From efcc361b32082670aacc873b3ffa10806bf90e6c Mon Sep 17 00:00:00 2001
From: Prathamesh Sonpatki <csonpatki@gmail.com>
Date: Fri, 18 Nov 2016 12:17:22 +0530
Subject: Use secure source for gems referencing "github" in the generated apps

- New apps generated on master and latest bundler give warning about
  "github" source being insecure.
- Use the same solution used for Rails master in the generated app's
  Gemfile to fix this issue.
---
 railties/lib/rails/generators/rails/app/templates/Gemfile | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'railties')

diff --git a/railties/lib/rails/generators/rails/app/templates/Gemfile b/railties/lib/rails/generators/rails/app/templates/Gemfile
index 422217286c..f1015b16d5 100644
--- a/railties/lib/rails/generators/rails/app/templates/Gemfile
+++ b/railties/lib/rails/generators/rails/app/templates/Gemfile
@@ -1,5 +1,10 @@
 source 'https://rubygems.org'
 
+git_source(:github) do |repo_name|
+  repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
+  "https://github.com/#{repo_name}.git"
+end
+
 <% gemfile_entries.each do |gem| -%>
 <% if gem.comment -%>
 
-- 
cgit v1.2.3