Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Be able to set an SSL verify mode on faraday #982

Merged
merged 3 commits into from
Feb 1, 2018
Merged

Be able to set an SSL verify mode on faraday #982

merged 3 commits into from
Feb 1, 2018

Conversation

taquitos
Copy link
Contributor

tarebyte
tarebyte requested changes Feb 1, 2018
View reviewed changes
Copy link
Member

@tarebyte tarebyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few bits of feedback, thanks @taquitos!

lib/octokit/default.rb Outdated
# Default SSL verify mode from ENV
# @return [String]
def ssl_verify_mode
ENV['OCTOKIT_SSL_VERIFY_MODE']
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So because most folks will not have this set, it will default to false which is a breaking change.

See https://github.com/lostisland/faraday/blob/923f90558c22326c9a757a7ff9dfb3a006d0abc8/lib/faraday/adapter/net_http.rb#L124-L130 for the implementation details

What do you think about doing something like this instead?

ENV.fetch("OCTOKIT_SSL_VERIFY_MODE") { true }

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That makes sense, totally forgot about defaults.

spec/octokit/client_spec.rb
end
conn = Octokit.client.send(:agent).instance_variable_get(:"@conn")
expect(conn.ssl[:verify_mode]).to eq(OpenSSL::SSL::VERIFY_NONE)
end
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a test here to ensure the expected default remains unchanged?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Of course, good call

Joshua Liebowitz added 2 commits February 1, 2018 11:42
Added default SSL_VERIFY mode
8afa2e1
Update ENV fetching to match file style
821f5e8 
update spec to add default ssl value checking
@taquitos
Copy link
Contributor Author

taquitos commented Feb 1, 2018

Alright, all up-to-date 🎉

@tarebyte tarebyte merged commit 63ed990 into octokit:master Feb 1, 2018
@taquitos taquitos deleted the issue_981 branch February 1, 2018 22:31
@KrauseFx
Copy link

KrauseFx commented Feb 1, 2018

So great to see this merged 🎉 Thanks!

@BasThomas BasThomas mentioned this pull request Feb 5, 2018
Closed
@tarebyte
Copy link
Member

tarebyte commented May 8, 2018

This has been released as part of https://github.com/octokit/octokit.rb/releases/tag/v4.9.0

@KrauseFx
Copy link

KrauseFx commented May 8, 2018

Awesome, thanks for keeping us posted 👍

@tnaoto tnaoto mentioned this pull request Jan 9, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tarebyte tarebyte tarebyte approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@taquitos @KrauseFx @tarebyte