From e8740caefccafba0c3606752d69fefe82ffeb3d4 Mon Sep 17 00:00:00 2001 From: Chris Salzberg Date: Fri, 11 Aug 2017 23:48:57 +0900 Subject: [PATCH 1/3] Sign gem --- certs/shioyama.pem | 21 +++++++++++++++++++++ mobility.gemspec | 3 +++ 2 files changed, 24 insertions(+) create mode 100644 certs/shioyama.pem diff --git a/certs/shioyama.pem b/certs/shioyama.pem new file mode 100644 index 000000000..1762faf47 --- /dev/null +++ b/certs/shioyama.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQ4wDAYDVQQDDAVjaHJp +czEYMBYGCgmSJomT8ixkARkWCGRlamltYXRhMRMwEQYKCZImiZPyLGQBGRYDY29t +MB4XDTE3MDgxMTE0NDU0N1oXDTE4MDgxMTE0NDU0N1owPzEOMAwGA1UEAwwFY2hy +aXMxGDAWBgoJkiaJk/IsZAEZFghkZWppbWF0YTETMBEGCgmSJomT8ixkARkWA2Nv +bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK4/1rb97IE2+aDbwqO0 +BdbiS9QONr9mZRyTCSVkKh4XY+Ex3XzoJSK/qj0E6eRb2K8Lsc8JNZra+1h6do8H +dkl+GfFcHnWVuDkt17YcZuK/uAaxFOlWGVbFIdGxYz94rBddWGh3bOxqQGr3YtdD +Ajj1foUnsPmxQ0j8p8vAJhHM0h0MTyphFxMT5xTDJkprVQOiktfWQBL+76jx/UQ4 +UXczbSgaObaUzvNM7ggi7+PPNG4S39SafjQ0MM/QvBZ31B6tN1KuzluKFhAMC+sH +NofRUmYbrjZiCId6WCepJz48/fel6BtQ8CQGcQShx+eYOKEWRBiDkhpIil5JVaxi +NucCAwEAAaN3MHUwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFAzG +77899+wndUmwUTLUD8z+YnnwMB0GA1UdEQQWMBSBEmNocmlzQGRlamltYXRhLmNv +bTAdBgNVHRIEFjAUgRJjaHJpc0BkZWppbWF0YS5jb20wDQYJKoZIhvcNAQEFBQAD +ggEBAGP58/sXe/VX8dZ74Ih5VscaWOHZqfT5VzsremZS2899Mf+MaSDhMmdYx8b7 +e8Muzpi0V7EIbP0+QeocepYHugyodeoKerqaLEPQ0yCbUbfNAZd9HwkpFbd8hA/J +Nt2Az+BsBS0COBZKnruEqXA2AbrDua/ifSAjQMPBKCJ8nPQqRQf5A1hcP71yO3du +8t13MBd1vS8/4nYUoCQnOCTA8A1Lj6RSbQWyS1zZHq7hDm9hmgvvcIMGOkBCcFhy +eGDROPZoL5RXwiOnRbexxa7dcAxMrDfGB/hpiunIPWPsi4n5P7K/6OO/sGVMl9xv +SZBPXjzrHdyOFLBYXB+PG7s3F/4= +-----END CERTIFICATE----- diff --git a/mobility.gemspec b/mobility.gemspec index 181e6c185..2dc252ae6 100644 --- a/mobility.gemspec +++ b/mobility.gemspec @@ -29,4 +29,7 @@ Gem::Specification.new do |spec| spec.add_development_dependency "rake", "~> 10.0" spec.add_development_dependency "rspec", "~> 3.0" spec.add_development_dependency 'yard', '~> 0.9.0' + + spec.cert_chain = ["certs/shioyama.pem"] + spec.signing_key = File.expand_path("~/.ssh/gem-private_key.pem") if $0 =~ /gem\z/ end From e6b3019e60526acedc021c136cc14378e2f4861f Mon Sep 17 00:00:00 2001 From: Chris Salzberg Date: Fri, 11 Aug 2017 23:57:24 +0900 Subject: [PATCH 2/3] Update readme with note about checking gem signature --- README.md | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4aa57ee6a..eec1684fa 100644 --- a/README.md +++ b/README.md @@ -50,8 +50,17 @@ Add this line to your application's Gemfile: gem 'mobility', '~> 0.1.20' ``` -To translate attributes on a model, include (or extend) `Mobility`, then call -`translates` passing in one or more attributes as well as a hash of options. +Mobility is cryptographically signed. To be sure the gem you install hasn't +been tampered with, first my public key (if you haven’t already) as a trusted +certificate: + +``` +gem cert --add <(curl -Ls