chelsea 0.0.28 → 0.0.33
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +2 -2
- data/Gemfile.lock +13 -13
- data/README.md +282 -8
- data/lib/chelsea/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e55c549e9821f6a1f72a2dd5104a3d94c9d6acf2e0ba811161dfa6130cd6ac68
|
4
|
+
data.tar.gz: 23c18257b6393cc3071879aed9ca9469ecc19a616622ba0aa24a48e575319364
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2fc7059979d959e6bb92d87623f6d1c263e5b3ff6d754785de69078d3d13e15436e8298600b788b7df7cf130795021f6e9a1007c6c1f155d18ed1d3bc009ec3f
|
7
|
+
data.tar.gz: 92dce470a6ac4affb76140428d8ae1d03f0ab730055b8e7a69bd6a679c8ad5aba9c9b164d8489242d59c934a3cad2cc65cdedda83de22e94f642914fc1508992
|
data/.circleci/config.yml
CHANGED
@@ -87,7 +87,7 @@ jobs:
|
|
87
87
|
command: git config --global user.email "$GITHUB_EMAIL"
|
88
88
|
- run:
|
89
89
|
name: Set git upstream
|
90
|
-
command: git branch -u origin/
|
90
|
+
command: git branch -u origin/main
|
91
91
|
- run:
|
92
92
|
name: Bump version
|
93
93
|
command: gem bump -v patch --tag --skip-ci --push
|
@@ -107,4 +107,4 @@ workflows:
|
|
107
107
|
filters:
|
108
108
|
branches:
|
109
109
|
only:
|
110
|
-
-
|
110
|
+
- main
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
chelsea (0.0.
|
4
|
+
chelsea (0.0.32)
|
5
5
|
bundler (>= 1.2.0, < 3)
|
6
6
|
ox (~> 2.13.2)
|
7
7
|
pastel (~> 0.7.2)
|
@@ -14,7 +14,7 @@ PATH
|
|
14
14
|
GEM
|
15
15
|
remote: https://rubygems.org/
|
16
16
|
specs:
|
17
|
-
addressable (2.
|
17
|
+
addressable (2.8.0)
|
18
18
|
public_suffix (>= 2.0.2, < 5.0)
|
19
19
|
ast (2.4.2)
|
20
20
|
byebug (11.1.2)
|
@@ -23,31 +23,31 @@ GEM
|
|
23
23
|
diff-lcs (1.3)
|
24
24
|
domain_name (0.5.20190701)
|
25
25
|
unf (>= 0.0.5, < 1.0.0)
|
26
|
-
equatable (0.
|
26
|
+
equatable (0.7.0)
|
27
27
|
hashdiff (1.0.1)
|
28
|
-
http-cookie (1.0.
|
28
|
+
http-cookie (1.0.4)
|
29
29
|
domain_name (~> 0.5)
|
30
30
|
mime-types (3.3.1)
|
31
31
|
mime-types-data (~> 3.2015)
|
32
|
-
mime-types-data (3.
|
33
|
-
necromancer (0.
|
32
|
+
mime-types-data (3.2021.0225)
|
33
|
+
necromancer (0.7.0)
|
34
34
|
netrc (0.11.0)
|
35
35
|
ox (2.13.4)
|
36
36
|
parallel (1.20.1)
|
37
|
-
parser (3.0.
|
37
|
+
parser (3.0.1.0)
|
38
38
|
ast (~> 2.4.1)
|
39
39
|
pastel (0.7.4)
|
40
40
|
equatable (~> 0.6)
|
41
41
|
tty-color (~> 0.5)
|
42
|
-
public_suffix (4.0.
|
42
|
+
public_suffix (4.0.6)
|
43
43
|
rainbow (3.0.0)
|
44
44
|
rake (12.3.3)
|
45
|
-
regexp_parser (2.
|
45
|
+
regexp_parser (2.1.1)
|
46
46
|
rest-client (2.0.2)
|
47
47
|
http-cookie (>= 1.0.2, < 2.0)
|
48
48
|
mime-types (>= 1.16, < 4.0)
|
49
49
|
netrc (~> 0.8)
|
50
|
-
rexml (3.2.
