1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

[rubygems/rubygems] Fix possible malicious website to example.com

example.com is the canonical stand in for domain examples and will never have a backing website.

via https://www.rfc-editor.org/rfc/rfc2606.html

https://github.com/rubygems/rubygems/commit/26622c81c2
This commit is contained in:
fiveNinePlusR 2021-09-17 09:41:05 -07:00 committed by Hiroshi SHIBATA
parent cd2e6318f6
commit 105e037fe8
2 changed files with 2 additions and 2 deletions

View file

@ -16,7 +16,7 @@ Gem::Specification.new do |spec|
<%- end -%> <%- end -%>
spec.required_ruby_version = ">= <%= config[:required_ruby_version] %>" spec.required_ruby_version = ">= <%= config[:required_ruby_version] %>"
spec.metadata["allowed_push_host"] = "TODO: Set to 'https://mygemserver.com'" spec.metadata["allowed_push_host"] = "TODO: Set to your gem server 'https://example.com'"
spec.metadata["homepage_uri"] = spec.homepage spec.metadata["homepage_uri"] = spec.homepage
spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here." spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."

View file

@ -563,7 +563,7 @@ RSpec.describe "bundle gem" do
bundle "gem #{gem_name}" bundle "gem #{gem_name}"
expect(generated_gemspec.metadata["allowed_push_host"]). expect(generated_gemspec.metadata["allowed_push_host"]).
to match(/mygemserver\.com/) to match(/example\.com/)
end end
it "sets a minimum ruby version" do it "sets a minimum ruby version" do