tierion 1.3.1 → 1.3.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +3 -2
  4. data/CHANGELOG.md +6 -0
  5. data/README.md +49 -0
  6. data/certs/gem-public_cert_grempe_2026.pem +21 -0
  7. data/lib/tierion/version.rb +1 -1
  8. data/tierion.gemspec +6 -6
  9. metadata +35 -34
  10. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 286988a6d973384851e8cfdaa6399371530a260b
4
- data.tar.gz: 32ae92d7368c2dd8c6d79b4b703d61e816c76031
3
+ metadata.gz: 0ca7bfd719b320c3efc88a869b52f5d5d71b38df
4
+ data.tar.gz: b052663de1e2dd82a525b079d43c9f87d9de2324
5
5
  SHA512:
6
- metadata.gz: 715451a2a951deaa7c45cc3f7ba864c66b2fa7ba4ff2afb0258ac4e13f3a0d1fbd127cf76b05d39f3f00a4925356f273810a0f5089bd1618f5cb98f00e183f8b
7
- data.tar.gz: edb0d9cd7d3bc2b049ef851d7249241b7e47659d56bee2d38cb0a373eaadf510e1f63b692295eb0c31f938e0d8a2c56b2b28205794afb97f47a216b6ad1ca3a3
6
+ metadata.gz: 904a06f3c480b70048c5d2b8672e055b1ec6b16c0b4d51e9e596fab86b4c1e2d0f3c417e23c985680abba1f5bffa755e83efb04b19733ee9b6b150f12b6860a7
7
+ data.tar.gz: 4403f532d9a27a93fafc2e69f90ca4390825776b9e56f4a4bae9db9bd6a3d0186b09dc5f4e9b2f00617bee52ae0776f8e3c6abfb1917c98331fff0cf0207b132
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
@@ -1,2 +1,3 @@
1
- oS_PK�F!���+\(6
2
- oKgJ� Q��B<��/K�H�}Ih h Ra��'�� z�0
1
+ Ο��/�.?��Z5�l�������I��w^��TEVQ�J����&��k�!v�k�͙�La��G3��ٷwE�4�m�r�ޱ�0&�.�/��|�<���n-pC:��W2����|i@��8o_*D�wk���,a��z
2
+ �L=�.��fn#o#����av�2��8V��z��j'`��
3
+ KȼB������'�*f�"�^$e�Q�ZM*�����ZO�E{��n���3�������~�8k�\_�*)�|�x��7���
data/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # CHANGELOG
2
2
 
3
+ ## v1.3.2 (10/18/2016)
4
+
5
+ - Update to new gem signing cert with 10 year lifetime.
6
+ - Add some README info about installing signed gem
7
+ - Relax version dependencies for development gems
8
+
3
9
  ## v1.3.1 (9/6/2016)
4
10
 
5
11
  - Merge PR #3, support activesupport 4.x in addition to 5.x
data/README.md CHANGED
@@ -18,6 +18,55 @@ Or install it yourself as:
18
18
 
19
19
  $ gem install tierion
20
20
 
21
+ ### Installation Security : Signed Ruby Gem
22
+
23
+ This gem is cryptographically signed. To be sure the gem you install hasn’t
24
+ been tampered with you can install it using the following method:
25
+
26
+ Add my public key (if you haven’t already) as a trusted certificate
27
+
28
+ ```
29
+ # Caveat: Gem certificates are trusted globally, such that adding a
30
+ # cert.pem for one gem automatically trusts all gems signed by that cert.
31
+ gem cert --add <(curl -Ls https://raw.github.com/grempe/tierion/master/certs/gem-public_cert_grempe_2026.pem)
32
+ ```
33
+
34
+ To install, it is possible to specify either `HighSecurity` or `MediumSecurity`
35
+ mode. Since this gem depends on one or more gems that are not cryptographically
36
+ signed you will likely need to use `MediumSecurity`. You should receive a warning
37
+ if any signed gem does not match its signature.
38
+
39
+ ```
40
+ # All dependent gems must be signed and verified.
41
+ gem install tierion -P HighSecurity
42
+ ```
43
+
44
+ ```
45
+ # All signed dependent gems must be verified.
46
+ gem install tierion -P MediumSecurity
47
+ ```
48
+
49
+ ```
50
+ # Same as above, except Bundler only recognizes
51
+ # the long --trust-policy flag, not the short -P
52
+ bundle --trust-policy MediumSecurity
53
+ ```
54
+
55
+ You can [learn more about security and signed Ruby Gems](http://guides.rubygems.org/security/).
56
+
57
+ ### Installation Security : Signed Git Commits
58
+
59
+ Most, if not all, of the commits and tags to the repository for this code are
60
+ signed with my PGP/GPG code signing key. I have uploaded my code signing public
61
+ keys to GitHub and you can now verify those signatures with the GitHub UI.
62
+ See [this list of commits](https://github.com/grempe/tierion/commits/master)
63
+ and look for the `Verified` tag next to each commit. You can click on that tag
64
+ for additional information.
65
+
66
+ You can also clone the repository and verify the signatures locally using your
67
+ own GnuPG installation. You can find my certificates and read about how to conduct
68
+ this verification at [https://www.rempe.us/keys/](https://www.rempe.us/keys/).
69
+
21
70
  ## Usage
22
71
 
