RubyGems - rubygems-update - Versions diffs - 2.4.4 → 2.7.4 - Mend

rubygems-update 2.4.4 → 2.7.4

Potentially problematic release.

This version of rubygems-update might be problematic. Click here for more details.

Files changed (627) hide show

checksums.yaml +5 -5
data/.travis.yml +58 -0
data/CODE_OF_CONDUCT.md +43 -0
data/CONTRIBUTING.rdoc +130 -0
data/CVE-2015-3900.txt +40 -0
data/History.txt +814 -11
data/MAINTAINERS.txt +12 -0
data/Manifest.txt +299 -11
data/POLICIES.rdoc +74 -0
data/README.md +72 -0
data/Rakefile +102 -18
data/appveyor.yml +61 -24
data/bin/gem +1 -1
data/bin/update_rubygems +2 -2
data/bundler/CHANGELOG.md +2847 -0
data/bundler/CODE_OF_CONDUCT.md +42 -0
data/bundler/CONTRIBUTING.md +17 -0
data/bundler/LICENSE.md +23 -0
data/bundler/README.md +59 -0
data/bundler/bundler.gemspec +55 -0
data/bundler/exe/bundle +31 -0
data/bundler/exe/bundle_ruby +60 -0
data/bundler/exe/bundler +4 -0
data/bundler/lib/bundler/build_metadata.rb +36 -0
data/bundler/lib/bundler/capistrano.rb +22 -0
data/bundler/lib/bundler/cli/add.rb +25 -0
data/bundler/lib/bundler/cli/binstubs.rb +43 -0
data/bundler/lib/bundler/cli/cache.rb +36 -0
data/bundler/lib/bundler/cli/check.rb +38 -0
data/bundler/lib/bundler/cli/clean.rb +25 -0
data/bundler/lib/bundler/cli/common.rb +102 -0
data/bundler/lib/bundler/cli/config.rb +119 -0
data/bundler/lib/bundler/cli/console.rb +43 -0
data/bundler/lib/bundler/cli/doctor.rb +94 -0
data/bundler/lib/bundler/cli/exec.rb +105 -0
data/bundler/lib/bundler/cli/gem.rb +249 -0
data/bundler/lib/bundler/cli/info.rb +50 -0
data/bundler/lib/bundler/cli/init.rb +46 -0
data/bundler/lib/bundler/cli/inject.rb +60 -0
data/bundler/lib/bundler/cli/install.rb +214 -0
data/bundler/lib/bundler/cli/issue.rb +40 -0
data/bundler/lib/bundler/cli/list.rb +22 -0
data/bundler/lib/bundler/cli/lock.rb +63 -0
data/bundler/lib/bundler/cli/open.rb +26 -0
data/bundler/lib/bundler/cli/outdated.rb +260 -0
data/bundler/lib/bundler/cli/package.rb +49 -0
data/bundler/lib/bundler/cli/platform.rb +46 -0
data/bundler/lib/bundler/cli/plugin.rb +24 -0
data/bundler/lib/bundler/cli/pristine.rb +43 -0
data/bundler/lib/bundler/cli/show.rb +75 -0
data/bundler/lib/bundler/cli/update.rb +89 -0
data/bundler/lib/bundler/cli/viz.rb +31 -0
data/bundler/lib/bundler/cli.rb +746 -0
data/bundler/lib/bundler/compact_index_client/cache.rb +118 -0
data/bundler/lib/bundler/compact_index_client/updater.rb +107 -0
data/bundler/lib/bundler/compact_index_client.rb +109 -0
data/bundler/lib/bundler/compatibility_guard.rb +14 -0
data/bundler/lib/bundler/constants.rb +7 -0
data/bundler/lib/bundler/current_ruby.rb +86 -0
data/bundler/lib/bundler/definition.rb +984 -0
data/bundler/lib/bundler/dep_proxy.rb +48 -0
data/bundler/lib/bundler/dependency.rb +138 -0
data/bundler/lib/bundler/deployment.rb +69 -0
data/bundler/lib/bundler/deprecate.rb +43 -0
data/bundler/lib/bundler/dsl.rb +599 -0
data/bundler/lib/bundler/endpoint_specification.rb +141 -0
data/bundler/lib/bundler/env.rb +153 -0
data/bundler/lib/bundler/environment_preserver.rb +59 -0
data/bundler/lib/bundler/errors.rb +158 -0
data/bundler/lib/bundler/feature_flag.rb +67 -0
data/bundler/lib/bundler/fetcher/base.rb +52 -0
data/bundler/lib/bundler/fetcher/compact_index.rb +126 -0
data/bundler/lib/bundler/fetcher/dependency.rb +82 -0
data/bundler/lib/bundler/fetcher/downloader.rb +79 -0
data/bundler/lib/bundler/fetcher/index.rb +52 -0
data/bundler/lib/bundler/fetcher.rb +312 -0
data/bundler/lib/bundler/friendly_errors.rb +129 -0
data/bundler/lib/bundler/gem_helper.rb +202 -0
data/bundler/lib/bundler/gem_helpers.rb +101 -0
data/bundler/lib/bundler/gem_remote_fetcher.rb +43 -0
data/bundler/lib/bundler/gem_tasks.rb +7 -0
data/bundler/lib/bundler/gem_version_promoter.rb +176 -0
data/bundler/lib/bundler/gemdeps.rb +29 -0
data/bundler/lib/bundler/graph.rb +152 -0
data/bundler/lib/bundler/index.rb +213 -0
data/bundler/lib/bundler/injector.rb +94 -0
data/bundler/lib/bundler/inline.rb +74 -0
data/bundler/lib/bundler/installer/gem_installer.rb +78 -0
data/bundler/lib/bundler/installer/parallel_installer.rb +228 -0
data/bundler/lib/bundler/installer/standalone.rb +53 -0
data/bundler/lib/bundler/installer.rb +287 -0
data/bundler/lib/bundler/lazy_specification.rb +123 -0
data/bundler/lib/bundler/lockfile_generator.rb +95 -0
data/bundler/lib/bundler/lockfile_parser.rb +256 -0
data/bundler/lib/bundler/match_platform.rb +24 -0
data/bundler/lib/bundler/mirror.rb +223 -0
data/bundler/lib/bundler/plugin/api/source.rb +306 -0
data/bundler/lib/bundler/plugin/api.rb +81 -0
data/bundler/lib/bundler/plugin/dsl.rb +53 -0
data/bundler/lib/bundler/plugin/index.rb +157 -0
data/bundler/lib/bundler/plugin/installer/git.rb +38 -0
data/bundler/lib/bundler/plugin/installer/rubygems.rb +27 -0
data/bundler/lib/bundler/plugin/installer.rb +96 -0
data/bundler/lib/bundler/plugin/source_list.rb +27 -0
data/bundler/lib/bundler/plugin.rb +285 -0
data/bundler/lib/bundler/process_lock.rb +24 -0
data/bundler/lib/bundler/psyched_yaml.rb +37 -0
data/bundler/lib/bundler/remote_specification.rb +114 -0
data/bundler/lib/bundler/resolver/spec_group.rb +111 -0
