1. 31 Jan, 2019 2 commits
    • Stan Hu's avatar
      Fix uninitialized constant with GitLab Pages deploy · fc5ebc3c
      Stan Hu authored
      pages:deploy step was failing with the following error:
      
      ```
      unitialized constant SafeZip::Extract::Zip
      ```
      
      Since license_finder already pulls in rubyzip, we can make it
      a required gem. We also use the scope operator to make the reference to
      Zip::File explicit.
      fc5ebc3c
    • Kamil Trzciński's avatar
      Extract GitLab Pages using RubyZip · 66744469
      Kamil Trzciński authored
      RubyZip allows us to perform strong validation of
      expanded paths where we do extract file.
      
      We introduce the following additional checks
      to extract routines:
      
      1. None of path components can be symlinked,
      2. We drop privileges support for directories,
      3. Symlink source needs to point within the target directory,
         like `public/`,
      4. The symlink source needs to exist ahead of time.
      66744469
  2. 29 Jan, 2019 1 commit
    • Stan Hu's avatar
      Fix uninitialized constant with GitLab Pages deploy · 6fa5fd85
      Stan Hu authored
      pages:deploy step was failing with the following error:
      
      ```
      unitialized constant SafeZip::Extract::Zip
      ```
      
      Since license_finder already pulls in rubyzip, we can make it
      a required gem. We also use the scope operator to make the reference to
      Zip::File explicit.
      6fa5fd85
  3. 22 Jan, 2019 1 commit
    • Kamil Trzciński's avatar
      Extract GitLab Pages using RubyZip · 1a8100cf
      Kamil Trzciński authored
      RubyZip allows us to perform strong validation of
      expanded paths where we do extract file.
      
      We introduce the following additional checks
      to extract routines:
      
      1. None of path components can be symlinked,
      2. We drop privileges support for directories,
      3. Symlink source needs to point within the target directory,
         like `public/`,
      4. The symlink source needs to exist ahead of time.
      1a8100cf