matchi 0.0.8 → 0.0.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (20) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/README.md +25 -15
  5. data/VERSION.semver +1 -1
  6. data/certs/gem-fixrb-public_cert.pem +21 -0
  7. data/checksum/matchi-0.0.1.gem.sha512 +1 -0
  8. data/checksum/matchi-0.0.2.gem.sha512 +1 -0
  9. data/checksum/matchi-0.0.3.gem.sha512 +1 -0
  10. data/checksum/matchi-0.0.4.gem.sha512 +1 -0
  11. data/checksum/matchi-0.0.5.gem.sha512 +1 -0
  12. data/checksum/matchi-0.0.6.gem.sha512 +1 -0
  13. data/checksum/matchi-0.0.7.gem.sha512 +1 -0
  14. data/checksum/matchi-0.0.8.gem.sha512 +1 -0
  15. data/checksum/matchi-0.0.9.gem.sha512 +1 -0
  16. data/matchi.gemspec +4 -6
  17. data/pkg_checksum +11 -0
  18. metadata +28 -18
  19. metadata.gz.sig +0 -0
  20. data/matchi-gem-public_cert.pem +0 -21
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: aba5dbe39a905baf4689d100df3092c66df38fb3
4
- data.tar.gz: ccf59ea03b4d94ed86ff22c28ba9e9983cb5b42d
3
+ metadata.gz: 659f29a670790e63d96ab4d838e3978b767e5a07
4
+ data.tar.gz: 035aaf2bd805b1018ab474e374b3245f267f9c83
5
5
  SHA512:
6
- metadata.gz: 3ec8cf176ff3511e5907caf39dfbb646604ccf72ed956edf5a92065fc1d35f7dcfe732f7de88dea0618e69d1e45f059a18b10761d97b4825c4926285718bb897
7
- data.tar.gz: d42262575329bcf116f0e43dc837f794b9d52843d0899275e3b116ef2ec67450975c5d6a00cbcca205b8ada302333033af7ea8b4a8359bd243b854e3ad0c0a95
6
+ metadata.gz: ccd2e3cef44f95a92b93c383421dd1d03821ae77c84607880383338ada5fc2fa1cf2c91af084b2a11e5a2c1d5fd2f47aede844cea74a3083233d00e3bb29d16a
7
+ data.tar.gz: 670b8aaf1192527270fd656132547d2e75127dfed51a3b2dc0d9d7151091e571689643bb4b54d3dd812ec56fd0f5e3f6ec25b7e66e2269a08991faa603ee36c2
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/README.md CHANGED
@@ -1,8 +1,3 @@
1
- [gem]: https://rubygems.org/gems/matchi
2
- [travis]: https://travis-ci.org/fixrb/matchi
3
- [inchpages]: http://inch-ci.org/github/fixrb/matchi/
4
- [rubydoc]: http://rubydoc.info/gems/matchi/frames
5
-
6
1
  # Matchi
7
2
 
8
3
  [![Build Status](https://travis-ci.org/fixrb/matchi.svg?branch=master)][travis]
@@ -26,19 +21,16 @@
26
21
 
27
22
  ## Installation
28
23
 
29
- Add this line to your application's Gemfile:
30
-
31
- ```ruby
32
- gem 'matchi'
33
- ```
34
-
35
- And then execute:
24
+ __Matchi__ is cryptographically signed.
36
25
 
37
- $ bundle
26
+ To be sure the gem you install hasn't been tampered with, add my public key
27
+ (if you haven't already) as a trusted certificate:
38
28
 
39
- Or install it yourself as:
29
+ $ gem cert --add <(curl -Ls https://raw.github.com/fixrb/matchi/master/certs/gem-fixrb-public_cert.pem)
30
+ $ gem install matchi -P HighSecurity
40
31
 
41
- $ gem install matchi
32
+ The `HighSecurity` trust profile will verify all gems. All of __Matchi__'s
33
+ dependencies are signed.
42
34
 
43
35
  ## Usage
44
36
 
@@ -154,6 +146,19 @@ start_with = Matchi.fetch(:StartWith, 'foo')
154
146
  start_with.matches? { 'foobar' } # => true
155
147
  ```
156
148
 
149
+ ## Security
150
+
151
+ As a basic form of security __Matchi__ provides a set of SHA512 checksums for
152
+ every Gem release. These checksums can be found in the `checksum/` directory.
153
+ Although these checksums do not prevent malicious users from tampering with a
154
+ built Gem they can be used for basic integrity verification purposes.
