safegem

GitHub's safe gem eval web service

Перейти к файлу

Brandon Keepers 03cacb87fb Update README to reflect unmaintained status		2015-02-15 20:53:08 +13:00
bin	re-enable cleanup	2009-04-08 17:35:40 -07:00
lib	part of the two-phase gem build process now	2009-03-28 23:35:38 -07:00
test	cleanup and sinatra 0.9.1.1 compatibility	2009-03-28 18:09:45 -07:00
.gitignore	add safegem binary to gemspec and make it executable	2009-02-10 20:28:43 -08:00
README	Update README to reflect unmaintained status	2015-02-15 20:53:08 +13:00
Rakefile	oops, wrong sinatra dep version	2009-04-01 14:45:04 -07:00
VERSION.yml	Version bump to 0.2.10	2009-04-08 17:36:15 -07:00
safegem.gemspec	Regenerated gemspec for version 0.2.10	2009-04-08 17:36:18 -07:00

README

NOTE: This repository is no longer supported or updated by GitHub. If you wish to continue to develop this code yourself, we recommend you fork it.

SafeGem: GitHub's Safe Gem Eval Web Service
-------------------------------------------

Help make GitHub's gem build process more secure and robust!

SafeGem is a Sinatra app that safely converts Ruby gemspecs into YAML gemspecs.

It works as follows:

1) Receives a request with the repo location and the ruby gemspec
2) Returns immediately and schedules the following via EM.defer:

1) Makes a shallow clone of the repo and chdir's to that repo
2) Evals the spec in a separate thread with a higher $SAFE level
3) Converts spec to YAML
4) Posts the YAML to the specified callback

Goals
-----
* Lower the $SAFE level to allow methods like Dir.glob, but without compromising security.