You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now, the current implementation uses StrictHostKeyChecking=no to prevent interactive warning messages about unknown keys / authenticity from preventing the build process. However, this is not ideal, as we should try to check the validity of the host's public key during SSH connection setup (e.g. during calls to npm install git+ssh:...).
We should close this issue with a PR that uses one of the approaches outlined here to facilitate better security.
The text was updated successfully, but these errors were encountered:
Right now, the current implementation uses
StrictHostKeyChecking=noto prevent interactive warning messages about unknown keys / authenticity from preventing the build process. However, this is not ideal, as we should try to check the validity of the host's public key during SSH connection setup (e.g. during calls tonpm install git+ssh:...).We should close this issue with a PR that uses one of the approaches outlined here to facilitate better security.
The text was updated successfully, but these errors were encountered: