mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-25 03:05:34 +00:00
9e795ff565
Previously, we were downloading tooltool.py from random servers. Considering tooltool.py is used to secure the download of future components, downloading tooltool.py from potentially 3rd party services was a major lapse in our end-to-end security, as a compromised tooltool.py wouldn't honor integrity checks. This commit copies the already vendored copy of tooltool.py into the mozharness directory. A copy needs to be in the mozharness directory because then a copy of mozharness without access to a source checkout will have access to it. We modify the code in mozharness that fetches tooltool to use the copy from mozharness (unless `mach artifact toolchain` is available). Since a copy of tooltool.py is always reliably available, we can remove all config entries related to tooltool.py. MozReview-Commit-ID: C7ls1xWrPMq --HG-- rename : python/mozbuild/mozbuild/action/tooltool.py => testing/mozharness/external_tools/tooltool.py extra : rebase_source : d7b48d837805f9312c97b6e21c6527cc5f5018dc |
||
|---|---|---|
| .. | ||
| tooltool-manifests | ||
| android-aarch64.py | ||
| android-arm.py | ||
| android-x86.py | ||
| linux32.py | ||
| linux64.py | ||
| macosx64.py | ||
| win32.py | ||
| win64.py | ||