diff options
author | Bryan C. Mills <bcmills@google.com> | 2019-04-05 09:26:24 -0400 |
---|---|---|
committer | Russ Cox <rsc@golang.org> | 2019-04-23 21:11:28 +0000 |
commit | 58de7c6d4838729c6c133d9b2461dc6b1f766b76 (patch) | |
tree | bdb3902bda6f0182be6386e261ae9f605a141564 /src/cmd/go/internal/get/get.go | |
parent | 807761f3345b264ceb6f5b6fdd804f5c34d4ee51 (diff) | |
download | go-58de7c6d4838729c6c133d9b2461dc6b1f766b76.tar.gz go-58de7c6d4838729c6c133d9b2461dc6b1f766b76.zip |
cmd/go/internal/web: merge internal/web2 into web
The cmd/go/internal/web package was forked in order to support direct
HTTPS fetches from widely-used hosting providers,¹ but direct fetches
were subsequently dropped in CL 107657. The forked web2 package, with
its GitHub-specific diagnostics and .netrc support, remained in use
for module proxy support, but was not used for the initial '?go-get=1'
path resolution, so the .netrc file was only used to fetch from
already-resolved module protocol servers.
This CL moves the .netrc support into its own (new) package,
cmd/go/internal/auth, and consolidates the web and web2 packages back
into just web. As a result, fetches via the web package now support
.netrc, and fetches that previously used web2 now enforce the same
security policies as web (such as prohibiting HTTPS-to-HTTP
redirects).
¹https://github.com/golang/vgo/commit/63138cb6ceed7d6d4e51a8cbd568c64bd3e2b132
Fixes #29591
Fixes #29888
Fixes #30610
Updates #26232
Change-Id: Ia3a13526e443679cf14a72a1f3db96f336ce5e73
Reviewed-on: https://go-review.googlesource.com/c/go/+/170879
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Jay Conrod <jayconrod@google.com>
Diffstat (limited to 'src/cmd/go/internal/get/get.go')
-rw-r--r-- | src/cmd/go/internal/get/get.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/cmd/go/internal/get/get.go b/src/cmd/go/internal/get/get.go index fe15515efc..c70013c3f5 100644 --- a/src/cmd/go/internal/get/get.go +++ b/src/cmd/go/internal/get/get.go @@ -392,7 +392,7 @@ func downloadPackage(p *load.Package) error { blindRepo bool // set if the repo has unusual configuration ) - security := web.Secure + security := web.SecureOnly if Insecure { security = web.Insecure } |