data/bundler/lib/bundler/resolver.rb +369 -0
data/bundler/lib/bundler/retry.rb +66 -0
data/bundler/lib/bundler/ruby_dsl.rb +18 -0
data/bundler/lib/bundler/ruby_version.rb +152 -0
data/bundler/lib/bundler/rubygems_ext.rb +210 -0
data/bundler/lib/bundler/rubygems_gem_installer.rb +99 -0
data/bundler/lib/bundler/rubygems_integration.rb +892 -0
data/bundler/lib/bundler/runtime.rb +316 -0
data/bundler/lib/bundler/settings/validator.rb +79 -0
data/bundler/lib/bundler/settings.rb +442 -0
data/bundler/lib/bundler/setup.rb +28 -0
data/bundler/lib/bundler/shared_helpers.rb +356 -0
data/bundler/lib/bundler/similarity_detector.rb +63 -0
data/bundler/lib/bundler/source/gemspec.rb +18 -0
data/bundler/lib/bundler/source/git/git_proxy.rb +257 -0
data/bundler/lib/bundler/source/git.rb +328 -0
data/bundler/lib/bundler/source/metadata.rb +63 -0
data/bundler/lib/bundler/source/path/installer.rb +74 -0
data/bundler/lib/bundler/source/path.rb +249 -0
data/bundler/lib/bundler/source/rubygems/remote.rb +66 -0
data/bundler/lib/bundler/source/rubygems.rb +532 -0
data/bundler/lib/bundler/source.rb +94 -0
data/bundler/lib/bundler/source_list.rb +186 -0
data/bundler/lib/bundler/spec_set.rb +189 -0
data/bundler/lib/bundler/ssl_certs/.document +1 -0
data/bundler/lib/bundler/ssl_certs/certificate_manager.rb +66 -0
data/bundler/lib/bundler/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +21 -0
data/{lib/rubygems/ssl_certs → bundler/lib/bundler/ssl_certs/rubygems.global.ssl.fastly.net}/DigiCertHighAssuranceEVRootCA.pem +0 -0
data/{lib/rubygems/ssl_certs/AddTrustExternalCARoot-2048.pem → bundler/lib/bundler/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem} +0 -0
data/bundler/lib/bundler/stub_specification.rb +108 -0
data/bundler/lib/bundler/templates/Executable +21 -0
data/bundler/lib/bundler/templates/Executable.bundler +105 -0
data/bundler/lib/bundler/templates/Executable.standalone +14 -0
data/bundler/lib/bundler/templates/Gemfile +7 -0
data/bundler/lib/bundler/templates/gems.rb +8 -0
data/bundler/lib/bundler/templates/newgem/.travis.yml.tt +5 -0
data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +74 -0
data/bundler/lib/bundler/templates/newgem/Gemfile.tt +6 -0
data/bundler/lib/bundler/templates/newgem/LICENSE.txt.tt +21 -0
data/bundler/lib/bundler/templates/newgem/README.md.tt +47 -0
data/bundler/lib/bundler/templates/newgem/Rakefile.tt +29 -0
data/bundler/lib/bundler/templates/newgem/bin/console.tt +14 -0
data/bundler/lib/bundler/templates/newgem/bin/setup.tt +8 -0
data/bundler/lib/bundler/templates/newgem/exe/newgem.tt +3 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf.rb.tt +3 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +9 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.h.tt +6 -0
data/bundler/lib/bundler/templates/newgem/gitignore.tt +20 -0
data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +7 -0
data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +12 -0
data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +49 -0
data/bundler/lib/bundler/templates/newgem/rspec.tt +3 -0
data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +9 -0
data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +14 -0
data/bundler/lib/bundler/templates/newgem/test/newgem_test.rb.tt +11 -0
data/bundler/lib/bundler/templates/newgem/test/test_helper.rb.tt +4 -0
data/bundler/lib/bundler/ui/rg_proxy.rb +19 -0
data/bundler/lib/bundler/ui/shell.rb +144 -0
data/bundler/lib/bundler/ui/silent.rb +69 -0
data/bundler/lib/bundler/ui.rb +9 -0
data/bundler/lib/bundler/uri_credentials_filter.rb +37 -0
data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +1638 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/compatibility.rb +26 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/delegates/specification_provider.rb +81 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/action.rb +36 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +66 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +62 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +63 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +61 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/log.rb +126 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/set_payload.rb +46 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/tag.rb +36 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb +126 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +223 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/errors.rb +138 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb +6 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +101 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/modules/ui.rb +67 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb +837 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/resolver.rb +46 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/state.rb +58 -0
data/bundler/lib/bundler/vendor/molinillo/lib/molinillo.rb +12 -0
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/faster.rb +27 -0
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/ssl_reuse.rb +129 -0
