This repository has been archived by the owner on Apr 14, 2021. It is now read-only.
Make URLs in document consistent and secure #6935
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Thanks for opening a pull request and helping make Bundler better! Someone from the Bundler team will take a look at your pull request shortly and leave any feedback. Please make sure that your pull request has tests for any changes or added functionality. We use Travis CI to test and make sure your change works functionally and uses acceptable conventions, you can review the current progress of Travis CI in the PR status window below. If you have any questions or concerns that you wish to ask, feel free to leave a comment in this PR or join our #bundler channel on Slack. For more information about contributing to the Bundler project feel free to review our CONTRIBUTING guide |
|
@bundlerbot r+ |
ghost
pushed a commit
that referenced
this pull request
Jan 28, 2019
6935: Make URLs in document consistent and secure r=greysteil a=aeroastro ### What was the end-user problem that led to this PR? There are 3 documentation problems * End-users experience 301 redirect when visiting http://www.bundler.io and http://bundler.io * End-users might accidentally send email addresses via http version of https://slack.bundler.io, which is not redirected automatically. * Partially fixing this is O.K., but consistent URLs throughout the documentation are easy to use. ### What was your diagnosis of the problem? I have manually visited the Slack invitation URL on https://bundler.io/ and noticed the problem. Following are the simple curl command to explain this problem. ``` $ curl -I http://slack.bundler.io HTTP/1.1 200 OK Server: Cowboy Connection: keep-alive X-Powered-By: Express Content-Type: text/html; charset=utf-8 Content-Length: 3726 Etag: W/"QPm3qygnJrqeFm+KK+VifA==" Date: Mon, 28 Jan 2019 07:32:02 GMT Via: 1.1 vegur ``` ``` $ curl -I http://www.bundler.io HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://bundler.io X-Redirector-Version: 84a0a5c Date: Mon, 28 Jan 2019 07:32:28 GMT ``` ``` $ curl -I http://bundler.io HTTP/1.1 301 Moved Permanently Server: GitHub.com Content-Type: text/html Location: https://bundler.io/ X-GitHub-Request-Id: FF7E:37F3:4DD47F:595032:5C4EB012 Content-Length: 178 Accept-Ranges: bytes Date: Mon, 28 Jan 2019 07:32:35 GMT Via: 1.1 varnish Age: 0 Connection: keep-alive X-Served-By: cache-nrt6127-NRT X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1548660755.461639,VS0,VE91 Vary: Accept-Encoding X-Fastly-Request-ID: 8c832766ee3154dc26abd3e1adcd1258a243e4ce ``` ### What is your fix for the problem, implemented in this PR? My fix is to replace old URLs with new URLs. * Replace Slack invitation URLs with safe https ones * Replace http://www.bundler.io with https://bundler.io * Replace http://bundler.io with https://bundler.io ### Why did you choose this fix out of the possible options? Because rewriting URLs on document is easy and simple. Optionally, if someone could implement 301 redirect on Slack invitation URL, it would further help the issue. Co-authored-by: Takumasa Ochi <[email protected]>
Build succeeded |
ghost
merged commit 
|
Thank you ❤️ |
colby-swandale
pushed a commit
that referenced
this pull request
Apr 4, 2019
6935: Make URLs in document consistent and secure r=greysteil a=aeroastro There are 3 documentation problems * End-users experience 301 redirect when visiting http://www.bundler.io and http://bundler.io * End-users might accidentally send email addresses via http version of https://slack.bundler.io, which is not redirected automatically. * Partially fixing this is O.K., but consistent URLs throughout the documentation are easy to use. I have manually visited the Slack invitation URL on https://bundler.io/ and noticed the problem. Following are the simple curl command to explain this problem. ``` $ curl -I http://slack.bundler.io HTTP/1.1 200 OK Server: Cowboy Connection: keep-alive X-Powered-By: Express Content-Type: text/html; charset=utf-8 Content-Length: 3726 Etag: W/"QPm3qygnJrqeFm+KK+VifA==" Date: Mon, 28 Jan 2019 07:32:02 GMT Via: 1.1 vegur ``` ``` $ curl -I http://www.bundler.io HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://bundler.io X-Redirector-Version: 84a0a5c Date: Mon, 28 Jan 2019 07:32:28 GMT ``` ``` $ curl -I http://bundler.io HTTP/1.1 301 Moved Permanently Server: GitHub.com Content-Type: text/html Location: https://bundler.io/ X-GitHub-Request-Id: FF7E:37F3:4DD47F:595032:5C4EB012 Content-Length: 178 Accept-Ranges: bytes Date: Mon, 28 Jan 2019 07:32:35 GMT Via: 1.1 