mapwarper
mapwarper copied to clipboard
timwaters
Improve security for the rubygems on GitHub with https instead of git
Hi, Tim,
When installing the rubygems on GitHub, three of them raise warnings.
This looks to be a feature of bundler >=1.13.0. https://github.com/bundler/bundler/blob/1-13-stable/lib/bundler/dsl.rb#L268..L273
This PR declares usage of https, remove the warnings and improve users security.
vagrant@vagrant-ubuntu-trusty-64:/srv/mapwarper$ bundle install
The git source `git://github.com/timwaters/audited.git` uses the `git` protocol, which transmits data without encryption. Disable this warning with `bundle config git.allow_insecure true`, or switch to the `https` protocol to keep your data secure.
The git source `git://github.com/timwaters/actionpack-action_caching.git` uses the `git` protocol, which transmits data without encryption. Disable this warning with `bundle config git.allow_insecure true`, or switch to the `https` protocol to keep your data secure.
The git source `git://github.com/rails-api/active_model_serializers.git` uses the `git` protocol, which transmits data without encryption. Disable this warning with `bundle config git.allow_insecure true`, or switch to the `https` protocol to keep your data secure.
Fetching gem metadata from https://rubygems.org/.........