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1233 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +104 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +60 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +118 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +143 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +364 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +109 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +321 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +679 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +135 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +97 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/io_binary_read.rb +12 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/ordered_hash.rb +129 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +32 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +281 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +177 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +37 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor.rb +17 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +70 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +175 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +146 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +221 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +71 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +324 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +437 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +149 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +126 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +81 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +268 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +3 -0
data/bundler/lib/bundler/vendor/thor/lib/thor.rb +509 -0
data/bundler/lib/bundler/vendored_fileutils.rb +9 -0
data/bundler/lib/bundler/vendored_molinillo.rb +4 -0
data/bundler/lib/bundler/vendored_persistent.rb +52 -0
data/bundler/lib/bundler/vendored_thor.rb +8 -0
data/bundler/lib/bundler/version.rb +28 -0
data/bundler/lib/bundler/version_ranges.rb +76 -0
data/bundler/lib/bundler/vlad.rb +17 -0
data/bundler/lib/bundler/worker.rb +106 -0
data/bundler/lib/bundler/yaml_serializer.rb +90 -0
data/bundler/lib/bundler.rb +545 -0
data/bundler/man/bundle-add.ronn +29 -0
data/bundler/man/bundle-binstubs.ronn +43 -0
data/bundler/man/bundle-check.ronn +26 -0
data/bundler/man/bundle-clean.ronn +18 -0
data/bundler/man/bundle-config.ronn +372 -0
data/bundler/man/bundle-exec.ronn +152 -0
data/bundler/man/bundle-gem.ronn +78 -0
data/bundler/man/bundle-info.ronn +17 -0
data/bundler/man/bundle-init.ronn +18 -0
data/bundler/man/bundle-inject.ronn +22 -0
data/bundler/man/bundle-install.ronn +369 -0
data/bundler/man/bundle-list.ronn +15 -0
data/bundler/man/bundle-lock.ronn +94 -0
data/bundler/man/bundle-open.ronn +19 -0
data/bundler/man/bundle-outdated.ronn +107 -0
data/bundler/man/bundle-package.ronn +72 -0
data/bundler/man/bundle-platform.ronn +42 -0
data/bundler/man/bundle-pristine.ronn +34 -0
data/bundler/man/bundle-show.ronn +20 -0
data/bundler/man/bundle-update.ronn +346 -0
data/bundler/man/bundle-viz.ronn +30 -0
data/bundler/man/bundle.ronn +108 -0
data/bundler/man/gemfile.5.ronn +506 -0
data/lib/rubygems/available_set.rb +1 -0
data/lib/rubygems/basic_specification.rb +115 -43
data/lib/rubygems/bundler_version_finder.rb +112 -0
data/lib/rubygems/command.rb +23 -3
data/lib/rubygems/command_manager.rb +4 -1
data/lib/rubygems/commands/build_command.rb +5 -0
data/lib/rubygems/commands/cert_command.rb +32 -6
data/lib/rubygems/commands/check_command.rb +1 -0
data/lib/rubygems/commands/cleanup_command.rb +19 -6
data/lib/rubygems/commands/contents_command.rb +1 -1
data/lib/rubygems/commands/dependency_command.rb +28 -17
data/lib/rubygems/commands/environment_command.rb +5 -3
data/lib/rubygems/commands/fetch_command.rb +1 -0
data/lib/rubygems/commands/generate_index_command.rb +1 -0
data/lib/rubygems/commands/help_command.rb +4 -13
data/lib/rubygems/commands/install_command.rb +3 -47
data/lib/rubygems/commands/list_command.rb +3 -2
data/lib/rubygems/commands/lock_command.rb +1 -0
data/lib/rubygems/commands/mirror_command.rb +1 -0
data/lib/rubygems/commands/open_command.rb +9 -2
data/lib/rubygems/commands/outdated_command.rb +1 -0
data/lib/rubygems/commands/owner_command.rb +5 -3
data/lib/rubygems/commands/pristine_command.rb +39 -11
data/lib/rubygems/commands/push_command.rb +10 -4
data/lib/rubygems/commands/query_command.rb +32 -16
data/lib/rubygems/commands/rdoc_command.rb +1 -0
data/lib/rubygems/commands/search_command.rb +1 -0
data/lib/rubygems/commands/server_command.rb +1 -0
data/lib/rubygems/commands/setup_command.rb +170 -70
data/lib/rubygems/commands/signin_command.rb +33 -0
data/lib/rubygems/commands/signout_command.rb +33 -0
data/lib/rubygems/commands/sources_command.rb +3 -2
data/lib/rubygems/commands/specification_command.rb +1 -0
data/lib/rubygems/commands/stale_command.rb +1 -0
data/lib/rubygems/commands/uninstall_command.rb +6 -4
data/lib/rubygems/commands/unpack_command.rb +17 -4
data/lib/rubygems/commands/update_command.rb +5 -5
