Just a reminder we have three instances of apt-panopticon spread around
the world, testing all the Devuan package mirrors.
https://sledjhamr.org/apt-panopticon/results/Report-web.html
http://veritas.devuan.org/apt-panopticon/results/Report-web.html
https://ap.in.devuan.org/apt-panopticon/results/Report-web.html
There's a fourth one, but it hasn't run since last year.
I'm trying to sort out the three remaining sticking points that several
mirrors always trip up. The first one was URL sanity errors that I
mentioned recently.
...........
The second is Protocol warnings. In apt-panopticon if you hover your
mouse over any text with a purple box around it, you'll get a popup text
describing the thing in more detail. In this case -
"The Protocol test will give a WARNING if the protocol is changed during a
redirect, HTTP -> HTTPS for example. While apt HTTPS transport is now
the default in Beowulf / Buster, not everyone with an older release will
have that installed, so redirecting HTTP to HTTPS will break apt for
those people. An ERROR is given instead if that happens for mirrors in
the DNS round robin. Servers in the DNS round robin will not have the
HTTPS certificate for the round robin domain, so redirecting to HTTPS for
that is an ERROR."
The warning that some of you are tripping might be screwing with older
installs that don't happen to have the apt HTTPS transport installed, coz
you are unexpectedly dumping them into HTTPS which they cannot handle.
Yes, I know, it's trendy and likely a good idea to redirect everything to
HTTPS, but not if that can break things for others.
Unlike URL sanity, this would be a simple fix. Don't do that! Do not
rewrite URLs to redirect HTTP apt requests to HTTPS. You can do that to
the rest of your web sites if you want, just not the Devuan package repo.
Please will you fix that?
Thanks.
--
A big old stinking pile of genius that no one wants
coz there are too many silver coated monkeys in the world.