Fixes a WEBrick security flaw but also disables deprecation warnings by
default which is sad to see. We'll have to enable these ourselves if we
want to have an early warning sign of future breaking changes. 😢
[Release Notes](https://chl.li/lLaOn)
Resolves the following warning when using Homebrew 2.5.0:
Warning: Calling brew cask list is deprecated! Use brew list
Removed conditional checks for the Skitch, Witch, and OpenEmu
applications since they are no longer supported.
Links were updated and version information was dropped in order to
specify the bare minimum requirements and reduce situations where the
documentation might not always be up-to-date with the *exact* version
being used.
Turns out the rescue block wasn't providing a lot of additional aid as
the Bundler and Rake errors are sufficient. By removing this block, the
error output remains clear and improves readability.
It is necessary to drop Git Cop because it has been deprecated. [Git
Lint](https://www.alchemists.io/projects/git-lint) is the new offical
gem for analyzing Git commit quality.
Provides more clarity on the format desired when opening up an issue or
a pull request. The order of sections was rearranged to focus on the
*why* and *what* of the root issue.
Optional sections remain encouraged but are not required.
Addresses the following security issues:
- CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON
(Additional fix)
- CVE-2020-10933: Heap exposure vulnerability in the socket library
[Details](https://chl.li/ljREu).
Includes improved enforcement guidelines. Format has been switched to
ASCII Doc from Markdown in order to leverage enhanced documentation
capabilities.
Resolves several security vulnerabilities:
- CVE-2019-16255: A code injection vulnerability of Shell#[] and
Shell#test
- CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
- CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
File.fnmatch?
- CVE-2019-16201: Regular Expression Denial of Service vulnerability of
WEBrick’s Digest access authentication
[Details](https://is.gd/qWSrzR)
Was originally removed in this commit (a895090ca9) and has been
restored in order to handle situations where we have only a single file
install.
For example, the MacOS Config project needs this function in order to
properly install the Pathogem (Vim) file.
Fixed major issue with `Net::Protocol::BufferedIO#write` raising
`NoMethodError` when sending large multi-byte strings.
[Details](https://is.gd/cQ8wcl).
Brooke Kuhlmann