data/lib/rubygems/commands/which_command.rb +2 -1
data/lib/rubygems/commands/yank_command.rb +14 -25
data/lib/rubygems/compatibility.rb +2 -2
data/lib/rubygems/config_file.rb +40 -36
data/lib/rubygems/core_ext/kernel_gem.rb +9 -1
data/lib/rubygems/core_ext/kernel_require.rb +19 -16
data/lib/rubygems/defaults.rb +19 -0
data/lib/rubygems/dependency.rb +22 -21
data/lib/rubygems/dependency_installer.rb +16 -1
data/lib/rubygems/dependency_list.rb +6 -6
data/lib/rubygems/deprecate.rb +1 -0
data/lib/rubygems/doctor.rb +1 -0
data/lib/rubygems/errors.rb +48 -0
data/lib/rubygems/exceptions.rb +8 -2
data/lib/rubygems/ext/build_error.rb +1 -0
data/lib/rubygems/ext/builder.rb +4 -1
data/lib/rubygems/ext/cmake_builder.rb +1 -0
data/lib/rubygems/ext/configure_builder.rb +1 -0
data/lib/rubygems/ext/ext_conf_builder.rb +26 -10
data/lib/rubygems/ext/rake_builder.rb +3 -2
data/lib/rubygems/ext.rb +1 -0
data/lib/rubygems/gem_runner.rb +6 -1
data/lib/rubygems/gemcutter_utilities.rb +18 -4
data/lib/rubygems/indexer.rb +28 -92
data/lib/rubygems/install_default_message.rb +1 -0
data/lib/rubygems/install_message.rb +1 -0
data/lib/rubygems/install_update_options.rb +58 -28
data/lib/rubygems/installer.rb +114 -52
data/lib/rubygems/installer_test_case.rb +11 -5
data/lib/rubygems/local_remote_options.rb +2 -1
data/lib/rubygems/mock_gem_ui.rb +1 -0
data/lib/rubygems/name_tuple.rb +2 -1
data/lib/rubygems/package/digest_io.rb +1 -0
data/lib/rubygems/package/file_source.rb +1 -0
data/lib/rubygems/package/io_source.rb +1 -0
data/lib/rubygems/package/old.rb +10 -10
data/lib/rubygems/package/source.rb +1 -0
data/lib/rubygems/package/tar_header.rb +1 -1
data/lib/rubygems/package/tar_reader/entry.rb +8 -1
data/lib/rubygems/package/tar_reader.rb +1 -1
data/lib/rubygems/package/tar_test_case.rb +13 -3
data/lib/rubygems/package/tar_writer.rb +37 -18
data/lib/rubygems/package.rb +25 -9
data/lib/rubygems/package_task.rb +1 -0
data/lib/rubygems/path_support.rb +25 -32
data/lib/rubygems/platform.rb +5 -3
data/lib/rubygems/psych_additions.rb +2 -1
data/lib/rubygems/psych_tree.rb +1 -0
data/lib/rubygems/rdoc.rb +2 -2
data/lib/rubygems/remote_fetcher.rb +37 -12
data/lib/rubygems/request/connection_pools.rb +14 -5
data/lib/rubygems/request/http_pool.rb +10 -0
data/lib/rubygems/request/https_pool.rb +1 -0
data/lib/rubygems/request.rb +55 -5
data/lib/rubygems/request_set/gem_dependency_api.rb +63 -15
data/lib/rubygems/request_set/lockfile/parser.rb +354 -0
data/lib/rubygems/request_set/lockfile/tokenizer.rb +112 -0
data/lib/rubygems/request_set/lockfile.rb +58 -457
data/lib/rubygems/request_set.rb +43 -18
data/lib/rubygems/requirement.rb +21 -5
data/lib/rubygems/resolver/activation_request.rb +20 -6
data/lib/rubygems/resolver/api_set.rb +2 -1
data/lib/rubygems/resolver/api_specification.rb +2 -1
data/lib/rubygems/resolver/best_set.rb +1 -0
data/lib/rubygems/resolver/composed_set.rb +1 -0
data/lib/rubygems/resolver/conflict.rb +1 -1
data/lib/rubygems/resolver/current_set.rb +1 -0
data/lib/rubygems/resolver/dependency_request.rb +5 -1
data/lib/rubygems/resolver/git_set.rb +1 -0
data/lib/rubygems/resolver/git_specification.rb +2 -2
data/lib/rubygems/resolver/index_set.rb +1 -0
data/lib/rubygems/resolver/index_specification.rb +1 -0
data/lib/rubygems/resolver/installed_specification.rb +1 -0
data/lib/rubygems/resolver/installer_set.rb +12 -9
data/lib/rubygems/resolver/local_specification.rb +1 -0
data/lib/rubygems/resolver/lock_set.rb +4 -5
data/lib/rubygems/resolver/lock_specification.rb +6 -2
data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +50 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb +80 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb +35 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +65 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +61 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +62 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +60 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb +125 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb +45 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb +35 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb +125 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +222 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb +75 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +5 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/specification_provider.rb +100 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb +65 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb +494 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/resolver.rb +45 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb +54 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo.rb +10 -0
data/lib/rubygems/resolver/molinillo.rb +2 -0
data/lib/rubygems/resolver/requirement_list.rb +1 -0
data/lib/rubygems/resolver/set.rb +2 -1
data/lib/rubygems/resolver/source_set.rb +48 -0
data/lib/rubygems/resolver/spec_specification.rb +1 -0
data/lib/rubygems/resolver/specification.rb +2 -1
data/lib/rubygems/resolver/stats.rb +1 -0
data/lib/rubygems/resolver/vendor_set.rb +1 -0
