http or
|
||||
ftp.
|
||||
Location of the upstream source, without the file-name. Usually http, https
|
||||
or ftp. Secure transmission options like https should be preferred if
|
||||
available.
|
||||
|
||||
$(package)_file_name:
|
||||
The upstream source filename available at the download path.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=bdb
|
||||
$(package)_version=4.8.30
|
||||
$(package)_download_path=http://download.oracle.com/berkeley-db
|
||||
$(package)_download_path=https://download.oracle.com/berkeley-db
|
||||
$(package)_file_name=db-$($(package)_version).NC.tar.gz
|
||||
$(package)_sha256_hash=12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef
|
||||
$(package)_build_subdir=build_unix
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=fontconfig
|
||||
$(package)_version=2.12.1
|
||||
$(package)_download_path=http://www.freedesktop.org/software/fontconfig/release/
|
||||
$(package)_download_path=https://www.freedesktop.org/software/fontconfig/release/
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=b449a3e10c47e1d1c7a6ec6e2016cca73d3bd68fbbd4f0ae5cc6b573f7d6c7f3
|
||||
$(package)_dependencies=freetype expat
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=freetype
|
||||
$(package)_version=2.7.1
|
||||
$(package)_download_path=http://download.savannah.gnu.org/releases/$(package)
|
||||
$(package)_download_path=https://download.savannah.gnu.org/releases/$(package)
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=3a3bb2c4e15ffb433f2032f50a5b5a92558206822e22bfe8cbe339af4aa82f88
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=libX11
|
||||
$(package)_version=1.6.2
|
||||
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=2aa027e837231d2eeea90f3a4afe19948a6eb4c8b2bec0241eba7dbc8106bd16
|
||||
$(package)_dependencies=libxcb xtrans xextproto xproto
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=libXau
|
||||
$(package)_version=1.0.8
|
||||
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=fdd477320aeb5cdd67272838722d6b7d544887dfe7de46e1e7cc0c27c2bea4f2
|
||||
$(package)_dependencies=xproto
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=libXext
|
||||
$(package)_version=1.3.2
|
||||
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=f829075bc646cdc085fa25d98d5885d83b1759ceb355933127c257e8e50432e0
|
||||
$(package)_dependencies=xproto xextproto libX11 libXau
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=libxcb
|
||||
$(package)_version=1.10
|
||||
$(package)_download_path=http://xcb.freedesktop.org/dist
|
||||
$(package)_download_path=https://xcb.freedesktop.org/dist
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=98d9ab05b636dd088603b64229dd1ab2d2cc02ab807892e107d674f9c3f2d5b5
|
||||
$(package)_dependencies=xcb_proto libXau xproto
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=miniupnpc
|
||||
$(package)_version=2.0.20180203
|
||||
$(package)_download_path=http://miniupnp.free.fr/files
|
||||
$(package)_download_path=https://miniupnp.tuxfamily.org/files/
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.gz
|
||||
$(package)_sha256_hash=90dda8c7563ca6cd4a83e23b3c66dbbea89603a1675bfdb852897c2c9cc220b7
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ $(package)_file_name=$($(package)_version).tar.gz
|
|||
$(package)_sha256_hash=a09c9ba4684670a0375e42d9d67e7f12c1f62581a27f28f7c825d6d7032ccc6a
|
||||
$(package)_build_subdir=cctools
|
||||
$(package)_clang_version=3.7.1
|
||||
$(package)_clang_download_path=http://llvm.org/releases/$($(package)_clang_version)
|
||||
$(package)_clang_download_path=https://llvm.org/releases/$($(package)_clang_version)
|
||||
$(package)_clang_download_file=clang+llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz
|
||||
$(package)_clang_file_name=clang-llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz
|
||||
$(package)_clang_sha256_hash=99b28a6b48e793705228a390471991386daa33a9717cd9ca007fcdde69608fd9
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=native_cdrkit
|
||||
$(package)_version=1.1.11
|
||||
$(package)_download_path=http://distro.ibiblio.org/fatdog/source/600/c
|
||||
$(package)_download_path=https://distro.ibiblio.org/fatdog/source/600/c
|
||||
$(package)_file_name=cdrkit-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=b50d64c214a65b1a79afe3a964c691931a4233e2ba605d793eb85d0ac3652564
|
||||
$(package)_patches=cdrkit-deterministic.patch
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=xcb_proto
|
||||
$(package)_version=1.10
|
||||
$(package)_download_path=http://xcb.freedesktop.org/dist
|
||||
$(package)_download_path=https://xcb.freedesktop.org/dist
|
||||
$(package)_file_name=xcb-proto-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=7ef40ddd855b750bc597d2a435da21e55e502a0fefa85b274f2c922800baaf05
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=xextproto
|
||||
$(package)_version=7.3.0
|
||||
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/proto
|
||||
$(package)_download_path=https://xorg.freedesktop.org/releases/individual/proto
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=f3f4b23ac8db9c3a9e0d8edb591713f3d70ef9c3b175970dd8823dfc92aa5bb0
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=xproto
|
||||
$(package)_version=7.0.26
|
||||
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/proto
|
||||
$(package)_download_path=https://xorg.freedesktop.org/releases/individual/proto
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=636162c1759805a5a0114a369dffdeccb8af8c859ef6e1445f26a4e6e046514f
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=xtrans
|
||||
$(package)_version=1.3.4
|
||||
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
|
||||
$(package)_sha256_hash=054d4ee3efd52508c753e9f7bc655ef185a29bd2850dd9e2fc2ccc33544f583a
|
||||
$(package)_dependencies=
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package=zlib
|
||||
$(package)_version=1.2.11
|
||||
$(package)_download_path=http://www.zlib.net
|
||||
$(package)_download_path=https://www.zlib.net
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.gz
|
||||
$(package)_sha256_hash=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue