github / safegem

GitHub's safe gem eval web service

This URL has Read+Write access

Regenerated gemspec for version 0.2.10
mojombo (author)
Wed Apr 08 17:36:18 -0700 2009
commit  ab9eb57a51ccd96f5f311201e577877430306a7f
tree    29926ec262d2f50d610a807f373f0f00da99fe27
parent  3b6940100eb6a4a9356f1a0cb3ce8d52fef569a3
name age
history
message
file .gitignore Tue Feb 10 20:28:43 -0800 2009 add safegem binary to gemspec and make it execu... [mojombo]
file README Sun Mar 29 20:46:09 -0700 2009 update readme [mojombo]
file Rakefile Wed Apr 01 14:45:04 -0700 2009 oops, wrong sinatra dep version [mojombo]
file VERSION.yml Wed Apr 08 17:36:15 -0700 2009 Version bump to 0.2.10 [mojombo]
directory bin/ Wed Apr 08 17:35:40 -0700 2009 re-enable cleanup [mojombo]
directory lib/ Sat Mar 28 23:35:38 -0700 2009 part of the two-phase gem build process now [mojombo]
file safegem.gemspec Wed Apr 08 17:36:18 -0700 2009 Regenerated gemspec for version 0.2.10 [mojombo]
directory test/ Sat Mar 28 18:09:45 -0700 2009 cleanup and sinatra 0.9.1.1 compatibility [mojombo]
README
SafeGem: GitHub's Safe Gem Eval Web Service
-------------------------------------------

Help make GitHub's gem build process more secure and robust!

SafeGem is a Sinatra app that safely converts Ruby gemspecs into YAML gemspecs.

It works as follows:

1) Receives a request with the repo location and the ruby gemspec
2) Returns immediately and schedules the following via EM.defer:

1) Makes a shallow clone of the repo and chdir's to that repo
2) Evals the spec in a separate thread with a higher $SAFE level
3) Converts spec to YAML
4) Posts the YAML to the specified callback

Goals
-----
* Lower the $SAFE level to allow methods like Dir.glob, but without compromising security.