Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #4 from chorn/gem_signing

Add gem signing and checksums
  • Loading branch information...
commit 917c134cfcbf669e4b667a5d7ef1f88cd6442bb0 2 parents e2343a8 + 0b5b706
@chorn authored
View
38 Gemfile.lock
@@ -1,7 +1,7 @@
PATH
remote: .
specs:
- nameable (1.1.0)
+ nameable (1.1.1)
GEM
remote: https://rubygems.org/
@@ -61,19 +61,19 @@ GEM
rb-fsevent (0.9.5)
rb-inotify (0.9.5)
ffi (>= 0.5.0)
- rspec (3.2.0)
- rspec-core (~> 3.2.0)
- rspec-expectations (~> 3.2.0)
- rspec-mocks (~> 3.2.0)
- rspec-core (3.2.3)
- rspec-support (~> 3.2.0)
- rspec-expectations (3.2.1)
+ rspec (3.3.0)
+ rspec-core (~> 3.3.0)
+ rspec-expectations (~> 3.3.0)
+ rspec-mocks (~> 3.3.0)
+ rspec-core (3.3.1)
+ rspec-support (~> 3.3.0)
+ rspec-expectations (3.3.0)
diff-lcs (>= 1.2.0, < 2.0)
- rspec-support (~> 3.2.0)
- rspec-mocks (3.2.1)
+ rspec-support (~> 3.3.0)
+ rspec-mocks (3.3.1)
diff-lcs (>= 1.2.0, < 2.0)
- rspec-support (~> 3.2.0)
- rspec-support (3.2.2)
+ rspec-support (~> 3.3.0)
+ rspec-support (3.3.0)
shellany (0.0.1)
simplecov (0.10.0)
docile (~> 1.1.0)
@@ -92,11 +92,11 @@ PLATFORMS
ruby
DEPENDENCIES
- bundler (~> 1.6, >= 1.6.2)
- codeclimate-test-reporter (~> 0.4.7)
- guard (~> 2.12.6)
- guard-bundler (~> 2.1.0)
- guard-rspec (~> 4.5.2)
+ bundler (~> 1.6)
+ codeclimate-test-reporter (~> 0.4)
+ guard (~> 2.12)
+ guard-bundler (~> 2.1)
+ guard-rspec (~> 4.5)
nameable!
- rake (~> 10.4.2)
- rspec (~> 3.2.0)
+ rake (~> 10.4)
+ rspec (~> 3.3)
View
15 README.md
@@ -29,7 +29,7 @@ puts Nameable('chris horn, iii')
puts Nameable.parse('chris horn, iii')
#=> #<Nameable::Latin:0x007f8470e01b08 @first="Chris", @last="Horn", @middle=nil, @prefix=nil, @suffix="III.">
```
-Using a database of first names from the U.S. Social Security Administration, Nameable will make a guess at the gender of a name.
+Using a database of first names from the U.S. Social Security Administration, Nameable will pick the most likely gender for a name.
```ruby
Nameable::Latin.new('Chris').gender
@@ -37,7 +37,7 @@ Nameable::Latin.new('Chris').gender
Nameable::Latin.new('Janine').female?
#=> true
```
-Using a database of last names from the U.S. Census, Nameable will return the ethnicity breakdown as a Hash.
+Using a database of last names from the U.S. Census, Nameable will return the ethnicity breakdown as a Hash.
```ruby
Nameable::Latin.new('Chris', 'Horn').ethnicity
#=> {:rank=>593, :count=>51380, :percent_white=>86.75, :percent_black=>8.31, :percent_asian_pacific_islander=>0.84, :percent_american_indian_alaska_native=>1.16, :percent_two_or_more_races=>1.46, :percent_hispanic=>1.48}
@@ -51,6 +51,15 @@ I've included a little web service, which should be installed as "nameable_web_s
By inspiration, I should really say "other projects from which I yanked their code, ideas, examples and data." At worst I'll make sure the other projects I looked at and borrowed from are credited here.
