spectus 2.1.2 → 2.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +23 -15
- data/VERSION.semver +1 -1
- data/certs/gem-fixrb-public_cert.pem +21 -0
- data/checksum/spectus-2.0.0.gem.sha512 +1 -0
- data/checksum/spectus-2.0.1.gem.sha512 +1 -0
- data/checksum/spectus-2.0.2.gem.sha512 +1 -0
- data/checksum/spectus-2.0.3.gem.sha512 +1 -0
- data/checksum/spectus-2.0.4.gem.sha512 +1 -0
- data/checksum/spectus-2.1.0.gem.sha512 +1 -0
- data/checksum/spectus-2.1.1.gem.sha512 +1 -0
- data/checksum/spectus-2.1.2.gem.sha512 +1 -0
- data/pkg_checksum +11 -0
- data/spectus.gemspec +4 -6
- metadata +27 -18
- metadata.gz.sig +0 -0
- data/spectus-gem-public_cert.pem +0 -21
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a312e78b039e7c9918d904c9181ccc7a1f27c3cc
|
|
4
|
+
data.tar.gz: 64ad093824b550c74ada53baa5103e66f5bdf9b9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 833b4df309519b4902d4c37c76dd583ac6f4e8335e243508740dc401a59ab68ed47845c68016f7cc2cb8d23eefda087d78275ebe92a59450e3acb8f07b38f52c
|
|
7
|
+
data.tar.gz: e57d7f00a15dabe3b4474fc9f748ae48effa27be357d3605b5ba62747c53e233b114e6d9a9d63dae229c2c7c22937b94c565c3fa1947f4bbe95279b123187097
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data.tar.gz.sig
CHANGED
|
Binary file
|
data/README.md
CHANGED
|
@@ -1,8 +1,3 @@
|
|
|
1
|
-
[gem]: https://rubygems.org/gems/spectus
|
|
2
|
-
[travis]: https://travis-ci.org/fixrb/spectus
|
|
3
|
-
[inchpages]: http://inch-ci.org/github/fixrb/spectus/
|
|
4
|
-
[rubydoc]: http://rubydoc.info/gems/spectus/frames
|
|
5
|
-
|
|
6
1
|
# Spectus
|
|
7
2
|
|
|
8
3
|
[][travis]
|
|
@@ -26,19 +21,14 @@
|
|
|
26
21
|
|
|
27
22
|
## Installation
|
|
28
23
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
```ruby
|
|
32
|
-
gem 'spectus'
|
|
33
|
-
```
|
|
34
|
-
|
|
35
|
-
And then execute:
|
|
24
|
+
__Spectus__ is cryptographically signed.
|
|
36
25
|
|
|
37
|
-
|
|
26
|
+
To be sure the gem you install hasn't been tampered with, add my public key (if you haven't already) as a trusted certificate:
|
|
38
27
|
|
|
39
|
-
|
|
28
|
+
$ gem cert --add <(curl -Ls https://raw.github.com/fixrb/spectus/master/certs/gem-fixrb-public_cert.pem)
|
|
29
|
+
$ gem install spectus -P HighSecurity
|
|
40
30
|
|
|
41
|
-
|
|
31
|
+
The `HighSecurity` trust profile will verify all gems. All of __Spectus__'s dependencies are signed.
|
|
42
32
|
|
|
43
33
|
## Expectation
|
|
44
34
|
|
|
@@ -118,6 +108,19 @@ Spectus.this { 'foo'.blank? }.MAY :BeFalse
|
|
|
118
108
|
|
|
119
109
|
The optional `blank?` method is not implemented (unlike in [Ruby on Rails](http://api.rubyonrails.org/classes/Object.html#method-i-blank-3F), for instance), so the result of the test shows that the spec passed.
|
|
120
110
|
|
|
111
|
+
## Security
|
|
112
|
+
|
|
113
|
+
As a basic form of security __Spectus__ provides a set of SHA512 checksums for
|
|
114
|
+
every Gem release. These checksums can be found in the `checksum/` directory.
|
|
115
|
+
Although these checksums do not prevent malicious users from tampering with a
|
|
116
|
+
built Gem they can be used for basic integrity verification purposes.