https://raw.github.com/shioyama/mobility/master/certs/shioyama.pem) +gem install shioyama -P MediumSecurity +``` + +The MediumSecurity trust profile will verify signed gems, but allow the +installation of unsigned dependencies. ### ActiveRecord (Rails) @@ -62,6 +71,9 @@ Requirements: ActiveRecord/Rails 4.2, but there are some tests still failing. To see exactly what might not work, check pending specs in Rails 4.2 Travis builds.) +To translate attributes on a model, extend `Mobility`, then call `translates` +passing in one or more attributes as well as a hash of options (see below). + If using Mobility in a Rails project, you can run the generator to create an initializer and a migration to create shared translation tables for the default `KeyValue` backend: From 00703920f886d4d8407e24967ffe170bad8a6dbe Mon Sep 17 00:00:00 2001 From: Chris Salzberg Date: Sun, 13 Aug 2017 00:30:24 +0900 Subject: [PATCH 3/3] Release 0.2.0 --- CHANGELOG.md | 17 +++++++++++++++++ README.md | 2 +- lib/mobility/version.rb | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e5004bb05..a463b0050 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,23 @@ ## 0.1 +### 0.2.0 (August 13, 2017) + +See overview of the changes in [this blog +post](http://dejimata.com/2017/8/13/mobility-0-2-now-with-plugins). + +* Mobility.default_options ([#50](https://github.com/shioyama/mobility/pull/50)) +* Re-organized options under Plugins namespace ([#62](https://github.com/shioyama/mobility/pull/64)) +* Backends are now Enumerable ([#71](https://github.com/shioyama/mobility/pull/71)) +* Replace `autoload` by `require` ([#65](https://github.com/shioyama/mobility/pull/65)) +* Remove mobility/core_ext and replace with `Mobility::Util` ([#60](https://github.com/shioyama/mobility/pull/60)) +* New "default" plugin which sets a default value or proc for an attribute: ([#49](https://github.com/shioyama/mobility/pull/49)) +* Add `super` option ([#62](https://github.com/shioyama/mobility/pull/62)) +* Rename default associations for KeyValue and Table backends ([#59](https://github.com/shioyama/mobility/pull/59) and [#66](https://github.com/shioyama/mobility/pull/66)) +* Refactor cache code ([#57](https://github.com/shioyama/mobility/pull/58)) +* Gem is now signed ([#73](https://github.com/shioyama/mobility/pull/73)) +* Minimum Ruby version: 2.2.7 + ### 0.1.20 (July 23, 2017) * Fix location of Rails generators to work with plugins ([#56](https://github.com/shioyama/mobility/pull/56)) diff --git a/README.md b/README.md index eec1684fa..0e81d902d 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,7 @@ Installation Add this line to your application's Gemfile: ```ruby -gem 'mobility', '~> 0.1.20' +gem 'mobility', '~> 0.2.0' ``` Mobility is cryptographically signed. To be sure the gem you install hasn't diff --git a/lib/mobility/version.rb b/lib/mobility/version.rb index b6b89d1cf..4cfcb2ae9 100644 --- a/lib/mobility/version.rb +++ b/lib/mobility/version.rb @@ -1,3 +1,3 @@ module Mobility - VERSION = "0.2.0.alpha" + VERSION = "0.2.0" end