homebrew-core
homebrew-core copied to clipboard
Homebrew
bzt: depend on pyyaml and cython
- [ ] Have you followed the guidelines for contributing?
- [ ] Have you ensured that your commits follow the commit style guide?
- [ ] Have you checked that there aren't other open pull requests for the same formula update/change?
- [ ] Have you built your formula locally with
brew install --build-from-source <formula>, where<formula>is the name of the formula you're submitting? - [ ] Is your test running fine
brew test <formula>, where<formula>is the name of the formula you're submitting? - [ ] Does your build pass
brew audit --strict <formula>(after doingbrew install --build-from-source <formula>)? If this is a new formula, does it passbrew audit --new <formula>?
This is the second time in a row that I've gotten the error message Error: The homepage URL https://gettaurus.org/ is not reachable when running brew audit, only on the Linux CI worker. Coincidence, or something more? Should I try running it again?
That's three times in a row. This can't be just a coincidence. Does anyone know what's going on here?
That's very weird that it's failing only on Linux. We should check if it fails locally in Docker or only in CI.
Does it use TLS 1.3 only? Because that might be the reason it won't work on Linux
Does it use TLS 1.3 only? Because that might be the reason it won't work on Linux
$ nmap --script ssl-enum-ciphers -p 443 gettaurus.org
Starting Nmap 7.93 ( https://nmap.org ) at 2022-10-05 12:36 CEST
Nmap scan report for gettaurus.org (34.67.81.175)
Host is up (0.12s latency).
rDNS record for 34.67.81.175: 175.81.67.34.bc.googleusercontent.com
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ecdh_x25519) - A
| compressors:
| NULL
| cipher preference: server
|_ least strength: A
Nmap done: 1 IP address (1 host up) scanned in 5.14 seconds
Looks to me like it uses TLS 1.2 only.
Looks like there is something off about site's SSL cert:
$ /usr/bin/curl -v https://gettaurus.org/
* Trying 34.67.81.175:443...
* Connected to gettaurus.org (34.67.81.175) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Not sure reason. The server does have an incomplete certificate chain.