|
|
117
|
+
|
|
118
|
+
The checksum of a file can be checked using the `sha512sum` command. For
|
|
119
|
+
example:
|
|
120
|
+
|
|
121
|
+
$ sha512sum pkg/spectus-2.0.0.gem
|
|
122
|
+
e00ef19cbae209816410c1b0e4b032a59ba70ab2e43367c934ad723d3e23a9c50c457c0963fab7d46743d82ab21f9482dbd8ceb7cab23617e37be26823d846cd pkg/spectus-2.0.0.gem
|
|
123
|
+
|
|
121
124
|
## Versioning
|
|
122
125
|
|
|
123
126
|
__Spectus__ follows [Semantic Versioning 2.0](http://semver.org/).
|
|
@@ -133,3 +136,8 @@ __Spectus__ follows [Semantic Versioning 2.0](http://semver.org/).
|
|
|
133
136
|
## License
|
|
134
137
|
|
|
135
138
|
See `LICENSE.md` file.
|
|
139
|
+
|
|
140
|
+
[gem]: https://rubygems.org/gems/spectus
|
|
141
|
+
[travis]: https://travis-ci.org/fixrb/spectus
|
|
142
|
+
[inchpages]: http://inch-ci.org/github/fixrb/spectus/
|
|
143
|
+
[rubydoc]: http://rubydoc.info/gems/spectus/frames
|
data/VERSION.semver
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.1.
|
|
1
|
+
2.1.3
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIDdDCCAlygAwIBAgIBATANBgkqhkiG9w0BAQUFADBAMRAwDgYDVQQDDAdjb250
|
|
3
|
+
YWN0MRUwEwYKCZImiZPyLGQBGRYFY3lyaWwxFTATBgoJkiaJk/IsZAEZFgVlbWFp
|
|
4
|
+
bDAeFw0xNTA3MzExMjExMDZaFw0xNjA3MzAxMjExMDZaMEAxEDAOBgNVBAMMB2Nv
|
|
5
|
+
bnRhY3QxFTATBgoJkiaJk/IsZAEZFgVjeXJpbDEVMBMGCgmSJomT8ixkARkWBWVt
|
|
6
|
+
YWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hUEYoxnn1mtoaiK
|
|
7
|
+
NiwjzVPqPgQCR9ZeYdWjLJ3UUG2h5Q6awJCnbaGr8LGGcKtveCDbOJRjtdKNuOTH
|
|
8
|
+
O2FLTkf46nrMGiF+6/j//qh8o0EQHBRKIVMYkxZxZe4Fcqtdf1bWNMZuXeyoDjdt
|
|
9
|
+
4yiGfizbbTOu0gBf7Yrsv5DsL0a5CU/We7zxMfgGXCVb9PYkD+OWUMcTARYDKfYa
|
|
10
|
+
nN9ECI7CFm/yXcsof/eIQA5EmJNmQnhx8B+8L6jDqQeSUAUrBZnC9CdloKOoqmEL
|
|
11
|
+
weqM2g6LM932Ba74rEl4QlFRYDcs8kjr71UcvseHRCUkFr36j26OU8+gKelsTNdO
|
|
12
|
+
7OZNKQIDAQABo3kwdzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU
|
|
13
|
+
LSJTN9h29D6bqOhp+vyvhyM0AF4wHgYDVR0RBBcwFYETY29udGFjdEBjeXJpbC5l
|
|
14
|
+
bWFpbDAeBgNVHRIEFzAVgRNjb250YWN0QGN5cmlsLmVtYWlsMA0GCSqGSIb3DQEB
|
|
15
|
+
BQUAA4IBAQArqCC1rUyGJlF0DF9ZhUOgggyROvO0/WroSI5zWgzdB8EU7RJpsDIV
|
|
16
|
+
caGnpji7h0rQIGWQuJ6TL2fTFLfeGRFdIzRZwWC7TeXhcXngJHZxSjDBt2OpfM8A
|
|
17
|
+
P5eElSQS9iJCetBGGMyt354PfgZkg3URaC+JA6mdEisdtEdo64ElnMsLg9shCqye
|
|
18
|
+
JSR3BbejbyPVva0/MHKD+dR6RswlcM9KMiYOXQml7a/kH6huOHvVq9gj5xC2ih8W
|
|
19
|
+
dzJvWzQ1+dJU6WQv75E9ddSkaQrK3nhdgQVu+/wgvGSrsMvOGNz+LXaSDxQqZuwX
|
|
20
|
+
0KNQFuIukfrdk8URwRnHoAnvx4U93iUw
