rubygems-update 2.6.0 → 3.4.22

Sign up to get free protection for your applications and to get access to all the features.
Files changed (804) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +5802 -0
  3. data/CODE_OF_CONDUCT.md +76 -35
  4. data/CONTRIBUTING.md +231 -0
  5. data/MAINTAINERS.txt +8 -0
  6. data/Manifest.txt +441 -42
  7. data/POLICIES.md +135 -0
  8. data/README.md +114 -0
  9. data/UPGRADING.md +15 -0
  10. data/bundler/CHANGELOG.md +4666 -0
  11. data/bundler/LICENSE.md +22 -0
  12. data/bundler/README.md +58 -0
  13. data/bundler/UPGRADING.md +222 -0
  14. data/bundler/bundler.gemspec +44 -0
  15. data/bundler/exe/bundle +38 -0
  16. data/bundler/exe/bundler +4 -0
  17. data/bundler/lib/bundler/.document +1 -0
  18. data/bundler/lib/bundler/build_metadata.rb +45 -0
  19. data/bundler/lib/bundler/capistrano.rb +22 -0
  20. data/bundler/lib/bundler/cli/add.rb +47 -0
  21. data/bundler/lib/bundler/cli/binstubs.rb +57 -0
  22. data/bundler/lib/bundler/cli/cache.rb +43 -0
  23. data/bundler/lib/bundler/cli/check.rb +40 -0
  24. data/bundler/lib/bundler/cli/clean.rb +25 -0
  25. data/bundler/lib/bundler/cli/common.rb +130 -0
  26. data/bundler/lib/bundler/cli/config.rb +203 -0
  27. data/bundler/lib/bundler/cli/console.rb +43 -0
  28. data/bundler/lib/bundler/cli/doctor.rb +157 -0
  29. data/bundler/lib/bundler/cli/exec.rb +88 -0
  30. data/bundler/lib/bundler/cli/fund.rb +36 -0
  31. data/bundler/lib/bundler/cli/gem.rb +466 -0
  32. data/bundler/lib/bundler/cli/info.rb +94 -0
  33. data/bundler/lib/bundler/cli/init.rb +51 -0
  34. data/bundler/lib/bundler/cli/inject.rb +60 -0
  35. data/bundler/lib/bundler/cli/install.rb +189 -0
  36. data/bundler/lib/bundler/cli/issue.rb +41 -0
  37. data/bundler/lib/bundler/cli/list.rb +66 -0
  38. data/bundler/lib/bundler/cli/lock.rb +73 -0
  39. data/bundler/lib/bundler/cli/open.rb +29 -0
  40. data/bundler/lib/bundler/cli/outdated.rb +297 -0
  41. data/bundler/lib/bundler/cli/platform.rb +48 -0
  42. data/bundler/lib/bundler/cli/plugin.rb +41 -0
  43. data/bundler/lib/bundler/cli/pristine.rb +52 -0
  44. data/bundler/lib/bundler/cli/remove.rb +17 -0
  45. data/bundler/lib/bundler/cli/show.rb +75 -0
  46. data/bundler/lib/bundler/cli/update.rb +123 -0
  47. data/bundler/lib/bundler/cli/viz.rb +31 -0
  48. data/bundler/lib/bundler/cli.rb +894 -0
  49. data/bundler/lib/bundler/compact_index_client/cache.rb +101 -0
  50. data/bundler/lib/bundler/compact_index_client/gem_parser.rb +28 -0
  51. data/bundler/lib/bundler/compact_index_client/updater.rb +117 -0
  52. data/bundler/lib/bundler/compact_index_client.rb +119 -0
  53. data/bundler/lib/bundler/constants.rb +7 -0
  54. data/bundler/lib/bundler/current_ruby.rb +108 -0
  55. data/bundler/lib/bundler/definition.rb +978 -0
  56. data/bundler/lib/bundler/dependency.rb +97 -0
  57. data/bundler/lib/bundler/deployment.rb +69 -0
  58. data/bundler/lib/bundler/deprecate.rb +44 -0
  59. data/bundler/lib/bundler/digest.rb +71 -0
  60. data/bundler/lib/bundler/dsl.rb +583 -0
  61. data/bundler/lib/bundler/endpoint_specification.rb +143 -0
  62. data/bundler/lib/bundler/env.rb +150 -0
  63. data/bundler/lib/bundler/environment_preserver.rb +86 -0
  64. data/bundler/lib/bundler/errors.rb +190 -0
  65. data/bundler/lib/bundler/feature_flag.rb +53 -0
  66. data/bundler/lib/bundler/fetcher/base.rb +50 -0
  67. data/bundler/lib/bundler/fetcher/compact_index.rb +129 -0
  68. data/bundler/lib/bundler/fetcher/dependency.rb +78 -0
  69. data/bundler/lib/bundler/fetcher/downloader.rb +89 -0
  70. data/bundler/lib/bundler/fetcher/index.rb +25 -0
  71. data/bundler/lib/bundler/fetcher.rb +321 -0
  72. data/bundler/lib/bundler/force_platform.rb +18 -0
  73. data/bundler/lib/bundler/friendly_errors.rb +126 -0
  74. data/bundler/lib/bundler/gem_helper.rb +237 -0
  75. data/bundler/lib/bundler/gem_helpers.rb +124 -0
  76. data/bundler/lib/bundler/gem_tasks.rb +7 -0
  77. data/bundler/lib/bundler/gem_version_promoter.rb +145 -0
  78. data/bundler/lib/bundler/graph.rb +152 -0
  79. data/bundler/lib/bundler/index.rb +206 -0
  80. data/bundler/lib/bundler/injector.rb +287 -0
  81. data/bundler/lib/bundler/inline.rb +73 -0
  82. data/bundler/lib/bundler/installer/gem_installer.rb +84 -0
  83. data/bundler/lib/bundler/installer/parallel_installer.rb +194 -0
  84. data/bundler/lib/bundler/installer/standalone.rb +117 -0
  85. data/bundler/lib/bundler/installer.rb +267 -0
  86. data/bundler/lib/bundler/lazy_specification.rb +163 -0
  87. data/bundler/lib/bundler/lockfile_generator.rb +95 -0
  88. data/bundler/lib/bundler/lockfile_parser.rb +218 -0
  89. data/bundler/lib/bundler/man/.document +1 -0
  90. data/bundler/lib/bundler/man/bundle-add.1 +82 -0
  91. data/bundler/lib/bundler/man/bundle-add.1.ronn +58 -0
  92. data/bundler/lib/bundler/man/bundle-binstubs.1 +42 -0
  93. data/bundler/lib/bundler/man/bundle-binstubs.1.ronn +41 -0
  94. data/bundler/lib/bundler/man/bundle-cache.1 +61 -0
  95. data/bundler/lib/bundler/man/bundle-cache.1.ronn +79 -0
  96. data/bundler/lib/bundler/man/bundle-check.1 +31 -0
  97. data/bundler/lib/bundler/man/bundle-check.1.ronn +26 -0
  98. data/bundler/lib/bundler/man/bundle-clean.1 +24 -0
  99. data/bundler/lib/bundler/man/bundle-clean.1.ronn +18 -0
  100. data/bundler/lib/bundler/man/bundle-config.1 +512 -0
  101. data/bundler/lib/bundler/man/bundle-config.1.ronn +405 -0
  102. data/bundler/lib/bundler/man/bundle-console.1 +53 -0
  103. data/bundler/lib/bundler/man/bundle-console.1.ronn +44 -0
  104. data/bundler/lib/bundler/man/bundle-doctor.1 +44 -0
  105. data/bundler/lib/bundler/man/bundle-doctor.1.ronn +33 -0
  106. data/bundler/lib/bundler/man/bundle-exec.1 +165 -0
  107. data/bundler/lib/bundler/man/bundle-exec.1.ronn +151 -0
  108. data/bundler/lib/bundler/man/bundle-gem.1 +105 -0
  109. data/bundler/lib/bundler/man/bundle-gem.1.ronn +117 -0
  110. data/bundler/lib/bundler/man/bundle-help.1 +13 -0
  111. data/bundler/lib/bundler/man/bundle-help.1.ronn +12 -0
  112. data/bundler/lib/bundler/man/bundle-info.1 +20 -0
  113. data/bundler/lib/bundler/man/bundle-info.1.ronn +17 -0
  114. data/bundler/lib/bundler/man/bundle-init.1 +29 -0
  115. data/bundler/lib/bundler/man/bundle-init.1.ronn +31 -0
  116. data/bundler/lib/bundler/man/bundle-inject.1 +36 -0
  117. data/bundler/lib/bundler/man/bundle-inject.1.ronn +24 -0
  118. data/bundler/lib/bundler/man/bundle-install.1 +313 -0
  119. data/bundler/lib/bundler/man/bundle-install.1.ronn +382 -0
  120. data/bundler/lib/bundler/man/bundle-list.1 +50 -0
  121. data/bundler/lib/bundler/man/bundle-list.1.ronn +33 -0
  122. data/bundler/lib/bundler/man/bundle-lock.1 +84 -0
  123. data/bundler/lib/bundler/man/bundle-lock.1.ronn +94 -0
  124. data/bundler/lib/bundler/man/bundle-open.1 +52 -0
  125. data/bundler/lib/bundler/man/bundle-open.1.ronn +27 -0
  126. data/bundler/lib/bundler/man/bundle-outdated.1 +152 -0
  127. data/bundler/lib/bundler/man/bundle-outdated.1.ronn +105 -0
  128. data/bundler/lib/bundler/man/bundle-platform.1 +71 -0
  129. data/bundler/lib/bundler/man/bundle-platform.1.ronn +49 -0
  130. data/bundler/lib/bundler/man/bundle-plugin.1 +81 -0
  131. data/bundler/lib/bundler/man/bundle-plugin.1.ronn +59 -0
  132. data/bundler/lib/bundler/man/bundle-pristine.1 +34 -0
  133. data/bundler/lib/bundler/man/bundle-pristine.1.ronn +34 -0
  134. data/bundler/lib/bundler/man/bundle-remove.1 +31 -0
  135. data/bundler/lib/bundler/man/bundle-remove.1.ronn +23 -0
  136. data/bundler/lib/bundler/man/bundle-show.1 +23 -0
  137. data/bundler/lib/bundler/man/bundle-show.1.ronn +21 -0
  138. data/bundler/lib/bundler/man/bundle-update.1 +394 -0
