# Handbook: ports with Subversion



## Atsuri (Oct 30, 2016)

If this the wrong forums section to discuss Handbook matters, please, feel free to remove this thread or relocate it someplace more suitable .

Today, I decided to have a look at different means of managing the Ports Collection locally. I already found ports-mgmt/poudriere, ports-mgmt/portmaster and ports-mgmt/synth. However, I wanted to give the SVN method a try.

Subversion is mentioned in both the Handbook and Wiki several times, however there seems to be some potential discrepancy:
4.5. Using the Ports Collection: Subversion Method 
5. Subversion Primer

I am specifically talking about these lines:

```
# svn checkout https://svn.FreeBSD.org/ports/head /usr/ports
% svn checkout svn+ssh://repo.freebsd.org/ports/head /usr/ports
```
Are those methods equivalent? I tried first the svn+ssh method and it failed, while doing a standard `svn checkout` on the SVN repository worked instantly. If there is an issue with either of the Handbook sections, I will file a proper PR .


----------



## chrbr (Oct 30, 2016)

The first method using https is for everybody to sync the local repository. The second method is for those who have the permission to commit. Therefore the first method is in the handbook and the second method in the comitters guide.


----------



## Atsuri (Oct 30, 2016)

chrbr said:


> The first method using https is for everybody to sync the local repository. The second method is for those who have the permission to commit. Therefore the first method is in the handbook and the second method in the comitters guide.


Makes sense why I was getting the "Connection closed unexpectedly" SSH error then. Case closed and thanks a lot for the feedback!


----------



## kpa (Oct 30, 2016)

Note that using the unencrypted svn and http methods do work for checkout without special committer access but shouldn't be used because you'll never be able to tell if someone is acting as a man-in-the-middle and feeding you false data. Use https always.


----------



## Atsuri (Oct 30, 2016)

kpa said:


> Note that using the unencrypted svn and http methods do work for checkout without special committer access but shouldn't be used because you'll never be able to tell if someone is acting as a man-in-the-middle and feeding you false data. Use https always.


I'll try to remember that, thank you . I think the Handbook also mentions to specifically use HTTPS for the reasons you highlighted (possible man-in-the-middle attacks).

I better get myself acquainted with SVN as there is some work on a new port I would like to do in the nearest future .


----------