|
|
21
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
e00ef19cbae209816410c1b0e4b032a59ba70ab2e43367c934ad723d3e23a9c50c457c0963fab7d46743d82ab21f9482dbd8ceb7cab23617e37be26823d846cd
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
9e53bf80d2c965ad554b7250434aa110eb02af57df8099c72c88bb904713fbcb6561161854085bdd21192193b813c7fe2385bf29908309ef5a033c6e217fda89
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
099ab4633acf7a95dd4c4ee103ca23bea5c61e3c4f6e2d999608f802b575b42e35f6caa5688a94e556797ce44f2f331d29f6091030c3ffbcd48d66e4c106309b
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
940e7cd57595b988c887d78dfa3e09ddbc77e2f387fe3432dea085a1377b0b2cdde327aa1955ddfd98a41a7a3f5c07b42f2872a6a6b08dc9f85b04923ef6536b
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
6e76d7fa5d2a6aa49db44430ffb45e7a87e25abd2aa75ea8d26438959956d722a053ef777e286821086d94f279b986f46004677efe38026676ce70ec6428a46c
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
b0c21b8994071c60473dcb8744a6f5cd7666cfc9f6c682b39b27b45fd24ca6ff742b47c2c195a1b114bbb21bf843597a853e7ed48c4cc4d9992b8642f922b40a
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
01c0dc2a88f74f7696443426153f7d025ac796b29ef122c4330675c736e7c3021762185a6c34e34340f1a139cc59dae63e571a0d18c4cba068a6f2a9c357a431
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
630355ae4fb971f56f52b83d8cc112c2f8b3a38fedde269f527641c54581abaf230536532f1d3fb5b926dd0d4034dc886e8c5c1f0fcf59d31ed49b4ba2548fdd
|
data/pkg_checksum
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'digest/sha2'
|
|
4
|
+
|
|
5
|
+
gemname = :spectus
|
|
6
|
+
ARGV[0] = File.read('VERSION.semver').chomp if ARGV[0].nil?
|
|
7
|
+
built_gem_path = "pkg/#{gemname}-#{ARGV[0]}.gem"
|
|
8
|
+
checksum = Digest::SHA512.new.hexdigest(File.read(built_gem_path))
|
|
9
|
+
checksum_path = "checksum/#{gemname}-#{ARGV[0]}.gem.sha512"
|
|
10
|
+
|
|
11
|
+
File.open(checksum_path, 'w') { |f| f.write("#{checksum}\n") }
|
data/spectus.gemspec
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |spec|
|
|
2
2
|
spec.name = 'spectus'
|
|
3
|
-
spec.version = File.read('VERSION.semver')
|
|
3
|
+
spec.version = File.read('VERSION.semver').chomp
|
|
4
4
|
spec.authors = ['Cyril Wack']
|
|
5
5
|
spec.email = ['contact@cyril.email']
|
|
6
6
|
|
|
@@ -22,9 +22,7 @@ Gem::Specification.new do |spec|
|
|
|
22
22
|
spec.add_development_dependency 'simplecov', '~> 0.10'
|
|
23
23
|
spec.add_development_dependency 'rubocop', '~> 0.32'