  139. data/bundler/lib/bundler/man/bundle-update.1.ronn +351 -0
  140. data/bundler/lib/bundler/man/bundle-version.1 +35 -0
  141. data/bundler/lib/bundler/man/bundle-version.1.ronn +24 -0
  142. data/bundler/lib/bundler/man/bundle-viz.1 +42 -0
  143. data/bundler/lib/bundler/man/bundle-viz.1.ronn +32 -0
  144. data/bundler/lib/bundler/man/bundle.1 +141 -0
  145. data/bundler/lib/bundler/man/bundle.1.ronn +116 -0
  146. data/bundler/lib/bundler/man/gemfile.5 +747 -0
  147. data/bundler/lib/bundler/man/gemfile.5.ronn +548 -0
  148. data/bundler/lib/bundler/man/index.txt +29 -0
  149. data/bundler/lib/bundler/match_metadata.rb +13 -0
  150. data/bundler/lib/bundler/match_platform.rb +23 -0
  151. data/bundler/lib/bundler/match_remote_metadata.rb +29 -0
  152. data/bundler/lib/bundler/mirror.rb +221 -0
  153. data/bundler/lib/bundler/plugin/api/source.rb +320 -0
  154. data/bundler/lib/bundler/plugin/api.rb +81 -0
  155. data/bundler/lib/bundler/plugin/dsl.rb +53 -0
  156. data/bundler/lib/bundler/plugin/events.rb +61 -0
  157. data/bundler/lib/bundler/plugin/index.rb +193 -0
  158. data/bundler/lib/bundler/plugin/installer/git.rb +34 -0
  159. data/bundler/lib/bundler/plugin/installer/rubygems.rb +19 -0
  160. data/bundler/lib/bundler/plugin/installer.rb +112 -0
  161. data/bundler/lib/bundler/plugin/source_list.rb +31 -0
  162. data/bundler/lib/bundler/plugin.rb +359 -0
  163. data/bundler/lib/bundler/process_lock.rb +24 -0
  164. data/bundler/lib/bundler/remote_specification.rb +117 -0
  165. data/bundler/lib/bundler/resolver/base.rb +107 -0
  166. data/bundler/lib/bundler/resolver/candidate.rb +94 -0
  167. data/bundler/lib/bundler/resolver/incompatibility.rb +15 -0
  168. data/bundler/lib/bundler/resolver/package.rb +77 -0
  169. data/bundler/lib/bundler/resolver/root.rb +25 -0
  170. data/bundler/lib/bundler/resolver/spec_group.rb +82 -0
  171. data/bundler/lib/bundler/resolver.rb +462 -0
  172. data/bundler/lib/bundler/retry.rb +66 -0
  173. data/bundler/lib/bundler/ruby_dsl.rb +45 -0
  174. data/bundler/lib/bundler/ruby_version.rb +131 -0
  175. data/bundler/lib/bundler/rubygems_ext.rb +354 -0
  176. data/bundler/lib/bundler/rubygems_gem_installer.rb +187 -0
  177. data/bundler/lib/bundler/rubygems_integration.rb +562 -0
  178. data/bundler/lib/bundler/runtime.rb +307 -0
  179. data/bundler/lib/bundler/safe_marshal.rb +31 -0
  180. data/bundler/lib/bundler/self_manager.rb +170 -0
  181. data/bundler/lib/bundler/settings/validator.rb +102 -0
  182. data/bundler/lib/bundler/settings.rb +568 -0
  183. data/bundler/lib/bundler/setup.rb +30 -0
  184. data/bundler/lib/bundler/shared_helpers.rb +358 -0
  185. data/bundler/lib/bundler/similarity_detector.rb +63 -0
  186. data/bundler/lib/bundler/source/gemspec.rb +18 -0
  187. data/bundler/lib/bundler/source/git/git_proxy.rb +455 -0
  188. data/bundler/lib/bundler/source/git.rb +379 -0
  189. data/bundler/lib/bundler/source/metadata.rb +62 -0
  190. data/bundler/lib/bundler/source/path/installer.rb +53 -0
  191. data/bundler/lib/bundler/source/path.rb +260 -0
  192. data/bundler/lib/bundler/source/rubygems/remote.rb +68 -0
  193. data/bundler/lib/bundler/source/rubygems.rb +509 -0
  194. data/bundler/lib/bundler/source/rubygems_aggregate.rb +68 -0
  195. data/bundler/lib/bundler/source.rb +114 -0
  196. data/bundler/lib/bundler/source_list.rb +227 -0
  197. data/bundler/lib/bundler/source_map.rb +71 -0
  198. data/bundler/lib/bundler/spec_set.rb +219 -0
  199. data/bundler/lib/bundler/stub_specification.rb +118 -0
  200. data/bundler/lib/bundler/templates/.document +1 -0
  201. data/bundler/lib/bundler/templates/Executable +27 -0
  202. data/bundler/lib/bundler/templates/Executable.bundler +109 -0
  203. data/bundler/lib/bundler/templates/Executable.standalone +14 -0
  204. data/bundler/lib/bundler/templates/Gemfile +5 -0
  205. data/bundler/lib/bundler/templates/newgem/CHANGELOG.md.tt +5 -0
  206. data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +84 -0
  207. data/bundler/lib/bundler/templates/newgem/Cargo.toml.tt +7 -0
  208. data/bundler/lib/bundler/templates/newgem/Gemfile.tt +26 -0
  209. data/bundler/lib/bundler/templates/newgem/LICENSE.txt.tt +21 -0
  210. data/bundler/lib/bundler/templates/newgem/README.md.tt +45 -0
  211. data/bundler/lib/bundler/templates/newgem/Rakefile.tt +71 -0
  212. data/bundler/lib/bundler/templates/newgem/bin/console.tt +11 -0
  213. data/bundler/lib/bundler/templates/newgem/bin/setup.tt +8 -0
  214. data/bundler/lib/bundler/templates/newgem/circleci/config.yml.tt +25 -0
  215. data/bundler/lib/bundler/templates/newgem/exe/newgem.tt +3 -0
  216. data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +15 -0
  217. data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-c.rb.tt +10 -0
  218. data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-rust.rb.tt +6 -0
  219. data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +9 -0
  220. data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.h.tt +6 -0
  221. data/bundler/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +12 -0
  222. data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +37 -0
  223. data/bundler/lib/bundler/templates/newgem/gitignore.tt +23 -0
  224. data/bundler/lib/bundler/templates/newgem/gitlab-ci.yml.tt +18 -0
  225. data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +9 -0
  226. data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +15 -0
  227. data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +51 -0
  228. data/bundler/lib/bundler/templates/newgem/rspec.tt +3 -0
  229. data/bundler/lib/bundler/templates/newgem/rubocop.yml.tt +13 -0
  230. data/bundler/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
  231. data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +11 -0
  232. data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +15 -0
  233. data/bundler/lib/bundler/templates/newgem/standard.yml.tt +3 -0
  234. data/bundler/lib/bundler/templates/newgem/test/minitest/test_helper.rb.tt +6 -0
  235. data/bundler/lib/bundler/templates/newgem/test/minitest/test_newgem.rb.tt +13 -0
  236. data/bundler/lib/bundler/templates/newgem/test/test-unit/newgem_test.rb.tt +15 -0
  237. data/bundler/lib/bundler/templates/newgem/test/test-unit/test_helper.rb.tt +6 -0
  238. data/bundler/lib/bundler/ui/rg_proxy.rb +19 -0
  239. data/bundler/lib/bundler/ui/shell.rb +165 -0
  240. data/bundler/lib/bundler/ui/silent.rb +85 -0
  241. data/bundler/lib/bundler/ui.rb +9 -0
  242. data/bundler/lib/bundler/uri_credentials_filter.rb +43 -0
  243. data/bundler/lib/bundler/uri_normalizer.rb +23 -0
  244. data/bundler/lib/bundler/vendor/.document +1 -0
  245. data/bundler/lib/bundler/vendor/connection_pool/LICENSE +20 -0
  246. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +174 -0
  247. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +3 -0
  248. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +56 -0
  249. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +128 -0
  250. data/bundler/lib/bundler/vendor/fileutils/LICENSE.txt +22 -0
  251. data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +2706 -0
  252. data/bundler/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
  253. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +41 -0
  254. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +65 -0
  255. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +79 -0
  256. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1073 -0
  257. data/bundler/lib/bundler/vendor/pub_grub/LICENSE.txt +21 -0
  258. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb +20 -0
  259. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +189 -0
