On 2022-07-01 at 16:24:06, Johannes Schindelin via GitGitGadget wrote: > From: Johannes Schindelin <johannes.schindelin@xxxxxx> > > There was a bug report attached to the copy of 511cfd3bffa (http: add > custom hostname to IP address resolutions, 2022-05-16) in the `git/git` > repository on GitHub, claiming that that commit broke the build on > RedHat Enterprise Linux 6. The most likely explanation is that the > available cURL version does not support the `CURLOPT_RESOLVE` feature. > > Let's work around this by warning the user if they configure > `http.curloptResolve` if compiled against a too-old cURL version. I don't think it's a good idea to continue to support RHEL 6. It lost regular security support in 2020 and I think it's fine and even preferable to force people to upgrade their OS once every decade. 10 years is, in my view, well beyond the reasonable life span of an OS. There's no possible way that any Git developer can be expected to support RHEL 6 because it has no publicly available security support[0] and we can't expect developers to run or use insecure OSes at all. It's also irresponsible of us to enable people to use such an OS considering the likelihood of compromise is substantial and the risk compromised systems pose to the Internet, so I think we should drop this patch. [0] Yes, there is _extended_ security support until 2024, but that's not available to people who aren't already RHEL 6 users and it doesn't cover dependencies such as libcurl or Perl that are required to effectively use Git. -- brian m. carlson (he/him or they/them) Toronto, Ontario, CA
Attachment:
signature.asc
Description: PGP signature