|
50
|
+
rexml (3.2.5)
|
51
51
|
rspec (3.9.0)
|
52
52
|
rspec-core (~> 3.9.0)
|
53
53
|
rspec-expectations (~> 3.9.0)
|
@@ -63,7 +63,7 @@ GEM
|
|
63
63
|
rspec-support (3.9.2)
|
64
64
|
rspec_junit_formatter (0.4.1)
|
65
65
|
rspec-core (>= 2, < 4, != 2.12.0)
|
66
|
-
rubocop (1.
|
66
|
+
rubocop (1.12.1)
|
67
67
|
parallel (~> 1.10)
|
68
68
|
parser (>= 3.0.0.0)
|
69
69
|
rainbow (>= 2.2.2, < 4.0)
|
@@ -82,7 +82,7 @@ GEM
|
|
82
82
|
unicode-display_width (~> 1.5)
|
83
83
|
unicode_utils (~> 1.4)
|
84
84
|
strings-ansi (0.2.0)
|
85
|
-
tty-color (0.
|
85
|
+
tty-color (0.6.0)
|
86
86
|
tty-cursor (0.7.1)
|
87
87
|
tty-font (0.5.0)
|
88
88
|
tty-screen (0.8.1)
|
@@ -117,4 +117,4 @@ DEPENDENCIES
|
|
117
117
|
webmock (~> 3.8.3)
|
118
118
|
|
119
119
|
BUNDLED WITH
|
120
|
-
2.
|
120
|
+
2.2.22
|
data/README.md
CHANGED
@@ -17,12 +17,12 @@
|
|
17
17
|
-->
|
18
18
|
|
19
19
|
<p align="center">
|
20
|
-
<img src="https://github.com/sonatype-nexus-community/chelsea/blob/
|
20
|
+
<img src="https://github.com/sonatype-nexus-community/chelsea/blob/main/docs/images/chelsea.png" width="350" alt="chelsea-icon"/>
|
21
21
|
</p>
|
22
22
|
<p align="center">
|
23
|
-
<a href="https://rubygems.org/gems/chelsea"><img src="https://img.shields.io/gem/v/chelsea" /></a>
|
24
|
-
<a href="https://gitter.im/sonatype-nexus-community/chelsea?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge"><img src="https://badges.gitter.im/sonatype-nexus-community/chelsea.svg" /></a>
|
25
|
-
<a href="https://circleci.com/gh/sonatype-nexus-community/chelsea"><img src="https://circleci.com/gh/sonatype-nexus-community/chelsea.svg?style=shield" /></a>
|
23
|
+
<a href="https://rubygems.org/gems/chelsea"><img src="https://img.shields.io/gem/v/chelsea" alt="chelsea-gem"/></a>
|
24
|
+
<a href="https://gitter.im/sonatype-nexus-community/chelsea?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge"><img src="https://badges.gitter.im/sonatype-nexus-community/chelsea.svg" alt="chelsea-gitter"/></a>
|
25
|
+
<a href="https://circleci.com/gh/sonatype-nexus-community/chelsea"><img src="https://circleci.com/gh/sonatype-nexus-community/chelsea.svg?style=shield" alt="chelsea-ci"/></a>
|
26
26
|
</p>
|
27
27
|
|
28
28
|
# Chelsea
|
@@ -140,7 +140,7 @@ We suggest using [rbenv](https://github.com/rbenv/rbenv) to setup a reliable rub
|
|
140
140
|
Follow the [installation steps](https://github.com/rbenv/rbenv#installation).
|
141
141
|
For macos (10.15.7), there was a problem with step 2, with: `$ rbenv init`. The command
|
142
142
|
printed suggested editing `~/.bashrc`; however, this did not work in our case (even after an OS reboot),
|
143
|
-
and we had to instead edit
|
143
|
+
and we had to instead edit `~/.bash_profile`. To sanity check your installation, you should see the
|
144
144
|
`.rbenv` directory early in your PATH, e.g.:
|
145
145
|
```
|
146
146
|
$ echo $PATH
|
@@ -161,6 +161,19 @@ Install dependencies:
|
|
161
161
|
```
|
162
162
|
bundle install
|
163
163
|
```
|
164
|
+
* Misc weirdness:
|
165
|
+
I was running into errors like the one below:
|
166
|
+
```shell
|
167
|
+
$ bundle install
|
168
|
+
Fetching gem metadata from https://rubygems.org/.........