  260. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/failure_writer.rb +182 -0
  261. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/incompatibility.rb +150 -0
  262. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/package.rb +43 -0
  263. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/partial_solution.rb +121 -0
  264. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/rubygems.rb +45 -0
  265. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/solve_failure.rb +19 -0
  266. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +60 -0
  267. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/term.rb +105 -0
  268. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version.rb +3 -0
  269. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_constraint.rb +129 -0
  270. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +411 -0
  271. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +248 -0
  272. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb +178 -0
  273. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub.rb +31 -0
  274. data/bundler/lib/bundler/vendor/thor/LICENSE.md +20 -0
  275. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +105 -0
  276. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +61 -0
  277. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +108 -0
  278. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +143 -0
  279. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +373 -0
  280. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +130 -0
  281. data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +340 -0
  282. data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +825 -0
  283. data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +151 -0
  284. data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +107 -0
  285. data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +106 -0
  286. data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +281 -0
  287. data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +178 -0
  288. data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +37 -0
  289. data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
  290. data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor.rb +17 -0
  291. data/bundler/lib/bundler/vendor/thor/lib/thor/nested_context.rb +29 -0
  292. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +89 -0
  293. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +195 -0
  294. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +178 -0
  295. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +293 -0
  296. data/bundler/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -0
  297. data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +72 -0
  298. data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +335 -0
  299. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +388 -0
  300. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +115 -0
  301. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
  302. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +84 -0
  303. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/lcs_diff.rb +49 -0
  304. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +134 -0
  305. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
  306. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
  307. data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +81 -0
  308. data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +285 -0
  309. data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +3 -0
  310. data/bundler/lib/bundler/vendor/thor/lib/thor.rb +663 -0
  311. data/bundler/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
  312. data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +452 -0
  313. data/bundler/lib/bundler/vendor/uri/LICENSE.txt +22 -0
  314. data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +729 -0
  315. data/bundler/lib/bundler/vendor/uri/lib/uri/file.rb +100 -0
  316. data/bundler/lib/bundler/vendor/uri/lib/uri/ftp.rb +267 -0
  317. data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1587 -0
  318. data/bundler/lib/bundler/vendor/uri/lib/uri/http.rb +125 -0
  319. data/bundler/lib/bundler/vendor/uri/lib/uri/https.rb +23 -0
  320. data/bundler/lib/bundler/vendor/uri/lib/uri/ldap.rb +261 -0
  321. data/bundler/lib/bundler/vendor/uri/lib/uri/ldaps.rb +22 -0
  322. data/bundler/lib/bundler/vendor/uri/lib/uri/mailto.rb +293 -0
  323. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +539 -0
  324. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +119 -0
  325. data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +6 -0
  326. data/bundler/lib/bundler/vendor/uri/lib/uri/ws.rb +83 -0
  327. data/bundler/lib/bundler/vendor/uri/lib/uri/wss.rb +23 -0
  328. data/bundler/lib/bundler/vendor/uri/lib/uri.rb +104 -0
  329. data/bundler/lib/bundler/vendored_fileutils.rb +4 -0
  330. data/bundler/lib/bundler/vendored_persistent.rb +15 -0
  331. data/bundler/lib/bundler/vendored_pub_grub.rb +4 -0
  332. data/bundler/lib/bundler/vendored_thor.rb +8 -0
  333. data/bundler/lib/bundler/vendored_tsort.rb +4 -0
  334. data/bundler/lib/bundler/vendored_uri.rb +4 -0
  335. data/bundler/lib/bundler/version.rb +13 -0
  336. data/bundler/lib/bundler/vlad.rb +17 -0
  337. data/bundler/lib/bundler/worker.rb +117 -0
  338. data/bundler/lib/bundler/yaml_serializer.rb +93 -0
  339. data/bundler/lib/bundler.rb +654 -0
  340. data/{test/rubygems/bogussources.rb → exe/gem} +5 -2
  341. data/exe/update_rubygems +38 -0
  342. data/hide_lib_for_update/note.txt +0 -4
  343. data/lib/rubygems/available_set.rb +9 -9
  344. data/lib/rubygems/basic_specification.rb +56 -37
  345. data/lib/rubygems/bundler_version_finder.rb +77 -0
  346. data/lib/rubygems/command.rb +142 -67
  347. data/lib/rubygems/command_manager.rb +61 -25
  348. data/lib/rubygems/commands/build_command.rb +88 -17
  349. data/lib/rubygems/commands/cert_command.rb +131 -82
  350. data/lib/rubygems/commands/check_command.rb +27 -24
  351. data/lib/rubygems/commands/cleanup_command.rb +56 -37
  352. data/lib/rubygems/commands/contents_command.rb +33 -35
  353. data/lib/rubygems/commands/dependency_command.rb +52 -63
  354. data/lib/rubygems/commands/environment_command.rb +31 -13
  355. data/lib/rubygems/commands/exec_command.rb +249 -0
  356. data/lib/rubygems/commands/fetch_command.rb +36 -19
  357. data/lib/rubygems/commands/generate_index_command.rb +21 -20
  358. data/lib/rubygems/commands/help_command.rb +21 -21
  359. data/lib/rubygems/commands/info_command.rb +38 -0
  360. data/lib/rubygems/commands/install_command.rb +65 -133
  361. data/lib/rubygems/commands/list_command.rb +10 -9
  362. data/lib/rubygems/commands/lock_command.rb +11 -13
  363. data/lib/rubygems/commands/mirror_command.rb +4 -4
  364. data/lib/rubygems/commands/open_command.rb +28 -26
  365. data/lib/rubygems/commands/outdated_command.rb +6 -6
  366. data/lib/rubygems/commands/owner_command.rb +50 -26
  367. data/lib/rubygems/commands/pristine_command.rb +96 -66
  368. data/lib/rubygems/commands/push_command.rb +52 -45
  369. data/lib/rubygems/commands/query_command.rb +22 -328
  370. data/lib/rubygems/commands/rdoc_command.rb +31 -31
  371. data/lib/rubygems/commands/search_command.rb +9 -9
  372. data/lib/rubygems/commands/server_command.rb +15 -76
  373. data/lib/rubygems/commands/setup_command.rb +375 -188
  374. data/lib/rubygems/commands/signin_command.rb +34 -0
  375. data/lib/rubygems/commands/signout_command.rb +32 -0
  376. data/lib/rubygems/commands/sources_command.rb +51 -35