23
72
  Shell commands start with a `$`, Ruby console commands start with `>`.
data/certs/gem-public_cert_grempe_2026.pem ADDED
@@ -0,0 +1,21 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIDYDCCAkigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQ4wDAYDVQQDDAVnbGVu
3
+ bjEVMBMGCgmSJomT8ixkARkWBXJlbXBlMRIwEAYKCZImiZPyLGQBGRYCdXMwHhcN
4
+ MTYxMDEzMDEzMjM5WhcNMjYxMDExMDEzMjM5WjA7MQ4wDAYDVQQDDAVnbGVubjEV
5
+ MBMGCgmSJomT8ixkARkWBXJlbXBlMRIwEAYKCZImiZPyLGQBGRYCdXMwggEiMA0G
6
+ CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrEuLEy11cjgMC4+ldcgLzBrGcfWWg
7
+ nUhdCRn3Arzo2EV1d4V4h6VOHmk4o7kumBeajUMMZ0+xKtu8euRCnbDnlxowfJvT
8
+ S0nzsOt1dm++INeKMpZU84LuH7BbAlyL+B//l1YkI33gsbA8wm06+vV8tUEBuQch
9
+ vBU2xrCyS2+0LQTCaCS+VvHbV97hzIwSIgUFJuFjrcnnpV8Qt1R0Bi8pzDk+2jyN
10
+ AgxaWa41UHn70O0gFRRDGXacRpvy3HRSJrvlHPPAC02CjhKjsOLjZowaHxCv9XIJ
11
+ tCQnVEOUUo9+owG2Gna4k4DMLIjiGChHNFXtO8WyuksukVqcsdc9kvdzAgMBAAGj
12
+ bzBtMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBR68/Ook0uwfe6t
13
+ FbLHXIReYQ2VpzAZBgNVHREEEjAQgQ5nbGVubkByZW1wZS51czAZBgNVHRIEEjAQ
14
+ gQ5nbGVubkByZW1wZS51czANBgkqhkiG9w0BAQUFAAOCAQEAI27KUzTE9BoD2irI
15
+ CkMVPC0YS6iANrzQy3zIJI4yLKEZmI1jDE+W2APL11Woo5+sttgqY7148W84ZWdK
16
+ mD9ueqH5hPC8NOd3wYXVMNwmyLhnyh80cOzGeurW1SJ0VV3BqSKEE8q4EFjCzUK9
17
+ Oq8dW9i9Bxn8qgcOSFTYITJZ/mNyy2shHs5gg0MIz0uOsKaHqrrMseVfG7ZoTgV1
18
+ kkyRaYAHI1MSDNGFNwgURPQsgnxQrX8YG48q0ypFC1gOl/l6D0e/oF4SKMS156uc
19
+ vprF5QiDz8HshVP9DjJT2I1wyGyvxEdU3cTRo0upMP/VZLcgyBVFy90N2XYWWk2D
20
+ GIxGSw==
21
+ -----END CERTIFICATE-----
data/lib/tierion/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Tierion
2
- VERSION = '1.3.1'
2
+ VERSION = '1.3.2'
3
3
  end
data/tierion.gemspec CHANGED
@@ -11,10 +11,10 @@ Gem::Specification.new do |spec|
11
11
 
12
12
  spec.required_ruby_version = '>= 2.1.0'
13
13
 
14
- cert = File.expand_path('~/.gem-certs/gem-private_key_grempe.pem')
14
+ cert = File.expand_path('~/.gem-certs/gem-private_key_grempe_2026.pem')
15
15
  if cert && File.exist?(cert)
16
16
  spec.signing_key = cert
17
- spec.cert_chain = ['certs/gem-public_cert_grempe.pem']
17
+ spec.cert_chain = ['certs/gem-public_cert_grempe_2026.pem']
18
18
  end
19
19
 
