From 9af42c27e806779db32757533625651bb49a3f63 Mon Sep 17 00:00:00 2001
From: Devesh Kumar Singh <deveshkusingh@gmail.com>
Date: Tue, 31 Mar 2020 20:34:21 +0530
Subject: [PATCH] Clarification on removed urls

---
 docs/html/reference/pip_install.rst | 12 ++++++++----
 news/1983.doc                       |  3 ++-
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/docs/html/reference/pip_install.rst b/docs/html/reference/pip_install.rst
index 6600693ca..7b0cebbac 100644
--- a/docs/html/reference/pip_install.rst
+++ b/docs/html/reference/pip_install.rst
@@ -402,9 +402,13 @@ Git
 ^^^
 
 pip currently supports cloning over ``git``, ``git+http``, ``git+https``,
-``git+ssh``, ``git+git`` and ``git+file``,  but note that the ``git``, ``git+git``,
-and ``git+http`` are not recommended due to their lack of security.
-(The former two uses `the Git Protocol.`_)
+``git+ssh``, ``git+git`` and ``git+file``.
+
+.. warning::
+
+    Note that the ``git``, ``git+git``,and ``git+http`` are not recommended.
+    (The former two use `the Git Protocol`_, which lacks authentication, and HTTP is
+    insecure due to lack of TLS based encryption)
 
 Here are the supported forms::
 
@@ -424,7 +428,7 @@ When passing a commit hash, specifying a full hash is preferable to a partial
 hash because a full hash allows pip to operate more efficiently (e.g. by
 making fewer network calls).
 
-.. _`the Git Protocol.`: https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols
+.. _`the Git Protocol`: https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols
 
 Mercurial
 ^^^^^^^^^
diff --git a/news/1983.doc b/news/1983.doc
index 58b85ac1f..9766ebb57 100644
--- a/news/1983.doc
+++ b/news/1983.doc
@@ -1 +1,2 @@
-Remove VCS URLs pertaining to the Git protocol from docs
+Emphasize that VCS URLs using git, git+git and git+http are insecure due to
+lack of authentication and encryption