  377. data/lib/rubygems/commands/specification_command.rb +39 -29
  378. data/lib/rubygems/commands/stale_command.rb +5 -4
  379. data/lib/rubygems/commands/uninstall_command.rb +94 -59
  380. data/lib/rubygems/commands/unpack_command.rb +43 -52
  381. data/lib/rubygems/commands/update_command.rb +154 -96
  382. data/lib/rubygems/commands/which_command.rb +13 -16
  383. data/lib/rubygems/commands/yank_command.rb +27 -31
  384. data/lib/rubygems/compatibility.rb +8 -26
  385. data/lib/rubygems/config_file.rb +214 -119
  386. data/lib/rubygems/core_ext/kernel_gem.rb +10 -14
  387. data/lib/rubygems/core_ext/kernel_require.rb +119 -88
  388. data/lib/rubygems/core_ext/kernel_warn.rb +49 -0
  389. data/lib/rubygems/core_ext/tcpsocket_init.rb +54 -0
  390. data/lib/rubygems/defaults.rb +174 -56
  391. data/lib/rubygems/dependency.rb +66 -51
  392. data/lib/rubygems/dependency_installer.rb +70 -225
  393. data/lib/rubygems/dependency_list.rb +32 -33
  394. data/lib/rubygems/deprecate.rb +112 -17
  395. data/lib/rubygems/doctor.rb +30 -30
  396. data/lib/rubygems/errors.rb +51 -9
  397. data/lib/rubygems/exceptions.rb +64 -35
  398. data/lib/rubygems/ext/build_error.rb +3 -1
  399. data/lib/rubygems/ext/builder.rb +96 -75
  400. data/lib/rubygems/ext/cargo_builder/link_flag_converter.rb +27 -0
  401. data/lib/rubygems/ext/cargo_builder.rb +360 -0
  402. data/lib/rubygems/ext/cmake_builder.rb +6 -7
  403. data/lib/rubygems/ext/configure_builder.rb +6 -9
  404. data/lib/rubygems/ext/ext_conf_builder.rb +41 -60
  405. data/lib/rubygems/ext/rake_builder.rb +18 -21
  406. data/lib/rubygems/ext.rb +8 -7
  407. data/lib/rubygems/gem_runner.rb +22 -24
  408. data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +163 -0
  409. data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +105 -0
  410. data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +78 -0
  411. data/lib/rubygems/gemcutter_utilities.rb +244 -40
  412. data/lib/rubygems/indexer.rb +49 -55
  413. data/lib/rubygems/install_default_message.rb +3 -3
  414. data/lib/rubygems/install_message.rb +3 -3
  415. data/lib/rubygems/install_update_options.rb +103 -96
  416. data/lib/rubygems/installer.rb +370 -214
  417. data/lib/rubygems/installer_uninstaller_utils.rb +29 -0
  418. data/lib/rubygems/local_remote_options.rb +27 -27
  419. data/lib/rubygems/mock_gem_ui.rb +6 -9
  420. data/lib/rubygems/name_tuple.rb +16 -19
  421. data/lib/rubygems/openssl.rb +7 -0
  422. data/lib/rubygems/optparse/.document +1 -0
  423. data/lib/rubygems/optparse/COPYING +56 -0
  424. data/lib/rubygems/optparse/lib/optionparser.rb +2 -0
  425. data/lib/rubygems/optparse/lib/optparse/ac.rb +54 -0
  426. data/lib/rubygems/optparse/lib/optparse/date.rb +18 -0
  427. data/lib/rubygems/optparse/lib/optparse/kwargs.rb +22 -0
  428. data/lib/rubygems/optparse/lib/optparse/shellwords.rb +7 -0
  429. data/lib/rubygems/optparse/lib/optparse/time.rb +11 -0
  430. data/lib/rubygems/optparse/lib/optparse/uri.rb +7 -0
  431. data/lib/rubygems/optparse/lib/optparse/version.rb +71 -0
  432. data/lib/rubygems/optparse/lib/optparse.rb +2308 -0
  433. data/lib/rubygems/optparse.rb +3 -0
  434. data/lib/rubygems/package/digest_io.rb +5 -7
  435. data/lib/rubygems/package/file_source.rb +6 -8
  436. data/lib/rubygems/package/io_source.rb +6 -4
  437. data/lib/rubygems/package/old.rb +18 -27
  438. data/lib/rubygems/package/source.rb +1 -1
  439. data/lib/rubygems/package/tar_header.rb +86 -71
  440. data/lib/rubygems/package/tar_reader/entry.rb +113 -20
  441. data/lib/rubygems/package/tar_reader.rb +13 -37
  442. data/lib/rubygems/package/tar_writer.rb +28 -44
  443. data/lib/rubygems/package.rb +234 -135
  444. data/lib/rubygems/package_task.rb +6 -12
  445. data/lib/rubygems/path_support.rb +18 -12
  446. data/lib/rubygems/platform.rb +123 -77
  447. data/lib/rubygems/psych_tree.rb +3 -2
  448. data/lib/rubygems/query_utils.rb +351 -0
  449. data/lib/rubygems/rdoc.rb +4 -326
  450. data/lib/rubygems/remote_fetcher.rb +89 -171
  451. data/lib/rubygems/request/connection_pools.rb +30 -23
  452. data/lib/rubygems/request/http_pool.rb +6 -7
  453. data/lib/rubygems/request/https_pool.rb +2 -3
  454. data/lib/rubygems/request.rb +88 -41
  455. data/lib/rubygems/request_set/gem_dependency_api.rb +171 -176
  456. data/lib/rubygems/request_set/lockfile/parser.rb +39 -49
  457. data/lib/rubygems/request_set/lockfile/tokenizer.rb +15 -13
  458. data/lib/rubygems/request_set/lockfile.rb +34 -32
  459. data/lib/rubygems/request_set.rb +115 -71
  460. data/lib/rubygems/requirement.rb +72 -63
  461. data/lib/rubygems/resolver/activation_request.rb +35 -60
  462. data/lib/rubygems/resolver/api_set/gem_parser.rb +20 -0
  463. data/lib/rubygems/resolver/api_set.rb +40 -32
  464. data/lib/rubygems/resolver/api_specification.rb +37 -18
  465. data/lib/rubygems/resolver/best_set.rb +15 -17
  466. data/lib/rubygems/resolver/composed_set.rb +9 -11
  467. data/lib/rubygems/resolver/conflict.rb +18 -24
  468. data/lib/rubygems/resolver/current_set.rb +2 -4
  469. data/lib/rubygems/resolver/dependency_request.rb +8 -9
  470. data/lib/rubygems/resolver/git_set.rb +8 -10
  471. data/lib/rubygems/resolver/git_specification.rb +11 -13
  472. data/lib/rubygems/resolver/index_set.rb +10 -12
  473. data/lib/rubygems/resolver/index_specification.rb +42 -11
  474. data/lib/rubygems/resolver/installed_specification.rb +9 -11
  475. data/lib/rubygems/resolver/installer_set.rb +93 -46
  476. data/lib/rubygems/resolver/local_specification.rb +5 -7
  477. data/lib/rubygems/resolver/lock_set.rb +13 -15
  478. data/lib/rubygems/resolver/lock_specification.rb +13 -15
  479. data/lib/rubygems/resolver/molinillo/LICENSE +9 -0
  480. data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
  481. data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb +88 -0
  482. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb +36 -0
  483. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +66 -0
  484. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +62 -0
  485. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +63 -0
  486. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +61 -0
  487. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb +126 -0
  488. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb +46 -0
  489. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb +36 -0
  490. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb +164 -0
  491. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +110 -146
  492. data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb +83 -9
  493. data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +2 -1
  494. data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/specification_provider.rb +13 -1
  495. data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb +3 -1
  496. data/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb +552 -172
  497. data/lib/rubygems/resolver/molinillo/lib/molinillo/resolver.rb +3 -2
  498. data/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb +12 -6
  499. data/lib/rubygems/resolver/molinillo/lib/molinillo.rb +6 -5
  500. data/lib/rubygems/resolver/molinillo.rb +2 -1
  501. data/lib/rubygems/resolver/requirement_list.rb +2 -2
  502. data/lib/rubygems/resolver/set.rb +3 -5
  503. data/lib/rubygems/resolver/source_set.rb +6 -7
  504. data/lib/rubygems/resolver/spec_specification.rb +16 -4
  505. data/lib/rubygems/resolver/specification.rb +25 -10
  506. data/lib/rubygems/resolver/stats.rb +1 -0
  507. data/lib/rubygems/resolver/vendor_set.rb +6 -8
  508. data/lib/rubygems/resolver/vendor_specification.rb +6 -8
  509. data/lib/rubygems/resolver.rb +120 -64
