From 15f751cc74aba721831bd141412007610ed0bd1d Mon Sep 17 00:00:00 2001
From: Austin Rovinski <rovinski@users.noreply.github.com>
Date: Sun, 8 Sep 2024 14:43:42 -0400
Subject: [PATCH] Add warning to -nocert option

Signed-off-by: Austin Rovinski <rovinski@users.noreply.github.com>
---
 etc/DependencyInstaller.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/etc/DependencyInstaller.sh b/etc/DependencyInstaller.sh
index 47756712023..4fdc48399b4 100755
--- a/etc/DependencyInstaller.sh
+++ b/etc/DependencyInstaller.sh
@@ -721,6 +721,10 @@ Usage: $0
                                 # Installs dependencies required to run CI
        $0 -nocert
                                 # Disable certificate checks
+                                #    WARNING: Do not use without a good reason,
+                                #    like working around a firewall. This opens
+                                #    vulnerability to man-in-the-middle (MITM)
+                                #    attacks.
 
 EOF
     exit "${1:-1}"
@@ -784,6 +788,9 @@ while [ "$#" -gt 0 ]; do
             export PREFIX="$(realpath $(echo $1 | sed -e 's/^[^=]*=//g'))"
             ;;
         -nocert)
+            echo "WARNING: security certificates for downloaded packages will not be checked. Do not use" >&2
+            echo "         -nocert without a good reason, like working around a firewall. This opens" >&2
+            echo "         vulnerability to man-in-the-middle (MITM) attacks." >&2
             shopt -s expand_aliases
             alias wget="wget --no-check-certificate"
             export GIT_SSL_NO_VERIFY=true