|
169
|
+
chelsea-0.0.32 requires ruby version >= 2.6.6, which is incompatible with the current version, ruby 2.6.3p62
|
170
|
+
```
|
171
|
+
This was solved by following the steps described [here](https://stackoverflow.com/questions/42306116/ruby-version-x-is-incompatible-with-current-version).
|
172
|
+
```shell
|
173
|
+
gem install bundler
|
174
|
+
eval "$(rbenv init -)"
|
175
|
+
bundle install
|
176
|
+
```
|
164
177
|
|
165
178
|
Run tests:
|
166
179
|
```
|
@@ -171,14 +184,275 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
171
184
|
|
172
185
|
### Release Process
|
173
186
|
|
174
|
-
Chelsea is automatically released after a commit to the `
|
187
|
+
Chelsea is automatically released after a commit to the `main` branch.
|
175
188
|
|
176
|
-
To avoid performing a release after a commit to the `
|
189
|
+
To avoid performing a release after a commit to the `main` branch, be sure your commit message includes `[skip ci] `.
|
177
190
|
|
178
191
|
## Why Chelsea?
|
179
192
|
|
180
193
|
One of the awesome developers at Sonatype was thinking of names, and came upon the [Chelsea filter](https://en.wikipedia.org/wiki/Chelsea_filter). A Chelsea filter is used to separate gemstones, helping gemologists distinguish between real emeralds, and just regular green glass. We felt this tool helps you do something very similar, looking at your RubyGems, and seeing which are pristine, and which are less than ok at the moment.
|
181
194
|
|
195
|
+
## How to Fix Vulnerabilities
|
196
|
+
|
197
|
+
So you've found a vulnerability. Now what? The best case is to upgrade the vulnerable component to a newer/non-vulnerable
|
198
|
+
version. However, it is likely the vulnerable component is not a direct dependency, but instead is a transitive dependency
|
199
|
+
(a dependency of a dependency, of a dependency, wash-rinse-repeat). In such a case, the first step is to figure out which
|
200
|
+
direct dependency (and sub-dependencies) depend on the vulnerable component.
|
201
|
+
|
202
|
+
The `gem dependency` command will show a dependency tree for all gems from the current Gemfile with their dependencies.
|
203
|
+
The `bundle outdated` command will show a list of all gems which have newer versions.
|
204
|
+
|
205
|
+
As an example, suppose we've learned that component `rexml`, version 3.2.4 is vulnerable (CVE-2021-28965).
|
206
|
+
Use the following command to determine which components depend on `rexml`.
|
207
|
+
```shell
|
208
|
+
$ gem dependency -R rexml
|
209
|
+
Gem rexml-3.1.9
|
210
|
+
bundler (>= 0, development)
|
211
|
+
rake (>= 0, development)
|
212
|
+
Used by
|
213
|
+
rubocop-1.9.0 (rexml (>= 0))
|
214
|
+
|
215
|
+
Gem rexml-3.2.4
|
216
|
+
bundler (>= 0, development)
|
217
|
+
rake (>= 0, development)
|
218
|
+
Used by
|
219
|
+
rubocop-1.9.0 (rexml (>= 0))
|
220
|
+
```
|
221
|
+
|
222
|
+
There are a number of approaches to resolving the vulnerability, but no matter which approach you choose, you should
|
223
|
+
probably make sure all the tests are passing before making any dependency changes.
|
224
|
+
```shell
|
225
|
+
bundle exec rspec
|
226
|
+
...
|
227
|
+
Finished in 0.1411 seconds (files took 0.67222 seconds to load)
|
228
|
+
22 examples, 0 failures
|
229
|
+
```
|
230
|
+
|
231
|
+
One approach is to upgrade everything to the latest version available. This solution might make people nervous about
|
232
|
+
introducing breaking changes. (You have unit tested everything right? ;) )
|
233
|
+
<details>
|
234
|
+
<summary>Click to expand output of command:
|
235
|
+
|
236
|
+
```shell
|
237
|
+
$ bundle update
|
238
|
+
```
|
239
|
+
</summary>
|
240
|
+
|
241
|
+
```shell
|
242
|
+
$ bundle update
|
243
|
+
Fetching gem metadata from https://rubygems.org/.........
|
244
|
+
Fetching gem metadata from https://rubygems.org/.
|
245
|
+
Resolving dependencies...
