You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The go.mod and source code references moul.io/protoc-gen-gotemplate rather than github.com/moul/protoc-gen-gotemplate. Using a personal DNS is a potential security problem, as the code could be changed from that published on GitHub. To protect against this, projects that use this repo would have to qualify all refs with hashes rather than just the version.
I am guessing that you do this to make it easier to test locally and override the domain name? I'm not a fan of how Go uses URL refs, rather than published package refs to crates.io or the like.
In any case, is there a chance you can revert the source back to using GitHub.com urls?
The text was updated successfully, but these errors were encountered:
The
go.modand source code referencesmoul.io/protoc-gen-gotemplaterather thangithub.com/moul/protoc-gen-gotemplate. Using a personal DNS is a potential security problem, as the code could be changed from that published on GitHub. To protect against this, projects that use this repo would have to qualify all refs with hashes rather than just the version.I am guessing that you do this to make it easier to test locally and override the domain name? I'm not a fan of how Go uses URL refs, rather than published package refs to
crates.ioor the like.In any case, is there a chance you can revert the source back to using GitHub.com urls?
The text was updated successfully, but these errors were encountered: