RubyGems - bundler - Versions diffs - 1.17.3 → 2.6.3 - Mend

bundler 1.17.3 → 2.6.3

Files changed (426) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +3354 -1258
data/LICENSE.md +18 -19
data/README.md +10 -15
data/bundler.gemspec +15 -33
data/exe/bundle +8 -10
data/exe/bundler +1 -1
data/lib/bundler/.document +1 -0
data/lib/bundler/build_metadata.rb +5 -13
data/lib/bundler/capistrano.rb +5 -5
data/lib/bundler/checksum.rb +254 -0
data/lib/bundler/ci_detector.rb +75 -0
data/lib/bundler/cli/add.rb +29 -15
data/lib/bundler/cli/binstubs.rb +13 -5
data/lib/bundler/cli/cache.rb +24 -17
data/lib/bundler/cli/check.rb +7 -5
data/lib/bundler/cli/clean.rb +1 -1
data/lib/bundler/cli/common.rb +50 -14
data/lib/bundler/cli/config.rb +171 -86
data/lib/bundler/cli/console.rb +3 -6
data/lib/bundler/cli/doctor.rb +29 -12
data/lib/bundler/cli/exec.rb +9 -25
data/lib/bundler/cli/fund.rb +36 -0
data/lib/bundler/cli/gem.rb +268 -53
data/lib/bundler/cli/info.rb +51 -18
data/lib/bundler/cli/init.rb +7 -3
data/lib/bundler/cli/inject.rb +2 -2
data/lib/bundler/cli/install.rb +55 -73
data/lib/bundler/cli/issue.rb +9 -8
data/lib/bundler/cli/list.rb +19 -11
data/lib/bundler/cli/lock.rb +56 -26
data/lib/bundler/cli/open.rb +10 -7
data/lib/bundler/cli/outdated.rb +159 -128
data/lib/bundler/cli/platform.rb +8 -6
data/lib/bundler/cli/plugin.rb +23 -12
data/lib/bundler/cli/pristine.rb +39 -26
data/lib/bundler/cli/remove.rb +1 -2
data/lib/bundler/cli/show.rb +7 -7
data/lib/bundler/cli/update.rb +51 -19
data/lib/bundler/cli/viz.rb +1 -1
data/lib/bundler/cli.rb +399 -390
data/lib/bundler/compact_index_client/cache.rb +55 -77
data/lib/bundler/compact_index_client/cache_file.rb +148 -0
data/lib/bundler/compact_index_client/gem_parser.rb +32 -0
data/lib/bundler/compact_index_client/parser.rb +84 -0
data/lib/bundler/compact_index_client/updater.rb +72 -84
data/lib/bundler/compact_index_client.rb +61 -73
data/lib/bundler/constants.rb +9 -2
data/lib/bundler/current_ruby.rb +20 -21
data/lib/bundler/definition.rb +663 -505
data/lib/bundler/dependency.rb +38 -71
data/lib/bundler/deployment.rb +1 -1
data/lib/bundler/digest.rb +71 -0
data/lib/bundler/dsl.rb +171 -152
data/lib/bundler/endpoint_specification.rb +43 -17
data/lib/bundler/env.rb +11 -18
data/lib/bundler/environment_preserver.rb +17 -8
data/lib/bundler/errors.rb +115 -14
data/lib/bundler/feature_flag.rb +15 -39
data/lib/bundler/fetcher/base.rb +12 -12
data/lib/bundler/fetcher/compact_index.rb +41 -47
data/lib/bundler/fetcher/dependency.rb +4 -8
data/lib/bundler/fetcher/downloader.rb +27 -20
data/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
data/lib/bundler/fetcher/index.rb +6 -33
data/lib/bundler/fetcher.rb +109 -90
data/lib/bundler/force_platform.rb +16 -0
data/lib/bundler/friendly_errors.rb +50 -55
data/lib/bundler/gem_helper.rb +81 -46
data/lib/bundler/gem_helpers.rb +78 -29
data/lib/bundler/gem_tasks.rb +1 -1
data/lib/bundler/gem_version_promoter.rb +68 -109
data/lib/bundler/graph.rb +11 -11
data/lib/bundler/index.rb +74 -82
data/lib/bundler/injector.rb +58 -26
data/lib/bundler/inline.rb +59 -35
data/lib/bundler/installer/gem_installer.rb +29 -29
data/lib/bundler/installer/parallel_installer.rb +38 -68
data/lib/bundler/installer/standalone.rb +76 -16
data/lib/bundler/installer.rb +60 -135
data/lib/bundler/lazy_specification.rb +161 -63
data/lib/bundler/lockfile_generator.rb +14 -5
data/lib/bundler/lockfile_parser.rb +150 -109
data/lib/bundler/man/bundle-add.1 +76 -0
data/lib/bundler/man/bundle-add.1.ronn +87 -0
data/{man → lib/bundler/man}/bundle-binstubs.1 +15 -22
data/{man/bundle-binstubs.ronn → lib/bundler/man/bundle-binstubs.1.ronn} +8 -7
data/lib/bundler/man/bundle-cache.1 +68 -0
data/lib/bundler/man/bundle-cache.1.ronn +108 -0
data/{man → lib/bundler/man}/bundle-check.1 +7 -14
data/{man/bundle-check.ronn → lib/bundler/man/bundle-check.1.ronn} +7 -2
data/{man → lib/bundler/man}/bundle-clean.1 +4 -11
data/{man/bundle-clean.ronn → lib/bundler/man/bundle-clean.1.ronn} +1 -1
data/{man → lib/bundler/man}/bundle-config.1 +80 -260
data/{man/bundle-config.ronn → lib/bundler/man/bundle-config.1.ronn} +104 -98
data/lib/bundler/man/bundle-console.1 +33 -0
data/lib/bundler/man/bundle-console.1.ronn +39 -0
data/{man → lib/bundler/man}/bundle-doctor.1 +5 -19
data/{man/bundle-doctor.ronn → lib/bundler/man/bundle-doctor.1.ronn} +1 -1
data/lib/bundler/man/bundle-env.1 +9 -0
data/lib/bundler/man/bundle-env.1.ronn +10 -0
data/{man → lib/bundler/man}/bundle-exec.1 +20 -78
data/{man/bundle-exec.ronn → lib/bundler/man/bundle-exec.1.ronn} +12 -10
data/lib/bundler/man/bundle-fund.1 +22 -0
data/lib/bundler/man/bundle-fund.1.ronn +25 -0
data/lib/bundler/man/bundle-gem.1 +87 -0
data/lib/bundler/man/bundle-gem.1.ronn +149 -0
data/lib/bundler/man/bundle-help.1 +9 -0
data/lib/bundler/man/bundle-help.1.ronn +12 -0
data/lib/bundler/man/bundle-info.1 +17 -0
data/lib/bundler/man/bundle-info.1.ronn +21 -0
data/{man → lib/bundler/man}/bundle-init.1 +8 -13
data/{man/bundle-init.ronn → lib/bundler/man/bundle-init.1.ronn} +5 -2
data/lib/bundler/man/bundle-inject.1 +31 -0
