Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix uninitialized constant with GitLab Pages deploy | Stan Hu | 2019-01-31 | 1 | -1/+1 |
| | | | | | | | | | | | | pages:deploy step was failing with the following error: ``` unitialized constant SafeZip::Extract::Zip ``` Since license_finder already pulls in rubyzip, we can make it a required gem. We also use the scope operator to make the reference to Zip::File explicit. | ||||
* | Extract GitLab Pages using RubyZip | Kamil TrzciĆski | 2019-01-31 | 3 | -0/+206 |
RubyZip allows us to perform strong validation of expanded paths where we do extract file. We introduce the following additional checks to extract routines: 1. None of path components can be symlinked, 2. We drop privileges support for directories, 3. Symlink source needs to point within the target directory, like `public/`, 4. The symlink source needs to exist ahead of time. |