+# Security
+
+As of version `1.1.1`., the nameable gem is cryptographically signed. To be sure the gem you install hasn’t been tampered with, add my public key as a trusted certificate, and verify that nameable and any dependencies it has are also signed:
+
+```
+gem cert --add <(curl -Ls https://raw.github.com/chorn/nameable/master/certs/chorn.pem)
+gem install nameable -P HighSecurity
+```
+
# References
* [Open Refine](http://openrefine.org/) formerly [Google Refine](https://code.google.com/p/google-refine/)
@@ -66,6 +75,8 @@ Thus far I've gone long stretches where this project did exactly what I needed i
The first time an instance of Nameable uses the gender method, the database of first names shipped with the gem will be parsed. The same is true for the last name data which is quite a bit larger. They aren't huge, and it only happens the first time, which is why I opted to leave the data in the gem, and not split it up into a different thing. If you hate that more than you hate gems that require extra steps to be useable let me know.
+I don't like that the Ethnicity data is just a Hash.
+
Oh, and github, pull request, workflow, yada yada.
-chorn
View
13 Rakefile
@@ -1,2 +1,13 @@
-require "bundler/gem_tasks"
+require 'bundler/gem_tasks'
+require 'digest/sha2'
+
+task default: %w[build]
+
+desc "Update checksums for gems in ./pkg"
+task :checksums do
+ Dir.glob('pkg/*.gem').each do |gem|
+ checksum = Digest::SHA512.new.hexdigest(File.read(gem))
+ File.open("#{gem.gsub(/pkg/, 'checksums')}.sha512", 'w' ) {|f| f.write(checksum) }
+ end
+end
View
55 certs/chorn.pem
@@ -0,0 +1,55 @@
+-----BEGIN CERTIFICATE-----
+MIIJvjCCBaagAwIBAgIJAM/4MvGHp6qBMA0GCSqGSIb3DQEBDQUAMDoxHjAcBgkq
+hkiG9w0BCQEWD2Nob3JuQGNob3JuLmNvbTEYMBYGA1UEAwwPY2hvcm5AY2hvcm4u
+Y29tMB4XDTE1MDYxOTExMzIyNVoXDTIwMDYxNzExMzIyNVowOjEeMBwGCSqGSIb3
+DQEJARYPY2hvcm5AY2hvcm4uY29tMRgwFgYDVQQDDA9jaG9ybkBjaG9ybi5jb20w
+ggQiMA0GCSqGSIb3DQEBAQUAA4IEDwAwggQKAoIEAQCrmvCKjihyb0/wGp6xds1M
+PII8KrtYztDRFD5kmJioqBt/8VcjrLqgCPKzafCY/ztLoRq7Zegjeer/QS7mUJGL
+EIG8hMSsA80y1+jCa0TmIbpRic9Y5RQoA0SiKGBqZ1j0rbhP5ZbQXxE6IG9aSxRU
+WTeSiGfcxWOG+as0L1qBrpuS9wXGenwsudLNouCY0ekRhOyQr3g+9U/dJqkb5ucg
+Mj9OyYQFPLnbml4SoTVy7KcbuuzEyPcaf+Zc688if5Bc3yQddnQfmbINhuQuqk/f
+EXOFarN1jZLN04mqjOYa9vR0W+AxEtrYLaTD1+ILoJzFhlO5NCTBMxSVNxlt95sY
+opEabhgZolrUA653mnAvNq7HEnbdH4iSUEHtSD1e0goGhaRmh7NmJPR3jQgj4dox