data/{man/bundle-inject.ronn → lib/bundler/man/bundle-inject.1.ronn} +12 -2
data/{man → lib/bundler/man}/bundle-install.1 +65 -155
data/{man/bundle-install.ronn → lib/bundler/man/bundle-install.1.ronn} +66 -57
data/lib/bundler/man/bundle-issue.1 +45 -0
data/lib/bundler/man/bundle-issue.1.ronn +37 -0
data/lib/bundler/man/bundle-licenses.1 +9 -0
data/lib/bundler/man/bundle-licenses.1.ronn +10 -0
data/{man → lib/bundler/man}/bundle-list.1 +9 -24
data/{man/bundle-list.ronn → lib/bundler/man/bundle-list.1.ronn} +10 -7
data/{man → lib/bundler/man}/bundle-lock.1 +25 -34
data/{man/bundle-lock.ronn → lib/bundler/man/bundle-lock.1.ronn} +25 -4
data/lib/bundler/man/bundle-open.1 +32 -0
data/{man/bundle-open.ronn → lib/bundler/man/bundle-open.1.ronn} +10 -1
data/{man → lib/bundler/man}/bundle-outdated.1 +23 -75
data/{man/bundle-outdated.ronn → lib/bundler/man/bundle-outdated.1.ronn} +21 -22
data/lib/bundler/man/bundle-platform.1 +49 -0
data/{man/bundle-platform.ronn → lib/bundler/man/bundle-platform.1.ronn} +14 -7
data/lib/bundler/man/bundle-plugin.1 +58 -0
data/lib/bundler/man/bundle-plugin.1.ronn +63 -0
data/{man → lib/bundler/man}/bundle-pristine.1 +5 -16
data/{man/bundle-pristine.ronn → lib/bundler/man/bundle-pristine.1.ronn} +1 -1
data/{man → lib/bundler/man}/bundle-remove.1 +4 -14
data/{man/bundle-remove.ronn → lib/bundler/man/bundle-remove.1.ronn} +1 -1
data/{man → lib/bundler/man}/bundle-show.1 +7 -11
data/{man/bundle-show.ronn → lib/bundler/man/bundle-show.1.ronn} +4 -0
data/{man → lib/bundler/man}/bundle-update.1 +35 -148
data/{man/bundle-update.ronn → lib/bundler/man/bundle-update.1.ronn} +21 -12
data/lib/bundler/man/bundle-version.1 +22 -0
data/lib/bundler/man/bundle-version.1.ronn +24 -0
data/{man → lib/bundler/man}/bundle-viz.1 +9 -18
data/{man/bundle-viz.ronn → lib/bundler/man/bundle-viz.1.ronn} +9 -3
data/{man → lib/bundler/man}/bundle.1 +19 -53
data/{man/bundle.ronn → lib/bundler/man/bundle.1.ronn} +14 -9
data/{man → lib/bundler/man}/gemfile.5 +139 -356
data/{man → lib/bundler/man}/gemfile.5.ronn +134 -97
data/{man → lib/bundler/man}/index.txt +9 -1
data/lib/bundler/match_metadata.rb +17 -0
data/lib/bundler/match_platform.rb +2 -3
data/lib/bundler/match_remote_metadata.rb +29 -0
data/lib/bundler/materialization.rb +59 -0
data/lib/bundler/mirror.rb +10 -12
data/lib/bundler/plugin/api/source.rb +34 -18
data/lib/bundler/plugin/api.rb +1 -1
data/lib/bundler/plugin/dsl.rb +1 -1
data/lib/bundler/plugin/events.rb +24 -0
data/lib/bundler/plugin/index.rb +44 -9
data/lib/bundler/plugin/installer/git.rb +0 -4
data/lib/bundler/plugin/installer/path.rb +18 -0
data/lib/bundler/plugin/installer/rubygems.rb +1 -9
data/lib/bundler/plugin/installer.rb +63 -27
data/lib/bundler/plugin/source_list.rb +5 -1
data/lib/bundler/plugin.rb +131 -45
data/lib/bundler/process_lock.rb +10 -14
data/lib/bundler/remote_specification.rb +22 -10
data/lib/bundler/resolver/base.rb +118 -0
data/lib/bundler/resolver/candidate.rb +82 -0
data/lib/bundler/resolver/incompatibility.rb +15 -0
data/lib/bundler/resolver/package.rb +90 -0
data/lib/bundler/resolver/root.rb +25 -0
data/lib/bundler/resolver/spec_group.rb +60 -68
data/lib/bundler/resolver.rb +454 -303
data/lib/bundler/retry.rb +6 -6
data/lib/bundler/ruby_dsl.rb +51 -7
data/lib/bundler/ruby_version.rb +23 -38
data/lib/bundler/rubygems_ext.rb +357 -98
data/lib/bundler/rubygems_gem_installer.rb +131 -65
data/lib/bundler/rubygems_integration.rb +149 -591
data/lib/bundler/runtime.rb +51 -51
data/lib/bundler/safe_marshal.rb +31 -0
data/lib/bundler/self_manager.rb +206 -0
data/lib/bundler/settings.rb +271 -135
data/lib/bundler/setup.rb +23 -12
data/lib/bundler/shared_helpers.rb +127 -117
data/lib/bundler/similarity_detector.rb +3 -3
data/lib/bundler/source/git/git_proxy.rb +326 -127
data/lib/bundler/source/git.rb +207 -88
data/lib/bundler/source/metadata.rb +19 -18
data/lib/bundler/source/path/installer.rb +11 -32
data/lib/bundler/source/path.rb +39 -38
data/lib/bundler/source/rubygems/remote.rb +3 -4
data/lib/bundler/source/rubygems.rb +223 -255
data/lib/bundler/source/rubygems_aggregate.rb +68 -0
data/lib/bundler/source.rb +33 -11
data/lib/bundler/source_list.rb +131 -66
data/lib/bundler/source_map.rb +71 -0
data/lib/bundler/spec_set.rb +239 -94
data/lib/bundler/stub_specification.rb +77 -39
data/lib/bundler/templates/Executable +3 -5
data/lib/bundler/templates/Executable.bundler +23 -19
data/lib/bundler/templates/Executable.standalone +4 -4
data/lib/bundler/templates/Gemfile +0 -2
data/lib/bundler/templates/newgem/CHANGELOG.md.tt +5 -0
data/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +104 -46
data/lib/bundler/templates/newgem/Cargo.toml.tt +7 -0
data/lib/bundler/templates/newgem/Gemfile.tt +19 -2
data/lib/bundler/templates/newgem/README.md.tt +18 -16
data/lib/bundler/templates/newgem/Rakefile.tt +44 -6
data/lib/bundler/templates/newgem/bin/console.tt +1 -4
data/lib/bundler/templates/newgem/circleci/config.yml.tt +25 -0
data/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +15 -0
data/lib/bundler/templates/newgem/ext/newgem/extconf-c.rb.tt +10 -0