data/lib/rubygems/resolver/vendor_specification.rb +1 -0
data/lib/rubygems/resolver.rb +96 -233
data/lib/rubygems/safe_yaml.rb +51 -0
data/lib/rubygems/security/policies.rb +1 -0
data/lib/rubygems/security/policy.rb +2 -2
data/lib/rubygems/security/signer.rb +4 -1
data/lib/rubygems/security/trust_dir.rb +1 -0
data/lib/rubygems/security.rb +13 -5
data/lib/rubygems/security_option.rb +43 -0
data/lib/rubygems/server.rb +34 -36
data/lib/rubygems/source/git.rb +3 -1
data/lib/rubygems/source/installed.rb +1 -0
data/lib/rubygems/source/local.rb +39 -35
data/lib/rubygems/source/lock.rb +5 -1
data/lib/rubygems/source/specific_file.rb +1 -0
data/lib/rubygems/source/vendor.rb +1 -0
data/lib/rubygems/source.rb +14 -6
data/lib/rubygems/source_list.rb +3 -2
data/lib/rubygems/source_local.rb +4 -1
data/lib/rubygems/source_specific_file.rb +4 -2
data/lib/rubygems/spec_fetcher.rb +8 -3
data/lib/rubygems/specification.rb +632 -345
data/lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +21 -0
data/lib/rubygems/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem +23 -0
data/lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem +25 -0
data/lib/rubygems/stub_specification.rb +105 -79
data/lib/rubygems/syck_hack.rb +1 -0
data/lib/rubygems/test_case.rb +165 -32
data/lib/rubygems/test_utilities.rb +19 -18
data/lib/rubygems/text.rb +17 -6
data/lib/rubygems/uninstaller.rb +2 -1
data/lib/rubygems/uri_formatter.rb +1 -0
data/lib/rubygems/user_interaction.rb +19 -29
data/lib/rubygems/util/licenses.rb +380 -0
data/lib/rubygems/util/list.rb +10 -21
data/lib/rubygems/util.rb +11 -21
data/lib/rubygems/validator.rb +1 -0
data/lib/rubygems/version.rb +65 -29
data/lib/rubygems/version_option.rb +7 -1
data/lib/rubygems.rb +231 -60
data/lib/ubygems.rb +1 -0
data/setup.rb +2 -1
data/test/rubygems/alternate_cert.pem +10 -9
data/test/rubygems/alternate_cert_32.pem +10 -9
data/test/rubygems/bad_rake.rb +1 -0
data/test/rubygems/bogussources.rb +1 -0
data/test/rubygems/child_cert.pem +11 -9
data/test/rubygems/child_cert_32.pem +11 -9
data/test/rubygems/encrypted_private_key.pem +26 -26
data/test/rubygems/expired_cert.pem +9 -8
data/test/rubygems/fake_certlib/openssl.rb +1 -0
data/test/rubygems/fix_openssl_warnings.rb +1 -0
data/test/rubygems/foo/discover.rb +1 -0
data/test/rubygems/future_cert.pem +9 -8
data/test/rubygems/future_cert_32.pem +9 -8
data/test/rubygems/good_rake.rb +1 -0
data/test/rubygems/grandchild_cert.pem +11 -9
data/test/rubygems/grandchild_cert_32.pem +11 -9
data/test/rubygems/invalid_issuer_cert.pem +11 -9
data/test/rubygems/invalid_issuer_cert_32.pem +11 -9
data/test/rubygems/invalid_signer_cert.pem +10 -9
data/test/rubygems/invalid_signer_cert_32.pem +10 -9
data/test/rubygems/invalidchild_cert.pem +11 -9
data/test/rubygems/invalidchild_cert_32.pem +11 -9
data/test/rubygems/plugin/exception/rubygems_plugin.rb +1 -0
data/test/rubygems/plugin/load/rubygems_plugin.rb +1 -0
data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +1 -0
data/test/rubygems/private3072_key.pem +40 -0
data/test/rubygems/public3072_cert.pem +25 -0
data/test/rubygems/public_cert.pem +11 -9
data/test/rubygems/public_cert_32.pem +10 -9
data/test/rubygems/rubygems/commands/crash_command.rb +1 -0
data/test/rubygems/rubygems_plugin.rb +5 -0
data/test/rubygems/sff/discover.rb +1 -0
data/test/rubygems/simple_gem.rb +2 -1
data/test/rubygems/specifications/{foo-0.0.1.gemspec → foo-0.0.1-x86-mswin32.gemspec} +0 -0
data/test/rubygems/test_bundled_ca.rb +43 -40
data/test/rubygems/test_config.rb +12 -2
data/test/rubygems/test_deprecate.rb +1 -0
data/test/rubygems/test_gem.rb +353 -80
data/test/rubygems/test_gem_available_set.rb +3 -1
data/test/rubygems/test_gem_bundler_version_finder.rb +125 -0
data/test/rubygems/test_gem_command.rb +11 -0
data/test/rubygems/test_gem_command_manager.rb +1 -0
data/test/rubygems/test_gem_commands_build_command.rb +38 -1
data/test/rubygems/test_gem_commands_cert_command.rb +65 -0
data/test/rubygems/test_gem_commands_check_command.rb +1 -0
data/test/rubygems/test_gem_commands_cleanup_command.rb +79 -6
data/test/rubygems/test_gem_commands_contents_command.rb +1 -0
data/test/rubygems/test_gem_commands_dependency_command.rb +10 -1
data/test/rubygems/test_gem_commands_environment_command.rb +2 -1
data/test/rubygems/test_gem_commands_fetch_command.rb +1 -0
data/test/rubygems/test_gem_commands_generate_index_command.rb +1 -0
data/test/rubygems/test_gem_commands_help_command.rb +1 -0
data/test/rubygems/test_gem_commands_install_command.rb +73 -30
data/test/rubygems/test_gem_commands_list_command.rb +1 -0
data/test/rubygems/test_gem_commands_lock_command.rb +1 -0
data/test/rubygems/test_gem_commands_mirror.rb +1 -13
data/test/rubygems/test_gem_commands_open_command.rb +29 -4
data/test/rubygems/test_gem_commands_outdated_command.rb +3 -3
data/test/rubygems/test_gem_commands_owner_command.rb +8 -0
data/test/rubygems/test_gem_commands_pristine_command.rb +126 -5
data/test/rubygems/test_gem_commands_push_command.rb +75 -7
data/test/rubygems/test_gem_commands_query_command.rb +261 -99
data/test/rubygems/test_gem_commands_search_command.rb +1 -0