+L+FlE2MF4SW0lP74438BO29ClenGnPNgYWFuV0rSjmyTIMKkFHYP43VsNGVUv3zh
+JH6uqkXQvjEPWYqC42noEmpga1xxRKUizj90gzFtBXtOYi2AX2/RvpiPI2wabFoC
+s2QByquD0f8oXj60e1MLDXm7i0qImCLzzWyjXqTmM+7pdRBFYOmD4MiOKViZsdfs
+fTfv+bJxjLIyGg1igA0+T3A9Jhfr7nuBlt3u5rsTC6DthXpxReCsn/3fmzKOKE08
+jODSjhS2kVQUux2j1HF1/3ldicqvCttxpzvbooEGhN7TzHzj/nTnovg9wG6zmhUh
+8tmf4KO+4/JesXO2bsF5C/pUBO0w2sfut/vuQkI9vEXLoNENHfrTeRjB+NxjoIUX
+t0LcXqB+KiGvfUbhBUv7qoh/hJdU1zyw0EKh/UEUpddIhMkrS3ULoklaR9fwN8kH
+q+aAghO3djRFzQ5u3twHIeYsb+OR1gx+Wc0PhzSn93VQ5RCzfzPJz9YzFqiKktbl
+In554mvExkppc6H1VBDFehRopuKmuWVthgQZ24CbKjoXfa6hbYYsCDipzXw1O5DO
+8uPnzdPgh+KfCdUk8DNL9lmS0XrhE0aTRbj3JM+vAEjNT2+LjVIXVFj11o/zVMQx
+pedoKT1xYkIkKpKS51vPrjrrtlBwWL8Om6TdEEy7ygNEA1yk4C5uuZSQYgZ06jku
+9EF1vdawhzYF4sKnpO8XDf6xQzwDYRpX3f/Kj9PJNmyXisVqTH2Twdu6u2ZNtqrR
+6AYhUYjlHjtrt2qnAYWJt6ZqxbkXY0oJDPxfdg8WX5py4LjJSh/6cTmxuMHqEhbX
+aGZoH0va6h9KJIHFKmZzSePzPJO+qBp7tp6sqiOOpk8FlmS1UGzyYpQb8TmJiIKS
+0oehp9o4qppe6Lwlhrz883ZGGhkrloHsZGY08l2yURQa7yLJ4dRq/Afvfdf58mFJ
+AgMBAAGjgcYwgcMwHQYDVR0OBBYEFKK4azQaN8q8i/8LxqEf+gl0LAbAMGoGA1Ud
+IwRjMGGAFKK4azQaN8q8i/8LxqEf+gl0LAbAoT6kPDA6MR4wHAYJKoZIhvcNAQkB
+Fg9jaG9ybkBjaG9ybi5jb20xGDAWBgNVBAMMD2Nob3JuQGNob3JuLmNvbYIJAM/4
+MvGHp6qBMBoGA1UdEQQTMBGBD2Nob3JuQGNob3JuLmNvbTAaBgNVHRIEEzARgQ9j
+aG9ybkBjaG9ybi5jb20wDQYJKoZIhvcNAQENBQADggQBAAefdXGzhwlB9qY0MqTl
+TLSI4NlqnJjmlZuL/bk/s49CMXWUvkk8km1DeY2mJLGPSimhJIp0sylJ2DlrsQ4T
+C8gyd9ypjeeTaCs18t1FbwSUBoV5k5ci+ivR9rK7CFJQSLIX0rNlsj5j2JC3HvYG
+MvVZQNfKWqdyXuNgemAUuCOg4Y+fuv2COQyr72pOwAKFWaIzRb9q6tr9Ipr/s4Gb
+3qVe/JRbnZME3qhBr8YyorSH9aoOINZWMtquIs6thqNKXaxnIGij23Yc2ICumyuW
+wf27XD6/YedONg9S7I/ruGWJGy80FvaOj0BTZR5qghmcCvffiArziqEdoM9qBhUw
+1Aw1sxDG/VFSAJRp1f2zvWtXwaDnEDKjIAtjYCFjoTUKcztl0Di7+M5uGw2MKGbI
+M9rjRh6rLZsgjIE+R3ppYwI503xlBiRoyuQFO6P9S2D0toxwvfkO+byPVvz4vxnQ
+e9XfmSQqDIQVNkie1AaXHnNJRVNgi4MDmBKvwmKPWbPEN/4g1noO+ELDknINpoeo
+AV0QU1YyumtpRVhKu3tuiYJifdtyihBVzb8n/4AYLcIXuPhlRgUBqPNSOlC2H2/+
+h9Bu4VYZwOqYKVjJADz2thbAxQEW3e5GitVukOL5ZPJxMqCcRap/R8tlORKNiyQJ
+YfJQ9Go4pvS82cwql9NEt5cyaVU5JWJCRRUlsCwYWv/hGkbjjDafCVa+ITw0sKbq
+DvDiFKtFeZhLYI3VDS5kkrI1SeDoDX16DSCn0ECuMueWvmLkBzz5J4bjpHy+UCEr
+nye3JA2O20TEScLDh/zeJixfHbjTzA+vEC047/Lh7dtRTUemk4K2JXWHFBveB4Se
+rvvasIn7cygUq0MfhtNJd2wGYXMxWyT3LJvISqp+NP65tjna6zkpmZNnOpCEdq8x
+U59ydjqtevg9cZIco0tiTzGrBrcy7xnVWQKt+hbsV702V02Nx7gG4ihLRMIdAjtL
