zsh - Debian zsh package experimental fork

Age	Commit message (Collapse)	Author	Files	Lines
2024-08-14	d/upstream/metatata: Use secure URLs	Simon McVittie	1	-5/+5
	The http and anonymous git protocols do not authenticate the identity of the server, making them vulnerable to man-in-the-middle attacks. Replace them with authenticated equivalents. zsh.sourceforge.net redirects to zsh.sourceforge.io, so presumably that address is now considered canonical.
2021-04-06	Add the new zsh-security mailing list as Security-Contact to ↵	Axel Beckert	1	-0/+1
	debian/upstream/metadata
2020-01-12	Add 'Documentation' to d/upstream/metadata	Daniel Shahaf	1	-0/+1

2019-01-27	d/upstream/signing-key.asc: Add the 5.7 RM's signing key.	Daniel Shahaf	1	-0/+30
	I retrieved the key with `gpg --recv-keys 7CA7ECAAF06216B90F894146ACF8146CAE8CBBC4`, where the hash value was obtained by pulling upstream's zsh-web.git over an SSH remote and inspecting Arc/source.html in the resulting clone.
2018-09-21	d/upstream/signing-key.asc: Add the upstream signing key used since ↵	Daniel Shahaf	1	-0/+81
	5.5.1-test-1. As it happens, it's my key.
2017-06-22	Switch all http://www.zsh.org/ and http://www.debian.org/ URLs in packaging ↵	Axel Beckert	1	-1/+1
	to HTTPS
2016-12-04	Switch all http://sourceforge.net/ URLs in packaging to https://	Axel Beckert	1	-1/+1
	The fact that http://sourceforge.net/ redirects to https:// was reported by DUCK.
2015-11-28	debian/{watch,upstream/signing-key.asc}: Verify upstream GPG signatures	Axel Beckert	1	-0/+30
	GPG fingerprint source: http://www.zsh.org/mla/workers/2015/msg03129.html Committed key's fingerprint: pub 2048R/A71D9A9D4BDB27B3 2015-11-25 Key fingerprint = F7B2 754C 7DE2 8309 1466 1F0E A71D 9A9D 4BDB 27B3 uid [ unknown] Peter Stephenson <p.w.stephenson@ntlworld.com> sub 2048R/79A6EADC4C58D718 2015-11-25
2014-02-28	Add a debian/upstream/metadata file according to DEP-12	Axel Beckert	1	-0/+12