-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove unnecessary executable bit from several files #2645
Conversation
The files modified are never used as executable entry points.
@jdufresne I am not really sure what this PR is aiming to solve. Could you explain what issue you're solving and why are you adding empty files to the library? Thank you! |
I'm note sure why GitHub says "Empty file." but I'm not adding empty files. I'm removing the executable permission bit from files that do not need or use it. For example, on the main branch:
Note several files that are not zero bytes in size have the executable bit set ( If I checkout my branch, they no longer there:
The files modified still have non-zero sizes:
I noticed this by auditing all gems installed in my production and CI environments. Having unnecessary executable bit set is a slight security risk and it makes it easier for an unintended subprocess to run these script files. I don't think there would be a real danger in practice, but might as well apply best practices here. In general, a file should only have the executable permission set if it is intended to be run directly by the user as the main entry point to a program. That is not the case here. |
hum @jdufresne this is indeed strange. I am not sure about where this comes from. @koic @vbrazo @Zeragamba do you have any context about this? |
This probably came about due to some contributors using Windows while developing their feature |
Yeah, that seems like a likely source to me. |
@jdufresne do you mind copying and pasting the explanation you shared here in the PR description? We want to document the why for the future. @Zeragamba this one looks good to me. Could I assign it to you to approve/merge? Thank you! |
Merged :), and mentioned the comment in the commit message, so that should be good too |
The files modified are never used as executable entry points.