155
+
156
+ The checksum of a file can be checked using the `sha512sum` command. For
157
+ example:
158
+
159
+ $ sha512sum pkg/matchi-0.0.1.gem
160
+ 548d9f669ded4e622182791a5390aaceae0bf2e557b0864f05a842b0be2c65e10e1fb8499f49a3b9efd0e8eaeb691351b1c670d6316ce49965a99683b1071389 pkg/matchi-0.0.1.gem
161
+
157
162
  ## Versioning
158
163
 
159
164
  __Matchi__ follows [Semantic Versioning 2.0](http://semver.org/).
@@ -169,3 +174,8 @@ __Matchi__ follows [Semantic Versioning 2.0](http://semver.org/).
169
174
  ## License
170
175
 
171
176
  See `LICENSE.md` file.
177
+
178
+ [gem]: https://rubygems.org/gems/matchi
179
+ [travis]: https://travis-ci.org/fixrb/matchi
180
+ [inchpages]: http://inch-ci.org/github/fixrb/matchi/
181
+ [rubydoc]: http://rubydoc.info/gems/matchi/frames
data/VERSION.semver CHANGED
@@ -1 +1 @@
1
- 0.0.8
1
+ 0.0.9
data/certs/gem-fixrb-public_cert.pem ADDED
@@ -0,0 +1,21 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIDdDCCAlygAwIBAgIBATANBgkqhkiG9w0BAQUFADBAMRAwDgYDVQQDDAdjb250
3
+ YWN0MRUwEwYKCZImiZPyLGQBGRYFY3lyaWwxFTATBgoJkiaJk/IsZAEZFgVlbWFp
4
+ bDAeFw0xNTA3MzExMjExMDZaFw0xNjA3MzAxMjExMDZaMEAxEDAOBgNVBAMMB2Nv
5
+ bnRhY3QxFTATBgoJkiaJk/IsZAEZFgVjeXJpbDEVMBMGCgmSJomT8ixkARkWBWVt
6
+ YWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hUEYoxnn1mtoaiK
7
+ NiwjzVPqPgQCR9ZeYdWjLJ3UUG2h5Q6awJCnbaGr8LGGcKtveCDbOJRjtdKNuOTH
8
+ O2FLTkf46nrMGiF+6/j//qh8o0EQHBRKIVMYkxZxZe4Fcqtdf1bWNMZuXeyoDjdt
9
+ 4yiGfizbbTOu0gBf7Yrsv5DsL0a5CU/We7zxMfgGXCVb9PYkD+OWUMcTARYDKfYa
10
+ nN9ECI7CFm/yXcsof/eIQA5EmJNmQnhx8B+8L6jDqQeSUAUrBZnC9CdloKOoqmEL
11
+ weqM2g6LM932Ba74rEl4QlFRYDcs8kjr71UcvseHRCUkFr36j26OU8+gKelsTNdO
12
+ 7OZNKQIDAQABo3kwdzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU
13
+ LSJTN9h29D6bqOhp+vyvhyM0AF4wHgYDVR0RBBcwFYETY29udGFjdEBjeXJpbC5l
14
+ bWFpbDAeBgNVHRIEFzAVgRNjb250YWN0QGN5cmlsLmVtYWlsMA0GCSqGSIb3DQEB
15
+ BQUAA4IBAQArqCC1rUyGJlF0DF9ZhUOgggyROvO0/WroSI5zWgzdB8EU7RJpsDIV
16
+ caGnpji7h0rQIGWQuJ6TL2fTFLfeGRFdIzRZwWC7TeXhcXngJHZxSjDBt2OpfM8A
17
+ P5eElSQS9iJCetBGGMyt354PfgZkg3URaC+JA6mdEisdtEdo64ElnMsLg9shCqye
18
+ JSR3BbejbyPVva0/MHKD+dR6RswlcM9KMiYOXQml7a/kH6huOHvVq9gj5xC2ih8W
19
+ dzJvWzQ1+dJU6WQv75E9ddSkaQrK3nhdgQVu+/wgvGSrsMvOGNz+LXaSDxQqZuwX
20
+ 0KNQFuIukfrdk8URwRnHoAnvx4U93iUw
21
+ -----END CERTIFICATE-----
data/checksum/matchi-0.0.1.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ 548d9f669ded4e622182791a5390aaceae0bf2e557b0864f05a842b0be2c65e10e1fb8499f49a3b9efd0e8eaeb691351b1c670d6316ce49965a99683b1071389
data/checksum/matchi-0.0.2.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ d82ab27fc779090bbb6848bd0d621a28934bb2d3404aa2086a81fe7ffb6722af2a5071af8ce2d1e8aeac77d634c1ee0c0cbe1d989b4b0b8a66f490794ceec97e