20
20
  spec.summary = <<-EOF
@@ -41,8 +41,8 @@ Gem::Specification.new do |spec|
41
41
  spec.add_runtime_dependency 'activesupport', '>= 4.0'
42
42
  spec.add_runtime_dependency 'hashie', '~> 3.4'
43
43
 
44
- spec.add_development_dependency 'bundler', '~> 1.12'
45
- spec.add_development_dependency 'rake', '~> 10.0'
46
- spec.add_development_dependency 'minitest', '~> 5.0'
47
- spec.add_development_dependency 'pry', '~> 0.10'
44
+ spec.add_development_dependency 'bundler'
45
+ spec.add_development_dependency 'rake'
46
+ spec.add_development_dependency 'minitest'
47
+ spec.add_development_dependency 'pry'
48
48
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tierion
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.1
4
+ version: 1.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Glenn Rempe
@@ -12,25 +12,25 @@ cert_chain:
12
12
  -----BEGIN CERTIFICATE-----
13
13
  MIIDYDCCAkigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQ4wDAYDVQQDDAVnbGVu
14
14
  bjEVMBMGCgmSJomT8ixkARkWBXJlbXBlMRIwEAYKCZImiZPyLGQBGRYCdXMwHhcN
15
- MTYwNDExMDI0NTU0WhcNMTcwNDExMDI0NTU0WjA7MQ4wDAYDVQQDDAVnbGVubjEV
15
+ MTYxMDEzMDEzMjM5WhcNMjYxMDExMDEzMjM5WjA7MQ4wDAYDVQQDDAVnbGVubjEV
16
16
  MBMGCgmSJomT8ixkARkWBXJlbXBlMRIwEAYKCZImiZPyLGQBGRYCdXMwggEiMA0G
17
- CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZqTH5Jf+D/W2B4BIiL49CpHa86rK/
18
- oT+v3xZwuEE92lJea+ygn3IAsidVTW47AKE6Lt3UqUkGQGKxsqH/Dhir08BqjLlD
19
- gBUozGZpM3B6uWZnD6QXLbOmZeGVDnwB/QDfzaawN1i3smlYxYT+KNLjl80aN3we
20
- /cHAWG7JG47AF/S91mYcg1WgZnDgZt9+RyVR1AsfYbM+SidOSoXEOHPCbuUxLKJb
21
- gj5ieCFhm5GNWEugvgiX/ruas+VHV0fF3fzjYlU2fZPTuQyB4UD5FWX4UqdsBf3w
22
- jB94TDBsJ3FVGPbggEhLGKd8pbQmBIOqXolGaqhs7dnuf5imu5mAXHC1AgMBAAGj
23
- bzBtMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBRfxEyosUbKjfFa
24
- j+gae2CcT3aFCTAZBgNVHREEEjAQgQ5nbGVubkByZW1wZS51czAZBgNVHRIEEjAQ
25
- gQ5nbGVubkByZW1wZS51czANBgkqhkiG9w0BAQUFAAOCAQEAzgK20+MNOknR9Kx6
26
- RisI3DsioCADjGldxY+INrwoTfPDVmNm4GdTYC+V+/BvxJw1RqHjEbuXSg0iibQC
27
- 4vN+th0Km7dnas/td1i+EKfGencfyQyecIaG9l3kbCkCWnldRtZ+BS5EfP2ML2u8
28
- fyCtze/Piovu8IwXL1W5kGZMnvzLmWxdqI3VPUou40n8F+EiMMLgd53kpzjtNOau
29
- 4W+mqVGOwlEGVSgI5+0SIsD8pvc62PlPWTv0kn1bcufKKCZmoVmpfbe3j4JpBInq
30
- zieXiXZSAojfFx9g91fKdIrlPbInHU/BaCxXSLBwvOM0drE+c2ue9X8gB55XAhzX
31
- 37oBiw==
17
+ CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrEuLEy11cjgMC4+ldcgLzBrGcfWWg
18
+ nUhdCRn3Arzo2EV1d4V4h6VOHmk4o7kumBeajUMMZ0+xKtu8euRCnbDnlxowfJvT
19
+ S0nzsOt1dm++INeKMpZU84LuH7BbAlyL+B//l1YkI33gsbA8wm06+vV8tUEBuQch
20
+ vBU2xrCyS2+0LQTCaCS+VvHbV97hzIwSIgUFJuFjrcnnpV8Qt1R0Bi8pzDk+2jyN
21
+ AgxaWa41UHn70O0gFRRDGXacRpvy3HRSJrvlHPPAC02CjhKjsOLjZowaHxCv9XIJ
22
+ tCQnVEOUUo9+owG2Gna4k4DMLIjiGChHNFXtO8WyuksukVqcsdc9kvdzAgMBAAGj
23
+ bzBtMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBR68/Ook0uwfe6t
24
+ FbLHXIReYQ2VpzAZBgNVHREEEjAQgQ5nbGVubkByZW1wZS51czAZBgNVHRIEEjAQ
25
+ gQ5nbGVubkByZW1wZS51czANBgkqhkiG9w0BAQUFAAOCAQEAI27KUzTE9BoD2irI