+nnnm3d3shuIrTfRG4YwBiYdJlT0X92geAtQbq5OPrT/27DBV6h3YydBoozkVEaZp
+Bvbz27URCmOw2e4psQctUBuVrTPirjqEwOql/SqqJsMIdWQ6oXLy235iuGzDgx+p
+Fi8s5azIOjbjFnc4OBols94L3oZxyIf+lUXgNBcvQ1wbWBlo+V1hyRWLSvLPLAtr
+3eeuQZ5HTqTSZSaMKfFrH10hG06h7Zla7oYxSn0GJsgu/aI1STGFHenjNeNRyFb4
+Qcofa1uD1LTI/r7EKL1I25n6eiABGw0KNDvow/ZtP9Kmx2QobEsWUbPfvkX1ogdj
+plBjPb1jywhCxKfdcYv+f4er+X1AnUyoYNi7EiifiNys7nmVG4+aFEZyUULPrB2g
+bHE=
+-----END CERTIFICATE-----
View
1  checksums/nameable-1.1.0.gem.sha512
@@ -0,0 +1 @@
+294b882dbf36a5eadb5f9ee1e22262d403024e8c1263f22a0af84e9402e9b0236b0e6bb022342ae95e8e384389c64ed22d057f3f8c1e077ff313cf4f93ec5f23
View
1  checksums/nameable-1.1.1.gem.sha512
@@ -0,0 +1 @@
+3da59e4a80b73488ec9745fcb9ca31b08db3e603df7b1ac0c572c4740f29b703563e47b3fff879a9e1cd5f103fcbf2883c8cfa146193924e0d351c7fe719ce38
View
2  lib/nameable/version.rb
@@ -1,3 +1,3 @@
module Nameable
- VERSION = "1.1.0"
+ VERSION = "1.1.1"
end
View
14 nameable.gemspec
@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
spec.authors = ['Chris Horn']
spec.email = ['chorn@chorn.com']
spec.summary = 'Parse names into components.'
- spec.description = 'A library that provides parsing and output of person names.'
+ spec.description = 'A library that provides parsing and output of person names, as well as Gender & Ethnicity matching.'
spec.homepage = 'https://github.com/chorn/nameable'
spec.license = 'MIT'
@@ -18,11 +18,17 @@ Gem::Specification.new do |spec|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
spec.require_paths = ["lib"]
- spec.add_development_dependency 'bundler', '~> 1.6', '>= 1.6.2'
+ signing_key = File.expand_path("~/.certs/chorn@chorn.com-rubygems.key")
+ if File.file?(signing_key)
+ spec.signing_key = signing_key
+ spec.cert_chain = ['certs/chorn.pem']
+ end
+
+ spec.add_development_dependency 'bundler', '~> 1.6'
spec.add_development_dependency 'codeclimate-test-reporter', '~> 0.4'
- spec.add_development_dependency 'guard', '~> 2.12', '>= 2.12.6'
+ spec.add_development_dependency 'guard', '~> 2.12'
spec.add_development_dependency 'guard-bundler', '~> 2.1'
spec.add_development_dependency 'guard-rspec', '~> 4.5'
spec.add_development_dependency 'rake', '~> 10.4'
- spec.add_development_dependency 'rspec', '~> 3.2'
+ spec.add_development_dependency 'rspec', '~> 3.3'
end
Please sign in to comment.
Something went wrong with that request. Please try again.