  510. data/lib/rubygems/s3_uri_signer.rb +177 -0
  511. data/lib/rubygems/safe_yaml.rb +59 -0
  512. data/lib/rubygems/security/policies.rb +49 -49
  513. data/lib/rubygems/security/policy.rb +44 -47
  514. data/lib/rubygems/security/signer.rb +86 -29
  515. data/lib/rubygems/security/trust_dir.rb +21 -23
  516. data/lib/rubygems/security.rb +111 -78
  517. data/lib/rubygems/security_option.rb +43 -0
  518. data/lib/rubygems/shellwords.rb +3 -0
  519. data/lib/rubygems/source/git.rb +40 -40
  520. data/lib/rubygems/source/installed.rb +5 -7
  521. data/lib/rubygems/source/local.rb +30 -30
  522. data/lib/rubygems/source/lock.rb +9 -7
  523. data/lib/rubygems/source/specific_file.rb +7 -8
  524. data/lib/rubygems/source/vendor.rb +3 -5
  525. data/lib/rubygems/source.rb +73 -63
  526. data/lib/rubygems/source_list.rb +14 -18
  527. data/lib/rubygems/spec_fetcher.rb +66 -78
  528. data/lib/rubygems/specification.rb +823 -1092
  529. data/lib/rubygems/specification_policy.rb +508 -0
  530. data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem +21 -0
  531. data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem +21 -0
  532. data/lib/rubygems/stub_specification.rb +52 -53
  533. data/lib/rubygems/text.rb +40 -27
  534. data/lib/rubygems/tsort/.document +1 -0
  535. data/lib/rubygems/tsort/LICENSE.txt +22 -0
  536. data/lib/rubygems/tsort/lib/tsort.rb +452 -0
  537. data/lib/rubygems/tsort.rb +3 -0
  538. data/lib/rubygems/uninstaller.rb +149 -84
  539. data/lib/rubygems/unknown_command_spell_checker.rb +21 -0
  540. data/lib/rubygems/update_suggestion.rb +69 -0
  541. data/lib/rubygems/uri.rb +126 -0
  542. data/lib/rubygems/uri_formatter.rb +3 -6
  543. data/lib/rubygems/user_interaction.rb +95 -143
  544. data/lib/rubygems/util/licenses.rb +679 -314
  545. data/lib/rubygems/util/list.rb +2 -1
  546. data/lib/rubygems/util.rb +58 -73
  547. data/lib/rubygems/validator.rb +23 -47
  548. data/lib/rubygems/version.rb +92 -48
  549. data/lib/rubygems/version_option.rb +20 -9
  550. data/lib/rubygems/yaml_serializer.rb +93 -0
  551. data/lib/rubygems.rb +434 -346
  552. data/rubygems-update.gemspec +38 -0
  553. data/setup.rb +13 -27
  554. data/test/rubygems/alternate_cert.pem +15 -14
  555. data/test/rubygems/alternate_cert_32.pem +16 -15
  556. data/test/rubygems/alternate_key.pem +25 -25
  557. data/test/rubygems/bad_rake.rb +1 -0
  558. data/test/rubygems/bundler_test_gem.rb +424 -0
  559. data/test/rubygems/ca_cert.pem +74 -65
  560. data/test/rubygems/child_cert.pem +16 -15
  561. data/test/rubygems/child_cert_32.pem +16 -15
  562. data/test/rubygems/child_key.pem +25 -25
  563. data/test/rubygems/client.pem +103 -45
  564. data/test/rubygems/data/excon-0.7.7.gemspec.rz +0 -0
  565. data/test/rubygems/data/null-required-ruby-version.gemspec.rz +0 -0
  566. data/test/rubygems/data/null-required-rubygems-version.gemspec.rz +0 -0
  567. data/test/rubygems/data/pry-0.4.7.gemspec.rz +0 -0
  568. data/test/rubygems/encrypted_private_key.pem +26 -26
  569. data/test/rubygems/expired_cert.pem +15 -14
  570. data/test/rubygems/fake_certlib/openssl.rb +1 -0
  571. data/test/rubygems/future_cert.pem +15 -14
  572. data/test/rubygems/future_cert_32.pem +15 -14
  573. data/test/rubygems/good_rake.rb +1 -0
  574. data/test/rubygems/grandchild_cert.pem +16 -15
  575. data/test/rubygems/grandchild_cert_32.pem +16 -15
  576. data/test/rubygems/grandchild_key.pem +25 -25
  577. data/{lib/rubygems/test_case.rb → test/rubygems/helper.rb} +643 -490
  578. data/{lib → test}/rubygems/installer_test_case.rb +118 -64
  579. data/test/rubygems/invalid_issuer_cert.pem +17 -15
  580. data/test/rubygems/invalid_issuer_cert_32.pem +17 -15
  581. data/test/rubygems/invalid_key.pem +25 -25
  582. data/test/rubygems/invalid_signer_cert.pem +16 -15
  583. data/test/rubygems/invalid_signer_cert_32.pem +16 -15
  584. data/test/rubygems/invalidchild_cert.pem +16 -15
  585. data/test/rubygems/invalidchild_cert_32.pem +16 -15
  586. data/test/rubygems/invalidchild_key.pem +25 -25
  587. data/test/rubygems/multifactor_auth_utilities.rb +111 -0
  588. data/{lib → test}/rubygems/package/tar_test_case.rb +54 -26
  589. data/test/rubygems/packages/Bluebie-legs-0.6.2.gem +0 -0
  590. data/test/rubygems/packages/ascii_binder-0.1.10.1.gem +0 -0
  591. data/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem +0 -0
  592. data/test/rubygems/plugin/exception/rubygems_plugin.rb +2 -1
  593. data/test/rubygems/plugin/load/rubygems_plugin.rb +1 -0
  594. data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +2 -1
  595. data/test/rubygems/private3072_key.pem +40 -0
  596. data/test/rubygems/private_ec_key.pem +9 -0
  597. data/test/rubygems/private_key.pem +25 -25
  598. data/test/rubygems/public3072_cert.pem +25 -0
  599. data/test/rubygems/public_cert.pem +17 -15
  600. data/test/rubygems/public_cert_32.pem +16 -15
  601. data/test/rubygems/public_key.pem +7 -7
  602. data/test/rubygems/rubygems/commands/crash_command.rb +1 -2
  603. data/test/rubygems/rubygems_plugin.rb +7 -5
  604. data/test/rubygems/simple_gem.rb +1 -0
  605. data/test/rubygems/specifications/bar-0.0.2.gemspec +1 -1
  606. data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +14 -0
  607. data/test/rubygems/ssl_cert.pem +78 -17
  608. data/test/rubygems/ssl_key.pem +25 -13
  609. data/test/rubygems/test_bundled_ca.rb +45 -43
  610. data/test/rubygems/test_config.rb +13 -9
  611. data/test/rubygems/test_deprecate.rb +91 -10
  612. data/test/rubygems/test_exit.rb +17 -0
  613. data/test/rubygems/test_gem.rb +917 -797
  614. data/test/rubygems/test_gem_available_set.rb +25 -25
  615. data/test/rubygems/test_gem_bundler_version_finder.rb +127 -0
  616. data/test/rubygems/test_gem_command.rb +195 -40
  617. data/test/rubygems/test_gem_command_manager.rb +182 -46
  618. data/test/rubygems/test_gem_commands_build_command.rb +646 -28
  619. data/test/rubygems/test_gem_commands_cert_command.rb +321 -126
  620. data/test/rubygems/test_gem_commands_check_command.rb +11 -12
  621. data/test/rubygems/test_gem_commands_cleanup_command.rb +147 -52
  622. data/test/rubygems/test_gem_commands_contents_command.rb +75 -44
  623. data/test/rubygems/test_gem_commands_dependency_command.rb +61 -63
  624. data/test/rubygems/test_gem_commands_environment_command.rb +62 -47
  625. data/test/rubygems/test_gem_commands_exec_command.rb +857 -0
  626. data/test/rubygems/test_gem_commands_fetch_command.rb +164 -33
  627. data/test/rubygems/test_gem_commands_generate_index_command.rb +39 -9
  628. data/test/rubygems/test_gem_commands_help_command.rb +36 -17
  629. data/test/rubygems/test_gem_commands_info_command.rb +70 -0
  630. data/test/rubygems/test_gem_commands_install_command.rb +736 -150
  631. data/test/rubygems/test_gem_commands_list_command.rb +6 -7
  632. data/test/rubygems/test_gem_commands_lock_command.rb +12 -14
  633. data/test/rubygems/test_gem_commands_mirror.rb +4 -4
  634. data/test/rubygems/test_gem_commands_open_command.rb +47 -16
  635. data/test/rubygems/test_gem_commands_outdated_command.rb +25 -8
  636. data/test/rubygems/test_gem_commands_owner_command.rb +368 -70
  637. data/test/rubygems/test_gem_commands_pristine_command.rb +318 -101
  638. data/test/rubygems/test_gem_commands_push_command.rb +331 -58
  639. data/test/rubygems/test_gem_commands_query_command.rb +329 -128
  640. data/test/rubygems/test_gem_commands_search_command.rb +3 -5
  641. data/test/rubygems/test_gem_commands_server_command.rb +7 -47
  642. data/test/rubygems/test_gem_commands_setup_command.rb +404 -66
  643. data/test/rubygems/test_gem_commands_signin_command.rb +259 -0