data/lib/bundler/templates/newgem/ext/newgem/extconf-rust.rb.tt +6 -0
data/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +1 -1
data/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +12 -0
data/lib/bundler/templates/newgem/github/workflows/main.yml.tt +37 -0
data/lib/bundler/templates/newgem/gitignore.tt +3 -0
data/lib/bundler/templates/newgem/gitlab-ci.yml.tt +18 -0
data/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +2 -0
data/lib/bundler/templates/newgem/lib/newgem.rb.tt +4 -2
data/lib/bundler/templates/newgem/newgem.gemspec.tt +37 -40
data/lib/bundler/templates/newgem/rubocop.yml.tt +8 -0
data/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
data/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +2 -0
data/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +2 -1
data/lib/bundler/templates/newgem/standard.yml.tt +3 -0
data/lib/bundler/templates/newgem/test/minitest/test_helper.rb.tt +6 -0
data/lib/bundler/templates/newgem/test/{newgem_test.rb.tt → minitest/test_newgem.rb.tt} +3 -1
data/lib/bundler/templates/newgem/test/test-unit/newgem_test.rb.tt +15 -0
data/lib/bundler/templates/newgem/test/test-unit/test_helper.rb.tt +6 -0
data/lib/bundler/ui/rg_proxy.rb +2 -2
data/lib/bundler/ui/shell.rb +64 -23
data/lib/bundler/ui/silent.rb +33 -6
data/lib/bundler/ui.rb +3 -3
data/lib/bundler/uri_credentials_filter.rb +11 -5
data/lib/bundler/uri_normalizer.rb +23 -0
data/lib/bundler/vendor/.document +1 -0
data/lib/bundler/vendor/connection_pool/.document +1 -0
data/lib/bundler/vendor/connection_pool/LICENSE +20 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +174 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +3 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +56 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +175 -0
data/lib/bundler/vendor/fileutils/.document +1 -0
data/lib/bundler/vendor/fileutils/COPYING +56 -0
data/lib/bundler/vendor/fileutils/lib/fileutils.rb +1490 -432
data/lib/bundler/vendor/net-http-persistent/.document +1 -0
data/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +41 -0
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +65 -0
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +79 -0
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +362 -484
data/lib/bundler/vendor/pub_grub/.document +1 -0
data/lib/bundler/vendor/pub_grub/LICENSE.txt +21 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb +20 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +189 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/failure_writer.rb +182 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/incompatibility.rb +150 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/package.rb +43 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/partial_solution.rb +121 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/rubygems.rb +45 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/solve_failure.rb +19 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +61 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/term.rb +105 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version.rb +3 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_constraint.rb +129 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +411 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +248 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb +178 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub.rb +31 -0
data/lib/bundler/vendor/securerandom/.document +1 -0
data/lib/bundler/vendor/securerandom/COPYING +56 -0
data/lib/bundler/vendor/securerandom/lib/securerandom.rb +102 -0
data/lib/bundler/vendor/thor/.document +1 -0
data/lib/bundler/vendor/thor/LICENSE.md +20 -0
data/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +4 -3
data/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +3 -2
data/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +8 -18
data/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +27 -20
data/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +34 -13
data/lib/bundler/vendor/thor/lib/thor/actions.rb +47 -28
data/lib/bundler/vendor/thor/lib/thor/base.rb +200 -54
data/lib/bundler/vendor/thor/lib/thor/command.rb +34 -18
data/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +10 -0
data/lib/bundler/vendor/thor/lib/thor/error.rb +74 -0
data/lib/bundler/vendor/thor/lib/thor/group.rb +15 -4
data/lib/bundler/vendor/thor/lib/thor/invocation.rb +2 -1
data/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +6 -6
data/lib/bundler/vendor/thor/lib/thor/line_editor.rb +2 -2
data/lib/bundler/vendor/thor/lib/thor/nested_context.rb +29 -0
data/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +17 -1
data/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +35 -15
data/lib/bundler/vendor/thor/lib/thor/parser/option.rb +45 -13
data/lib/bundler/vendor/thor/lib/thor/parser/options.rb +86 -13
data/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -4
data/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +3 -2
data/lib/bundler/vendor/thor/lib/thor/runner.rb +51 -40
data/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +99 -148
