зеркало из https://github.com/github/safegem.git
9cc4a38c7b
|
||
|---|---|---|
| bin | ||
| lib | ||
| test | ||
| .gitignore | ||
| README | ||
| Rakefile | ||
| VERSION.yml | ||
| safegem.gemspec | ||
README
SafeGem: GitHub's Safe Gem Eval Web Service ------------------------------------------- Help make GitHub's gem build process more secure and robust! SafeGem is a Sinatra app that safely converts Ruby gemspecs into YAML gemspecs. It works as follows: 1) Receives a request with the repo location and the ruby gemspec 2) Makes a shallow clone of the repo and chdir's to that repo 3) Evals the spec in a separate thread with a higher $SAFE level 4) Converts spec to YAML Goals ----- * Lower the $SAFE level to allow methods like Dir.glob, but without compromising security.