  644. data/test/rubygems/test_gem_commands_signout_command.rb +30 -0
  645. data/test/rubygems/test_gem_commands_sources_command.rb +316 -31
  646. data/test/rubygems/test_gem_commands_specification_command.rb +82 -56
  647. data/test/rubygems/test_gem_commands_stale_command.rb +9 -9
  648. data/test/rubygems/test_gem_commands_uninstall_command.rb +347 -88
  649. data/test/rubygems/test_gem_commands_unpack_command.rb +49 -34
  650. data/test/rubygems/test_gem_commands_update_command.rb +429 -107
  651. data/test/rubygems/test_gem_commands_which_command.rb +13 -15
  652. data/test/rubygems/test_gem_commands_yank_command.rb +227 -28
  653. data/test/rubygems/test_gem_config_file.rb +168 -108
  654. data/test/rubygems/test_gem_dependency.rb +112 -76
  655. data/test/rubygems/test_gem_dependency_installer.rb +346 -391
  656. data/test/rubygems/test_gem_dependency_list.rb +68 -63
  657. data/test/rubygems/test_gem_dependency_resolution_error.rb +6 -8
  658. data/test/rubygems/test_gem_doctor.rb +75 -49
  659. data/test/rubygems/test_gem_ext_builder.rb +121 -125
  660. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/.gitignore +1 -0
  661. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +10 -0
  662. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock +249 -0
  663. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.toml +10 -0
  664. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/src/lib.rs +27 -0
  665. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +3 -0
  666. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/.gitignore +1 -0
  667. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock +249 -0
  668. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.toml +10 -0
  669. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +10 -0
  670. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/src/lib.rs +51 -0
  671. data/test/rubygems/test_gem_ext_cargo_builder.rb +167 -0
  672. data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +34 -0
  673. data/test/rubygems/test_gem_ext_cargo_builder_unit.rb +60 -0
  674. data/test/rubygems/test_gem_ext_cmake_builder.rb +33 -36
  675. data/test/rubygems/test_gem_ext_configure_builder.rb +25 -32
  676. data/test/rubygems/test_gem_ext_ext_conf_builder.rb +94 -76
  677. data/test/rubygems/test_gem_ext_rake_builder.rb +79 -31
  678. data/test/rubygems/test_gem_gem_runner.rb +59 -9
  679. data/test/rubygems/test_gem_gemcutter_utilities.rb +210 -84
  680. data/test/rubygems/test_gem_impossible_dependencies_error.rb +5 -7
  681. data/test/rubygems/test_gem_indexer.rb +121 -107
  682. data/test/rubygems/test_gem_install_update_options.rb +65 -54
  683. data/test/rubygems/test_gem_installer.rb +1517 -557
  684. data/test/rubygems/test_gem_local_remote_options.rb +14 -15
  685. data/test/rubygems/test_gem_name_tuple.rb +5 -7
  686. data/test/rubygems/test_gem_package.rb +673 -243
  687. data/test/rubygems/test_gem_package_old.rb +58 -57
  688. data/test/rubygems/test_gem_package_tar_header.rb +129 -50
  689. data/test/rubygems/test_gem_package_tar_reader.rb +71 -11
  690. data/test/rubygems/test_gem_package_tar_reader_entry.rb +229 -21
  691. data/test/rubygems/test_gem_package_tar_writer.rb +168 -101
  692. data/test/rubygems/test_gem_package_task.rb +59 -25
  693. data/test/rubygems/test_gem_path_support.rb +49 -31
  694. data/test/rubygems/test_gem_platform.rb +393 -204
  695. data/test/rubygems/test_gem_rdoc.rb +23 -156
  696. data/test/rubygems/test_gem_remote_fetcher.rb +580 -404
  697. data/test/rubygems/test_gem_request.rb +270 -86
  698. data/test/rubygems/test_gem_request_connection_pools.rb +57 -35
  699. data/test/rubygems/test_gem_request_set.rb +192 -115
  700. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +300 -278
  701. data/test/rubygems/test_gem_request_set_lockfile.rb +95 -96
  702. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +73 -78
  703. data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +138 -137
  704. data/test/rubygems/test_gem_requirement.rb +175 -57
  705. data/test/rubygems/test_gem_resolver.rb +257 -113
  706. data/test/rubygems/test_gem_resolver_activation_request.rb +10 -41
  707. data/test/rubygems/test_gem_resolver_api_set.rb +80 -79
  708. data/test/rubygems/test_gem_resolver_api_specification.rb +64 -42
  709. data/test/rubygems/test_gem_resolver_best_set.rb +44 -23
  710. data/test/rubygems/test_gem_resolver_composed_set.rb +2 -4
  711. data/test/rubygems/test_gem_resolver_conflict.rb +13 -19
  712. data/test/rubygems/test_gem_resolver_dependency_request.rb +16 -18
  713. data/test/rubygems/test_gem_resolver_git_set.rb +23 -25
  714. data/test/rubygems/test_gem_resolver_git_specification.rb +23 -23
  715. data/test/rubygems/test_gem_resolver_index_set.rb +15 -17
  716. data/test/rubygems/test_gem_resolver_index_specification.rb +22 -19
  717. data/test/rubygems/test_gem_resolver_installed_specification.rb +6 -9
  718. data/test/rubygems/test_gem_resolver_installer_set.rb +110 -48
  719. data/test/rubygems/test_gem_resolver_local_specification.rb +8 -10
  720. data/test/rubygems/test_gem_resolver_lock_set.rb +16 -18
  721. data/test/rubygems/test_gem_resolver_lock_specification.rb +18 -20
  722. data/test/rubygems/test_gem_resolver_requirement_list.rb +2 -4
  723. data/test/rubygems/test_gem_resolver_specification.rb +10 -12
  724. data/test/rubygems/test_gem_resolver_vendor_set.rb +10 -12
  725. data/test/rubygems/test_gem_resolver_vendor_specification.rb +11 -13
  726. data/test/rubygems/test_gem_security.rb +116 -82
  727. data/test/rubygems/test_gem_security_policy.rb +128 -134
  728. data/test/rubygems/test_gem_security_signer.rb +58 -49
  729. data/test/rubygems/test_gem_security_trust_dir.rb +19 -21
  730. data/test/rubygems/test_gem_silent_ui.rb +48 -42
  731. data/test/rubygems/test_gem_source.rb +73 -61
  732. data/test/rubygems/test_gem_source_fetch_problem.rb +23 -6
  733. data/test/rubygems/test_gem_source_git.rb +79 -78
  734. data/test/rubygems/test_gem_source_installed.rb +17 -19
  735. data/test/rubygems/test_gem_source_list.rb +6 -5
  736. data/test/rubygems/test_gem_source_local.rb +16 -16
  737. data/test/rubygems/test_gem_source_lock.rb +32 -34
  738. data/test/rubygems/test_gem_source_specific_file.rb +19 -19
  739. data/test/rubygems/test_gem_source_subpath_problem.rb +50 -0
  740. data/test/rubygems/test_gem_source_vendor.rb +14 -16
  741. data/test/rubygems/test_gem_spec_fetcher.rb +89 -62
  742. data/test/rubygems/test_gem_specification.rb +1441 -1104
  743. data/test/rubygems/test_gem_stream_ui.rb +71 -55
  744. data/test/rubygems/test_gem_stub_specification.rb +102 -41
  745. data/test/rubygems/test_gem_text.rb +27 -1
  746. data/test/rubygems/test_gem_uninstaller.rb +289 -99
  747. data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +4 -6
  748. data/test/rubygems/test_gem_update_suggestion.rb +209 -0
  749. data/test/rubygems/test_gem_uri.rb +41 -0
  750. data/test/rubygems/test_gem_uri_formatter.rb +15 -17
  751. data/test/rubygems/test_gem_util.rb +68 -17
  752. data/test/rubygems/test_gem_validator.rb +12 -16
  753. data/test/rubygems/test_gem_version.rb +123 -40
  754. data/test/rubygems/test_gem_version_option.rb +30 -17
  755. data/test/rubygems/test_kernel.rb +75 -37
  756. data/test/rubygems/test_project_sanity.rb +49 -0
  757. data/test/rubygems/test_remote_fetch_error.rb +20 -0
  758. data/test/rubygems/test_require.rb +527 -117
  759. data/test/rubygems/test_rubygems.rb +76 -0
  760. data/test/rubygems/test_webauthn_listener.rb +143 -0
  761. data/test/rubygems/test_webauthn_listener_response.rb +93 -0
  762. data/test/rubygems/test_webauthn_poller.rb +124 -0