data/lib/bundler/vendor/thor/lib/thor/shell/color.rb +6 -43
data/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
data/lib/bundler/vendor/thor/lib/thor/shell/html.rb +4 -49
data/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +118 -0
data/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
data/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
data/lib/bundler/vendor/thor/lib/thor/shell.rb +6 -6
data/lib/bundler/vendor/thor/lib/thor/util.rb +26 -9
data/lib/bundler/vendor/thor/lib/thor/version.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor.rb +182 -17
data/lib/bundler/vendor/tsort/.document +1 -0
data/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
data/lib/bundler/vendor/tsort/lib/tsort.rb +455 -0
data/lib/bundler/vendor/uri/.document +1 -0
data/lib/bundler/vendor/uri/COPYING +56 -0
data/lib/bundler/vendor/uri/lib/uri/common.rb +876 -0
data/lib/bundler/vendor/uri/lib/uri/file.rb +100 -0
data/lib/bundler/vendor/uri/lib/uri/ftp.rb +267 -0
data/lib/bundler/vendor/uri/lib/uri/generic.rb +1578 -0
data/lib/bundler/vendor/uri/lib/uri/http.rb +125 -0
data/lib/bundler/vendor/uri/lib/uri/https.rb +23 -0
data/lib/bundler/vendor/uri/lib/uri/ldap.rb +261 -0
data/lib/bundler/vendor/uri/lib/uri/ldaps.rb +22 -0
data/lib/bundler/vendor/uri/lib/uri/mailto.rb +293 -0
data/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +546 -0
data/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +206 -0
data/lib/bundler/vendor/uri/lib/uri/version.rb +6 -0
data/lib/bundler/vendor/uri/lib/uri/ws.rb +83 -0
data/lib/bundler/vendor/uri/lib/uri/wss.rb +23 -0
data/lib/bundler/vendor/uri/lib/uri.rb +104 -0
data/lib/bundler/vendored_fileutils.rb +1 -6
data/lib/bundler/vendored_net_http.rb +23 -0
data/lib/bundler/vendored_persistent.rb +1 -42
data/lib/bundler/{vendored_molinillo.rb → vendored_pub_grub.rb} +1 -1
data/lib/bundler/vendored_securerandom.rb +12 -0
data/lib/bundler/vendored_thor.rb +2 -2
data/lib/bundler/vendored_timeout.rb +12 -0
data/lib/bundler/vendored_tsort.rb +4 -0
data/lib/bundler/vendored_uri.rb +21 -0
data/lib/bundler/version.rb +5 -20
data/lib/bundler/vlad.rb +3 -3
data/lib/bundler/worker.rb +26 -15
data/lib/bundler/yaml_serializer.rb +21 -13
data/lib/bundler.rb +364 -230
metadata +186 -218
data/exe/bundle_ruby +0 -60
data/lib/bundler/cli/package.rb +0 -49
data/lib/bundler/compatibility_guard.rb +0 -14
data/lib/bundler/dep_proxy.rb +0 -48
data/lib/bundler/gem_remote_fetcher.rb +0 -43
data/lib/bundler/gemdeps.rb +0 -29
data/lib/bundler/psyched_yaml.rb +0 -37
data/lib/bundler/ssl_certs/certificate_manager.rb +0 -66
data/lib/bundler/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +0 -21
data/lib/bundler/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem +0 -23
data/lib/bundler/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem +0 -25
data/lib/bundler/templates/gems.rb +0 -8
data/lib/bundler/templates/newgem/ext/newgem/extconf.rb.tt +0 -3
data/lib/bundler/templates/newgem/test/test_helper.rb.tt +0 -4
data/lib/bundler/templates/newgem/travis.yml.tt +0 -7
data/lib/bundler/vendor/molinillo/lib/molinillo/compatibility.rb +0 -26
data/lib/bundler/vendor/molinillo/lib/molinillo/delegates/resolution_state.rb +0 -57
data/lib/bundler/vendor/molinillo/lib/molinillo/delegates/specification_provider.rb +0 -81
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/action.rb +0 -36
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +0 -66
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +0 -62
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +0 -63
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +0 -61
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/log.rb +0 -126
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/set_payload.rb +0 -46
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/tag.rb +0 -36
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb +0 -136
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +0 -223
data/lib/bundler/vendor/molinillo/lib/molinillo/errors.rb +0 -143
data/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb +0 -6
data/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +0 -101
data/lib/bundler/vendor/molinillo/lib/molinillo/modules/ui.rb +0 -67
data/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb +0 -837
data/lib/bundler/vendor/molinillo/lib/molinillo/resolver.rb +0 -46
data/lib/bundler/vendor/molinillo/lib/molinillo/state.rb +0 -58
data/lib/bundler/vendor/molinillo/lib/molinillo.rb +0 -12
data/lib/bundler/vendor/net-http-persistent/lib/net/http/faster.rb +0 -27
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/ssl_reuse.rb +0 -129
data/lib/bundler/vendor/thor/lib/thor/core_ext/io_binary_read.rb +0 -12
data/lib/bundler/vendor/thor/lib/thor/core_ext/ordered_hash.rb +0 -129
data/lib/bundler/version_ranges.rb +0 -76
data/man/bundle-add.1 +0 -58
data/man/bundle-add.1.txt +0 -52
data/man/bundle-add.ronn +0 -40
data/man/bundle-binstubs.1.txt +0 -48
data/man/bundle-check.1.txt +0 -33
data/man/bundle-clean.1.txt +0 -26
data/man/bundle-config.1.txt +0 -529
