vcs-field-uses-insecure-uri
The Vcs-* field uses an unencrypted transport protocol for the URI. It is recommended to use a secure transport such as HTTPS for anonymous read-only access.
Note that you can often just exchange e.g. git:// with https:// for repositories. Though, in some cases (bzr's "lp:" or CVS's pserver) it might not be possible to use an alternative url and still have a working (anonymous read-only) repository.
Severity: | info |
Experimental: | false |
See also
- list of all the affected packages
- the source of this tag