git - 无法下载依赖项

Question

当我输入命令 go build 时，我有一个项目，其中包含来自 bitbucket 上的私有(private)存储库的多个依赖项。我收到此错误

unrecognized import path "bitbucket.xxx.xx/xx/x" x509: certificate signed by unknown authority

我尝试了几种方法，例如添加 token

git config --global http.extraheader token

配置为 ssh

git config --global url."git@bitbucket.org:".insteadOf "https://bitbucket.org/"

但是它不起作用。

Answer 1

关于使用 HTTPS URL，请注意，HTTP 传输可能存在分配器/解除分配器不匹配的情况，这一点已在 Git 2.25(2020 年第一季度)中得到纠正。

因此，如果您使用 Git 2.24，http.extraheader 无论如何都不会工作。

参见commit 4d17fd2 (2019 年 11 月 6 日)作者:Johannes Schindelin (dscho) .
^{(由 Junio C Hamano -- gitster -- 于 commit bad5ed3 merge ，2019 年 12 月 1 日)}

remote-curl: unbreak http.extraHeader with custom allocators

^{Signed-off-by: Johannes Schindelin}

In 93b980e58f5 ("http: use xmalloc with cURL", 2019-08-15, Git v2.24.0-rc0 -- merge listed in batch #3), we started to ask cURL to use xmalloc(), and if compiled with nedmalloc, that means implicitly a different allocator than the system one.

Which means that all of cURL's allocations and releases now _need_ to use that allocator.

However, the http_options() function used slist_append() to add any configured extra HTTP header(s) _before_ asking cURL to use xmalloc(), and http_cleanup() would release them _afterwards_, i.e. in the presence of custom allocators, cURL would attempt to use the wrong allocator to release the memory.

A naïve attempt at fixing this would move the call to curl_global_init() _before_ the config is parsed (i.e. before that call to slist_append()).

However, that does not work, as we _also_ parse the config setting http.sslbackend and if found, call curl_global_sslset() which must be called before curl_global_init(), for details see: https://curl.haxx.se/libcurl/c/curl_global_sslset.html

So let's instead make the config parsing entirely independent from cURL's data structures. Incidentally, this deletes two more lines than it introduces, which is nice.

<小时/>

对于自签名证书，全局禁用 SSL 验证可能会被视为安全风险，应仅在测试时实现。

Referencing the self-signed certificate by GIT_SSL_CAINFO更安全。