data/man/bundle-doctor.1.txt +0 -44
data/man/bundle-exec.1.txt +0 -178
data/man/bundle-gem.1 +0 -80
data/man/bundle-gem.1.txt +0 -91
data/man/bundle-gem.ronn +0 -78
data/man/bundle-info.1 +0 -20
data/man/bundle-info.1.txt +0 -21
data/man/bundle-info.ronn +0 -17
data/man/bundle-init.1.txt +0 -34
data/man/bundle-inject.1 +0 -33
data/man/bundle-inject.1.txt +0 -32
data/man/bundle-install.1.txt +0 -396
data/man/bundle-list.1.txt +0 -43
data/man/bundle-lock.1.txt +0 -93
data/man/bundle-open.1 +0 -32
data/man/bundle-open.1.txt +0 -29
data/man/bundle-outdated.1.txt +0 -131
data/man/bundle-package.1 +0 -55
data/man/bundle-package.1.txt +0 -79
data/man/bundle-package.ronn +0 -72
data/man/bundle-platform.1 +0 -61
data/man/bundle-platform.1.txt +0 -57
data/man/bundle-pristine.1.txt +0 -44
data/man/bundle-remove.1.txt +0 -34
data/man/bundle-show.1.txt +0 -27
data/man/bundle-update.1.txt +0 -391
data/man/bundle-viz.1.txt +0 -39
data/man/bundle.1.txt +0 -116
data/man/gemfile.5.txt +0 -653
/data/lib/bundler/{ssl_certs → man}/.document +0 -0

data/lib/bundler/compact_index_client/cache.rb CHANGED Viewed

@@ -1,117 +1,95 @@
 # frozen_string_literal: true
+require_relative "gem_parser"
 module Bundler
   class CompactIndexClient
     class Cache
       attr_reader :directory
-      def initialize(directory)
+      def initialize(directory, fetcher = nil)
         @directory = Pathname.new(directory).expand_path
-        info_roots.each do |dir|
-          SharedHelpers.filesystem_access(dir) do
-            FileUtils.mkdir_p(dir)
-          end
-        end
-      end
+        @updater = Updater.new(fetcher) if fetcher
+        @mutex = Thread::Mutex.new
+        @endpoints = Set.new
-      def names
-        lines(names_path)
+        @info_root = mkdir("info")
+        @special_characters_info_root = mkdir("info-special-characters")
+        @info_etag_root = mkdir("info-etags")
       end
-      def names_path
-        directory.join("names")
+      def names
+        fetch("names", names_path, names_etag_path)
       end
       def versions
-        versions_by_name = Hash.new {|hash, key| hash[key] = [] }
-        info_checksums_by_name = {}
-        lines(versions_path).each do |line|
-          name, versions_string, info_checksum = line.split(" ", 3)
-          info_checksums_by_name[name] = info_checksum || ""
-          versions_string.split(",").each do |version|
-            if version.start_with?("-")
-              version = version[1..-1].split("-", 2).unshift(name)
-              versions_by_name[name].delete(version)
-            else
-              version = version.split("-", 2).unshift(name)
-              versions_by_name[name] << version
-            end
-          end
-        end
-        [versions_by_name, info_checksums_by_name]
+        fetch("versions", versions_path, versions_etag_path)
       end
-      def versions_path
-        directory.join("versions")
-      end
-      def checksums
-        checksums = {}
+      def info(name, remote_checksum = nil)
+        path = info_path(name)
-        lines(versions_path).each do |line|
-          name, _, checksum = line.split(" ", 3)
-          checksums[name] = checksum
+        if remote_checksum && remote_checksum != SharedHelpers.checksum_for_file(path, :MD5)
+          fetch("info/#{name}", path, info_etag_path(name))
+        else
+          Bundler::CompactIndexClient.debug { "update skipped info/#{name} (#{remote_checksum ? "versions index checksum is nil" : "versions index checksum matches local"})" }
+          read(path)
         end
-        checksums
       end
-      def dependencies(name)
-        lines(info_path(name)).map do |line|
-          parse_gem(line)
-        end
+      def reset!
+        @mutex.synchronize { @endpoints.clear }
       end
+      private
+      def names_path = directory.join("names")
+      def names_etag_path = directory.join("names.etag")
+      def versions_path = directory.join("versions")
+      def versions_etag_path = directory.join("versions.etag")
       def info_path(name)
         name = name.to_s
-        if name =~ /[^a-z0-9_-]/
+        # TODO: converge this into the info_root by hashing all filenames like info_etag_path
+        if /[^a-z0-9_-]/.match?(name)
           name += "-#{SharedHelpers.digest(:MD5).hexdigest(name).downcase}"
-          info_roots.last.join(name)
+          @special_characters_info_root.join(name)
         else
-          info_roots.first.join(name)
+          @info_root.join(name)
         end
       end
-      def specific_dependency(name, version, platform)
-        pattern = [version, platform].compact.join("-")
-        return nil if pattern.empty?
-        gem_lines = info_path(name).read
-        gem_line = gem_lines[/^#{Regexp.escape(pattern)}\b.*/, 0]
-        gem_line ? parse_gem(gem_line) : nil
+      def info_etag_path(name)
+        name = name.to_s
+        @info_etag_root.join("#{name}-#{SharedHelpers.digest(:MD5).hexdigest(name).downcase}")
       end
-    private
-      def lines(path)
-        return [] unless path.file?
