git-lint 1.0.1 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 41ebd28b9de6a2091463ebd909561803347a03806d4766b8f89427654e05f360
-  data.tar.gz: b361484f8086fd3e26a7e56ee7777a95efef5e721df3ea2d5a9b558834a67df2
+  metadata.gz: 217b7749f87f9d937c13906b0dc6433337e3bab50dce59ca7e8c83461bf36a76
+  data.tar.gz: 92c9afbc9da13b851bc167e371cabe36cf4b462694468c01d16c874b7f56bee0
 SHA512:
-  metadata.gz: 8c94de6e225fa83c24130ed0e8128d9ee9ca9aa9fdc2b5852d2055a637e9e57ab8dc410842a8921fb1b0ca0e6aa6d1570d582fe57d509518d30e41dd7098d5f5
-  data.tar.gz: 474f3f1c1755a9745cf44813ed5ebfea9befe656426d27c2004508a416235378b2cfd7f49358829efb9862224d3faa12d5fad618ddb81fed3532b534910d238e
+  metadata.gz: 7a43fffa66b31e106709d7da90c38c1fe291ccf2546d07b110f820c57d9ff5b38fd689e464ec2868644068ee07ef0e39506cb78c948c3f1f0291cb4686c64190
+  data.tar.gz: aeadbaf169dcb7f21df18c4737a405df4cb1e8ebdec17dc8565ce94906421c042b591eaa16ae999832611fbb34bfabe038fe826ba439e443df347a47a2c211c4

data/README.adoc

@@ -171,7 +171,7 @@ variables. The default configuration is:
   :severity: :error
   :includes: "\\-"
 :commit_body_issue_tracker_link:
-  :enabled: true,
+  :enabled: true
   :severity: :error
   :excludes:
     - "(f|F)ix(es|ed)?\\s\\#\\d+"
@@ -869,13 +869,30 @@ worth considering:
 * Avoid using link:https://git-scm.com/book/en/v2/Git-Tools-Submodules[Git Submodules]. This
   practice leads to complicated project cloning, deployments, maintenance, etc. Use separate
   repositories to better organize and split out this work. Sophisticated package managers, like
-  link:https://bundler.io[Bundler] for example, exist to manage these dependencies better than what
-  multiple Git Submodules can accomplish.
+  link:https://bundler.io[Bundler], exist to manage these dependencies better than what multiple Git
+  Submodules can accomplish.
 * Avoid using link:https://git-lfs.github.com[Git LFS] for tracking binary artifacts/resources.
   These files are not meant for version control and lead to large repositories that are time
   consuming to clone/deploy. Use storage managers, like link:https://aws.amazon.com/s3[Amazon S3]
   for example, that are better suited for binary assets that don't change often.
 
+=== Security
+
+Ensure signed commits, pushes, and tags are enabled within your global Git Configuration to reduce
+an
+link:https://blog.gruntwork.io/how-to-spoof-any-user-on-github-and-what-to-do-to-prevent-it-e237e95b8deb[attack
+vector]. Run the following commands to enable:
+
+[source,bash]
+----
+git config --global commit.gpgSign true
+git config --global push.gpgSign true
+git config --global tag.gpgSign true
+----
+
+⚠️ GitHub, unfortunately, doesn't support signed pushes so you might need to leave that
+configuration disabled.
+
 === Commits
 
 * Use a commit subject that explains _what_ is being committed.
@@ -1017,9 +1034,9 @@ do this, follow these steps:
 . Check _Require review from Code Owners_.
 . Check _Require status checks to pass before merging_.
 . Check _Require branches to be up to date before merging_.
+. Check _Require signed commits_.
 . Check _Require linear history_ (pairs well with the merge options mentioned above).
 . Check _Include administrators_.
-. Uncheck _Require signed commits_ (only necessary for tags).
 . Uncheck _Allow force pushes_.
 . Uncheck _Allow deletions_.
 

data/lib/git/lint/analyzers/abstract.rb

@@ -13,6 +13,7 @@ module Git
         ISSUE_LINE_OFFSET = 2
 
         def self.inherited klass
+          super
           @descendants ||= []
           @descendants << klass unless klass.to_s.start_with? "#<Class" # Ignore anonymous classes.
         end

data/lib/git/lint/identity.rb

@@ -6,7 +6,7 @@ module Git
     module Identity
       NAME = "git-lint"
       LABEL = "Git Lint"
-      VERSION = "1.0.1"
+      VERSION = "1.1.0"
       VERSION_LABEL = "#{LABEL} #{VERSION}"
     end
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: git-lint
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.1.0
 platform: ruby
 authors:
 - Brooke Kuhlmann
@@ -28,7 +28,7 @@ cert_chain:
   2XV8FRa7/JimI07sPLC13eLY3xd/aYTi85Z782KIA4j0G8XEEWAX0ouBhlXPocZv
   QWc=
   -----END CERTIFICATE-----
-date: 2020-07-23 00:00:00.000000000 Z
+date: 2020-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pastel
@@ -50,14 +50,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '7.5'
+        version: '7.11'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '7.5'
+        version: '7.11'
 - !ruby/object:Gem::Dependency
   name: runcom
   requirement: !ruby/object:Gem::Requirement
@@ -204,14 +204,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.83'
+        version: '0.89'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.83'
+        version: '0.89'
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -260,14 +260,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.18'
+        version: '0.19'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.18'
+        version: '0.19'
 description:
 email:
 - brooke@alchemists.io