|
246
|
+
Using rake 12.3.3
|
247
|
+
Using public_suffix 4.0.6 (was 4.0.3)
|
248
|
+
Using addressable 2.7.0
|
249
|
+
Using ast 2.4.2
|
250
|
+
Using bundler 2.1.4
|
251
|
+
Using byebug 11.1.3 (was 11.1.2)
|
252
|
+
Using ox 2.13.4
|
253
|
+
Using equatable 0.7.0 (was 0.6.1)
|
254
|
+
Using tty-color 0.6.0 (was 0.5.2)
|
255
|
+
Using pastel 0.7.4
|
256
|
+
Using unf_ext 0.0.7.7
|
257
|
+
Using unf 0.1.4
|
258
|
+
Using domain_name 0.5.20190701
|
259
|
+
Using http-cookie 1.0.3
|
260
|
+
Using mime-types-data 3.2021.0225 (was 3.2020.0512)
|
261
|
+
Using mime-types 3.3.1
|
262
|
+
Using netrc 0.11.0
|
263
|
+
Using rest-client 2.0.2
|
264
|
+
Using slop 4.8.2
|
265
|
+
Using tty-font 0.5.0
|
266
|
+
Using tty-cursor 0.7.1
|
267
|
+
Using tty-spinner 0.9.3
|
268
|
+
Using necromancer 0.7.0 (was 0.6.0)
|
269
|
+
Using strings-ansi 0.2.0
|
270
|
+
Using unicode-display_width 1.7.0
|
271
|
+
Using unicode_utils 1.4.0
|
272
|
+
Using strings 0.1.8
|
273
|
+
Using tty-screen 0.8.1
|
274
|
+
Using tty-table 0.11.0
|
275
|
+
Using chelsea 0.0.28 (was 0.0.27) from source at `.`
|
276
|
+
Using rexml 3.2.5 (was 3.2.4)
|
277
|
+
Using crack 0.4.5 (was 0.4.3)
|
278
|
+
Using diff-lcs 1.4.4 (was 1.3)
|
279
|
+
Using hashdiff 1.0.1
|
280
|
+
Using parallel 1.20.1
|
281
|
+
Using parser 3.0.1.0 (was 3.0.0.0)
|
282
|
+
Using rainbow 3.0.0
|
283
|
+
Using regexp_parser 2.1.1 (was 2.0.3)
|
284
|
+
Using rspec-support 3.10.2 (was 3.9.2)
|
285
|
+
Using rspec-core 3.10.1 (was 3.9.1)
|
286
|
+
Using rspec-expectations 3.10.1 (was 3.9.1)
|
287
|
+
Using rspec-mocks 3.10.2 (was 3.9.1)
|
288
|
+
Using rspec 3.10.0 (was 3.9.0)
|
289
|
+
Using rspec_junit_formatter 0.4.1
|
290
|
+
Using rubocop-ast 1.4.1
|
291
|
+
Using ruby-progressbar 1.11.0
|
292
|
+
Using rubocop 1.12.1 (was 1.9.0)
|
293
|
+
Using webmock 3.8.3
|
294
|
+
Bundle updated!
|
295
|
+
Gems in the group production were not updated.
|
296
|
+
```
|
297
|
+
</details>
|
298
|
+
|
299
|
+
Perhaps a more palatable approach would be to upgrade to a newer version of the "Used by" component, meaning you upgrade
|
300
|
+
the direct dependency (`rubocop`) to a version that does not depend on a vulnerable version of the transitive dependency
|
301
|
+
(`rexml`). This approach will make fewer changes overall.
|
302
|
+
|
303
|
+
In some cases, no such upgrade of the direct dependency exists that avoids a dependence on the vulnerable component.
|
304
|
+
In such a case, the next step is to file an issue with the direct dependency project for them to update the vulnerable
|
305
|
+
sub-dependencies. Be sure to read and follow any vulnerability reporting instructions published by the project: Look for
|
306
|
+
a `SECURITY.md` file, or other instructions on how to report vulnerabilities. Some projects may prefer you not report
|
307
|
+
the vulnerability publicly.