data/test/rubygems/test_gem_commands_server_command.rb +3 -2
data/test/rubygems/test_gem_commands_setup_command.rb +130 -5
data/test/rubygems/test_gem_commands_signin_command.rb +98 -0
data/test/rubygems/test_gem_commands_signout_command.rb +37 -0
data/test/rubygems/test_gem_commands_sources_command.rb +53 -0
data/test/rubygems/test_gem_commands_specification_command.rb +5 -4
data/test/rubygems/test_gem_commands_stale_command.rb +3 -0
data/test/rubygems/test_gem_commands_uninstall_command.rb +18 -4
data/test/rubygems/test_gem_commands_unpack_command.rb +7 -8
data/test/rubygems/test_gem_commands_update_command.rb +24 -59
data/test/rubygems/test_gem_commands_which_command.rb +5 -3
data/test/rubygems/test_gem_commands_yank_command.rb +13 -10
data/test/rubygems/test_gem_config_file.rb +26 -3
data/test/rubygems/test_gem_dependency.rb +38 -5
data/test/rubygems/test_gem_dependency_installer.rb +33 -6
data/test/rubygems/test_gem_dependency_list.rb +1 -0
data/test/rubygems/test_gem_dependency_resolution_error.rb +1 -0
data/test/rubygems/test_gem_doctor.rb +2 -1
data/test/rubygems/test_gem_ext_builder.rb +10 -3
data/test/rubygems/test_gem_ext_cmake_builder.rb +5 -2
data/test/rubygems/test_gem_ext_configure_builder.rb +10 -5
data/test/rubygems/test_gem_ext_ext_conf_builder.rb +49 -21
data/test/rubygems/test_gem_ext_rake_builder.rb +34 -16
data/test/rubygems/test_gem_gem_runner.rb +1 -0
data/test/rubygems/test_gem_gemcutter_utilities.rb +3 -2
data/test/rubygems/test_gem_impossible_dependencies_error.rb +1 -0
data/test/rubygems/test_gem_indexer.rb +5 -4
data/test/rubygems/test_gem_install_update_options.rb +17 -3
data/test/rubygems/test_gem_installer.rb +325 -63
data/test/rubygems/test_gem_local_remote_options.rb +1 -0
data/test/rubygems/test_gem_name_tuple.rb +1 -0
data/test/rubygems/test_gem_package.rb +67 -9
data/test/rubygems/test_gem_package_old.rb +1 -0
data/test/rubygems/test_gem_package_tar_header.rb +1 -0
data/test/rubygems/test_gem_package_tar_reader.rb +1 -0
data/test/rubygems/test_gem_package_tar_reader_entry.rb +10 -2
data/test/rubygems/test_gem_package_tar_writer.rb +45 -7
data/test/rubygems/test_gem_package_task.rb +6 -2
data/test/rubygems/test_gem_path_support.rb +43 -6
data/test/rubygems/test_gem_platform.rb +12 -0
data/test/rubygems/test_gem_rdoc.rb +1 -0
data/test/rubygems/test_gem_remote_fetcher.rb +161 -10
data/test/rubygems/test_gem_request.rb +134 -1
data/test/rubygems/test_gem_request_connection_pools.rb +11 -1
data/test/rubygems/test_gem_request_set.rb +8 -10
data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +54 -46
data/test/rubygems/test_gem_request_set_lockfile.rb +22 -800
data/test/rubygems/test_gem_request_set_lockfile_parser.rb +549 -0
data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +306 -0
data/test/rubygems/test_gem_requirement.rb +17 -0
data/test/rubygems/test_gem_resolver.rb +49 -29
data/test/rubygems/test_gem_resolver_activation_request.rb +1 -0
data/test/rubygems/test_gem_resolver_api_set.rb +1 -0
data/test/rubygems/test_gem_resolver_api_specification.rb +3 -2
data/test/rubygems/test_gem_resolver_best_set.rb +1 -0
data/test/rubygems/test_gem_resolver_composed_set.rb +1 -0
data/test/rubygems/test_gem_resolver_conflict.rb +2 -1
data/test/rubygems/test_gem_resolver_dependency_request.rb +1 -0
data/test/rubygems/test_gem_resolver_git_set.rb +1 -0
data/test/rubygems/test_gem_resolver_git_specification.rb +2 -0
data/test/rubygems/test_gem_resolver_index_set.rb +1 -0
data/test/rubygems/test_gem_resolver_index_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_installed_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_installer_set.rb +22 -11
data/test/rubygems/test_gem_resolver_local_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_lock_set.rb +1 -0
data/test/rubygems/test_gem_resolver_lock_specification.rb +10 -8
data/test/rubygems/test_gem_resolver_requirement_list.rb +1 -0
data/test/rubygems/test_gem_resolver_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_vendor_set.rb +1 -0
data/test/rubygems/test_gem_resolver_vendor_specification.rb +1 -0
data/test/rubygems/test_gem_security.rb +6 -0
data/test/rubygems/test_gem_security_policy.rb +25 -24
data/test/rubygems/test_gem_security_signer.rb +15 -6
data/test/rubygems/test_gem_security_trust_dir.rb +5 -2
data/test/rubygems/test_gem_server.rb +39 -1
data/test/rubygems/test_gem_silent_ui.rb +1 -0
data/test/rubygems/test_gem_source.rb +24 -0
data/test/rubygems/test_gem_source_fetch_problem.rb +9 -0
data/test/rubygems/test_gem_source_git.rb +1 -0
data/test/rubygems/test_gem_source_installed.rb +1 -0
data/test/rubygems/test_gem_source_list.rb +7 -0
data/test/rubygems/test_gem_source_local.rb +1 -0
data/test/rubygems/test_gem_source_lock.rb +1 -0
data/test/rubygems/test_gem_source_specific_file.rb +1 -0
data/test/rubygems/test_gem_source_vendor.rb +1 -0
data/test/rubygems/test_gem_spec_fetcher.rb +21 -0
data/test/rubygems/test_gem_specification.rb +692 -139
data/test/rubygems/test_gem_stream_ui.rb +13 -12
data/test/rubygems/test_gem_stub_specification.rb +115 -10
data/test/rubygems/test_gem_text.rb +30 -0