  763. data/{lib/rubygems/test_utilities.rb → test/rubygems/utilities.rb} +135 -83
  764. data/test/rubygems/wrong_key_cert.pem +16 -15
  765. data/test/rubygems/wrong_key_cert_32.pem +16 -15
  766. data/test/test_changelog_generator.rb +17 -0
  767. metadata +513 -189
  768. data/.autotest +0 -71
  769. data/.document +0 -5
  770. data/.travis.yml +0 -46
  771. data/CONTRIBUTING.rdoc +0 -129
  772. data/CVE-2013-4287.txt +0 -35
  773. data/CVE-2013-4363.txt +0 -45
  774. data/CVE-2015-3900.txt +0 -40
  775. data/History.txt +0 -3094
  776. data/MAINTAINERS.md +0 -5
  777. data/POLICIES.rdoc +0 -61
  778. data/README.rdoc +0 -54
  779. data/Rakefile +0 -449
  780. data/UPGRADING.rdoc +0 -92
  781. data/appveyor.yml +0 -36
  782. data/bin/gem +0 -25
  783. data/bin/update_rubygems +0 -37
  784. data/lib/gauntlet_rubygems.rb +0 -51
  785. data/lib/rubygems/psych_additions.rb +0 -10
  786. data/lib/rubygems/server.rb +0 -869
  787. data/lib/rubygems/source_local.rb +0 -6
  788. data/lib/rubygems/source_specific_file.rb +0 -5
  789. data/lib/rubygems/ssl_certs/AddTrustExternalCARoot-2048.pem +0 -25
  790. data/lib/rubygems/ssl_certs/AddTrustExternalCARoot.pem +0 -32
  791. data/lib/rubygems/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem +0 -14
  792. data/lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem +0 -23
  793. data/lib/rubygems/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem +0 -28
  794. data/lib/rubygems/ssl_certs/GeoTrustGlobalCA.pem +0 -20
  795. data/lib/rubygems/syck_hack.rb +0 -77
  796. data/lib/ubygems.rb +0 -11
  797. data/test/rubygems/data/null-type.gemspec.rz +0 -0
  798. data/test/rubygems/fix_openssl_warnings.rb +0 -13
  799. data/test/rubygems/test_gem_server.rb +0 -409
  800. data/util/CL2notes +0 -56
  801. data/util/create_certs.rb +0 -157
  802. data/util/create_encrypted_key.rb +0 -17
  803. data/util/generate_spdx_license_list.rb +0 -51
  804. data/util/update_bundled_ca_certificates.rb +0 -118
data/.autotest DELETED
@@ -1,71 +0,0 @@
1
- # -*- ruby -*-
2
-
3
- Gem.refresh
4
-
5
- require 'autotest/restart'
6
- require 'autotest/isolate'
7
-
8
- Autotest.add_hook :run_command do |_, cmd|
9
- cmd.sub! ' -e ', ' -we '
10
- end
11
-
12
- Autotest.add_hook :initialize do |at|
13
- at.testlib = ''
14
-
15
- at.failed_results_re = /^\s+\d+\) (?:Failure|Error):\n(.*?):/
16
- at.completed_re = /\d+ tests, \d+ assertions, \d+ failures, \d+ errors/
17
-
18
- at.add_exception %r%/\.git/%
19
- at.add_exception %r%\.rbc$%
20
- at.add_exception %r%test/rubygems/rubygems%
21
-
22
- at.find_directories.clear
23
- at.find_directories.push 'lib', 'test'
24
-
25
- at.add_mapping %r%^lib/rubygems.rb$% do |_, m|
26
- "test/rubygems/test_gem.rb"
27
- end
28
-
29
- at.add_mapping %r%^lib/rubygems/(.*).rb$% do |_, m|
30
- "test/rubygems/test_gem_#{m[1].gsub '/', '_'}.rb"
31
- end
32
-
33
- args = ARGV.reject { |a| a =~ /^-/ }
34
- at.find_directories = args unless args.empty?
35
-
36
- def at.handle_results results
37
- results = results.gsub(/\e\[\d+m/, '') # strip ascii color
38
- failed = results.scan(self.failed_results_re).map { |m, k|
39
- /(?<k>\w+)#(?<m>\w+)/ =~ m
40
- [m, k]
41
- }
42
-
43
- completed = results[self.completed_re]
44
-
45
- if completed then
46
- completed = completed.scan(/(\d+) (\w+)/).map { |v, k| [k, v.to_i] }
47
-
48
- self.latest_results = Hash[*completed.flatten]
49
- self.files_to_test = consolidate_failures failed
50
-
51
- color = failed.empty? ? :green : :red
52
- hook color unless $TESTING
53
- else
54
- self.latest_results = nil
55
- end
56
-
57
- self.tainted = true unless self.files_to_test.empty?
58
- end
59
-
60
- def at.path_to_classname s
61
- sep = File::SEPARATOR
62
-
63
- f = s.sub(/^test#{sep}rubygems#{sep}/, '').sub(/\.rb$/, '').split sep
64
-
65
- f = f.map { |path| path.split(/_|(\d+)/).map { |seg| seg.capitalize }.join }
66
-
67
- f.join('::').
68
- gsub('Rdoc', 'RDoc').
69
- gsub('GemDependencyApi', 'GemDependencyAPI')
70
- end
71
- end
data/.document DELETED
@@ -1,5 +0,0 @@
1
- README
2
- LICENSE.txt
3
- GPL.txt
4
- lib
5
- release_notes
data/.travis.yml DELETED
@@ -1,46 +0,0 @@
1
- ---
2
- after_script:
3
- - rake travis:after -t
4
- before_script:
5
- - gem uninstall executable-hooks gem-wrappers -x --force -i `gem env home`@global
6
- - gem install rake --no-document
7
- - gem install hoe-travis --no-document
8
- - gem install minitest -v '~> 4.7' --no-document
9
- - rake travis:before -t
10
- - gem list --details
11
- - gem env
12
- language: ruby
13
- notifications:
14
- email:
15
- - drbrain@segment7.net
16
- - evan+notify@phx.io
17
- rvm:
18
- - 1.8.7
19
- - 1.9.2
20
- - 1.9.3
21
- - 2.0.0
22
- - 2.1.7
23
- - 2.2.3
24
- - 2.3.0
25
- - ruby-head
26
- env:
27
- - "YAML=syck"
28
- - "YAML=psych"
29
- script: rake travis
30
- matrix:
31
- exclude:
32
- - rvm: 1.8.7
33
- env: "YAML=psych"
34
- - rvm: 2.0.0
35
- env: "YAML=syck"
36
- - rvm: 2.1.7
37
- env: "YAML=syck"
38
- - rvm: 2.2.3
39
- env: "YAML=syck"
40
- - rvm: 2.3.0
41
- env: "YAML=syck"
42
- - rvm: ruby-head
43
- env: "YAML=syck"
44
- allow_failures:
45
- - rvm: ruby-head
46
- sudo: false
data/CONTRIBUTING.rdoc DELETED
@@ -1,129 +0,0 @@
1
- = How to contribute
2
-
3
- Community involvement is essential to RubyGems. We want to keep it easy as
4
- possible to contribute changes. There are a few guidelines that we need
5
- contributors to follow to reduce the time it takes to get changes merged in.
6
-
7
- == Guidelines
8
-
9
- 1. New features should be coupled with tests.
10
-
11
- 2. Ensure that your code blends well with ours:
12
- * No trailing whitespace
13
- * Match indentation (two spaces)
14
- * Match coding style (`if`, `elsif`, `when` need trailing `then`)
15
-
16
- 3. Don't modify the history file or version number.
17
-
18
- 4. If you have any questions, just ask on IRC in #rubygems on Freenode or file
19
- an issue here: http://github.com/rubygems/rubygems/issues
20
-
21
- For more information and ideas on how to contribute to RubyGems ecosystem, see
22
- here: http://guides.rubygems.org/contributing/
23
-
24
- == Getting Started
25
-
26
- $ gem install hoe
27
- $ rake newb
28
-
29
- To run commands like `gem install` from the repo:
30
-
31
- $ ruby -Ilib bin/gem install
32
-
33
- == Issues
34
-
35
- RubyGems uses labels to track all issues and pull requests. In order to provide
36
- guidance to the community this is documentation of how labels are used in the
37
- rubygems repository.
38
-
39
- === Type
40
-
41
- Most Issues or pull requests will have one of these labels, which describes the
42
- type of the issue or pull request.
43
-
44
- * <b>bug report</b> - An issue describing a bug in rubygems. This would be something
45
- that is broken, confusing, unexpected behavior etc.
46
- * <b>bugfix</b> - A pull request that fixes a bug report.
47
- * <b>feature request</b> - An issue describing a request for a new feature or
48
- enhancement.
49
- * <b>feature implementation</b> - A pull request implementing a feature request.
50
- * <b>question</b> - An issue that is a more of a question than a call for specific
51
- changes in the codebase.
52
- * <b>cleanup</b> - Generally for a pull request that improves the code base without
53
- fixing a bug or implementing a feature.
54
- * <b>major bump</b> - This issue or pull request requires a major version bump
55
- * <b>administrative</b> - This issue relates to adminstrative tasks that need to
56
- take place as it relates to rubygems
57
-
58
- Bug report and Bugfix have the same color. And feature implementation and
59
- feature request have the same color since they are related labels.
