Our usage of `curl` could be vulnerable to protocol downgrade attacks. This
change updates most of our usage of curl--especially when fetching executable
resources--with the following command-line flags:
* `--proto '=https'` forces use of HTTPS. This ensures that dropping `https://`
from a URL will cause the command to fail instead of reverting to use
unsecured HTTP.
* `--tlsv1.2` disables the use of older TLS versions.
* `-f|--fail` ensures that curl does not output anything to stdout when a
non-2xx response is received.
* `-S|--show-error` causes errors to be printed to stderr (when `-s|--silent`
is used).
Related to linkerd/linkerd2#7593
Signed-off-by: Oliver Gould <ver@buoyant.io>
* Move some pages out of versioned dirs and into the content root
- FAQ
- Release Channels
- Design Principles
- Going to Production
Also unified sidebar partial for 2.* docs
Oliver Gould