-        lines = SharedHelpers.filesystem_access(path, :read, &:read).split("\n")
-        header = lines.index("---")
-        header ? lines[header + 1..-1] : lines
+      def mkdir(name)
+        directory.join(name).tap do |dir|
+          SharedHelpers.filesystem_access(dir) do
+            FileUtils.mkdir_p(dir)
+          end
+        end
       end
-      def parse_gem(string)
-        version_and_platform, rest = string.split(" ", 2)
-        version, platform = version_and_platform.split("-", 2)
-        dependencies, requirements = rest.split("|", 2).map {|s| s.split(",") } if rest
-        dependencies = dependencies ? dependencies.map {|d| parse_dependency(d) } : []
-        requirements = requirements ? requirements.map {|r| parse_dependency(r) } : []
-        [version, platform, dependencies, requirements]
+      def fetch(remote_path, path, etag_path)
+        if already_fetched?(remote_path)
+          Bundler::CompactIndexClient.debug { "already fetched #{remote_path}" }
+        else
+          Bundler::CompactIndexClient.debug { "fetching #{remote_path}" }
+          @updater&.update(remote_path, path, etag_path)
+        end
+        read(path)
       end
-      def parse_dependency(string)
-        dependency = string.split(":")
-        dependency[-1] = dependency[-1].split("&") if dependency.size > 1
-        dependency
+      def already_fetched?(remote_path)
+        @mutex.synchronize { !@endpoints.add?(remote_path) }
       end
-      def info_roots
-        [
-          directory.join("info"),
-          directory.join("info-special-characters"),
-        ]
+      def read(path)
+        return unless path.file?
+        SharedHelpers.filesystem_access(path, :read, &:read)
       end
     end
   end

data/lib/bundler/compact_index_client/cache_file.rb ADDED Viewed

@@ -0,0 +1,148 @@
+# frozen_string_literal: true
+require_relative "../vendored_fileutils"
+require "rubygems/package"
+module Bundler
+  class CompactIndexClient
+    # write cache files in a way that is robust to concurrent modifications
+    # if digests are given, the checksums will be verified
+    class CacheFile
+      DEFAULT_FILE_MODE = 0o644
+      private_constant :DEFAULT_FILE_MODE
+      class Error < RuntimeError; end
+      class ClosedError < Error; end
+      class DigestMismatchError < Error
+        def initialize(digests, expected_digests)
+          super "Calculated checksums #{digests.inspect} did not match expected #{expected_digests.inspect}."
+        end
+      end
+      # Initialize with a copy of the original file, then yield the instance.
+      def self.copy(path, &block)
+        new(path) do |file|
+          file.initialize_digests
+          SharedHelpers.filesystem_access(path, :read) do
+            path.open("rb") do |s|
+              file.open {|f| IO.copy_stream(s, f) }
+            end
+          end
+          yield file
+        end
+      end
+      # Write data to a temp file, then replace the original file with it verifying the digests if given.
+      def self.write(path, data, digests = nil)
+        return unless data
+        new(path) do |file|
+          file.digests = digests
+          file.write(data)
+        end
+      end
+      attr_reader :original_path, :path
+      def initialize(original_path, &block)
+        @original_path = original_path
+        @perm = original_path.file? ? original_path.stat.mode : DEFAULT_FILE_MODE
+        @path = original_path.sub(/$/, ".#{$$}.tmp")
+        return unless block_given?
+        begin
+          yield self
+        ensure
+          close
+        end
+      end
+      def size
+        path.size
+      end
+      # initialize the digests using CompactIndexClient::SUPPORTED_DIGESTS, or a subset based on keys.
+      def initialize_digests(keys = nil)
+        @digests = keys ? SUPPORTED_DIGESTS.slice(*keys) : SUPPORTED_DIGESTS.dup
+        @digests.transform_values! {|algo_class| SharedHelpers.digest(algo_class).new }
+      end
+      # reset the digests so they don't contain any previously read data
+      def reset_digests
+        @digests&.each_value(&:reset)
+      end
+      # set the digests that will be verified at the end
+      def digests=(expected_digests)
+        @expected_digests = expected_digests
+        if @expected_digests.nil?
+          @digests = nil
+        elsif @digests
+          @digests = @digests.slice(*@expected_digests.keys)
+        else
+          initialize_digests(@expected_digests.keys)
+        end
+      end
+      def digests?
+        @digests&.any?
+      end
+      # Open the temp file for writing, reusing original permissions, yielding the IO object.
+      def open(write_mode = "wb", perm = @perm, &block)
+        raise ClosedError, "Cannot reopen closed file" if @closed
+        SharedHelpers.filesystem_access(path, :write) do
+          path.open(write_mode, perm) do |f|
+            yield digests? ? Gem::Package::DigestIO.new(f, @digests) : f
+          end
+        end
+      end
+      # Returns false without appending when no digests since appending is too error prone to do without digests.
+      def append(data)
+        return false unless digests?
+        open("a") {|f| f.write data }
+        verify && commit
+      end
+      def write(data)
+        reset_digests
+        open {|f| f.write data }
+        commit!
+      end
+      def commit!
+        verify || raise(DigestMismatchError.new(@base64digests, @expected_digests))
+        commit
+      end
+      # Verify the digests, returning true on match, false on mismatch.
+      def verify
+        return true unless @expected_digests && digests?
+        @base64digests = @digests.transform_values!(&:base64digest)
+        @digests = nil
+        @base64digests.all? {|algo, digest| @expected_digests[algo] == digest }
+      end
+      # Replace the original file with the temp file without verifying digests.
+      # The file is permanently closed.