60
-
61
- === Workflow
62
-
63
- These are labels that indicate the state of an issue, where it is in the process
64
- from being submitted to being closed. These are listed in rough progression
65
- order from submitted to closed.
66
-
67
- * <b>triage</b> - This is an issue or pull request that needs to be properly
68
- labeled by by a maintainer.
69
- * <b>accepted</b> - This issue / pull request has been accepted as valid and
70
- will be worked on by someone.
71
- * <b>ready for work</b> - An issue that is available for collaboration. This issue
72
- should have existing discussion on the problem, and a description of how to go
73
- about solving it. This label should be removed once someone has said they are
74
- going to work on it.
75
- * <b>claimed</b> - An issue that is claimed by a member of the community and is
76
- working on it. If the member can be assigned to the issue, they should be.
77
- * <b>feedback</b>- This issue/pull request is waiting on feedback from
78
- one ore more of the folks involved in the issue. Generally their should be an
79
- <tt>@username/team</tt> in the issue indicating who should respond.
80
- * <b>blocked</b> - the issue/pull request is currently unable to move forward because
81
- of some specific reason, generally this will be a reason that is outside
82
- RubyGems or needs feedback from some specific individual or group, and it may
83
- be a while before something it is resolved.
84
-
85
- Feedback and blocked all have the same color since they are all waiting on
86
- someone in particular to do something.
87
-
88
- === Inactive Reason
89
-
90
- Reasons are why an issue / pull request was closed without being worked on or
91
- accepted. There should also be more detailed information in the comments.
92
-
93
- * *duplicate* - This is a duplicate of an existing bug. The comments must
94
- reference the existing issue.
95
- * *abandonded* - This is an issue/pull request that has aged off, is no longer
96
- applicable or similar.
97
- * *declined* - An issue that won't be fixed/implemented or a pull request that
98
- is not accepted.
99
- * *deprecated* - An issue/pull request that no longer applies to the actively
100
- maintained codebase.
101
-
102
- All the reason labels are the same maroon color.
103
-
104
- === Categories
105
-
106
- These are aspects of the codebase, or what general area the issue or pull
107
- request pertains too. Not all issues will have a category.
108
-
109
- * <b>gemspec</b> - related to the gem specification itself
110
- * <b>API</b> - related to the public supported rubygems API. This is the code api,
111
- not a network related API.
112
- * <b>command</b> - related to something in <tt>Gem::Commands</tt>
113
- * <b>install</b> - related to gem installations
114
- * <b>documentation</b> - related to updating / fixing / clarifiying documentation or
115
- guides
116
-
117
- All category labels are the same blue color.
118
-
119
- === Platforms
120
-
121
- If an issue or pull request pertains to only one platform, then it should have
122
- an appropriate platform tag.
123
-
124
- * *windows*
125
- * *java*
126
- * *osx*
127
- * *linux*
128
-
129
- All platform tags are the same purple color.
data/CVE-2013-4287.txt DELETED
@@ -1,35 +0,0 @@
1
- = Algorithmic complexity vulnerability in RubyGems 2.0.7 and older
2
-
3
- RubyGems validates versions with a regular expression that is vulnerable to
4
- denial of service due to backtracking. For specially crafted RubyGems
5
- versions attackers can cause denial of service through CPU consumption.
6
-
7
- RubyGems versions 2.0.7 and older, 2.1.0.rc.1 and 2.1.0.rc.2 are vulnerable.
8
-
9
- Ruby versions 1.9.0 through 2.0.0p247 are vulnerable as they contain embedded
10
- versions of RubyGems.
11
-
12
- It does not appear to be possible to exploit this vulnerability by installing a
13
- gem for RubyGems 1.8.x or 2.0.x. Vulnerable uses of RubyGems API include
14
- packaging a gem (through `gem build`, Gem::Package or Gem::PackageTask),
15
- sending user input to Gem::Version.new, Gem::Version.correct? or use of the
16
- Gem::Version::VERSION_PATTERN or Gem::Version::ANCHORED_VERSION_PATTERN
17
- constants.
18
-
19
- Notably, users of bundler that install gems from git are vulnerable if a
20
- malicious author changes the gemspec to an invalid version.
21
-
22
- The vulnerability can be fixed by changing the first grouping to an atomic
23
- grouping in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb. For
24
- RubyGems 2.0.x:
25
-
26
- - VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?' # :nodoc:
27
- + VERSION_PATTERN = '[0-9]+(?>\.[0-9a-zA-Z]+)*(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?' # :nodoc:
28
-
29
- For RubyGems 1.8.x:
30
-
31
- - VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*' # :nodoc:
32
- + VERSION_PATTERN = '[0-9]+(?>\.[0-9a-zA-Z]+)*' # :nodoc:
33
-
34
- This vulnerability was discovered by Damir Sharipov <dammer2k@gmail.com>
35
-
data/CVE-2013-4363.txt DELETED
@@ -1,45 +0,0 @@
1
- = Algorithmic complexity vulnerability in RubyGems 2.1.4 and older
2
-
3
- The patch for CVE-2013-4287 was insufficiently verified so the combined
4
- regular expression for verifying gem version remains vulnerable following
5
- CVE-2013-4287.
6
-
7
- RubyGems validates versions with a regular expression that is vulnerable to
8
- denial of service due to backtracking. For specially crafted RubyGems
9
- versions attackers can cause denial of service through CPU consumption.
10
-
11
- RubyGems versions 2.1.4 and older are vulnerable.
12
-
13
- Ruby versions 1.9.0 through 2.0.0p247 are vulnerable as they contain embedded
14
- versions of RubyGems.
15
-
16
- It does not appear to be possible to exploit this vulnerability by installing a
17
- gem for RubyGems 1.8.x or newer. Vulnerable uses of RubyGems API include
18
- packaging a gem (through `gem build`, Gem::Package or Gem::PackageTask),
19
- sending user input to Gem::Version.new, Gem::Version.correct? or use of the
20
- Gem::Version::VERSION_PATTERN or Gem::Version::ANCHORED_VERSION_PATTERN
21
- constants.
22
-
23
- Notably, users of bundler that install gems from git are vulnerable if a
24
- malicious author changes the gemspec to an invalid version.
25
-
26
- The vulnerability can be fixed by changing the "*" repetition to a "?"
27
- repetition in Gem::Version::ANCHORED_VERSION_PATTERN in
28
- lib/rubygems/version.rb. For RubyGems 2.1.x:
29
-
30
- - ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc:
31
- + ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/ # :nodoc:
32
-
33
- For RubyGems 2.0.x:
34
-
35
- - ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc:
36
- + ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/ # :nodoc:
37
-
38
- For RubyGems 1.8.x:
39
-
40
- - ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc:
41
- + ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/ # :nodoc:
42
-
43
-
44
- This vulnerability was discovered by Alexander Cherepanov <cherepan@mccme.ru>
45
-
data/CVE-2015-3900.txt DELETED
@@ -1,40 +0,0 @@
1
- = Request hijacking vulnerability in RubyGems 2.4.6 and earlier
2
-
3
- RubyGems provides the ability of a domain to direct clients to a separate
4
- host that is used to fetch gems and make API calls against. This mechanism
5
- is implemented via DNS, specificly a SRV record _rubygems._tcp under the
6
- original requested domain.
7
-
8
- For example, this is the one that users who use rubygems.org see:
9
-
10
- > dig _rubygems._tcp.rubygems.org SRV
11
-
12
- ;; ANSWER SECTION:
13
- _rubygems._tcp.rubygems.org. 600 IN SRV 0 1 80 api.rubygems.org.
14
-
15
- RubyGems did not validate the hostname returned in the SRV record before
16
- sending requests to it.
17
-
18
- This left clients open to a DNS hijack attack, whereby an attacker could
19
- return a SRV of their choosing and get the client to use it. For example:
20
-
21
- > dig _rubygems._tcp.rubygems.org SRV
22
-
23
- ;; ANSWER SECTION:
24
- _rubygems._tcp.rubygems.org. 600 IN SRV 0 1 80 gems.nottobetrusted.wtf
25
-
26
- The fix, detailed at https://github.com/rubygems/rubygems/commit/6bbee35,
27
- shows that we validate the record now to be under the original domain. This
28
- restricts the client to be using the original trust/security domain as they
29
- would have otherwise.
30
-
31
- RubyGems versions between 2.0 and 2.4.6 are vulnerable.
32
-
33
- RubyGems version 2.0.16, 2.2.4, and 2.4.7 have been released that fix this
34
- issue.
35
-
36
- Ruby versions 1.9.0 through 2.2.0 are vulnerable as they contain embedded
37
- versions of RubyGems.
38
-
39
- This vulnerability was reported by Jonathan Claudius <JClaudius@trustwave.com>.
40
-