|
308
|
+
|
309
|
+
In our example, there is a newer version of the direct dependency available:
|
310
|
+
```shell
|
311
|
+
$ bundle outdated | grep rubocop
|
312
|
+
* rubocop (newest 1.12.1, installed 1.9.0) in group "default"
|
313
|
+
```
|
314
|
+
Now we can update the `rubocop` component as follows:
|
315
|
+
<details>
|
316
|
+
<summary>Click to expand output of command:
|
317
|
+
|
318
|
+
```shell
|
319
|
+
$ bundle update rubocop
|
320
|
+
```
|
321
|
+
</summary>
|
322
|
+
|
323
|
+
```shell
|
324
|
+
$ bundle update rubocop
|
325
|
+
Fetching gem metadata from https://rubygems.org/.........
|
326
|
+
Fetching gem metadata from https://rubygems.org/.
|
327
|
+
Resolving dependencies...
|
328
|
+
Using rake 12.3.3
|
329
|
+
Fetching public_suffix 4.0.3
|
330
|
+
Installing public_suffix 4.0.3
|
331
|
+
Using addressable 2.7.0
|
332
|
+
Using ast 2.4.2
|
333
|
+
Using bundler 2.1.4
|
334
|
+
Fetching byebug 11.1.2
|
335
|
+
Installing byebug 11.1.2 with native extensions
|
336
|
+
Using ox 2.13.4
|
337
|
+
Using equatable 0.6.1
|
338
|
+
Using tty-color 0.5.2
|
339
|
+
Using pastel 0.7.4
|
340
|
+
Using unf_ext 0.0.7.7
|
341
|
+
Using unf 0.1.4
|
342
|
+
Using domain_name 0.5.20190701
|
343
|
+
Using http-cookie 1.0.3
|
344
|
+
Using mime-types-data 3.2020.0512
|
345
|
+
Using mime-types 3.3.1
|
346
|
+
Using netrc 0.11.0
|
347
|
+
Using rest-client 2.0.2
|
348
|
+
Using slop 4.8.2
|
349
|
+
Using tty-font 0.5.0
|
350
|
+
Using tty-cursor 0.7.1
|
351
|
+
Using tty-spinner 0.9.3
|
352
|
+
Using necromancer 0.6.0
|
353
|
+
Using strings-ansi 0.2.0
|
354
|
+
Using unicode-display_width 1.7.0
|
355
|
+
Using unicode_utils 1.4.0
|
356
|
+
Using strings 0.1.8
|
357
|
+
Using tty-screen 0.8.1
|
358
|
+
Using tty-table 0.11.0
|
359
|
+
Using chelsea 0.0.28 from source at `.`
|
360
|
+
Using safe_yaml 1.0.5
|
361
|
+
Fetching crack 0.4.3
|
362
|
+
Installing crack 0.4.3
|
363
|
+
Fetching diff-lcs 1.3
|
364
|
+
```
|
365
|
+
</details>
|
366
|
+
|
367
|
+
Yet another alternative approach is to upgrade the transitive dependency (`rexml` in our example).
|
368
|
+
|
369
|
+
Use the command below to determine if there is a newer version of the vulnerable component.
|
370
|
+
```shell
|
371
|
+
$ bundle outdated | grep rexml
|
372
|
+
* rexml (newest 3.2.5, installed 3.2.4)
|
373
|
+
```
|
374
|
+
Now we can update the `rexml` component as follows:
|
375
|
+
<details>
|
376
|
+
<summary>Click to expand output of command:
|
377
|
+
|
378
|
+
```shell
|
379
|
+
$ bundle update rexml
|
380
|
+
```
|
381
|
+
</summary>
|
382
|
+
|
383
|
+
```shell
|
384
|
+
$ bundle update rexml
|
385
|
+
Fetching gem metadata from https://rubygems.org/.........
|
386
|
+
Fetching gem metadata from https://rubygems.org/.
|
387
|
+
Resolving dependencies...
