This repository was archived by the owner on Apr 14, 2023. It is now read-only.

Require MFA for RubyGems actions #306

Merged

kennyadsl merged 1 commit into solidusio:master from RyanofWoods:require-mfa-on-rubygems

Dec 7, 2021

+1 −0

Contributor

RyanofWoods commented Nov 24, 2021

This setting tells RubyGems that MFA is required for accounts to be able
perform any of these privileged operations:

gem push
gem yank
gem owner --add/remove
adding or removing owners using gem ownership page

This helps make the gem more secure, as users can be more confident
that gem updates were pushed by maintainers.

More information:
https://guides.rubygems.org/mfa-requirement-opt-in/
https://docs.rubocop.org/rubocop/cops_gemspec.html#gemspecrequiremfa


          Require MFA for RubyGems actions

c9ba93b

This setting tells RubyGems that MFA is required for accounts to be able
perform any of these privileged operations:
- gem push
- gem yank
- gem owner --add/remove
- adding or removing owners using gem ownership page

This helps make the gem more secure, as users can be more confident
that gem updates were pushed by maintainers.

More information:
https://guides.rubygems.org/mfa-requirement-opt-in/
https://docs.rubocop.org/rubocop/cops_gemspec.html#gemspecrequiremfa

RyanofWoods force-pushed the require-mfa-on-rubygems branch from bd61a77 to c9ba93b Compare

December 1, 2021 13:46

DanielePalombo approved these changes

View reviewed changes

DanielePalombo left a comment

👍

kennyadsl approved these changes

View reviewed changes

kennyadsl merged commit e2b87a4 into solidusio:master

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet