Skip to content
Commits on Feb 4, 2016
  1. @e2

    Merge pull request #160 from guard/e2-refactor-websocket

    e2 committed
    Refactor out HTTP layer from WebSocket + add specs
  2. @e2

    Refactor out HTTP layer from WebSocket + add specs

    e2 committed
    - HTTP content-type possibly fixed (livereload.js file)
    - WebSocket layer should now be easier to replace
    - missing socket/http/streaming specs added
  3. @e2

    Update README.md

    e2 committed
    Give @mikeycgto credits for discovering the vulnerability.
  4. @e2
  5. @e2

    Add and highlight security patch release

    e2 committed
    - also move the maintainer information and gitter badge
  6. @e2

    Merge pull request #158 from guard/fix_path_traversal_vulnerability

    e2 committed
    Prevent requesting arbitrary file paths via socket
  7. @e2

    Prevent requesting arbitrary file paths via socket

    e2 committed
    In certain situations, specially crafted HTTP GET requests on the
    livereload socket (default: 35729) may cause any user readable file to
    be sent over that socket.
    
    Temporarily in this patch, requests for readable files now result in 403
    HTTP error responses. The exception is of course the file
    './livereload.js'.
    
    Security vulnerability example:
    
    Accessing the socket on localhost:35729 and requesting:
    
      ./../../etc/passwd (note the single leading dot)
    
    to be expanded to "../../../etc/passwd", which may effectively serve the
    contents of /etc/passwd.
Commits on Oct 28, 2015
  1. @e2

    Merge pull request #154 from gitter-badger/gitter-badge

    e2 committed
    Add a Gitter chat badge to README.md
  2. @gitter-badger

    Add Gitter badge

    gitter-badger committed
Commits on Oct 27, 2015
  1. @jibiel

    Merge pull request #153 from guard/change_travis_jruby_version

    jibiel committed
    Switch JRuby versions on Travis
  2. @jibiel

    Bring on the SVG badges.

    jibiel committed
  3. @e2

    switch to JRuby head on Travis

    e2 committed
  4. @jibiel
  5. @jibiel

    Merge pull request #152 from guard/add_contributing_guide

    jibiel committed
    Add CONTRIBUTING.md [ci skip]
  6. @jibiel
  7. @e2

    remove 1.9.x from tests

    e2 committed
  8. @e2

    move to new Travis infrastructure

    e2 committed
Commits on Oct 26, 2015
  1. @e2

    add CONTRIBUTING.md [ci skip]

    e2 committed
  2. @e2

    Fixed Readme

    e2 committed
  3. @e2
  4. @e2

    Release 2.5.1

    e2 committed
  5. @e2

    Merge pull request #149 from guard/tmpfile_workaround

    e2 committed
    missing tmpfile workaround (#148)
  6. @e2

    missing tmpfile workaround (#148)

    e2 committed
Commits on Oct 20, 2015
  1. @e2

    Release 2.5.0

    e2 committed
Commits on Oct 19, 2015
  1. @e2

    Merge pull request #147 from guard/e2-js_erb_config

    e2 committed
    Allow customizing livereload.js with ERB
Commits on Oct 18, 2015
  1. @e2

    allow setting additionalWaitingTime in Guardfile

    e2 committed
    See issue #123 for more info about the workaround
  2. @e2
Commits on Oct 17, 2015
  1. @e2

    Merge pull request #141 from felixbuenemann/kqueue-support

    e2 committed
    Add Mac OS X kqueue support, silence epoll warning
  2. @e2
  3. @jibiel @e2
  4. @e2

    Merge pull request #146 from guard/template_specs

    e2 committed
    Rework Guardfile template rules + add specs
  5. @e2

    more robust asset rules + specs

    e2 committed
  6. @e2
  7. @e2

    add RuboCop gem in development

    e2 committed
Commits on Aug 27, 2015
  1. @felixbuenemann

    Add Mac OS X kqueue support, silence epoll warning

    felixbuenemann committed
    This enables epoll only if supported, to supress the warning
    `warning: epoll is not supported on this platform` in eventmachine
    1.0.8+ and enables kqueue if supported (BSD/Darwin).
Something went wrong with that request. Please try again.