Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Require multi-factor authentication to push new releases to RubyGems #1443

Merged
merged 1 commit into from Jun 8, 2022
Merged

Require multi-factor authentication to push new releases to RubyGems #1443

merged 1 commit into from Jun 8, 2022

Conversation

timrogers
Copy link
Contributor

This updates our gemspec to opt in to enforce multi-factor authentication (MFA) whenever we want to push releases of the gem, yank releases or add or remove owners.

This will increase the security of our users by making it more difficult for a bad actor to release a version of Octokit.rb.

After this is merged, the change will take effect from the first new release.

Fixes #1438.

@timrogers timrogers requested a review from nickfloyd June 8, 2022 11:31
@timrogers
Require multi-factor authentication to push new releases to RubyGems
a07fcca 
This updates our gemspec to opt in to enforce multi-factor
authentication (MFA) whenever we want to push releases of the gem,
yank releases or add or remove owners.

This will increase the security of our users by making it more
difficult for a bad actor to release a version of Octokit.rb.

After this is merged, the change will take effect from the first
new release.

Fixes #1438.
nickfloyd
nickfloyd approved these changes Jun 8, 2022
View reviewed changes
Copy link
Contributor

@nickfloyd nickfloyd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❤️ 🔏

@nickfloyd nickfloyd merged commit c1f4c60 into 4-stable Jun 8, 2022
@nickfloyd nickfloyd deleted the rubygems-mfa branch June 8, 2022 16:13
@nate2014jatc nate2014jatc mentioned this pull request Jun 15, 2022
Merged
@nickfloyd nickfloyd added Type: Maintenance Any dependency, housekeeping, and clean up Issue or PR Type: Feature New feature or request and removed housekeeping labels Oct 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nickfloyd nickfloyd nickfloyd approved these changes

Assignees
No one assigned
Labels
Type: Feature New feature or request Type: Maintenance Any dependency, housekeeping, and clean up Issue or PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update gemspec to require multi-factor authentication to push releases
2 participants
@timrogers @nickfloyd