data/test/rubygems/test_gem_uninstaller.rb +5 -3
data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +1 -0
data/test/rubygems/test_gem_uri_formatter.rb +1 -0
data/test/rubygems/test_gem_util.rb +10 -0
data/test/rubygems/test_gem_validator.rb +1 -0
data/test/rubygems/test_gem_version.rb +43 -7
data/test/rubygems/test_gem_version_option.rb +16 -0
data/test/rubygems/test_kernel.rb +62 -0
data/test/rubygems/test_remote_fetch_error.rb +21 -0
data/test/rubygems/test_require.rb +275 -120
data/test/rubygems/wrong_key_cert.pem +10 -9
data/test/rubygems/wrong_key_cert_32.pem +10 -9
data/util/ci +73 -0
data/util/create_certs.rb +65 -49
data/util/create_encrypted_key.rb +1 -0
data/util/generate_spdx_license_list.rb +52 -0
data/util/patch_with_prs.rb +77 -0
data/util/update_bundled_ca_certificates.rb +28 -5
data/util/update_changelog.rb +67 -0
metadata +338 -189
data/.gemtest +0 -0
data/CONTRIBUTING +0 -32
data/README.rdoc +0 -54
data/lib/gauntlet_rubygems.rb +0 -50
data/lib/rubygems/ssl_certs/AddTrustExternalCARoot.pem +0 -32
data/lib/rubygems/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem +0 -14
data/lib/rubygems/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem +0 -28
data/lib/rubygems/ssl_certs/GeoTrustGlobalCA.pem +0 -20
data/lib/rubygems/util/stringio.rb +0 -34

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: d45335473804839a55a75fa236d648bcd9f33b17
-  data.tar.gz: ace593b2f7f8b001fe67f038b0f6f9a3a837411a
+SHA256:
+  metadata.gz: 2fd65b08de35370803c876822126dbfa9022a6702679170bb7b0438d2fa2e6c9
+  data.tar.gz: f3a0661f0e4df43931639f54ed9b27fe1c25d358f1fe336dfec1f836188a4887
 SHA512:
-  metadata.gz: d255ea71d77bd18fa781c6076dec28c3383818575e53876d912ff07b4ce504cfbf0d56c3cfe529d8bd09cadc7e46309bafd146fdaf9c20b8164a2f8d57a38848
-  data.tar.gz: e625369d791159e76f18eaab91d52d3cdb8f4519e1cabeb27903e38ad25db9ff0614ca3796d33dd3e1ecae297e8a2afca7d741f5187f041a8ce91aa09acdc71b
+  metadata.gz: 65f66d7f93527f0bc04a19d788a7aeb43488348951b6d507f31dfbb97d80bba52a0c9dfc6eda7e8d4a1906ce2b39ed1d1182bc9e16031cf40d89e3ae2591dc14
+  data.tar.gz: 8d069f6b20f3210fe3332343077b5cba38df8c601599479ad82f79075f6d132ce040163286a5588222b6b6b8c37a234d9eac9411e3734a6166033954f8b4b957

data/.travis.yml ADDED Viewed

@@ -0,0 +1,58 @@
+---
+after_script:
+- util/ci after_script
+before_script:
+- util/ci before_script
+language: ruby
+dist: trusty
+sudo: required
+branches:
+  only:
+    - master
+    - auto
+    - /^[\d.]+$/
+    - /.+-stable$/
+rvm:
+- 1.8.7
+- 1.9.2
+- 1.9.3
+- 2.0.0
+- 2.1.10
+- 2.2.9
+- 2.3.6
+- 2.4.3
+- ruby-head
+env:
+  - "TEST_TOOL=rubygems YAML=syck"
+  - "TEST_TOOL=rubygems YAML=psych"
+  - "TEST_TOOL=bundler RGV=master"
+script:
+- util/ci script
+matrix:
+  exclude:
+    - rvm: 1.8.7
+      env: "TEST_TOOL=rubygems YAML=psych"
+    - rvm: 1.9.2
+      env: "TEST_TOOL=bundler RGV=master"
+    - rvm: 2.0.0
+      env: "TEST_TOOL=rubygems YAML=syck"
+    - rvm: 2.1.10
+      env: "TEST_TOOL=rubygems YAML=syck"
+    - rvm: 2.2.9
+      env: "TEST_TOOL=rubygems YAML=syck"
+    - rvm: 2.3.6
+      env: "TEST_TOOL=rubygems YAML=syck"
+    - rvm: 2.4.3
+      env: "TEST_TOOL=rubygems YAML=syck"
+    - rvm: ruby-head
+      env: "TEST_TOOL=rubygems YAML=syck"
+  allow_failures:
+    - rvm: 1.8.7
+      env: "TEST_TOOL=bundler RGV=master"
+    - rvm: 1.9.3
+      env: "TEST_TOOL=bundler RGV=master"
+    - rvm: 2.0.0
+      env: "TEST_TOOL=bundler RGV=master"
+    - rvm: 2.1.10
+      env: "TEST_TOOL=bundler RGV=master"
+    - rvm: ruby-head

data/CODE_OF_CONDUCT.md ADDED Viewed

@@ -0,0 +1,43 @@
+# Contributor Code of Conduct
+### Our Pledge
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+### Our Standards
+Examples of behavior that contributes to creating a positive environment include:
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+Examples of unacceptable behavior by participants include:
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+### Our Responsibilities
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+### Scope
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+### Enforcement
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the [project team](MAINTAINERS.txt). All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+### Attribution
+This Code of Conduct is adapted from the Contributor Covenant, version 1.4, available at http://contributor-covenant.org/version/1/4.

data/CONTRIBUTING.rdoc ADDED Viewed

@@ -0,0 +1,130 @@
+= How to contribute
+Community involvement is essential to RubyGems. We want to keep it as easy
+as possible to contribute changes. There are a few guidelines that we need
+contributors to follow to reduce the time it takes to get changes merged in.
+== Guidelines
+1. New features should be coupled with tests.
+2. Ensure that your code blends well with ours:
+   * No trailing whitespace
+   * Match indentation (two spaces)
+   * Match coding style (+if+, +elsif+, +when+ need trailing +then+)
+3. If any new files are added or existing files removed in a commit or PR, please update the +Manifest.txt+ accordingly.
+4. Don't modify the history file or version number.