|
388
|
+
Using rake 12.3.3
|
389
|
+
Using public_suffix 4.0.3
|
390
|
+
Using addressable 2.7.0
|
391
|
+
Using ast 2.4.2
|
392
|
+
Using bundler 2.1.4
|
393
|
+
Using byebug 11.1.2
|
394
|
+
Using ox 2.13.4
|
395
|
+
Using equatable 0.7.0 (was 0.6.1)
|
396
|
+
Using tty-color 0.6.0 (was 0.5.2)
|
397
|
+
Using pastel 0.7.4
|
398
|
+
Using unf_ext 0.0.7.7
|
399
|
+
Using unf 0.1.4
|
400
|
+
Using domain_name 0.5.20190701
|
401
|
+
Using http-cookie 1.0.3
|
402
|
+
Using mime-types-data 3.2021.0225 (was 3.2020.0512)
|
403
|
+
Using mime-types 3.3.1
|
404
|
+
Using netrc 0.11.0
|
405
|
+
Using rest-client 2.0.2
|
406
|
+
Using slop 4.8.2
|
407
|
+
Using tty-font 0.5.0
|
408
|
+
Using tty-cursor 0.7.1
|
409
|
+
Using tty-spinner 0.9.3
|
410
|
+
Using necromancer 0.7.0 (was 0.6.0)
|
411
|
+
Using strings-ansi 0.2.0
|
412
|
+
Using unicode-display_width 1.7.0
|
413
|
+
Using unicode_utils 1.4.0
|
414
|
+
Using strings 0.1.8
|
415
|
+
Using tty-screen 0.8.1
|
416
|
+
Using tty-table 0.11.0
|
417
|
+
Using chelsea 0.0.28 (was 0.0.27) from source at `.`
|
418
|
+
Using safe_yaml 1.0.5
|
419
|
+
Using crack 0.4.3
|
420
|
+
Using diff-lcs 1.3
|
421
|
+
Using hashdiff 1.0.1
|
422
|
+
Using parallel 1.20.1
|
423
|
+
Using parser 3.0.0.0
|
424
|
+
Using rainbow 3.0.0
|
425
|
+
Using regexp_parser 2.0.3
|
426
|
+
Using rexml 3.2.5 (was 3.2.4)
|
427
|
+
Using rspec-support 3.9.2
|
428
|
+
Using rspec-core 3.9.1
|
429
|
+
Using rspec-expectations 3.9.1
|
430
|
+
Using rspec-mocks 3.9.1
|
431
|
+
Using rspec 3.9.0
|
432
|
+
Using rspec_junit_formatter 0.4.1
|
433
|
+
Using rubocop-ast 1.4.1
|
434
|
+
Using ruby-progressbar 1.11.0
|
435
|
+
Using rubocop 1.9.0
|
436
|
+
Using webmock 3.8.3
|
437
|
+
Bundle updated!
|
438
|
+
Gems in the group production were not updated.
|
439
|
+
```
|
440
|
+
</details>
|
441
|
+
|
442
|
+
Regardless of which approach you choose, you should verify the tests pass after you upgrade dependencies.
|
443
|
+
```shell
|
444
|
+
bundle exec rspec
|
445
|
+
...
|
446
|
+
Finished in 0.12826 seconds (files took 0.5069 seconds to load)
|
447
|
+
22 examples, 0 failures
|
448
|
+
```
|
449
|
+
Full disclosure, it turns out that after upgrading `rubocop` (via: `bundle update rubocop`),
|
450
|
+
a `# rubocop:disable Layout/LineLength` was no longer needed.
|
451
|
+
Happily, the CI test suite failed and pointed quickly to the fix (just needed to remove `# rubocop`
|
452
|
+
disable/enable comments).
|
453
|
+
|
454
|
+
Victory! Commit the changes, and we're done. (see [PR: #44](https://github.com/sonatype-nexus-community/chelsea/pull/44))
|
455
|
+
|
182
456
|
## Contributing
|
183
457
|
|
184
458
|
We care a lot about making the world a safer place, and that's why we created `chelsea`. If you as well want to speed up the pace of software development by working on this project, jump on in! Before you start work, create a new issue, or comment on an existing issue, to let others know you are!
|
@@ -187,7 +461,7 @@ This project is intended to be a safe, welcoming space for collaboration, and co
|
|
187
461
|
|
188
462
|
## Code of Conduct
|
189
463
|
|
190
|
-
Everyone interacting in the Chelsea project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/sonatype-nexus-community/chelsea/blob/
|
464
|
+
Everyone interacting in the Chelsea project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/sonatype-nexus-community/chelsea/blob/main/CODE_OF_CONDUCT.md).
|
191
465
|
|
192
466
|
## The Fine Print
|
193
467
|
|
data/lib/chelsea/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chelsea
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.33
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Allister Beharry
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-07-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|