varnish Age: 0 Connection: keep-alive X-Served-By: cache-nrt6127-NRT X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1548660755.461639,VS0,VE91 Vary: Accept-Encoding X-Fastly-Request-ID: 8c832766ee3154dc26abd3e1adcd1258a243e4ce ``` My fix is to replace old URLs with new URLs. * Replace Slack invitation URLs with safe https ones * Replace http://www.bundler.io with https://bundler.io * Replace http://bundler.io with https://bundler.io Because rewriting URLs on document is easy and simple. Optionally, if someone could implement 301 redirect on Slack invitation URL, it would further help the issue. Co-authored-by: Takumasa Ochi <[email protected]> (cherry picked from commit 2b8015c)
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Sep 18, 2019
## 2.0.2 (2019-05-13) Changes: - Fixes for Bundler integration with ruby-src ([#6941](rubygems/bundler#6941), [#6973](rubygems/bundler#6973), [#6977](rubygems/bundler#6977), [#6315](rubygems/bundler#6315), [#7061](rubygems/bundler#7061)) - Use `__dir__` instead of `__FILE__` when generating a gem with `bundle gem` ([#6503](rubygems/bundler#6503)) - Use `https` on externals links in the Bundler gemspec ([#6721](rubygems/bundler#6721)) - Removed duplicate gem names from the suggested `did you mean` list for gem typos ([#6739](rubygems/bundler#6739)) - Removed Ruby 1.x compatibility code ([#6764](rubygems/bundler#6764), [#6806](rubygems/bundler#6806)) - Fixed an issue where `bundle remove` would crash with certain Gemfiles ([#6768](rubygems/bundler#6769)) - Fixed indentation in the Bundler executable template ([#6773](rubygems/bundler#6773)) - Fixed an issue where plugins could register for the same Bundler hook multiple times ([#6775](rubygems/bundler#6775)) - Changed the "multiple sources" message in `bundle install` to be a warning instead of an error ([#6790](rubygems/bundler#6790)) - Fixed a bug where path gems would break when using `only_update_to_newer_versions` ([#6774](rubygems/bundler#6774)) - Fixed a bug where installing plugins with the `--delpoyment` setting would fail ([#6805](rubygems/bundler#6805)) - Fixed an issue where `bundle update` couldn't update & install a gem when `no_install` was set (a `bundle package` config) ([#7078](rubygems/bundler#7078)) - Fixed an issue where users could not run `bundle exec` on default gems ([#6963](rubygems/bundler#6963)) - Updated vendor libraries to their latest version ([#7076](rubygems/bundler#7067), [#7068](rubygems/bundler#7068)) - Fixed an issue where the `github` source was not using `https` by default that we mentioned in the 2.0 release ([#7182](rubygems/bundler#7182)) - Fixed an issue where `rake release` was not outputting the message to users asking for a 2fa token ([#7199](rubygems/bundler#7199)) Documentation: - Fix incorrect documented `BUNDLE_PATH_RELATIVE_TO_CWD` env var ([#6751](rubygems/bundler#6751)) - Update URLs in Bundler's documentation to use `https` ([#6935](rubygems/bundler#6935)) ## 2.0.1 (2019-01-04) Changes: - Relaxed RubyGems requirement to `>= 2.5.0` ([#6867](rubygems/bundler#6867)) ## 2.0.0 (2019-01-03) No new changes ## 2.0.0.pre.3 (2018-12-30) Breaking Changes: - Bundler 2 now requires RubyGems 3.0.0 at minimum Changes: - Ruby 2.6 compatibility fixes (@segiddins) - Import changes from Bundler 1.17.3 release Note: To upgrade your Gemfile to Bundler 2 you will need to run `bundle update --bundler` ## 2.0.0.pre.2 (2018-11-27) Breaking Changes: - `:github` source in the Gemfile now defaults to using HTTPS Changes - Add compatibility for Bundler merge into ruby-src Note: To upgrade your Gemfile to Bundler 2 you will need to run `bundle update --bundler` ## 2.0.0.pre.1 (2018-11-09) Breaking Changes: - Dropped support for versions of Ruby < 2.3 - Dropped support for version of RubyGems < 2.5 - Moved error messages from STDOUT to STDERR Note: To upgrade your Gemfile to Bundler 2 you will need to run `bundle update --bundler`
This pull request was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What was the end-user problem that led to this PR?
There are 3 documentation problems
What was your diagnosis of the problem?
I have manually visited the Slack invitation URL on https://bundler.io/ and noticed the problem.
Following are the simple curl command to explain this problem.
What is your fix for the problem, implemented in this PR?
My fix is to replace old URLs with new URLs.
Why did you choose this fix out of the possible options?
Because rewriting URLs on document is easy and simple.
Optionally, if someone could implement 301 redirect on Slack invitation URL, it would further help the issue.