github-starred/semver
2
0
Fork 0
mirror of https://github.com/semver/semver.git synced 2026-03-11 00:12:22 -05:00
Code Issues 118 Packages Projects Releases 4 Wiki Activity

https? #125

New Issue
Closed
opened 2026-02-17 11:19:10 -06:00 by GiteaMirror · 6 comments
GiteaMirror commented 2026-02-17 11:19:10 -06:00
Owner
Copy Link

Originally created by @jprystowsky on GitHub (Mar 19, 2014).

Thanks for creating this! Just a note: It would be nice if the page at semver.org served over HTTPS.

Thanks.

Originally created by @jprystowsky on GitHub (Mar 19, 2014). Thanks for creating this! Just a note: It would be nice if the page at semver.org served over HTTPS. Thanks.
GiteaMirror commented 2026-02-17 11:19:11 -06:00
Author
Owner
Copy Link

@haacked commented on GitHub (Mar 19, 2014):

Mind logging an issue on that repo? https://github.com/mojombo/semver.org

@haacked commented on GitHub (Mar 19, 2014): Mind logging an issue on that repo? https://github.com/mojombo/semver.org
GiteaMirror commented 2026-02-17 11:19:12 -06:00
Author
Owner
Copy Link

@crazedsanity commented on GitHub (Mar 20, 2014):

Out of curiosity, what is the benefit of using HTTPS for a purely static website?

@crazedsanity commented on GitHub (Mar 20, 2014): Out of curiosity, what is the benefit of using HTTPS for a purely static website?
GiteaMirror commented 2026-02-17 11:19:12 -06:00
Author
Owner
Copy Link

@bessarabov commented on GitHub (Mar 20, 2014):

@crazedsanity Every site should use https =)

https does 2 things:

  • Hides traffic from man in the middle. If the site uses https the owners of the transitional servers can't read traffic. This does not mutter much for site like http://semver.org/ that hasn't got any private parts.
  • https prohibit change of the traffic. Some places with free wifi does evil thing — they add there own advertisements to every site that users http. So to be sure that the users gets the correct content a site must use https and only https.
@bessarabov commented on GitHub (Mar 20, 2014): @crazedsanity Every site should use https =) https does 2 things: - Hides traffic from man in the middle. If the site uses https the owners of the transitional servers can't read traffic. This does not mutter much for site like http://semver.org/ that hasn't got any private parts. - https prohibit change of the traffic. Some places with free wifi does evil thing — they add there own advertisements to every site that users http. So to be sure that the users gets the correct content a site must use https and only https.
GiteaMirror commented 2026-02-17 11:19:13 -06:00
Author
Owner
Copy Link

@jprystowsky commented on GitHub (Mar 20, 2014):

@Haacked Duly created (mojombo/semver.org#86). Sorry, I didn't see that repo before.

@crazedsanity as @bessarabov said. On the face of it, semver doesn't expose any vulnerable data and so "doesn't need https;" but, https > http for the security of web users in general. (Thinking out loud about the NSA revelations, etc.) I try to encourage security by default when I see the opportunity.

@jprystowsky commented on GitHub (Mar 20, 2014): @Haacked Duly created (mojombo/semver.org#86). Sorry, I didn't see that repo before. @crazedsanity as @bessarabov said. On the face of it, semver doesn't expose any vulnerable data and so "doesn't need https;" but, https > http for the security of web users in general. (Thinking out loud about the NSA revelations, etc.) I try to encourage security by default when I see the opportunity.
GiteaMirror commented 2026-02-17 11:19:14 -06:00
Author
Owner
Copy Link

@rlidwka commented on GitHub (Mar 20, 2014):

Hides traffic from man in the middle. If the site uses https the owners of the transitional servers can't read traffic.

Not really.

http://files.cloudprivacy.net/ssl-mitm.pdf

@rlidwka commented on GitHub (Mar 20, 2014): > Hides traffic from man in the middle. If the site uses https the owners of the transitional servers can't read traffic. Not really. http://files.cloudprivacy.net/ssl-mitm.pdf
GiteaMirror commented 2026-02-17 11:19:15 -06:00
Author
Owner
Copy Link

@jprystowsky commented on GitHub (Mar 20, 2014):

@rlidwka True, but, it's better than nothing. If TLS were the norm then it would become at least more costly and difficult to perform most attacks.

@jprystowsky commented on GitHub (Mar 20, 2014): @rlidwka True, but, it's better than nothing. If TLS were the norm then it would become at least more costly and difficult to perform most attacks.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
consensus seeking
duplicate
extend
layout
pull-request
Mirrored from GitHub Pull Request
 question
RFC
spelling/grammar
staled
update
waiting for PR
won't fix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/semver#125
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?