The following article was put out last year, so I’m sure for some this is not necessarily new news, but rather some of the GitHub changes that take affect today. According to a GitHub article posted back on 09.2021 here:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
By March 15, 2022. Changes will be made permanent.
We’ll permanently stop accepting DSA keys. RSA keys uploaded after the cut-off point above will work only with SHA-2 signatures (but again, RSA keys uploaded before this date will continue to work with SHA-1). The deprecated MACs, ciphers, and unencrypted Git protocol will be permanently disabled.
Only users connecting via SSH or git:// are affected.
That change is now today, which got me wondering. Now I’ll be honest, this is a bit over my head, but out of curiosity, I just want to ask, is the PKGBUILDS in the EndeavourOS all unaffected or do any/some of the PKGBUILDS need to be tweaked for this?
I’m looking over some of the EndeavourOS PKGBUILDS here right now:
https://github.com/endeavouros-team/PKGBUILDS
And I’m no GitHub expert by any means, but from what I can gather is that these PKGBUILDS (I haven’t looked at all of them, fyi), look to be using https so I want to say EndeavourOS is unaffected by this? I’m just looking for some clarification, not worried about anything really, just more out of curiosity more than anything as I know the GitHub changes are meant to strengthen security protocols. Thanks for reading my post and I appreciate any replies and comments to help me understand this better.