This repository has been archived by the owner on Nov 1, 2017. It is now read-only.
github/safegem
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
NOTE: This repository is no longer supported or updated by GitHub. If you wish to continue to develop this code yourself, we recommend you fork it. SafeGem: GitHub's Safe Gem Eval Web Service ------------------------------------------- Help make GitHub's gem build process more secure and robust! SafeGem is a Sinatra app that safely converts Ruby gemspecs into YAML gemspecs. It works as follows: 1) Receives a request with the repo location and the ruby gemspec 2) Returns immediately and schedules the following via EM.defer: 1) Makes a shallow clone of the repo and chdir's to that repo 2) Evals the spec in a separate thread with a higher $SAFE level 3) Converts spec to YAML 4) Posts the YAML to the specified callback Goals ----- * Lower the $SAFE level to allow methods like Dir.glob, but without compromising security.
About
GitHub's safe gem eval web service
Resources
Code of conduct
Security policy
Stars
Watchers
Forks
Packages 0
No packages published