+5. If you have any questions, just ask on IRC in #rubygems on Freenode or file
+   an issue here: http://github.com/rubygems/rubygems/issues
+For more information and ideas on how to contribute to RubyGems ecosystem, see
+here: http://guides.rubygems.org/contributing/
+== Getting Started
+    $ gem install hoe
+    $ rake newb
+To run commands like <tt>gem install</tt> from the repo:
+    $ ruby -Ilib bin/gem install
+== Issues
+RubyGems uses labels to track all issues and pull requests. In order to provide
+guidance to the community this is documentation of how labels are used in the
+rubygems repository.
+=== Contribution
+These labels are made to guide contributors to issue/pull requests that they
+can help with. That are marked with a light gray <tt>contribution: *</tt>
+* *small* - The issue described here will take a small amount of work to resolve,
+  and is a good option for a new contributor
+* *unclaimed* - The issue has not been claimed for work, and is awaiting willing
+  volunteers!
+=== Type
+Most Issues or pull requests will have a light green <tt>type: *</tt> label,
+which describes the type of the issue or pull request.
+* <b>bug report</b> - An issue describing a bug in rubygems. This would be something
+  that is broken, confusing, unexpected behavior etc.
+* <b>bug fix</b> - A pull request that fixes a bug report.
+* <b>feature request</b> - An issue describing a request for a new feature or
+  enhancement.
+* <b>feature implementation</b> - A pull request implementing a feature request.
+* *question* - An issue that is a more of a question than a call for specific
+  changes in the codebase.
+* *cleanup* - Generally for a pull request that improves the code base without
+  fixing a bug or implementing a feature.
+* <b>major bump</b> - This issue or pull request requires a major version bump
+* *administrative* - This issue relates to administrative tasks that need to
+  take place as it relates to rubygems
+* *documentation* - This issue relates to improving the documentation for
+  in this repo. Note that much of the rubygems documentation is here:
+  https://github.com/rubygems/guides
+=== Workflow / Status
+The light yellow <tt>status: *</tt> labels that indicate the state of an
+issue, where it is in the process from being submitted to being closed.
+These are listed in rough  progression order from submitted to closed.
+* *triage* - This is an issue or pull request that needs to be properly
+  labeled by by a maintainer.
+* *confirmed* - This issue/pull request has been accepted as valid, but
+  is not yet immediately ready for work.
+* <b>ready</b> - An issue that is available for collaboration. This issue
+  should have existing discussion on the problem, and a description of how to go
+  about solving it.
+* <b>working</b> - An issue that has a specific invidual assigned to and planning
+  to do work on it.
+* <b>user feedback required</b> - The issue/pull request is blocked pending more
+  feedback from an end user
+* <b>blocked / backlog</b> - the issue/pull request is currently unable to move forward
+  because of some specific reason, generally this will be a reason that is outside
+  RubyGems or needs feedback from some specific individual or group, and it may
+  be a while before something it is resolved.
+=== Closed Reason
+Reasons are why an issue / pull request was closed without being worked on or
+accepted. There should also be more detailed information in the comments. The
+closed reason labels are maroon <tt>closed: *</tt>.
+* *duplicate* - This is a duplicate of an existing bug. The comments must
+  reference the existing issue.
+* *abandonded* - This is an issue/pull request that has aged off, is no longer
+  applicable or similar.
+* *declined* - An issue that won't be fixed/implemented or a pull request that
+  is not accepted.
+* *deprecated* - An issue/pull request that no longer applies to the actively
+  maintained codebase.
+* *discussion* - An issue/pull that is no longer about a concrete change, and
+  is instead being used for discussion.
+=== Categories
+These are aspects of the codebase, or what general area the issue or pull
+request pertains too. Not all issues will have a category. All categorized
+issues have a blue <tt>category: *</tt> label.
+* *gemspec* - related to the gem specification itself
+* *API* - related to the public supported rubygems API. This is the code API,
+  not a network related API.
+* *command* - related to something in <tt>Gem::Commands</tt>
+* *install* - related to gem installations
+* *documentation* - related to updating / fixing / clarifying documentation or
+  guides
+=== Platforms
+If an issue or pull request pertains to only one platform, then it should have
+an appropriate purple <tt>platform: *</tt> label. Current platform labels:
+*windows*, *java*, *osx*, *linux*

data/CVE-2015-3900.txt ADDED Viewed

@@ -0,0 +1,40 @@
+= Request hijacking vulnerability in RubyGems 2.4.6 and earlier
+RubyGems provides the ability of a domain to direct clients to a separate
+host that is used to fetch gems and make API calls against. This mechanism
+is implemented via DNS, specificly a SRV record _rubygems._tcp under the
+original requested domain.
+For example, this is the one that users who use rubygems.org see:
+  > dig _rubygems._tcp.rubygems.org SRV
+  ;; ANSWER SECTION:
+  _rubygems._tcp.rubygems.org. 600 IN	SRV	0 1 80 api.rubygems.org.
+RubyGems did not validate the hostname returned in the SRV record before
+sending requests to it.
+This left clients open to a DNS hijack attack, whereby an attacker could
+return a SRV of their choosing and get the client to use it. For example:
+  > dig _rubygems._tcp.rubygems.org SRV
+  ;; ANSWER SECTION:
+  _rubygems._tcp.rubygems.org. 600 IN	SRV	0 1 80 gems.nottobetrusted.wtf
+The fix, detailed at https://github.com/rubygems/rubygems/commit/6bbee35,
+shows that we validate the record now to be under the original domain. This
+restricts the client to be using the original trust/security domain as they
+would have otherwise.
+RubyGems versions between 2.0 and 2.4.6 are vulnerable.
+RubyGems version 2.0.16, 2.2.4, and 2.4.7 have been released that fix this
+issue.
+Ruby versions 1.9.0 through 2.2.0 are vulnerable as they contain embedded
+versions of RubyGems.
+This vulnerability was reported by Jonathan Claudius <JClaudius@trustwave.com>.