From e83dcb1bda8ad2f82733b4d397612dd0230f5d14 Mon Sep 17 00:00:00 2001 From: Rahul Zhade Date: Sun, 8 Dec 2024 13:41:09 -0500 Subject: [PATCH 1/5] Update README and remove old files --- .ruby-gemset | 1 - .ruby-version | 1 - README.md | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) delete mode 100644 .ruby-gemset delete mode 100644 .ruby-version diff --git a/.ruby-gemset b/.ruby-gemset deleted file mode 100644 index 5a6c467b..00000000 --- a/.ruby-gemset +++ /dev/null @@ -1 +0,0 @@ -secureheaders diff --git a/.ruby-version b/.ruby-version deleted file mode 100644 index 94ff29cc..00000000 --- a/.ruby-version +++ /dev/null @@ -1 +0,0 @@ -3.1.1 diff --git a/README.md b/README.md index 1683c84f..598cdd59 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Secure Headers ![Build + Test](https://github.com/github/secure_headers/workflows/Build%20+%20Test/badge.svg?branch=main) -**main branch represents 6.x line**. See the [upgrading to 4.x doc](docs/upgrading-to-4-0.md), [upgrading to 5.x doc](docs/upgrading-to-5-0.md), or [upgrading to 6.x doc](docs/upgrading-to-6-0.md) for instructions on how to upgrade. Bug fixes should go in the 5.x branch for now. +**main branch represents 7.x line**. See the [upgrading to 4.x doc](docs/upgrading-to-4-0.md), [upgrading to 5.x doc](docs/upgrading-to-5-0.md), [upgrading to 6.x doc](docs/upgrading-to-6-0.md) or [upgrading to 7.x doc](docs/upgrading-to-7-0.md) for instructions on how to upgrade. Bug fixes should go in the `6.x` branch for now. The gem will automatically apply several headers that are related to security. This includes: - Content Security Policy (CSP) - Helps detect/prevent XSS, mixed-content, and other classes of attack. [CSP 2 Specification](https://www.w3.org/TR/CSP2/) From 65581bad05d2467f97ce54db67fb397af6a250d5 Mon Sep 17 00:00:00 2001 From: Rahul Zhade Date: Sun, 8 Dec 2024 13:41:42 -0500 Subject: [PATCH 2/5] Remove CI files from Gem build --- secure_headers.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/secure_headers.gemspec b/secure_headers.gemspec index af0e2187..deec4bf7 100644 --- a/secure_headers.gemspec +++ b/secure_headers.gemspec @@ -15,7 +15,7 @@ Gem::Specification.new do |gem| strict-transport-security, etc.' gem.homepage = "https://github.com/github/secure_headers" gem.license = "MIT" - gem.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR) + gem.files = Dir["lib/**/*", "spec/**/*", "bin/**/*", "docs/**/*", "*.md"] + ["LICENSE", "Gemfile", "Guardfile", "Rakefile", ".rspec", ".rubocop.yml", ".gitignore", "secure_headers.gemspec"] gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) } gem.test_files = gem.files.grep(%r{^(test|spec|features)/}) gem.require_paths = ["lib"] From 52256a2ea9eafa775464879b62cdd46557064275 Mon Sep 17 00:00:00 2001 From: Rahul Zhade Date: Wed, 11 Dec 2024 13:07:37 -0500 Subject: [PATCH 3/5] Remove docs file and extraneous Markdown files --- secure_headers.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/secure_headers.gemspec b/secure_headers.gemspec index deec4bf7..e79531ab 100644 --- a/secure_headers.gemspec +++ b/secure_headers.gemspec @@ -15,7 +15,7 @@ Gem::Specification.new do |gem| strict-transport-security, etc.' gem.homepage = "https://github.com/github/secure_headers" gem.license = "MIT" - gem.files = Dir["lib/**/*", "spec/**/*", "bin/**/*", "docs/**/*", "*.md"] + ["LICENSE", "Gemfile", "Guardfile", "Rakefile", ".rspec", ".rubocop.yml", ".gitignore", "secure_headers.gemspec"] + gem.files = Dir["bin/**/*", "lib/**/*", "spec/**/*"] + ["README.md", "Gemfile", "Guardfile", "Rakefile", ".rspec", ".rubocop.yml", "secure_headers.gemspec"] gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) } gem.test_files = gem.files.grep(%r{^(test|spec|features)/}) gem.require_paths = ["lib"] From 088d62cc7e17487aa2e7710a03a4df527a99ed15 Mon Sep 17 00:00:00 2001 From: Rahul Zhade Date: Wed, 11 Dec 2024 15:12:21 -0500 Subject: [PATCH 4/5] Redo Gemspec file --- secure_headers.gemspec | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/secure_headers.gemspec b/secure_headers.gemspec index e79531ab..f8b6c5b9 100644 --- a/secure_headers.gemspec +++ b/secure_headers.gemspec @@ -14,10 +14,20 @@ Gem::Specification.new do |gem| including content-security-policy, x-frame-options, strict-transport-security, etc.' gem.homepage = "https://github.com/github/secure_headers" + gem.metadata = { + "bug_tracker_uri" => "https://github.com/github/secure_headers/issues", + "changelog_uri" => "https://github.com/github/secure_headers/blob/master/CHANGELOG.md", + "documentation_uri" => "https://rubydoc.info/gems/secure_headers", + "homepage_uri" => gem.homepage, + "source_code_uri" => "https://github.com/github/secure_headers", + "rubygems_mfa_required" => "true", + } gem.license = "MIT" - gem.files = Dir["bin/**/*", "lib/**/*", "spec/**/*"] + ["README.md", "Gemfile", "Guardfile", "Rakefile", ".rspec", ".rubocop.yml", "secure_headers.gemspec"] - gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) } - gem.test_files = gem.files.grep(%r{^(test|spec|features)/}) + + gem.files = Dir["bin/**/*", "lib/**/*", "README.md", "CHANGELOG.md", "LICENSE", "Gemfile", "secure_headers.gemspec"] gem.require_paths = ["lib"] + + gem.extra_rdoc_files = Dir["README.md", "CHANGELOG.md", "LICENSE"] + gem.add_development_dependency "rake" end From 957fa0c8a9151cb68dcaf9c673ac821a3fec16f9 Mon Sep 17 00:00:00 2001 From: Rahul Zhade Date: Mon, 16 Dec 2024 12:17:30 -0500 Subject: [PATCH 5/5] Pin ruby version in dev --- .ruby-version | 1 + 1 file changed, 1 insertion(+) create mode 100644 .ruby-version diff --git a/.ruby-version b/.ruby-version new file mode 100644 index 00000000..8a4b2758 --- /dev/null +++ b/.ruby-version @@ -0,0 +1 @@ +3.1.6 \ No newline at end of file