Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bundler/InsecureProtocolSource shoudl detect http://rubygems.org #10103

Closed
tas50 opened this issue Sep 21, 2021 · 1 comment · Fixed by #10104
Closed

Bundler/InsecureProtocolSource shoudl detect http://rubygems.org #10103

tas50 opened this issue Sep 21, 2021 · 1 comment · Fixed by #10104

Comments

@tas50
Copy link
Contributor

tas50 commented Sep 21, 2021

Is your feature request related to a problem? Please describe.

The Bundler/InsecureProtocolSource cop should detect http://rubygems.org and replace it with the https version.

Describe the solution you'd like

Describe alternatives you've considered

A clear and concise description of any alternative solutions or features you've considered.

Additional context

This should error:

source 'http://rubygems.org'

gem 'coveralls', require: false
@koic
Copy link
Member

koic commented Sep 21, 2021

I opened #10104 to add optional customizable option.

koic added a commit to koic/rubocop that referenced this issue Sep 21, 2021
…reProtocolSource`

Fixes rubocop#10103.

This PR adds `AllowHttpProtocol` option to `Bundler/InsecureProtocolSource`.

This `AllowHttpProtocol` option is `true` by default for safe autocorrection.
If user don't allow `http://`, set `false` to the option.
bbatsov pushed a commit that referenced this issue Sep 22, 2021
…colSource`

Fixes #10103.

This PR adds `AllowHttpProtocol` option to `Bundler/InsecureProtocolSource`.

This `AllowHttpProtocol` option is `true` by default for safe autocorrection.
If user don't allow `http://`, set `false` to the option.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants