RubyGems
Replies: 2 comments
-
|
Seems like great candidate for RFC. Crucial would be to do that only for new installations and support the old way of storing credentials when still present. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Moved to a discussion until it becomes something more actionable or gets a RFC written for it. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Problem:
At the moment the
~/.bundle/configstores both credentials and global configuration as well.This is not ideal for versioning purposes. It does makes sense to version the file because global configurations like
BUNDLE_PATHare useful across multiple setups, but it's not safe to do it right now because credentials for accessing private gems (likeBUNDLE_GEMS__CONTRIBSYS__COMfor Sidekiq) would also be versioned, which is not desirable.Proposal:
These credentials should go to their own
~/.bundle/credentialsfile which would greatly help to avoid them getting leaked from public repositories, since there would be no point to version this specifically file.I'd gladly jump into this if the core team finds it worthy.
Let me know what you think.
Beta Was this translation helpful? Give feedback.
All reactions