delta/gitlab/gitlab-ce.git/lib/safe_zip, branch docs/fix-note-list gitlab.com: gitlab-org/gitlab-ce.git Fix uninitialized constant with GitLab Pages deploy 2019-01-31T15:52:51+00:00 Stan Hu stanhu@gmail.com 2019-01-29T15:49:59+00:00 fc5ebc3cb8ba366a199219a71f9fb7da30ef0001 pages:deploy step was failing with the following error: ``` unitialized constant SafeZip::Extract::Zip ``` Since license_finder already pulls in rubyzip, we can make it a required gem. We also use the scope operator to make the reference to Zip::File explicit. 
pages:deploy step was failing with the following error:

```
unitialized constant SafeZip::Extract::Zip
```

Since license_finder already pulls in rubyzip, we can make it
a required gem. We also use the scope operator to make the reference to
Zip::File explicit.
Extract GitLab Pages using RubyZip 2019-01-31T15:52:48+00:00 Kamil TrzciƄski ayufan@ayufan.eu 2019-01-02T19:01:11+00:00 66744469d4f2c444c0248b84096d252db749d01c RubyZip allows us to perform strong validation of expanded paths where we do extract file. We introduce the following additional checks to extract routines: 1. None of path components can be symlinked, 2. We drop privileges support for directories, 3. Symlink source needs to point within the target directory, like `public/`, 4. The symlink source needs to exist ahead of time. 
RubyZip allows us to perform strong validation of
expanded paths where we do extract file.

We introduce the following additional checks
to extract routines:

1. None of path components can be symlinked,
2. We drop privileges support for directories,
3. Symlink source needs to point within the target directory,
   like `public/`,
4. The symlink source needs to exist ahead of time.