data/checksum/matchi-0.0.3.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ 474a7ee1ad41ce13fb56f8935fc774492095397addca63b1c830cdd55c394b301764773dee68e055341ced3971a6a6f79c15cd3c5af6290179027677ebbe1d14
data/checksum/matchi-0.0.4.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ 7d9b374d6260c62f94f1cfd5b4612eb8c2201060ecf0c85f4221bf5503ee434071abe73514654b7cd28c71e2305f6fe680fc0d5b3202fc56b96b881d6cb08168
data/checksum/matchi-0.0.5.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ 354f4bfa07bf00f569e09b39b6333ba04ac76cd4ac612e3fadd945c94b710c5ddb670fe7f5ef164c526da85e8a4c38a5b1f1521e86f85ddb6d3bc81399ef0800
data/checksum/matchi-0.0.6.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ 38d4b6160b00b7151e6b344942674ab724c60b5543eecbaf339ba7b9182be86063df987240af317ae0ef0e6123e29603180095ea2c6e676e264e662386fe03db
data/checksum/matchi-0.0.7.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ b2c0cc27a4ea712acf7699e32849f380e8c04609ffbf7e0c21e975fe99d130c221b13d2991c432e797ef0eccd41fd3aaa3d4ca5622f53bb0109aea844f21d74a
data/checksum/matchi-0.0.8.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ 92577ec2d3b918b7532f18fc451e60d723c454bc14f2aab79ecf03d59318b4bb97ef94db765bd8c7e482bd8feb2a36f8faf95f425b725bba2647853b4a2ef766
data/checksum/matchi-0.0.9.gem.sha512 ADDED
@@ -0,0 +1 @@
1
+ 2fec09a07ba40a3a78fbf475f84fd8f620d90e3bd4596ca05b828d379302aef5c748543bb585c78b5ee536be68e9b444f92e4b99fc39eed50165ad1b3561da31
data/matchi.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |spec|
2
2
  spec.name = 'matchi'
3
- spec.version = File.read('VERSION.semver')
3
+ spec.version = File.read('VERSION.semver').chomp
4
4
  spec.authors = ['Cyril Wack']
5
5
  spec.email = ['contact@cyril.email']
6
6
 
@@ -20,9 +20,7 @@ Gem::Specification.new do |spec|
20
20
  spec.add_development_dependency 'simplecov', '~> 0.10'
21
21
  spec.add_development_dependency 'rubocop', '~> 0.32'
22
22
 
23
- private_key = File.expand_path '~/.gem/matchi-gem-private_key.pem'
24
- if File.exist? private_key
25
- spec.signing_key = private_key
26
- spec.cert_chain = ['matchi-gem-public_cert.pem']
27
- end
23
+ spec.cert_chain = ['certs/gem-fixrb-public_cert.pem']
24
+ private_key = File.expand_path('~/.ssh/gem-fixrb-private_key.pem')
25
+ spec.signing_key = private_key if File.exist?(private_key)
28
26
  end
data/pkg_checksum ADDED
@@ -0,0 +1,11 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'digest/sha2'
4
+
5
+ gemname = :matchi
6
+ ARGV[0] = File.read('VERSION.semver').chomp if ARGV[0].nil?
