github-safegem 0.2.2 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION.yml +1 -1
- data/bin/safegem +89 -85
- metadata +1 -1
data/VERSION.yml
CHANGED
data/bin/safegem
CHANGED
@@ -21,109 +21,113 @@ end
|
|
21
21
|
|
22
22
|
post '/' do
|
23
23
|
puts "-> #{params.merge('data' => params[:data].size).inspect}"
|
24
|
-
|
24
|
+
op = proc do
|
25
|
+
r, w = IO.pipe
|
25
26
|
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
27
|
+
pid = nil
|
28
|
+
begin
|
29
|
+
repo = params[:repo]
|
30
|
+
data = params[:data]
|
31
|
+
callback = params[:callback]
|
32
|
+
token = params[:token]
|
33
|
+
tmpdir = "tmp/#{repo}"
|
34
|
+
spec = nil
|
34
35
|
|
35
|
-
|
36
|
-
|
37
|
-
|
36
|
+
Timeout::timeout(300) do
|
37
|
+
t = time { `git clone --depth 1 git://github.com/#{repo} #{tmpdir}` }
|
38
|
+
puts "-- cloned #{repo} in #{t}s"
|
38
39
|
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
40
|
+
t1 = Time.now
|
41
|
+
pid = fork do
|
42
|
+
begin
|
43
|
+
r.close
|
43
44
|
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
Object.class_eval do
|
51
|
-
remove_const :OrigDir rescue nil
|
52
|
-
OrigDir = Dir
|
53
|
-
remove_const :Dir
|
54
|
-
Dir = LazyDir
|
55
|
-
end
|
56
|
-
$SAFE = 3
|
57
|
-
OrigDir.set_safe_level
|
58
|
-
}
|
59
|
-
BEGIN { # This forces Ruby to ignore nested END {} blocks
|
60
|
-
begin
|
61
|
-
params = tmpdir = data = spec = repo = nil
|
62
|
-
# Pass data out using TLS
|
63
|
-
Thread.current[:spec] = (#{data})
|
64
|
-
ensure
|
45
|
+
require 'safegem/security'
|
46
|
+
require 'safegem/lazy_dir'
|
47
|
+
Dir.chdir(tmpdir) do
|
48
|
+
thread = Thread.new do
|
49
|
+
eval <<-EOE
|
50
|
+
BEGIN { # First in first out. Get this one exec'ed before the code below.
|
65
51
|
Object.class_eval do
|
52
|
+
remove_const :OrigDir rescue nil
|
53
|
+
OrigDir = Dir
|
66
54
|
remove_const :Dir
|
67
|
-
Dir =
|
55
|
+
Dir = LazyDir
|
68
56
|
end
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
57
|
+
$SAFE = 3
|
58
|
+
OrigDir.set_safe_level
|
59
|
+
}
|
60
|
+
BEGIN { # This forces Ruby to ignore nested END {} blocks
|
61
|
+
begin
|
62
|
+
params = tmpdir = data = spec = repo = nil
|
63
|
+
# Pass data out using TLS
|
64
|
+
Thread.current[:spec] = (#{data})
|
65
|
+
ensure
|
66
|
+
Object.class_eval do
|
67
|
+
remove_const :Dir
|
68
|
+
Dir = OrigDir
|
69
|
+
end
|
70
|
+
end
|
71
|
+
}
|
72
|
+
EOE
|
73
|
+
end.join
|
74
|
+
Dir.set_safe_level
|
75
|
+
spec = thread[:spec]
|
76
|
+
spec.rubygems_version = Gem::RubyGemsVersion # make sure validation passes
|
77
|
+
spec.validate
|
78
|
+
end
|
78
79
|
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
80
|
+
payload = Base64.encode64(Zlib::Deflate.deflate(YAML.dump(spec)))
|
81
|
+
w.write payload
|
82
|
+
w.close
|
83
|
+
rescue Object
|
84
|
+
puts $!, $@
|
84
85
|
|
85
|
-
|
86
|
-
|
86
|
+
w.write "ERROR: #$!"
|
87
|
+
w.close
|
88
|
+
end
|
87
89
|
end
|
88
|
-
end
|
89
90
|
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
91
|
+
w.close
|
92
|
+
Process.wait(pid)
|
93
|
+
yaml = r.read
|
94
|
+
r.close
|
95
|
+
puts "-- converted to yaml in #{Time.now - t1}s"
|
95
96
|
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
97
|
+
res = nil
|
98
|
+
t = time do
|
99
|
+
payload = {'token' => token, 'yaml' => yaml}
|
100
|
+
puts "<- [#{callback}] #{payload.merge('yaml' => payload['yaml'].size).inspect}"
|
101
|
+
res = Net::HTTP.post_form(URI.parse(callback), payload)
|
102
|
+
end
|
103
|
+
puts "-> #{res.body.inspect} in #{t}s"
|
103
104
|
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
105
|
+
# uri = URI.parse(callback)
|
106
|
+
# http = Net::HTTP.new(uri.host)
|
107
|
+
# http.set_debug_output $stdout
|
108
|
+
# http.start do |http|
|
109
|
+
# req = Net::HTTP::Post.new(uri.path)
|
110
|
+
# payload = {'token' => token, 'yaml' => yaml}
|
111
|
+
# req.set_form_data(payload)
|
112
|
+
# res = http.request(req)
|
113
|
+
# p res.value
|
114
|
+
# end
|
114
115
|
|
115
|
-
|
116
|
+
packet = {'result' => "Successfully converted #{repo} gemspec to YAML.", 'error' => nil}
|
117
|
+
puts "<- #{packet.inspect}"
|
118
|
+
packet.to_json
|
119
|
+
end
|
120
|
+
rescue Exception => e
|
121
|
+
Process.kill(9, pid) rescue nil
|
122
|
+
packet = {'error' => e.to_hash}
|
116
123
|
puts "<- #{packet.inspect}"
|
117
124
|
packet.to_json
|
125
|
+
ensure
|
126
|
+
`rm -rf #{tmpdir}` if tmpdir
|
118
127
|
end
|
119
|
-
rescue Exception => e
|
120
|
-
Process.kill(9, pid) rescue nil
|
121
|
-
packet = {'error' => e.to_hash}
|
122
|
-
puts "<- #{packet.inspect}"
|
123
|
-
packet.to_json
|
124
|
-
ensure
|
125
|
-
`rm -rf #{tmpdir}` if tmpdir
|
126
128
|
end
|
129
|
+
EM.defer(op, proc { })
|
130
|
+
{'result' => 'Success', 'error' => nil}.to_json
|
127
131
|
end
|
128
132
|
|
129
133
|
if $0 != __FILE__
|