I have a new version of Package Control I am hoping to push out soon that resolves potential MITM attacks that can affect users with automatic updates turned on. There are a number of little fixes for various bugs, but the big thing is that the main channel now runs over HTTPS and the plugin actually authenticates SSL certificates.
Since a bug in running automatic updates will prevent me from updating Package Control to fix itself, I need to be fairly sure there are no such bugs in the next version, or there could be many thousands of sad developers.
If you can, please take a few minutes and help out with testing. If you run the “Add Repository” command from the command palette, you can add the following repository: sublime.wbond.net/testing/packages.json
To test, please:
-
Run the Upgrade Package command from the command palette to get the latest version of Package Control
-
Trying installing and removing a few packages, ideally at least one from GitHub and one from BitBucket - see wbond.net/sublime_packages/community to find packages on the different hosting sites
-
Try removing a package
-
Check your console (ctrl+`) for errors and paste any backtraces you see
Thanks!