geminabox 0.13.13 → 0.13.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -0
  3. data/lib/geminabox.rb +2 -2
  4. data/lib/geminabox/gem_store.rb +1 -1
  5. data/lib/geminabox/hostess.rb +1 -1
  6. data/lib/geminabox/proxy/hostess.rb +2 -2
  7. data/lib/geminabox/server.rb +16 -36
  8. data/lib/geminabox/version.rb +1 -1
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b298fb245a0113e417fcce0bf3db9a8d6542d7ba
4
- data.tar.gz: 1acd400111d6463f9a1ae944f3b5606711504c19
3
+ metadata.gz: 949c1be5900c19f60e2929f4705f4fb52c374b9e
4
+ data.tar.gz: cb1cb0184aea7d40c538c85a336e1fa6a262218d
5
5
  SHA512:
6
- metadata.gz: f59863f086947b6a209f20283f5da9d207ab85498678a372ec207523d1e6ac6d873435f9a67ee492ee5fba124c00fdc7af21b686c51a589bbc6036dd05a82357
7
- data.tar.gz: a80ccb39df9ba3f1b741cc7d4d254aea8ba917d5526d5f09ef6829e17a0f26be8c090ae353ca054d30c71ab20515c27f677b2f06fd423d19c932debec765e5ed
6
+ metadata.gz: 3559801f8459985cd2e31d5ae93c1481c2eafa98b691edbb283b2ce45bc5d31f47c657e79eba102db234385824312901aa788bf4d8293fe0aa5e66cc342177c5
7
+ data.tar.gz: 9f568c7677a87ca39b4f6ed42fc26b05217080c60c614fb0a3b58714a5abad67313a756f2a20707de6e79a7e4b6b10d35222bd20d6b7076d6d6e475cb06bee2d
data/README.md CHANGED
@@ -24,6 +24,15 @@ Create a config.ru as follows:
24
24
  require "geminabox"
25
25
 
26
26
  Geminabox.data = "/var/geminabox-data" # ... or wherever
27
+
28
+ # Use Rack::Protection to prevent XSS and CSRF vulnerability if your geminabox server is open public.
29
+ # Rack::Protection requires a session middleware, choose your favorite one such as Rack::Session::Memcache.
30
+ # This example uses Rack::Session::Pool for simplicity, but please note that:
31
+ # 1) Rack::Session::Pool is not available for multiprocess servers such as unicorn
32
+ # 2) Rack::Session::Pool causes memory leak (it does not expire stored `@pool` hash)
33
+ use Rack::Session::Pool, expire_after: 1000 # sec
34
+ use Rack::Protection
35
+
27
36
  run Geminabox::Server
28
37
 
29
38
  Start your gem server with 'rackup' to run WEBrick or hook up the config.ru as you normally would ([passenger](https://www.phusionpassenger.com/), [thin](http://code.macournoyer.com/thin/), [unicorn](https://bogomips.org/unicorn/), whatever floats your boat).
data/lib/geminabox.rb CHANGED
@@ -52,7 +52,7 @@ module Geminabox
52
52
  :allow_remote_failure,
53
53
  :ruby_gems_url,
54
54
  :bundler_ruby_gems_url,
55
- :allow_upload
55
+ :allow_upload,
56
56
  )
57
57
 
58
58
  def set_defaults(defaults)
@@ -87,7 +87,7 @@ module Geminabox
87
87
  allow_remote_failure: false,
88
88
  ruby_gems_url: 'https://rubygems.org/',
89
89
  bundler_ruby_gems_url: 'https://bundler.rubygems.org/',
90
- allow_upload: true
90
+ allow_upload: true,
91
91
  )
92
92
 
93
93
  end
data/lib/geminabox/gem_store.rb CHANGED
@@ -91,7 +91,7 @@ module Geminabox
91
91
  yield temp_file
92
92
  temp_file.close
93
93
  File.rename(temp_file.path, file_name)
94
- File.chmod(Geminabox::Server.gem_permissions, file_name)
94
+ File.chmod(Geminabox.gem_permissions, file_name)
95
95
  end
96
96
 
97
97
  end
data/lib/geminabox/hostess.rb CHANGED
@@ -4,7 +4,7 @@ module Geminabox
4
4
 
5
5
  class Hostess < Sinatra::Base
6
6
  def serve
7
- send_file(File.expand_path(File.join(Server.data, *request.path_info)), :type => response['Content-Type'])
7
+ send_file(File.expand_path(File.join(Gemianbox.data, *request.path_info)), :type => response['Content-Type'])
8
8
  end
9
9
 
10
10
  %w[/specs.4.8.gz
data/lib/geminabox/proxy/hostess.rb CHANGED
@@ -9,7 +9,7 @@ module Geminabox
9
9
  if file_handler
10
10
  send_file file_handler.proxy_path
11
11
  else
12
- send_file(File.expand_path(File.join(Server.data, *request.path_info)), :type => response['Content-Type'])
12
+ send_file(File.expand_path(File.join(Geminabox.data, *request.path_info)), :type => response['Content-Type'])
13
13
  end
14
14
  end
15
15
 
@@ -55,7 +55,7 @@ module Geminabox
55
55
  private
56
56
  def get_from_rubygems_if_not_local
57
57
 
58
- file = File.expand_path(File.join(Server.data, *request.path_info))
58
+ file = File.expand_path(File.join(Geminabox.data, *request.path_info))
59
59
 
60
60
  unless File.exist?(file)
61
61
  ruby_gems_url = Geminabox.ruby_gems_url
data/lib/geminabox/server.rb CHANGED
@@ -4,30 +4,10 @@ module Geminabox
4
4
 