+      def commit
+        raise ClosedError, "Cannot commit closed file" if @closed
+        SharedHelpers.filesystem_access(original_path, :write) do
+          FileUtils.mv(path, original_path)
+        end
+        @closed = true
+      end
+      # Remove the temp file without replacing the original file.
+      # The file is permanently closed.
+      def close
+        return if @closed
+        FileUtils.remove_file(path) if @path&.file?
+        @closed = true
+      end
+    end
+  end
+end

data/lib/bundler/compact_index_client/gem_parser.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+module Bundler
+  class CompactIndexClient
+    if defined?(Gem::Resolver::APISet::GemParser)
+      GemParser = Gem::Resolver::APISet::GemParser
+    else
+      class GemParser
+        EMPTY_ARRAY = [].freeze
+        private_constant :EMPTY_ARRAY
+        def parse(line)
+          version_and_platform, rest = line.split(" ", 2)
+          version, platform = version_and_platform.split("-", 2)
+          dependencies, requirements = rest.split("|", 2).map! {|s| s.split(",") } if rest
+          dependencies = dependencies ? dependencies.map! {|d| parse_dependency(d) } : EMPTY_ARRAY
+          requirements = requirements ? requirements.map! {|d| parse_dependency(d) } : EMPTY_ARRAY
+          [version, platform, dependencies, requirements]
+        end
+        private
+        def parse_dependency(string)
+          dependency = string.split(":")
+          dependency[-1] = dependency[-1].split("&") if dependency.size > 1
+          dependency[0] = -dependency[0]
+          dependency
+        end
+      end
+    end
+  end
+end

data/lib/bundler/compact_index_client/parser.rb ADDED Viewed

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+module Bundler
+  class CompactIndexClient
+    class Parser
+      # `compact_index` - an object responding to #names, #versions, #info(name, checksum),
+      #                   returning the file contents as a string
+      def initialize(compact_index)
+        @compact_index = compact_index
+        @info_checksums = nil
+        @versions_by_name = nil
+        @available = nil
+        @gem_parser = nil
+      end
+      def names
+        lines(@compact_index.names)
+      end
+      def versions
+        @versions_by_name ||= Hash.new {|hash, key| hash[key] = [] }
+        @info_checksums = {}
+        lines(@compact_index.versions).each do |line|
+          name, versions_string, checksum = line.split(" ", 3)
+          @info_checksums[name] = checksum || ""
+          versions_string.split(",") do |version|
+            delete = version.delete_prefix!("-")
+            version = version.split("-", 2).unshift(name)
+            if delete
+              @versions_by_name[name].delete(version)
+            else
+              @versions_by_name[name] << version
+            end
+          end
+        end
+        @versions_by_name
+      end
+      def info(name)
+        data = @compact_index.info(name, info_checksums[name])
+        lines(data).map {|line| gem_parser.parse(line).unshift(name) }
+      end
+      def available?
+        return @available unless @available.nil?
+        @available = !info_checksums.empty?
+      end
+      private
+      def info_checksums
+        @info_checksums ||= lines(@compact_index.versions).each_with_object({}) do |line, checksums|
+          parse_version_checksum(line, checksums)
+        end
+      end
+      def lines(data)
+        return [] if data.nil? || data.empty?
+        lines = data.split("\n")
+        header = lines.index("---")
+        header ? lines[header + 1..-1] : lines
+      end
+      def gem_parser
+        @gem_parser ||= GemParser.new
+      end
+      # This is mostly the same as `split(" ", 3)` but it avoids allocating extra objects.
+      # This method gets called at least once for every gem when parsing versions.
+      def parse_version_checksum(line, checksums)
+        return unless (name_end = line.index(" ")) # Artifactory bug causes blank lines in artifactor index files
+        return unless (checksum_start = line.index(" ", name_end + 1) + 1)
+        checksum_end = line.size - checksum_start
+        line.freeze # allows slicing into the string to not allocate a copy of the line
+        name = line[0, name_end]
+        checksum = line[checksum_start, checksum_end]
+        checksums[name.freeze] = checksum # freeze name since it is used as a hash key
+      end
+    end
+  end
+end

data/lib/bundler/compact_index_client/updater.rb CHANGED Viewed

@@ -1,115 +1,103 @@
 # frozen_string_literal: true
-require "bundler/vendored_fileutils"
-require "stringio"
-require "zlib"
 module Bundler
   class CompactIndexClient
     class Updater
-      class MisMatchedChecksumError < Error
-        def initialize(path, server_checksum, local_checksum)
-          @path = path
-          @server_checksum = server_checksum
-          @local_checksum = local_checksum
-        end
-        def message
-          "The checksum of /#{@path} does not match the checksum provided by the server! Something is wrong " \
-            "(local checksum is #{@local_checksum.inspect}, was expecting #{@server_checksum.inspect})."
+      class MismatchedChecksumError < Error
+        def initialize(path, message)
+          super "The checksum of /#{path} does not match the checksum provided by the server! Something is wrong. #{message}"
         end
       end
       def initialize(fetcher)
         @fetcher = fetcher
-        require "tmpdir"
       end
-      def update(local_path, remote_path, retrying = nil)
-        headers = {}
+      def update(remote_path, local_path, etag_path)
+        append(remote_path, local_path, etag_path) || replace(remote_path, local_path, etag_path)
+      rescue CacheFile::DigestMismatchError => e
+        raise MismatchedChecksumError.new(remote_path, e.message)
+      rescue Zlib::GzipFile::Error
+        raise Bundler::HTTPError
+      end
-        Dir.mktmpdir("bundler-compact-index-") do |local_temp_dir|
-          local_temp_path = Pathname.new(local_temp_dir).join(local_path.basename)
+      private
-          # first try to fetch any new bytes on the existing file
-          if retrying.nil? && local_path.file?
