[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#53765] [PATCH 12/17] gnu: Add clojure-com-cognitect-http-client.
From: |
Reily Siegel |
Subject: |
[bug#53765] [PATCH 12/17] gnu: Add clojure-com-cognitect-http-client. |
Date: |
Mon, 07 Feb 2022 14:50:00 -0500 |
Maxime Devos <maximedevos@telenet.be> writes:
> A web page from cognitect telling ‘grab source code from Maven
> (com/cognitect/http-client)’
I am fairly certain that this code is not officially documented and
released as a library, it is only used in internal cognitect projects.
However, this is where other, officially supported cognitect libraries
pull the source from. The dependency specification[1] for cognitect-aws-api
uses:
com.cognitect/http-client {:mvn/version "1.0.110"}
As the location to pull this dependency. Given that the dependency
resolution system uses https://repo1.maven.org/maven2/ by default (see
the file /lib/clojure/deps.edn in clojure-tools), this results in the
URL https://repo1.maven.org/maven2/com/cognitect/http-client/1.0.110.
This is one revision older than the version I use (I just grabbed the
most recent one), but if you would like me to submit a new version of
the patch using this older version instead, I have no problem with that,
and it should work just fine.
> Going over the source code to sniff things like ’Send ~/.gnupg to
> evil.com’ should be sufficient.
I have read the entire source code of the project, and can verify that
it doesn't obviously do anything like this. Not claiming that I can
guarantee that the code is bug-free, but there is nothing obviously evil
about it. The code is only ~300 lines long, and mostly wraps existing
Java APIs.
--
Reily Siegel
[1]: https://github.com/cognitect-labs/aws-api/blob/master/deps.edn
[bug#53765] [PATCH 12/17] gnu: Add clojure-com-cognitect-http-client., Maxime Devos, 2022/02/07
[bug#53765] [PATCH 12/17] gnu: Add clojure-com-cognitect-http-client., Maxime Devos, 2022/02/07
[bug#53765] [PATCH 12/17] gnu: Add clojure-com-cognitect-http-client., Maxime Devos, 2022/02/07
[bug#53765] [PATCH 11/17] gnu: Add clojure-core-async., Reily Siegel, 2022/02/03