7
+ built_gem_path = "pkg/#{gemname}-#{ARGV[0]}.gem"
8
+ checksum = Digest::SHA512.new.hexdigest(File.read(built_gem_path))
9
+ checksum_path = "checksum/#{gemname}-#{ARGV[0]}.gem.sha512"
10
+
11
+ File.open(checksum_path, 'w') { |f| f.write("#{checksum}\n") }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: matchi
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.8
4
+ version: 0.0.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Cyril Wack
@@ -12,25 +12,25 @@ cert_chain:
12
12
  -----BEGIN CERTIFICATE-----
13
13
  MIIDdDCCAlygAwIBAgIBATANBgkqhkiG9w0BAQUFADBAMRAwDgYDVQQDDAdjb250
14
14
  YWN0MRUwEwYKCZImiZPyLGQBGRYFY3lyaWwxFTATBgoJkiaJk/IsZAEZFgVlbWFp
15
- bDAeFw0xNTA3MjUxNjQ0MDdaFw0xNjA3MjQxNjQ0MDdaMEAxEDAOBgNVBAMMB2Nv
15
+ bDAeFw0xNTA3MzExMjExMDZaFw0xNjA3MzAxMjExMDZaMEAxEDAOBgNVBAMMB2Nv
16
16
  bnRhY3QxFTATBgoJkiaJk/IsZAEZFgVjeXJpbDEVMBMGCgmSJomT8ixkARkWBWVt
17
- YWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzZdVRhS63a6V6/S
18
- 2BtPxGgQ2tCPDbxIq4R0teDJ/yygbVapb6WENF19sQtLYhPuwZirVLiHJ+JgtIev
19
- DxU/tbk3ag3zgyBRqRdnZhUcImHTrosjGbIDdSaQE4lgHXWYchBbF4FbRTRCUWMp
20
- k3iNs6tIeGdT4d7hYJROnDQDqZfk6YyF1uBZcSWSuq+RehYv6Q95hfFF761MiZ7Q
21
- 7fa7gJORbyOndy6X7BCRLFv2+N3UhsK2CT6JLXvqzTBpdmDAQ1TxEPPjD7abgRIv
22
- p8qs9ZUEeKn+CF/bp3iqRY9quPeRDch1Kis7PPsX7/Cee06/C/bFmkJZBxg4Wd7R
23
- ErAUBQIDAQABo3kwdzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU
24
- Fv5xNDE1EZ041o2YddwGt92ffAMwHgYDVR0RBBcwFYETY29udGFjdEBjeXJpbC5l
17
+ YWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hUEYoxnn1mtoaiK
18
+ NiwjzVPqPgQCR9ZeYdWjLJ3UUG2h5Q6awJCnbaGr8LGGcKtveCDbOJRjtdKNuOTH
19
+ O2FLTkf46nrMGiF+6/j//qh8o0EQHBRKIVMYkxZxZe4Fcqtdf1bWNMZuXeyoDjdt
20
+ 4yiGfizbbTOu0gBf7Yrsv5DsL0a5CU/We7zxMfgGXCVb9PYkD+OWUMcTARYDKfYa
21
+ nN9ECI7CFm/yXcsof/eIQA5EmJNmQnhx8B+8L6jDqQeSUAUrBZnC9CdloKOoqmEL
22
+ weqM2g6LM932Ba74rEl4QlFRYDcs8kjr71UcvseHRCUkFr36j26OU8+gKelsTNdO
23
+ 7OZNKQIDAQABo3kwdzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU
24
+ LSJTN9h29D6bqOhp+vyvhyM0AF4wHgYDVR0RBBcwFYETY29udGFjdEBjeXJpbC5l
25
25
  bWFpbDAeBgNVHRIEFzAVgRNjb250YWN0QGN5cmlsLmVtYWlsMA0GCSqGSIb3DQEB
26
- BQUAA4IBAQB5ycjhljpXHEWwbGpLNEIi5eyzHgeArts9097roa8OLR4sdaVckWNe
27
- r9N3Iyd0XLCzQ8oLLk9Cy1L0S00+eL6XoMyE/FySFqARBEhAp45VGIOrlqD0zZiT
28
- 6tqSB3lH5T7PsH7/81iJ0fO9m5LBDaTtySs1fPJgI0k9SLCOZ43p2YvJMOgsICj2
29
- I83euKYVzCNIrjmqShSC+3JEcPqK8lLzG1xHH3XQNfU3K9Ps7YFxmAZTA4QIsWB+
30
- Tocbm14vxRNYJlIl7mLxKa9eERHotprIMNnTAQb8bWKpWkgrNLwWizHkSOJbIyXP
31
- ZbgpTpagA2sM3Pw4isd1YmzFodoGm6OI
26
+ BQUAA4IBAQArqCC1rUyGJlF0DF9ZhUOgggyROvO0/WroSI5zWgzdB8EU7RJpsDIV
27
+ caGnpji7h0rQIGWQuJ6TL2fTFLfeGRFdIzRZwWC7TeXhcXngJHZxSjDBt2OpfM8A
28
+ P5eElSQS9iJCetBGGMyt354PfgZkg3URaC+JA6mdEisdtEdo64ElnMsLg9shCqye
29
