geminabox 0.13.13 → 0.13.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -0
  3. data/lib/geminabox.rb +2 -2
  4. data/lib/geminabox/gem_store.rb +1 -1
  5. data/lib/geminabox/hostess.rb +1 -1
  6. data/lib/geminabox/proxy/hostess.rb +2 -2
  7. data/lib/geminabox/server.rb +16 -36
  8. data/lib/geminabox/version.rb +1 -1
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b298fb245a0113e417fcce0bf3db9a8d6542d7ba
4
- data.tar.gz: 1acd400111d6463f9a1ae944f3b5606711504c19
3
+ metadata.gz: 949c1be5900c19f60e2929f4705f4fb52c374b9e
4
+ data.tar.gz: cb1cb0184aea7d40c538c85a336e1fa6a262218d
5
5
  SHA512:
6
- metadata.gz: f59863f086947b6a209f20283f5da9d207ab85498678a372ec207523d1e6ac6d873435f9a67ee492ee5fba124c00fdc7af21b686c51a589bbc6036dd05a82357
7
- data.tar.gz: a80ccb39df9ba3f1b741cc7d4d254aea8ba917d5526d5f09ef6829e17a0f26be8c090ae353ca054d30c71ab20515c27f677b2f06fd423d19c932debec765e5ed
6
+ metadata.gz: 3559801f8459985cd2e31d5ae93c1481c2eafa98b691edbb283b2ce45bc5d31f47c657e79eba102db234385824312901aa788bf4d8293fe0aa5e66cc342177c5
7
+ data.tar.gz: 9f568c7677a87ca39b4f6ed42fc26b05217080c60c614fb0a3b58714a5abad67313a756f2a20707de6e79a7e4b6b10d35222bd20d6b7076d6d6e475cb06bee2d
data/README.md CHANGED
@@ -24,6 +24,15 @@ Create a config.ru as follows:
24
24
  require "geminabox"
25
25
 
26
26
  Geminabox.data = "/var/geminabox-data" # ... or wherever
27
+
28
+ # Use Rack::Protection to prevent XSS and CSRF vulnerability if your geminabox server is open public.
29
+ # Rack::Protection requires a session middleware, choose your favorite one such as Rack::Session::Memcache.
30
+ # This example uses Rack::Session::Pool for simplicity, but please note that:
31
+ # 1) Rack::Session::Pool is not available for multiprocess servers such as unicorn
32
+ # 2) Rack::Session::Pool causes memory leak (it does not expire stored `@pool` hash)
33
+ use Rack::Session::Pool, expire_after: 1000 # sec
34
+ use Rack::Protection
35
+
27
36
  run Geminabox::Server
28
37
 
29
38
  Start your gem server with 'rackup' to run WEBrick or hook up the config.ru as you normally would ([passenger](https://www.phusionpassenger.com/), [thin](http://code.macournoyer.com/thin/), [unicorn](https://bogomips.org/unicorn/), whatever floats your boat).
data/lib/geminabox.rb CHANGED
@@ -52,7 +52,7 @@ module Geminabox
52
52
  :allow_remote_failure,
53
53
  :ruby_gems_url,
54
54
  :bundler_ruby_gems_url,
55
- :allow_upload
55
+ :allow_upload,
56
56
  )
57
57
 
58
58
  def set_defaults(defaults)
@@ -87,7 +87,7 @@ module Geminabox
87
87
  allow_remote_failure: false,
88
88
  ruby_gems_url: 'https://rubygems.org/',
89
89
  bundler_ruby_gems_url: 'https://bundler.rubygems.org/',
90
- allow_upload: true
90
+ allow_upload: true,
91
91
  )
92
92
 
93
93
  end
data/lib/geminabox/gem_store.rb CHANGED
@@ -91,7 +91,7 @@ module Geminabox
91
91
  yield temp_file
92
92
  temp_file.close
93
93
  File.rename(temp_file.path, file_name)
94
- File.chmod(Geminabox::Server.gem_permissions, file_name)
94
+ File.chmod(Geminabox.gem_permissions, file_name)
95
95
  end
96
96
 
97
97
  end
data/lib/geminabox/hostess.rb CHANGED
@@ -4,7 +4,7 @@ module Geminabox
4
4
 
5
5
  class Hostess < Sinatra::Base
6
6
  def serve
7
- send_file(File.expand_path(File.join(Server.data, *request.path_info)), :type => response['Content-Type'])
7
+ send_file(File.expand_path(File.join(Gemianbox.data, *request.path_info)), :type => response['Content-Type'])
8
8
  end
9
9
 
10
10
  %w[/specs.4.8.gz
data/lib/geminabox/proxy/hostess.rb CHANGED
@@ -9,7 +9,7 @@ module Geminabox
9
9
  if file_handler
10
10
  send_file file_handler.proxy_path
11
11
  else
12
- send_file(File.expand_path(File.join(Server.data, *request.path_info)), :type => response['Content-Type'])
12
+ send_file(File.expand_path(File.join(Geminabox.data, *request.path_info)), :type => response['Content-Type'])
13
13
  end
14
14
  end
15
15
 
@@ -55,7 +55,7 @@ module Geminabox
55
55
  private
56
56
  def get_from_rubygems_if_not_local
57
57
 
58
- file = File.expand_path(File.join(Server.data, *request.path_info))
58
+ file = File.expand_path(File.join(Geminabox.data, *request.path_info))
59
59
 
60
60
  unless File.exist?(file)
61
61
  ruby_gems_url = Geminabox.ruby_gems_url
data/lib/geminabox/server.rb CHANGED
@@ -4,30 +4,10 @@ module Geminabox
4
4
 
