path53 0.4.7 → 0.4.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/README.org +20 -0
  4. data.tar.gz.sig +0 -0
  5. metadata +1 -1
  6. metadata.gz.sig +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 26becaccfa4c806d3188958d308ced81404e84c4
4
- data.tar.gz: 7a3ba6360bf5938bed85c0d4fd722573f834db8a
3
+ metadata.gz: 232e35ab654ffd598a1816606e5efd0ecf613807
4
+ data.tar.gz: ef7c23b81f8a1221504121c65063f31521466471
5
5
  SHA512:
6
- metadata.gz: 2980037582b456309a1e6c5a0930049a238bea1a2699a083c7ac741e035d3db72c3578180d1a64b2f1c982fa9c10ab3a80bc9435806fd07aa56c219d55d3b43b
7
- data.tar.gz: dfe4da204bff2bb69a3fdb1dfa44ee814305434d7bafd056de70741ed698f8e6f3f5fdcbdacbeff823f3d0fa50035bb63d7d7b0ee45b8fab5982aa961825e030
6
+ metadata.gz: d528f082c73312fd59d7288daa6e28c759c534d019e556445c17a19bbf32c213507ccefcbbdc9c592bdb4a945b78e9fdd487082d251611ff62869333f738a096
7
+ data.tar.gz: b22f93edba5a2e306edcb2711265f2c7516aa493ba383dcca812b2b1ef8ef9b1bc7e7fa0acd6d9195b206e55b39b5332b25989cb5487fd91ff7b8165cb1200c8
checksums.yaml.gz.sig CHANGED
Binary file
data/README.org CHANGED
@@ -23,6 +23,26 @@ validation rules are often surprising. =path53= aims to tame this complexity.
23
23
  tampered with (and really should, since calling ~apply!~ acts on your AWS
24
24
  account with your credentials).
25
25
 
26
+ Assuming you have trusted the certificate, you can perform a trusted installation like so:
27
+
28
+ #+BEGIN_SRC shell
29
+ gem install path53 --trust-policy MediumSecurity
30
+ #+END_SRC
31
+
32
+ Using =bundler=, the process is similar:
33
+
34
+ #+BEGIN_SRC shell
35
+ bundle --trust-policy MediumSecurity
36
+ #+END_SRC
37
+
38
+ *** Why MediumSecurity?
39
+
40
+ =MediumSecurity= requires valid signatures on *signed* gems, but allows unsigned
41
+ dependencies. While =path53= has few dependencies, not all of them are signed.
42
+ Using =HighSecurity= will fail unless *all* dependencies are signed.
43
+
44
+ *** Trusting the signing certificate
45
+
26
46
  A copy of the public key is included in the repository for verification.
27
47
  Assuming you've cloned the repository to =./path53=, you can add it to your list
28
48
  of trusted keys like so:
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: path53
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.7
4
+ version: 0.4.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Olstrom
metadata.gz.sig CHANGED
@@ -1 +1,2 @@
1
- ��Fƕ�P4���o5������|�7�~���>�X*C�f��Mn��ls�@���FE�5ϊ/�����>�G�Ŗ�ѕӴ����zDھ�[��(�,�yp�&�09jEI���c�v`��G�Co鱾�bw{U�:_m��A�5��1��ΞI� {Jk�ɟǠ���P�Bp2���=�?��]���h�5gћ{[��a�v����.�Nh�S�( �� �C�/~m�F�{� {�ab�����G�t�ˬ�q��"ȋH�ގ���Q�v
1
+ �d�^C�J�P�m�
2
+ ���W���p����}�Y-I�Tix�Ւ��X4VH��x����2[?[��S�����(_�M�f