Change file download urls to pull from https #24
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I was reading this over to understand how rust uses the unicode data files, and how rust handles these sort of unicode security issues, and I noticed that when it downloads the source files, the urls it's curling aren't https:
unicode-security/scripts/unicode.py
Lines 46 to 64 in f42826a
Of course this is in a script that runs pre-commit, and for that + likely many other reasons that I'm ignorant of, this PR may not be needed.
Btw thanks for all you're doing in this repo/crate. This code + its comments are the only thing that's helping me see how one can go from 'tc39 provided files' to 'prevent/warn of naughtiness in source code'. 🙏