5
5
  class Server < Sinatra::Base
6
6
  enable :static, :methodoverride
7
- use Rack::Session::Pool, :expire_after => 2592000
8
- use Rack::Protection
9
-
10
- def self.delegate_to_geminabox(*delegate_methods)
11
- delegate_methods.each{|m| set m, Geminabox.send(m)}
12
- end
13
-
14
- delegate_to_geminabox(
15
- :public_folder,
16
- :data,
17
- :build_legacy,
18
- :incremental_updates,
19
- :views,
20
- :allow_replace,
21
- :gem_permissions,
22
- :allow_delete,
23
- :lockfile,
24
- :retry_interval,
25
- :rubygems_proxy,
26
- :ruby_gems_url,
27
- :allow_upload
28
- )
29
-
30
- if Server.rubygems_proxy
7
+ set :public_folder, Geminabox.public_folder
8
+ set :views, Geminabox.views
9
+
10
+ if Geminabox.rubygems_proxy
31
11
  use Proxy::Hostess
32
12
  else
33
13
  use Hostess
@@ -35,15 +15,15 @@ module Geminabox
35
15
 
36
16
  class << self
37
17
  def disallow_replace?
38
- ! allow_replace
18
+ ! Geminabox.allow_replace
39
19
  end
40
20
 
41
21
  def allow_delete?
42
- allow_delete
22
+ Geminabox.allow_delete
43
23
  end
44
24
 
45
25
  def allow_upload?
46
- allow_upload
26
+ Geminabox.allow_upload
47
27
  end
48
28
 
49
29
  def fixup_bundler_rubygems!
@@ -54,7 +34,7 @@ module Geminabox
54
34
 
55
35
  def reindex(force_rebuild = false)
56
36
  fixup_bundler_rubygems!
57
- force_rebuild = true unless incremental_updates
37
+ force_rebuild = true unless Geminabox.incremental_updates
58
38
  if force_rebuild
59
39
  indexer.generate_index
60
40
  dependency_cache.flush
@@ -78,15 +58,15 @@ module Geminabox
78
58
  end
79
59
 
80
60
  def indexer
81
- Gem::Indexer.new(data, :build_legacy => build_legacy)
61
+ Gem::Indexer.new(Geminabox.data, :build_legacy => Geminabox.build_legacy)
82
62
  end
83
63
 
84
64
  def dependency_cache
85
- @dependency_cache ||= Geminabox::DiskCache.new(File.join(data, "_cache"))
65
+ @dependency_cache ||= Geminabox::DiskCache.new(File.join(Geminabox.data, "_cache"))
86
66
  end
87
67
 
88
68
  def with_rlock(&block)
89
- file_class.open(settings.lockfile, File::RDWR | File::CREAT) do |f|
69
+ file_class.open(Geminabox.lockfile, File::RDWR | File::CREAT) do |f|
90
70
  ReentrantFlock.synchronize(f, File::LOCK_EX | File::LOCK_NB, &block)
91
71
  end
92
72
  end
@@ -203,7 +183,7 @@ module Geminabox
203
183
  def serialize_update(&block)
204
184
  with_rlock(&block)
205
185
  rescue ReentrantFlock::AlreadyLocked
206
- halt 503, { 'Retry-After' => settings.retry_interval }, 'Repository lock is held by another process'
186
+ halt 503, { 'Retry-After' => Geminabox.retry_interval }, 'Repository lock is held by another process'
207
187
  end
208
188
 
209
189
  def with_rlock(&block)
@@ -243,7 +223,7 @@ HTML
243
223
  end
244
224
 
245
225
  def file_path
246
- File.expand_path(File.join(settings.data, *request.path_info))
226
+ File.expand_path(File.join(Geminabox.data, *request.path_info))
247
227
  end
248
228
 
249
229
  def dependency_cache
@@ -270,7 +250,7 @@ HTML
270
250
 
271
251
  def specs_files_paths
272
252
  specs_file_types.map do |specs_file_type|
273
- File.join(settings.data, spec_file_name(specs_file_type))
253
+ File.join(Geminabox.data, spec_file_name(specs_file_type))
274
254
  end
275
255
  end
276
256
 
@@ -287,7 +267,7 @@ HTML
287
267
  end
288
268
 
289
269
  def gem_list
290
- settings.rubygems_proxy ? combined_gem_list : local_gem_list
270
+ Geminabox.rubygems_proxy ? combined_gem_list : local_gem_list
291
271
  end
292
272
 
293
273
  def query_gems
@@ -322,7 +302,7 @@ HTML
322
302
  def spec_for(gem_name, version, platform = default_platform)
323
303
  filename = [gem_name, version]
324
304
  filename.push(platform) if platform != default_platform
325
- spec_file = File.join(settings.data, "quick", "Marshal.#{Gem.marshal_version}", "#{filename.join("-")}.gemspec.rz")
305
+ spec_file = File.join(Geminabox.data, "quick", "Marshal.#{Gem.marshal_version}", "#{filename.join("-")}.gemspec.rz")
326
306
  File::open(spec_file, 'r') do |unzipped_spec_file|
327
307
  unzipped_spec_file.binmode
328
308
  Marshal.load(Gem.inflate(unzipped_spec_file.read))
data/lib/geminabox/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Geminabox
2
- VERSION = '0.13.13' unless defined? VERSION
2
+ VERSION = '0.13.14' unless defined? VERSION
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: geminabox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.13.13
4
+ version: 0.13.14
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tom Lea
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2018-01-11 00:00:00.000000000 Z
14
+ date: 2018-01-25 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: sinatra
@@ -167,7 +167,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
167
167
  version: '0'
168
168
  requirements: []
169
169
  rubyforge_project:
170
- rubygems_version: 2.5.1
170
+ rubygems_version: 2.6.13
171
171
  signing_key:
172
172
  specification_version: 4
173
173
  summary: Really simple rubygem hosting