|
|
24
24
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
spec.cert_chain = ['spectus-gem-public_cert.pem']
|
|
29
|
-
end
|
|
25
|
+
spec.cert_chain = ['certs/gem-fixrb-public_cert.pem']
|
|
26
|
+
private_key = File.expand_path('~/.ssh/gem-fixrb-private_key.pem')
|
|
27
|
+
spec.signing_key = private_key if File.exist?(private_key)
|
|
30
28
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: spectus
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cyril Wack
|
|
@@ -12,25 +12,25 @@ cert_chain:
|
|
|
12
12
|
-----BEGIN CERTIFICATE-----
|
|
13
13
|
MIIDdDCCAlygAwIBAgIBATANBgkqhkiG9w0BAQUFADBAMRAwDgYDVQQDDAdjb250
|
|
14
14
|
YWN0MRUwEwYKCZImiZPyLGQBGRYFY3lyaWwxFTATBgoJkiaJk/IsZAEZFgVlbWFp
|
|
15
|
-
|
|
15
|
+
bDAeFw0xNTA3MzExMjExMDZaFw0xNjA3MzAxMjExMDZaMEAxEDAOBgNVBAMMB2Nv
|
|
16
16
|
bnRhY3QxFTATBgoJkiaJk/IsZAEZFgVjeXJpbDEVMBMGCgmSJomT8ixkARkWBWVt
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
17
|
+
YWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hUEYoxnn1mtoaiK
|
|
18
|
+
NiwjzVPqPgQCR9ZeYdWjLJ3UUG2h5Q6awJCnbaGr8LGGcKtveCDbOJRjtdKNuOTH
|
|
19
|
+
O2FLTkf46nrMGiF+6/j//qh8o0EQHBRKIVMYkxZxZe4Fcqtdf1bWNMZuXeyoDjdt
|
|
20
|
+
4yiGfizbbTOu0gBf7Yrsv5DsL0a5CU/We7zxMfgGXCVb9PYkD+OWUMcTARYDKfYa
|
|
21
|
+
nN9ECI7CFm/yXcsof/eIQA5EmJNmQnhx8B+8L6jDqQeSUAUrBZnC9CdloKOoqmEL
|
|
22
|
+
weqM2g6LM932Ba74rEl4QlFRYDcs8kjr71UcvseHRCUkFr36j26OU8+gKelsTNdO
|
|
23
|
+
7OZNKQIDAQABo3kwdzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU
|
|
24
|
+
LSJTN9h29D6bqOhp+vyvhyM0AF4wHgYDVR0RBBcwFYETY29udGFjdEBjeXJpbC5l
|
|
25
25
|
bWFpbDAeBgNVHRIEFzAVgRNjb250YWN0QGN5cmlsLmVtYWlsMA0GCSqGSIb3DQEB
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
26
|
+
BQUAA4IBAQArqCC1rUyGJlF0DF9ZhUOgggyROvO0/WroSI5zWgzdB8EU7RJpsDIV
|
|
27
|
+
caGnpji7h0rQIGWQuJ6TL2fTFLfeGRFdIzRZwWC7TeXhcXngJHZxSjDBt2OpfM8A
|
|
28
|
+
P5eElSQS9iJCetBGGMyt354PfgZkg3URaC+JA6mdEisdtEdo64ElnMsLg9shCqye
|
|
29
|
+
JSR3BbejbyPVva0/MHKD+dR6RswlcM9KMiYOXQml7a/kH6huOHvVq9gj5xC2ih8W
|
|
30
|
+
dzJvWzQ1+dJU6WQv75E9ddSkaQrK3nhdgQVu+/wgvGSrsMvOGNz+LXaSDxQqZuwX
|
|
31
|
+
0KNQFuIukfrdk8URwRnHoAnvx4U93iUw
|
|
32
32
|
-----END CERTIFICATE-----
|
|
33
|
-
date: 2015-07-
|
|
33
|
+
date: 2015-07-31 00:00:00.000000000 Z
|
|
34
34
|
dependencies:
|
|
35
35
|
- !ruby/object:Gem::Dependency
|
|
36
36
|
name: matchi
|
|
@@ -135,6 +135,15 @@ files:
|
|
|
135
135
|
- VERSION.semver
|
|
136
136
|
- bin/console
|
|
137
137
|
- bin/setup
|
|
