[Rubygems-developers] [PATCH] Add Gem Signing Support to RubyGems
Chad Fowler
chad at chadfowler.com
Tue Apr 26 18:49:21 EDT 2005
On 26-Apr-05, at 4:22 PM, Paul Duncan wrote:
> Hi Everyone,
>
> Attached is a patch against RubyGems 0.8.10 that adds cryptographic
> signature support to Ruby Gems via OpenSSL. Attached to this email
> (and included in the patch under doc/) is some fairly detailed and
> (hopefully) straightforward documentation explaining how to adjust your
> security policy, create a gem signing certificate, and sign your own
> gems.
>
> These changes should be backwards compatible (ie, signed gems will work
> properly in older versions of Ruby Gems).
>
> The patch (and PGP signature) are also available online at the
> following
> URLs:
>
> http://pablotron.org/files/rubygems-0.8.10-sign.diff.gz
> http://pablotron.org/files/rubygems-0.8.10-sign.diff.gz.asc
>
> PS. I let Chad know that this patch was coming a couple weeks ago, so
> if
> it doesn't apply clean for any reason, he's the one to throw rocks at,
> not me! :)
>
Wow, Paul. This is great. I haven't had a chance to try it out yet,
but i read the docs and was very impressed. Wonderful job documenting,
too!
Any other RubyGemmers that are more signing-savvy than me want to take
a look?
Chad
More information about the Rubygems-developers
mailing list