-            SharedHelpers.filesystem_access(local_temp_path) do
-              FileUtils.cp local_path, local_temp_path
-            end
-            headers["If-None-Match"] = etag_for(local_temp_path)
-            headers["Range"] =
-              if local_temp_path.size.nonzero?
-                # Subtract a byte to ensure the range won't be empty.
-                # Avoids 416 (Range Not Satisfiable) responses.
-                "bytes=#{local_temp_path.size - 1}-"
-              else
-                "bytes=#{local_temp_path.size}-"
-              end
-          else
-            # Fastly ignores Range when Accept-Encoding: gzip is set
-            headers["Accept-Encoding"] = "gzip"
-          end
+      def append(remote_path, local_path, etag_path)
+        return false unless local_path.file? && local_path.size.nonzero?
-          response = @fetcher.call(remote_path, headers)
-          return nil if response.is_a?(Net::HTTPNotModified)
+        CacheFile.copy(local_path) do |file|
+          etag = etag_path.read.tap(&:chomp!) if etag_path.file?
-          content = response.body
-          if response["Content-Encoding"] == "gzip"
-            content = Zlib::GzipReader.new(StringIO.new(content)).read
-          end
+          # Subtract a byte to ensure the range won't be empty.
+          # Avoids 416 (Range Not Satisfiable) responses.
+          response = @fetcher.call(remote_path, request_headers(etag, file.size - 1))
+          break true if response.is_a?(Gem::Net::HTTPNotModified)
-          SharedHelpers.filesystem_access(local_temp_path) do
-            if response.is_a?(Net::HTTPPartialContent) && local_temp_path.size.nonzero?
-              local_temp_path.open("a") {|f| f << slice_body(content, 1..-1) }
-            else
-              local_temp_path.open("w") {|f| f << content }
-            end
+          file.digests = parse_digests(response)
+          # server may ignore Range and return the full response
+          if response.is_a?(Gem::Net::HTTPPartialContent)
+            break false unless file.append(response.body.byteslice(1..-1))
+          else
+            file.write(response.body)
           end
+          CacheFile.write(etag_path, etag_from_response(response))
+          true
+        end
+      end
-          response_etag = (response["ETag"] || "").gsub(%r{\AW/}, "")
-          if etag_for(local_temp_path) == response_etag
-            SharedHelpers.filesystem_access(local_path) do
-              FileUtils.mv(local_temp_path, local_path)
-            end
-            return nil
-          end
+      # request without range header to get the full file or a 304 Not Modified
+      def replace(remote_path, local_path, etag_path)
+        etag = etag_path.read.tap(&:chomp!) if etag_path.file?
+        response = @fetcher.call(remote_path, request_headers(etag))
+        return true if response.is_a?(Gem::Net::HTTPNotModified)
+        CacheFile.write(local_path, response.body, parse_digests(response))
+        CacheFile.write(etag_path, etag_from_response(response))
+      end
-          if retrying
-            raise MisMatchedChecksumError.new(remote_path, response_etag, etag_for(local_temp_path))
-          end
+      def request_headers(etag, range_start = nil)
+        headers = {}
+        headers["Range"] = "bytes=#{range_start}-" if range_start
+        headers["If-None-Match"] = %("#{etag}") if etag
+        headers
+      end
-          update(local_path, remote_path, :retrying)
-        end
-      rescue Errno::EACCES
-        raise Bundler::PermissionError,
-          "Bundler does not have write access to create a temp directory " \
-          "within #{Dir.tmpdir}. Bundler must have write access to your " \
-          "systems temp directory to function properly. "
-      rescue Zlib::GzipFile::Error
-        raise Bundler::HTTPError
+      def etag_for_request(etag_path)
+        etag_path.read.tap(&:chomp!) if etag_path.file?
       end
-      def etag_for(path)
-        sum = checksum_for_file(path)
-        sum ? %("#{sum}") : nil
+      def etag_from_response(response)
+        return unless response["ETag"]
+        etag = response["ETag"].delete_prefix("W/")
+        return if etag.delete_prefix!('"') && !etag.delete_suffix!('"')
+        etag
       end
-      def slice_body(body, range)
-        if body.respond_to?(:byteslice)
-          body.byteslice(range)
-        else # pre-1.9.3
-          body.unpack("@#{range.first}a#{range.end + 1}").first
+      # Unwraps and returns a Hash of digest algorithms and base64 values
+      # according to RFC 8941 Structured Field Values for HTTP.
+      # https://www.rfc-editor.org/rfc/rfc8941#name-parsing-a-byte-sequence
+      # Ignores unsupported algorithms.
+      def parse_digests(response)
+        return unless header = response["Repr-Digest"] || response["Digest"]
+        digests = {}
+        header.split(",") do |param|
+          algorithm, value = param.split("=", 2)
+          algorithm.strip!
+          algorithm.downcase!
+          next unless SUPPORTED_DIGESTS.key?(algorithm)
+          next unless value = byte_sequence(value)
+          digests[algorithm] = value
         end
+        digests.empty? ? nil : digests
       end
-      def checksum_for_file(path)
-        return nil unless path.file?
-        # This must use IO.read instead of Digest.file().hexdigest
-        # because we need to preserve \n line endings on windows when calculating
-        # the checksum
-        SharedHelpers.filesystem_access(path, :read) do
-          SharedHelpers.digest(:MD5).hexdigest(IO.read(path))
-        end
+      # Unwrap surrounding colons (byte sequence)
+      # The wrapping characters must be matched or we return nil.
+      # Also handles quotes because right now rubygems.org sends them.
+      def byte_sequence(value)
+        return if value.delete_prefix!(":") && !value.delete_suffix!(":")
+        return if value.delete_prefix!('"') && !value.delete_suffix!('"')
+        value
       end
     end
   end