DMD downloads over HTTPS

Seb seb at
Thu Sep 26 22:51:32 UTC 2019

On Thursday, 26 September 2019 at 20:06:20 UTC, WebFreak001 wrote:
> hi, at the setup-dlang repository (GitHub Action for installing 
> D in their CI environment) we are having a discussion about 
> downloading DMD over HTTP could lead to MITM attacks. However 
> doesn't seem to have HTTPS available at all.
> Is there some possibility to add HTTPS support to 
> to make sure the downloads function 
> properly? GnuPG isn't listed on the installed binaries in a 
> GitHub Actions environment so it can't be called to check using 
> the provided keyring (which would need to be updated every once 
> in a while too)
> See the discussion at 

It's possible to access it directly, e.g.

Though this might break if the bucket gets moved to a different 
region or if there would ever be switch to a different platform.

More information about the Digitalmars-d mailing list