+ JSR3BbejbyPVva0/MHKD+dR6RswlcM9KMiYOXQml7a/kH6huOHvVq9gj5xC2ih8W
30
+ dzJvWzQ1+dJU6WQv75E9ddSkaQrK3nhdgQVu+/wgvGSrsMvOGNz+LXaSDxQqZuwX
31
+ 0KNQFuIukfrdk8URwRnHoAnvx4U93iUw
32
32
  -----END CERTIFICATE-----
33
- date: 2015-07-25 00:00:00.000000000 Z
33
+ date: 2015-07-31 00:00:00.000000000 Z
34
34
  dependencies:
35
35
  - !ruby/object:Gem::Dependency
36
36
  name: bundler
@@ -120,6 +120,16 @@ files:
120
120
  - VERSION.semver
121
121
  - bin/console
122
122
  - bin/setup
123
+ - certs/gem-fixrb-public_cert.pem
124
+ - checksum/matchi-0.0.1.gem.sha512
125
+ - checksum/matchi-0.0.2.gem.sha512
126
+ - checksum/matchi-0.0.3.gem.sha512
127
+ - checksum/matchi-0.0.4.gem.sha512
128
+ - checksum/matchi-0.0.5.gem.sha512
129
+ - checksum/matchi-0.0.6.gem.sha512
130
+ - checksum/matchi-0.0.7.gem.sha512
131
+ - checksum/matchi-0.0.8.gem.sha512
132
+ - checksum/matchi-0.0.9.gem.sha512
123
133
  - lib/matchi.rb
124
134
  - lib/matchi/be_false.rb
125
135
  - lib/matchi/be_nil.rb
@@ -128,8 +138,8 @@ files:
128
138
  - lib/matchi/equal.rb
129
139
  - lib/matchi/match.rb
130
140
  - lib/matchi/raise_exception.rb
131
- - matchi-gem-public_cert.pem
132
141
  - matchi.gemspec
142
+ - pkg_checksum
133
143
  homepage: https://github.com/fixrb/matchi
134
144
  licenses:
135
145
  - MIT
metadata.gz.sig CHANGED
Binary file
data/matchi-gem-public_cert.pem DELETED
@@ -1,21 +0,0 @@
1
- -----BEGIN CERTIFICATE-----
2
- MIIDdDCCAlygAwIBAgIBATANBgkqhkiG9w0BAQUFADBAMRAwDgYDVQQDDAdjb250
3
- YWN0MRUwEwYKCZImiZPyLGQBGRYFY3lyaWwxFTATBgoJkiaJk/IsZAEZFgVlbWFp
4
- bDAeFw0xNTA3MjUxNjQ0MDdaFw0xNjA3MjQxNjQ0MDdaMEAxEDAOBgNVBAMMB2Nv
5
- bnRhY3QxFTATBgoJkiaJk/IsZAEZFgVjeXJpbDEVMBMGCgmSJomT8ixkARkWBWVt
6
- YWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzZdVRhS63a6V6/S
7
- 2BtPxGgQ2tCPDbxIq4R0teDJ/yygbVapb6WENF19sQtLYhPuwZirVLiHJ+JgtIev
8
- DxU/tbk3ag3zgyBRqRdnZhUcImHTrosjGbIDdSaQE4lgHXWYchBbF4FbRTRCUWMp
9
- k3iNs6tIeGdT4d7hYJROnDQDqZfk6YyF1uBZcSWSuq+RehYv6Q95hfFF761MiZ7Q
10
- 7fa7gJORbyOndy6X7BCRLFv2+N3UhsK2CT6JLXvqzTBpdmDAQ1TxEPPjD7abgRIv
11
- p8qs9ZUEeKn+CF/bp3iqRY9quPeRDch1Kis7PPsX7/Cee06/C/bFmkJZBxg4Wd7R
12
- ErAUBQIDAQABo3kwdzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU
13
- Fv5xNDE1EZ041o2YddwGt92ffAMwHgYDVR0RBBcwFYETY29udGFjdEBjeXJpbC5l
14
- bWFpbDAeBgNVHRIEFzAVgRNjb250YWN0QGN5cmlsLmVtYWlsMA0GCSqGSIb3DQEB
15
- BQUAA4IBAQB5ycjhljpXHEWwbGpLNEIi5eyzHgeArts9097roa8OLR4sdaVckWNe
16
- r9N3Iyd0XLCzQ8oLLk9Cy1L0S00+eL6XoMyE/FySFqARBEhAp45VGIOrlqD0zZiT
17
- 6tqSB3lH5T7PsH7/81iJ0fO9m5LBDaTtySs1fPJgI0k9SLCOZ43p2YvJMOgsICj2
18
- I83euKYVzCNIrjmqShSC+3JEcPqK8lLzG1xHH3XQNfU3K9Ps7YFxmAZTA4QIsWB+
19
- Tocbm14vxRNYJlIl7mLxKa9eERHotprIMNnTAQb8bWKpWkgrNLwWizHkSOJbIyXP
20
- ZbgpTpagA2sM3Pw4isd1YmzFodoGm6OI
21
- -----END CERTIFICATE-----