26
+ CkMVPC0YS6iANrzQy3zIJI4yLKEZmI1jDE+W2APL11Woo5+sttgqY7148W84ZWdK
27
+ mD9ueqH5hPC8NOd3wYXVMNwmyLhnyh80cOzGeurW1SJ0VV3BqSKEE8q4EFjCzUK9
28
+ Oq8dW9i9Bxn8qgcOSFTYITJZ/mNyy2shHs5gg0MIz0uOsKaHqrrMseVfG7ZoTgV1
29
+ kkyRaYAHI1MSDNGFNwgURPQsgnxQrX8YG48q0ypFC1gOl/l6D0e/oF4SKMS156uc
30
+ vprF5QiDz8HshVP9DjJT2I1wyGyvxEdU3cTRo0upMP/VZLcgyBVFy90N2XYWWk2D
31
+ GIxGSw==
32
32
  -----END CERTIFICATE-----
33
- date: 2016-09-07 00:00:00.000000000 Z
33
+ date: 2016-10-18 00:00:00.000000000 Z
34
34
  dependencies:
35
35
  - !ruby/object:Gem::Dependency
36
36
  name: httparty
@@ -78,58 +78,58 @@ dependencies:
78
78
  name: bundler
79
79
  requirement: !ruby/object:Gem::Requirement
80
80
  requirements:
81
- - - "~>"
81
+ - - ">="
82
82
  - !ruby/object:Gem::Version
83
- version: '1.12'
83
+ version: '0'
84
84
  type: :development
85
85
  prerelease: false
86
86
  version_requirements: !ruby/object:Gem::Requirement
87
87
  requirements:
88
- - - "~>"
88
+ - - ">="
89
89
  - !ruby/object:Gem::Version
90
- version: '1.12'
90
+ version: '0'
91
91
  - !ruby/object:Gem::Dependency
92
92
  name: rake
93
93
  requirement: !ruby/object:Gem::Requirement
94
94
  requirements:
95
- - - "~>"
95
+ - - ">="
96
96
  - !ruby/object:Gem::Version
97
- version: '10.0'
97
+ version: '0'
98
98
  type: :development
99
99
  prerelease: false
100
100
  version_requirements: !ruby/object:Gem::Requirement
101
101
  requirements:
102
- - - "~>"
102
+ - - ">="
103
103
  - !ruby/object:Gem::Version
104
- version: '10.0'
104
+ version: '0'
105
105
  - !ruby/object:Gem::Dependency
106
106
  name: minitest
107
107
  requirement: !ruby/object:Gem::Requirement
108
108
  requirements:
109
- - - "~>"
109
+ - - ">="
110
110
  - !ruby/object:Gem::Version
111
- version: '5.0'
111
+ version: '0'
112
112
  type: :development
113
113
  prerelease: false
114
114
  version_requirements: !ruby/object:Gem::Requirement
115
115
  requirements:
116
- - - "~>"
116
+ - - ">="
117
117
  - !ruby/object:Gem::Version
118
- version: '5.0'
118
+ version: '0'
119
119
  - !ruby/object:Gem::Dependency
120
120
  name: pry
121
121
  requirement: !ruby/object:Gem::Requirement
122
122
  requirements:
123
- - - "~>"
123
+ - - ">="
124
124
  - !ruby/object:Gem::Version
125
- version: '0.10'
125
+ version: '0'
126
126
  type: :development
127
127
  prerelease: false
128
128
  version_requirements: !ruby/object:Gem::Requirement
129
129
  requirements:
130
- - - "~>"
130
+ - - ">="
131
131
  - !ruby/object:Gem::Version
132
- version: '0.10'
132
+ version: '0'
133
133
  description: |2
134
134
  A simple API client for the Tierion Hash API
135
135
 
@@ -152,6 +152,7 @@ files:
152
152
  - bin/console
153
153
  - bin/setup
154
154
  - certs/gem-public_cert_grempe.pem
155
+ - certs/gem-public_cert_grempe_2026.pem
155
156
  - exe/tierion
156
157
  - lib/tierion.rb
157
158
  - lib/tierion/hash_api.rb
metadata.gz.sig CHANGED
Binary file