diff options
| author | Martin Emde <[email protected]> | 2025-02-17 09:57:28 -0800 |
|---|---|---|
| committer | Hiroshi SHIBATA <[email protected]> | 2025-02-18 12:12:55 +0900 |
| commit | 39960cd748e969dd2bc711a7913fe4c0b00e7fd4 (patch) | |
| tree | a05b2062b303e18cac62015bb3c02929b72650b3 | |
| parent | 507de2226bcc75b1d0d8c1736cdbe62e46a97916 (diff) | |
[rubygems/rubygems] Reduce confusion about domains used for testing
Sometimes security reports believe they have found a vulnerability
because they find a domain we don't own being used in the rubygems
repository. Though there is nothing vulnerable about using 'fake'
domains in tests when they are never hit, it nonetheless reduces
confusion for everyone if we constrain our test domains to domains
we actually own and control.
https://github.com/rubygems/rubygems/commit/e77ebbe2fc
| -rw-r--r-- | spec/bundler/bundler/settings_spec.rb | 18 | ||||
| -rw-r--r-- | spec/bundler/bundler/source/rubygems/remote_spec.rb | 8 | ||||
| -rw-r--r-- | spec/bundler/bundler/yaml_serializer_spec.rb | 4 |
3 files changed, 15 insertions, 15 deletions
diff --git a/spec/bundler/bundler/settings_spec.rb b/spec/bundler/bundler/settings_spec.rb index 7c64c1c907..592db81e9b 100644 --- a/spec/bundler/bundler/settings_spec.rb +++ b/spec/bundler/bundler/settings_spec.rb @@ -200,7 +200,7 @@ that would suck --ehhh=oh geez it looks like i might have broken bundler somehow end context "with a configured mirror" do - let(:mirror_uri) { Gem::URI("https://rubygems-mirror.org/") } + let(:mirror_uri) { Gem::URI("https://example-mirror.rubygems.org/") } before { settings.set_local "mirror.https://rubygems.org/", mirror_uri.to_s } @@ -277,12 +277,12 @@ that would suck --ehhh=oh geez it looks like i might have broken bundler somehow end it "normalizes HTTP URIs in mirror configuration" do - settings.set_local "mirror.http://rubygems.org", "http://rubygems-mirror.org" + settings.set_local "mirror.http://rubygems.org", "http://example-mirror.rubygems.org" expect(settings.all).to include("mirror.http://rubygems.org/") end it "normalizes HTTPS URIs in mirror configuration" do - settings.set_local "mirror.https://rubygems.org", "http://rubygems-mirror.org" + settings.set_local "mirror.https://rubygems.org", "http://example-mirror.rubygems.org" expect(settings.all).to include("mirror.https://rubygems.org/") end @@ -297,9 +297,9 @@ that would suck --ehhh=oh geez it looks like i might have broken bundler somehow end it "reads older keys without trailing slashes" do - settings.set_local "mirror.https://rubygems.org", "http://rubygems-mirror.org" + settings.set_local "mirror.https://rubygems.org", "http://example-mirror.rubygems.org" expect(settings.mirror_for("https://rubygems.org/")).to eq( - Gem::URI("http://rubygems-mirror.org/") + Gem::URI("http://example-mirror.rubygems.org/") ) end @@ -323,8 +323,8 @@ that would suck --ehhh=oh geez it looks like i might have broken bundler somehow end it "converts older keys without trailing slashes and double underscore" do - config("BUNDLE_MIRROR__HTTPS://RUBYGEMS.ORG" => "http://rubygems-mirror.org") - expect(settings["mirror.https://rubygems.org/"]).to eq("http://rubygems-mirror.org") + config("BUNDLE_MIRROR__HTTPS://RUBYGEMS.ORG" => "http://example-mirror.rubygems.org") + expect(settings["mirror.https://rubygems.org/"]).to eq("http://example-mirror.rubygems.org") end it "ignores commented out keys" do @@ -347,8 +347,8 @@ that would suck --ehhh=oh geez it looks like i might have broken bundler somehow end it "reads newer keys format properly" do - config("BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/" => "http://rubygems-mirror.org") - expect(settings["mirror.https://rubygems.org/"]).to eq("http://rubygems-mirror.org") + config("BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/" => "http://example-mirror.rubygems.org") + expect(settings["mirror.https://rubygems.org/"]).to eq("http://example-mirror.rubygems.org") end end end diff --git a/spec/bundler/bundler/source/rubygems/remote_spec.rb b/spec/bundler/bundler/source/rubygems/remote_spec.rb index 56f3bee459..f2214ca8fe 100644 --- a/spec/bundler/bundler/source/rubygems/remote_spec.rb +++ b/spec/bundler/bundler/source/rubygems/remote_spec.rb @@ -106,8 +106,8 @@ RSpec.describe Bundler::Source::Rubygems::Remote do context "when a mirror with inline credentials is configured for the URI" do let(:uri) { Gem::URI("https://rubygems.org/") } - let(:mirror_uri_with_auth) { Gem::URI("https://username:[email protected]/") } - let(:mirror_uri_no_auth) { Gem::URI("https://rubygems-mirror.org/") } + let(:mirror_uri_with_auth) { Gem::URI("https://username:[email protected]/") } + let(:mirror_uri_no_auth) { Gem::URI("https://example-mirror.rubygems.org/") } before { Bundler.settings.temporary("mirror.https://rubygems.org/" => mirror_uri_with_auth.to_s) } @@ -132,8 +132,8 @@ RSpec.describe Bundler::Source::Rubygems::Remote do context "when a mirror with configured credentials is configured for the URI" do let(:uri) { Gem::URI("https://rubygems.org/") } - let(:mirror_uri_with_auth) { Gem::URI("https://#{credentials}@rubygems-mirror.org/") } - let(:mirror_uri_no_auth) { Gem::URI("https://rubygems-mirror.org/") } + let(:mirror_uri_with_auth) { Gem::URI("https://#{credentials}@example-mirror.rubygems.org/") } + let(:mirror_uri_no_auth) { Gem::URI("https://example-mirror.rubygems.org/") } before do Bundler.settings.temporary("mirror.https://rubygems.org/" => mirror_uri_no_auth.to_s) diff --git a/spec/bundler/bundler/yaml_serializer_spec.rb b/spec/bundler/bundler/yaml_serializer_spec.rb index de437f764a..9ff1579b76 100644 --- a/spec/bundler/bundler/yaml_serializer_spec.rb +++ b/spec/bundler/bundler/yaml_serializer_spec.rb @@ -112,10 +112,10 @@ RSpec.describe Bundler::YAMLSerializer do it "handles colon in key/value" do yaml = <<~YAML - BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/: http://rubygems-mirror.org + BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/: http://example-mirror.rubygems.org YAML - expect(serializer.load(yaml)).to eq("BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/" => "http://rubygems-mirror.org") + expect(serializer.load(yaml)).to eq("BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/" => "http://example-mirror.rubygems.org") end it "handles arrays inside hashes" do |