From 7220e47558f11157d06e1d083c9c62aa6f17b5b1 Mon Sep 17 00:00:00 2001
From: Priit Tark <priit@gitlab.eu>
Date: Fri, 26 Jun 2015 14:11:53 +0300
Subject: [PATCH] Bundler uses https only for fetching gems #2711

---
 Gemfile      | 11 ++++++++++-
 Gemfile.lock | 22 ++++++++++++++--------
 2 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/Gemfile b/Gemfile
index e040fcac8..4e1c757c1 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,3 +1,10 @@
+# Use https only for accessing github
+# https://github.com/bundler/bundler/pull/3447
+git_source(:github) do |repo_name|
+  repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
+  "https://github.com/#{repo_name}.git"
+end if Bundler::VERSION < '2'
+
 source 'https://rubygems.org'
 
 # core
@@ -130,7 +137,9 @@ group :development, :test do
   gem 'simplecov',     '~> 0.9.1', require: false
   gem 'rubycritic',    '~> 1.1.1'
   gem 'bullet',        '~> 4.14.4' # for finding database optimizations
-  gem 'bundler-audit', '~> 0.3.1'  # for finding future vulnerable gems
+  gem 'bundler-audit', 
+    github: 'rubysec/bundler-audit',
+    ref: 'f89ef7fae1090bbad825ea76812d56d72b417055' # for finding future vulnerable gems
   gem 'brakeman',      '~> 2.6.2', require: false # for security audit'
   # tmp, otherwise conflics with breakman
   gem 'html2haml', github: 'haml/html2haml', ref: '6984f50bdbbd6291535027726a5697f28778ee8d'
diff --git a/Gemfile.lock b/Gemfile.lock
index 463b6afad..259c87e03 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,5 +1,5 @@
 GIT
-  remote: git://github.com/airblade/paper_trail.git
+  remote: https://github.com/airblade/paper_trail.git
   revision: a453811226ec4ea59753ba6b827e390ced2fc140
   ref: a453811226ec4ea59753ba6b827e390ced2fc140
   specs:
@@ -9,7 +9,7 @@ GIT
       request_store (~> 1.1.0)
 
 GIT
-  remote: git://github.com/gitlabeu/data_migrate.git
+  remote: https://github.com/gitlabeu/data_migrate.git
   revision: 35d22b09ff37a4e9d61ab326ad5d8eb0edf1fc81
   ref: 35d22b09ff37a4e9d61ab326ad5d8eb0edf1fc81
   specs:
@@ -17,7 +17,7 @@ GIT
       rails (>= 4.1.0)
 
 GIT
-  remote: git://github.com/haml/html2haml.git
+  remote: https://github.com/haml/html2haml.git
   revision: 6984f50bdbbd6291535027726a5697f28778ee8d
   ref: 6984f50bdbbd6291535027726a5697f28778ee8d
   specs:
@@ -28,13 +28,22 @@ GIT
       ruby_parser (~> 3.5)
 
 GIT
-  remote: git://github.com/internetee/epp.git
+  remote: https://github.com/internetee/epp.git
   revision: 505c3f2739eb1da918e54111aecfb138a822739d
   specs:
     epp (1.4.2)
       hpricot
       libxml-ruby
 
+GIT
+  remote: https://github.com/rubysec/bundler-audit.git
+  revision: f89ef7fae1090bbad825ea76812d56d72b417055
+  ref: f89ef7fae1090bbad825ea76812d56d72b417055
+  specs:
+    bundler-audit (0.4.0)
+      bundler (~> 1.2)
+      thor (~> 0.18)
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -121,9 +130,6 @@ GEM
     bullet (4.14.7)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.9.0)
-    bundler-audit (0.3.1)
-      bundler (~> 1.2)
-      thor (~> 0.18)
     cancancan (1.9.2)
     capybara (2.4.4)
       mime-types (>= 1.16)
@@ -522,7 +528,7 @@ DEPENDENCIES
   bootstrap-sass (~> 3.3.4.1)
   brakeman (~> 2.6.2)
   bullet (~> 4.14.4)
-  bundler-audit (~> 0.3.1)
+  bundler-audit!
   cancancan (~> 1.9.2)
   capybara (~> 2.4.1)
   coderay (~> 1.1.0)