amazon_ssa_support.gemspec
metadata['rubygems_mfa_required']
must be set to 'true'
. Open
Open
Gem::Specification.new do |spec|
spec.name = "amazon_ssa_support"
spec.version = AmazonSsaSupport::VERSION
spec.authors = ["ManageIQ Developers"]
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Requires a gemspec to have rubygems_mfa_required
metadata set.
This setting tells RubyGems that MFA (Multi-Factor Authentication) is required for accounts to be able perform privileged operations, such as (see RubyGems' documentation for the full list of privileged operations):
gem push
gem yank
gem owner --add/remove
- adding or removing owners using gem ownership page
This helps make your gem more secure, as users can be more confident that gem updates were pushed by maintainers.
Example:
# bad
Gem::Specification.new do |spec|
# no `rubygems_mfa_required` metadata specified
end
# good
Gem::Specification.new do |spec|
spec.metadata = {
'rubygems_mfa_required' => 'true'
}
end
# good
Gem::Specification.new do |spec|
spec.metadata['rubygems_mfa_required'] = 'true'
end
# bad
Gem::Specification.new do |spec|
spec.metadata = {
'rubygems_mfa_required' => 'false'
}
end
# good
Gem::Specification.new do |spec|
spec.metadata = {
'rubygems_mfa_required' => 'true'
}
end
# bad
Gem::Specification.new do |spec|
spec.metadata['rubygems_mfa_required'] = 'false'
end
# good
Gem::Specification.new do |spec|
spec.metadata['rubygems_mfa_required'] = 'true'
end
Dependencies should be sorted in an alphabetical order within their section of the gemspec. Dependency aws-sdk-ec2
should appear before aws-sdk-sqs
. Open
Open
spec.add_dependency "aws-sdk-ec2", "~> 1.0"
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Dependencies in the gemspec should be alphabetically sorted.
Example:
# bad
spec.add_dependency 'rubocop'
spec.add_dependency 'rspec'
# good
spec.add_dependency 'rspec'
spec.add_dependency 'rubocop'
# good
spec.add_dependency 'rubocop'
spec.add_dependency 'rspec'
# bad
spec.add_development_dependency 'rubocop'
spec.add_development_dependency 'rspec'
# good
spec.add_development_dependency 'rspec'
spec.add_development_dependency 'rubocop'
# good
spec.add_development_dependency 'rubocop'
spec.add_development_dependency 'rspec'
# bad
spec.add_runtime_dependency 'rubocop'
spec.add_runtime_dependency 'rspec'
# good
spec.add_runtime_dependency 'rspec'
spec.add_runtime_dependency 'rubocop'
# good
spec.add_runtime_dependency 'rubocop'
spec.add_runtime_dependency 'rspec'
Example: TreatCommentsAsGroupSeparators: true (default)
# good
# For code quality
spec.add_dependency 'rubocop'
# For tests
spec.add_dependency 'rspec'
Example: TreatCommentsAsGroupSeparators: false
# bad
# For code quality
spec.add_dependency 'rubocop'
# For tests
spec.add_dependency 'rspec'