diff --git a/.github/workflows/pages-gem.yml b/.github/workflows/pages-gem.yml
index 4f75e2b..6a619b0 100644
--- a/.github/workflows/pages-gem.yml
+++ b/.github/workflows/pages-gem.yml
@@ -14,9 +14,9 @@ jobs:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Ruby
- uses: ruby/setup-ruby@52753b7da854d5c07df37391a986c76ab4615999 # v1.191.0
+ uses: ruby/setup-ruby@472790540115ce5bd69d399a020189a8c87d641f # v1.247.0
with:
- ruby-version: '3.2'
+ ruby-version: '3.3'
- name: Build gem
run: |
gem build github-pages-health-check.gemspec
diff --git a/.github/workflows/push-cibuild.yml b/.github/workflows/push-cibuild.yml
index daf389c..012ae55 100644
--- a/.github/workflows/push-cibuild.yml
+++ b/.github/workflows/push-cibuild.yml
@@ -10,9 +10,9 @@ jobs:
fail-fast: false
matrix:
ruby:
- - '3.0'
- '3.1'
- '3.2'
+ - '3.3'
steps:
- uses: actions/checkout@master
- name: script/cibuild-docker
diff --git a/.ruby-version b/.ruby-version
index a3ec5a4..eb39e53 100644
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-3.2
+3.3
diff --git a/github-pages-health-check.gemspec b/github-pages-health-check.gemspec
index fcb2dcb..974d51a 100644
--- a/github-pages-health-check.gemspec
+++ b/github-pages-health-check.gemspec
@@ -16,7 +16,7 @@ Gem::Specification.new do |s|
s.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
s.require_paths = ["lib"]
- s.add_dependency("addressable", "~> 2.3")
+ s.add_dependency("addressable", "~> 2.8.7")
s.add_dependency("dnsruby", "~> 1.60")
s.add_dependency("octokit", ">= 4", "< 10")
s.add_dependency("public_suffix", ">= 3.0", "< 7.0")
diff --git a/lib/github-pages-health-check/domain.rb b/lib/github-pages-health-check/domain.rb
index b5a79f1..03d6a1f 100644
--- a/lib/github-pages-health-check/domain.rb
+++ b/lib/github-pages-health-check/domain.rb
@@ -1,5 +1,7 @@
# frozen_string_literal: true
+require "securerandom"
+
module GitHubPages
module HealthCheck
class Domain < Checkable
@@ -442,6 +444,40 @@ def served_by_pages?
end
end
+ def parent_domain
+ parsed = PublicSuffix.parse(host)
+ parent = host.split(".", 2).last
+ if parent == parsed.tld
+ return nil
+ end
+
+ parent
+ rescue PublicSuffix::DomainNotAllowed
+ nil
+ end
+
+ def maybe_wildcard?
+ return @maybe_wildcard if defined? @maybe_wildcard
+ return false unless dns_resolves?
+ return false unless parent_domain
+
+ sibling_domain = SecureRandom.alphanumeric(20) + "." + parent_domain
+
+ @maybe_wildcard = begin
+ wildcard_resolver = GitHubPages::HealthCheck::Resolver.new(sibling_domain, :nameservers => nameservers)
+
+ [Dnsruby::Types::A, Dnsruby::Types::AAAA].any? do |record_type|
+ wildcard_resolver.query(record_type).any? do |record|
+ record.respond_to?(:address) && github_pages_ip?(record.address)
+ end
+ end
+ end
+ end
+
+ def wildcard_warning
+ Errors::WildcardRecordError.new :domain => self, :parent_domain => parent_domain if maybe_wildcard?
+ end
+
def uri(overrides = {})
options = { :host => host, :scheme => scheme, :path => "/" }
options = options.merge(overrides)
diff --git a/lib/github-pages-health-check/errors/wildcard_record_error.rb b/lib/github-pages-health-check/errors/wildcard_record_error.rb
new file mode 100644
index 0000000..b6e012c
--- /dev/null
+++ b/lib/github-pages-health-check/errors/wildcard_record_error.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module GitHubPages
+ module HealthCheck
+ module Errors
+ class WildcardRecordError < GitHubPages::HealthCheck::Error
+ DOCUMENTATION_PATH = "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages/"
+
+ attr_reader :parent_domain
+
+ def initialize(repository: nil, domain: nil, parent_domain: nil)
+ super(:repository => repository, :domain => domain)
+ @parent_domain = parent_domain
+ end
+
+ def message
+ <<-MSG
+ The DNS record for your domain appears to be *.#{parent_domain}, a wildcard record.
+ Your GitHub Pages site will still work, but unless you verify ownership of #{parent_domain},
+ any GitHub Pages user can serve their content from an arbitrary subdomain of it.
+ MSG
+ end
+ end
+ end
+ end
+end
diff --git a/lib/github-pages-health-check/resolver.rb b/lib/github-pages-health-check/resolver.rb
index 9d161d7..5f590da 100644
--- a/lib/github-pages-health-check/resolver.rb
+++ b/lib/github-pages-health-check/resolver.rb
@@ -43,15 +43,15 @@ def resolver
self.class.default_resolver
when :authoritative
Dnsruby::Resolver.new(DEFAULT_RESOLVER_OPTIONS.merge(
- :nameservers => authoritative_nameservers
+ :nameserver => authoritative_nameservers
))
when :public
Dnsruby::Resolver.new(DEFAULT_RESOLVER_OPTIONS.merge(
- :nameservers => PUBLIC_NAMESERVERS
+ :nameserver => PUBLIC_NAMESERVERS
))
when Array
Dnsruby::Resolver.new(DEFAULT_RESOLVER_OPTIONS.merge(
- :nameservers => nameservers
+ :nameserver => nameservers
))
else
raise "Invalid nameserver type: #{nameservers.inspect}"
diff --git a/lib/github-pages-health-check/version.rb b/lib/github-pages-health-check/version.rb
index a2e6a2e..9a342b6 100644
--- a/lib/github-pages-health-check/version.rb
+++ b/lib/github-pages-health-check/version.rb
@@ -2,6 +2,6 @@
module GitHubPages
module HealthCheck
- VERSION = "1.18.5"
+ VERSION = "1.19.0"
end
end
diff --git a/spec/github_pages_health_check/errors_spec.rb b/spec/github_pages_health_check/errors_spec.rb
index bd13037..65d3f80 100644
--- a/spec/github_pages_health_check/errors_spec.rb
+++ b/spec/github_pages_health_check/errors_spec.rb
@@ -4,6 +4,6 @@
RSpec.describe(GitHubPages::HealthCheck::Errors) do
it "returns the errors" do
- expect(GitHubPages::HealthCheck::Errors.all.count).to eql(10)
+ expect(GitHubPages::HealthCheck::Errors.all.count).to eql(11)
end
end