Skip to content

Instantly share code, notes, and snippets.

@Qix-

Qix-/readme.md

Last active March 30, 2024 10:29
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Qix-/f1a1b9a933e8847f56103bc14783ab7b to your computer and use it in GitHub Desktop.
Save Qix-/f1a1b9a933e8847f56103bc14783ab7b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
readme.md

This is a diff between the xz-embedded repositories listed on github and at git.tukaani.org.

$ git remote -v
github  https://github.com/tukaani-project/xz-embedded (fetch)
github  https://github.com/tukaani-project/xz-embedded (push)
origin  https://git.tukaani.org/xz-embedded.git (fetch)
origin  https://git.tukaani.org/xz-embedded.git (push)

xz-embedded was particularly interesting since it appears to be used in the Linux kernel. I wanted to see if, per chance, the tukaani git mirror had some differences or anything suspicious, but it appears just to be lagging behind a few innocuous commits.

The diff is attached. Direction is github -> git.tukaani.

$ git rev-parse github/master origin/master
be31a5a9c3a12728613d03fe74dfad1685b8b4ac
62d5603b5114c5aa8bb5f6bb461efbe0e3b51891
Raw
tuukani-vs-github.diff
diff --git a/.gitattributes b/.gitattributes
index f4b5a6d..7e8b706 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,4 +1,3 @@
.gitignore export-ignore
.gitattributes export-ignore
.codespellrc export-ignore
-.github export-ignore
diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
deleted file mode 100644
index 60101c6..0000000
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-name: Bug Report
-description: File a bug report
-title: "[Bug]: "
-labels: ["bug"]
-body:
- - type: markdown
- attributes:
- value: |
- Thanks for notifying us about this bug! If the bug is a security
- vulnerabilty, please report it to xz@tukaani.org or create a private
- Security Advisory instead.
- - type: markdown
- attributes:
- value: |
- The code in this repository contains a few features that aren't
- in the XZ Embedded variant in the Linux kernel. If you are using
- the version in Linux, or any other outside project, please mention
- this.
- - type: textarea
- id: description
- attributes:
- label: Describe the bug
- description: Also tell us, what did you expect to happen?
- placeholder: What happened
- validations:
- required: true
- - type: input
- id: our_version
- attributes:
- label: Version
- description: As best as you can determine, what version are you using?
- validations:
- required: false
- - type: input
- id: os_version
- attributes:
- label: Operating System
- description: What OS type and version are you running?
- validations:
- required: true
- - type: textarea
- id: logs
- attributes:
- label: Relevant log output
- description: |
- Please copy and paste any relevant log output. This will be
- automatically formatted into code, so no need for backticks.
- render: shell
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
deleted file mode 100644
index caad361..0000000
--- a/.github/SECURITY.md
+++ /dev/null
@@ -1,16 +0,0 @@
-# Reporting a Vulnerability
-
-If you discover a security vulnerability in this project or the version in
-the Linux kernel, please report it privately.
-**Do not disclose it as a public issue.** This gives
-us time to work with you to fix the issue before public exposure, reducing
-the chance that the exploit will be used before a patch is released.
-
-You may submit a report by emailing us at
-[xz@tukaani.org](mailto:xz@tukaani.org), or through
-[Security Advisories](https://github.com/tukaani-project/xz-embedded/security/advisories/new).
-While both options are available, we prefer email.
-
-This project is maintained by a team of volunteers on a reasonable-effort
-basis. As such, please give us 90 days to work on a fix before
-public exposure.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment