diff options
| author | Andre Arko <andre@arko.net> | 2015-05-05 13:51:26 -0700 |
|---|---|---|
| committer | Samuel Giddins <segiddins@segiddins.me> | 2016-07-05 15:11:19 -0300 |
| commit | 61e00d657174e84f3b27570becdfe9bccc3b3a0c (patch) | |
| tree | 5fed77d7c806a9a4a0e8bc49767c0c14895e8035 | |
| parent | f428506bf086f6dcd536af8922aa922fb47b0321 (diff) | |
| download | bundler-61e00d657174e84f3b27570becdfe9bccc3b3a0c.tar.gz | |
warn github will change from git to https
| -rw-r--r-- | lib/bundler/dsl.rb | 15 | ||||
| -rw-r--r-- | spec/deprecation_spec.rb | 18 |
2 files changed, 32 insertions, 1 deletions
diff --git a/lib/bundler/dsl.rb b/lib/bundler/dsl.rb index 6cd95dd63c..6b07e5bea2 100644 --- a/lib/bundler/dsl.rb +++ b/lib/bundler/dsl.rb @@ -265,7 +265,13 @@ module Bundler # "https://github.com/#{repo_name}.git" # end repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/") - "git://github.com/#{repo_name}.git" + # TODO: 2.0 upgrade this setting to the default + if Bundler.settings["github.https"] + "https://github.com/#{repo_name}.git" + else + warn_github_source_change(repo_name) + "git://github.com/#{repo_name}.git" + end end # TODO: 2.0 remove this deprecated git source @@ -424,6 +430,13 @@ module Bundler end end + def warn_github_source_change(repo_name) + # TODO: 2.0 remove deprecation + Bundler.ui.deprecate "The :github option uses the git: protocol, which is not secure. " \ + "Bundler 2.0 will use the https: protcol, which is secure. Enable this change now by " \ + "running `bundle config github.https true`." + end + def warn_deprecated_git_source(name, repo_string) # TODO: 2.0 remove deprecation Bundler.ui.deprecate "The :#{name} git source is deprecated, and will be removed " \ diff --git a/spec/deprecation_spec.rb b/spec/deprecation_spec.rb index d7fd228f6c..a559b5d995 100644 --- a/spec/deprecation_spec.rb +++ b/spec/deprecation_spec.rb @@ -63,6 +63,24 @@ describe "Bundler version 1.99" do allow(Bundler::Source::Rubygems).to receive(:new) { @rubygems } end + context "with github gems" do + it "warns about the https change" do + allow(Bundler.ui).to receive(:deprecate) + msg = "The :github option uses the git: protocol, which is not secure. " \ + "Bundler 2.0 will use the https: protcol, which is secure. Enable this change now by " \ + "running `bundle config github.https true`." + expect(Bundler.ui).to receive(:deprecate).with(msg) + subject.gem("sparks", :github => "indirect/sparks") + end + + it "upgrades to https on request" do + Bundler.settings["github.https"] = true + subject.gem("sparks", :github => "indirect/sparks") + github_uri = "https://github.com/indirect/sparks.git" + expect(subject.dependencies.first.source.uri).to eq(github_uri) + end + end + context "with bitbucket gems" do it "warns about removal" do allow(Bundler.ui).to receive(:deprecate) |