138
|
+
- certs/gem-fixrb-public_cert.pem
|
|
139
|
+
- checksum/spectus-2.0.0.gem.sha512
|
|
140
|
+
- checksum/spectus-2.0.1.gem.sha512
|
|
141
|
+
- checksum/spectus-2.0.2.gem.sha512
|
|
142
|
+
- checksum/spectus-2.0.3.gem.sha512
|
|
143
|
+
- checksum/spectus-2.0.4.gem.sha512
|
|
144
|
+
- checksum/spectus-2.1.0.gem.sha512
|
|
145
|
+
- checksum/spectus-2.1.1.gem.sha512
|
|
146
|
+
- checksum/spectus-2.1.2.gem.sha512
|
|
138
147
|
- lib/spectus.rb
|
|
139
148
|
- lib/spectus/challenge.rb
|
|
140
149
|
- lib/spectus/expectation_target.rb
|
|
@@ -146,7 +155,7 @@ files:
|
|
|
146
155
|
- lib/spectus/result/fail.rb
|
|
147
156
|
- lib/spectus/result/pass.rb
|
|
148
157
|
- lib/spectus/sandbox.rb
|
|
149
|
-
-
|
|
158
|
+
- pkg_checksum
|
|
150
159
|
- spectus.gemspec
|
|
151
160
|
homepage: https://github.com/fixrb/spectus
|
|
152
161
|
licenses:
|
metadata.gz.sig
CHANGED
|
Binary file
|
data/spectus-gem-public_cert.pem
DELETED
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
|
2
|
-
MIIDdDCCAlygAwIBAgIBATANBgkqhkiG9w0BAQUFADBAMRAwDgYDVQQDDAdjb250
|
|
3
|
-
YWN0MRUwEwYKCZImiZPyLGQBGRYFY3lyaWwxFTATBgoJkiaJk/IsZAEZFgVlbWFp
|
|
4
|
-
bDAeFw0xNTA3MjUxNjUzMDhaFw0xNjA3MjQxNjUzMDhaMEAxEDAOBgNVBAMMB2Nv
|
|
5
|
-
bnRhY3QxFTATBgoJkiaJk/IsZAEZFgVjeXJpbDEVMBMGCgmSJomT8ixkARkWBWVt
|
|
6
|
-
YWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrrzDqZmwp4Kdu2+
|
|
7
|
-
mi1hAtJ4wtD6FbZh9F2me5Sl4y7nozjQ1+4E285RVtPjdH6L3BEr4HcaUsT+Zkim
|
|
8
|
-
qTf90SMI1oa2wRSXZ3FpkNkt2zHs6Vx1PH7UYqK5cNMcywCDSW5rKhC1ZBxDMdZP
|
|
9
|
-
vmG5ZHXwDum2wEM+z0nGTFcp3/aEmrc/kyEIgiPboDJbfTLLBMH6zXURC4d4Fit+
|
|
10
|
-
DVuSXI9VTyfvYiYCdZa7w4VPRof+k+uqy3chz7sYxwbCwwXaxTmjEqPtCx3Er/SU
|
|
11
|
-
4P/OH73dE0r/luRBifNuSMuZrClZmIKu39Vm0DzfacXP3k8KLzK6CIK2YqVpKkAl
|
|
12
|
-
fKDmnwIDAQABo3kwdzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU
|
|
13
|
-
yvG9fvKk8CFLsqnjWQfemuO6wOUwHgYDVR0RBBcwFYETY29udGFjdEBjeXJpbC5l
|
|
14
|
-
bWFpbDAeBgNVHRIEFzAVgRNjb250YWN0QGN5cmlsLmVtYWlsMA0GCSqGSIb3DQEB
|
|
15
|
-
BQUAA4IBAQB7+BSUipu068bkbiUNoilqtyELOxd2egDgjKb+puPXGM+2nPKro5xQ
|
|
16
|
-
y8zaftDVmNTqC1EP2j6euDfVhWO4sv/89nLTL1A2WdTfodRkGHFekUHHVT4LFm0q
|
|
17
|
-
yF3vfuowYcV9M/fbrdi5GSs22SitzLZ3IvMy++mcIY57Qv2aI7WsxcefPBobnGMM
|
|
18
|
-
4PzLjKhqmU1NbXIokO49Zn2AoK4/DcbJ6fFhifnTL+vPUjPezAhjcuEE4dX5Nikp
|
|
19
|
-
kzblEabZ6jLr4iWRcl78m6nxsbKfUO7asR+InRweD1avTJSxAXMC9Ci7aePuxb8G
|
|
20
|
-
hdd2B5+neMHAKByDubyca9oN65msUDrY
|
|
21
|
-
-----END CERTIFICATE-----
|