5
5
  class Server < Sinatra::Base
6
6
  enable :static, :methodoverride
7
- use Rack::Session::Pool, :expire_after => 2592000
8
- use Rack::Protection
9
-
10
- def self.delegate_to_geminabox(*delegate_methods)
11
- delegate_methods.each{|m| set m, Geminabox.send(m)}
12
- end
13
-
14
- delegate_to_geminabox(
15
- :public_folder,
16
- :data,
17
- :build_legacy,
18
- :incremental_updates,
19
- :views,
20
- :allow_replace,
21
- :gem_permissions,
22
- :allow_delete,
23
- :lockfile,
24
- :retry_interval,
25
- :rubygems_proxy,
26
- :ruby_gems_url,
27
- :allow_upload
28
- )
29
-
30
- if Server.rubygems_proxy
7
+ set :public_folder, Geminabox.public_folder
8
+ set :views, Geminabox.views
9
+
10
+ if Geminabox.rubygems_proxy
31
11
  use Proxy::Hostess
32
12
  else
33
13
  use Hostess
@@ -35,15 +15,15 @@ module Geminabox
35
15
 
36
16
  class << self
37
17
  def disallow_replace?
38
- ! allow_replace
18
+ ! Geminabox.allow_replace
39
19
  end
40
20
 
41
21
  def allow_delete?
42
- allow_delete
22
+ Geminabox.allow_delete
43
23
  end
44
24
 
45
25
  def allow_upload?
46
- allow_upload
26
+ Geminabox.allow_upload
47
27
  end
48
28
 
49
29
  def fixup_bundler_rubygems!
@@ -54,7 +34,7 @@ module Geminabox
54
34
 
55
35
  def reindex(force_rebuild = false)
56
36
  fixup_bundler_rubygems!
57
- force_rebuild = true unless incremental_updates
37
+ force_rebuild = true unless Geminabox.incremental_updates
58
38
  if force_rebuild
59
39
  indexer.generate_index
60
40
  dependency_cache.flush
@@ -78,15 +58,15 @@ module Geminabox
78
58
  end
79
59
 
80
60
  def indexer
81
- Gem::Indexer.new(data, :build_legacy => build_legacy)
61
+ Gem::Indexer.new(Geminabox.data, :build_legacy => Geminabox.build_legacy)
82
62
  end
83
63
 
84
64
  def dependency_cache
85
- @dependency_cache ||= Geminabox::DiskCache.new(File.join(data, "_cache"))
65
+ @dependency_cache ||= Geminabox::DiskCache.new(File.join(Geminabox.data, "_cache"))
86
66
  end
87
67
 
88
68
  def with_rlock(&block)
89
- file_class.open(settings.lockfile, File::RDWR | File::CREAT) do |f|
69
+ file_class.open(Geminabox.lockfile, File::RDWR | File::CREAT) do |f|
90
70
  ReentrantFlock.synchronize(f, File::LOCK_EX | File::LOCK_NB, &block)
91
71
  end
92
72
  end
@@ -203,7 +183,7 @@ module Geminabox
203
183
  def serialize_update(&block)
204
184
  with_rlock(&block)
205
185
  rescue ReentrantFlock::AlreadyLocked
206
- halt 503, { 'Retry-After' => settings.retry_interval }, 'Repository lock is held by another process'
186
+ halt 503, { 'Retry-After' => Geminabox.retry_interval }, 'Repository lock is held by another process'
207
187
  end
208
188
 
209
189
  def with_rlock(&block)
@@ -243,7 +223,7 @@ HTML
243
223
  end
244
224
 
245
225
  def file_path
246
- File.expand_path(File.join(settings.data, *request.path_info))
226
+ File.expand_path(File.join(Geminabox.data, *request.path_info))
247
227
  end
248
228
 
249
229
  def dependency_cache
@@ -270,7 +250,7 @@ HTML
270
250
 
271
251
  def specs_files_paths
272
252
  specs_file_types.map do |specs_file_type|
273
- File.join(settings.data, spec_file_name(specs_file_type))
253
+ File.join(Geminabox.data, spec_file_name(specs_file_type))
274
254
  end
275
255
  end
276
256
 
@@ -287,7 +267,7 @@ HTML
287
267
  end
288
268
 
289
269
  def gem_list
290
- settings.rubygems_proxy ? combined_gem_list : local_gem_list
270
+ Geminabox.rubygems_proxy ? combined_gem_list : local_gem_list
291
271
  end
292
272
 
293
273
  def query_gems
@@ -322,7 +302,7 @@ HTML
322
302
  def spec_for(gem_name, version, platform = default_platform)
323
303
  filename = [gem_name, version]
324
304
  filename.push(platform) if platform != default_platform
325
- spec_file = File.join(settings.data, "quick", "Marshal.#{Gem.marshal_version}", "#{filename.join("-")}.gemspec.rz")
305
+ spec_file = File.join(Geminabox.data, "quick", "Marshal.#{Gem.marshal_version}", "#{filename.join("-")}.gemspec.rz")
326
306
  File::open(spec_file, 'r') do |unzipped_spec_file|
327
307
  unzipped_spec_file.binmode
328
308
  Marshal.load(Gem.inflate(unzipped_spec_file.read))
data/lib/geminabox/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Geminabox
2
- VERSION = '0.13.13' unless defined? VERSION
2
+ VERSION = '0.13.14' unless defined? VERSION
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: geminabox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.13.13
4
+ version: 0.13.14
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tom Lea
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2018-01-11 00:00:00.000000000 Z
14
+ date: 2018-01-25 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: sinatra
@@ -167,7 +167,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
167
167
  version: '0'
168
168
  requirements: []
169
169
  rubyforge_project:
170
- rubygems_version: 2.5.1
170
+ rubygems_version: 2.6.13
171
171
  signing_key:
172
172
  specification_version: 4
173
173
  summary: Really simple rubygem hosting