I wrote a little patch to enable the user to setup a default cert chain
and signing key so I don't have to have a separate gemspec to be
published in my repositories after creating a signed gem. Also I added
options to the build command to override, or just set cert chain and
signing key for a single build process.
It would be nice to see this included, if you have any comments or
suggestions, just send me a mail. Cryptographic keys can be found at
Alexander E. Fischer
Allow user to set a default cert_chain and signing key in .gemrc. Als…
…o added command line options for build to override the signing_key and cert_chain set in the gemspec
Merge branch 'master' of firstname.lastname@example.org:aef/rubygems
Merge branch 'master' of https://github.com/rubygems/rubygems
Sources command now ignores duplicate entries instead of adding them
You can have OptionParser do the work of making an Array for you, change this to:
add_option('-C', '--certificate-chain CERT[,CERT]', Array,
And you can drop value.split(',') below
I like the addition of -C and -K to gem build.
You can let OptionParser do the work of splitting the values, see my note.
OptionParser does not wrap lines for you, so the descriptions should be wrapped.
I don't see any tests for -C and -K. Can you write some or would you like help?
You seem to have mixed a second change into this request, please provide separate patches for separate releases.
Yes, I will change the things you mentioned. I already tried testing my work, but there seems to be no test about the gem signing process. The most problems I had are related to creating a Security::Policy for testing, using a trust directory inside the temporary test structure. Somehow the created keypairs aren't accepted as trusted. I will upload my current works soon, so maybe you can help.
This appears dead, I'm going to close it. Please reopen if resurrected.