RubyGems - rubygems-update - Versions diffs - 2.6.0 → 3.5.4 - Mend

rubygems-update 2.6.0 → 3.5.4

Files changed (812) hide show

checksums.yaml +5 -5
data/CHANGELOG.md +5941 -0
data/CODE_OF_CONDUCT.md +76 -35
data/CONTRIBUTING.md +231 -0
data/MAINTAINERS.txt +8 -0
data/Manifest.txt +439 -216
data/POLICIES.md +135 -0
data/README.md +112 -0
data/UPGRADING.md +15 -0
data/bundler/CHANGELOG.md +4753 -0
data/bundler/LICENSE.md +22 -0
data/bundler/README.md +58 -0
data/bundler/UPGRADING.md +222 -0
data/bundler/bundler.gemspec +46 -0
data/bundler/exe/bundle +29 -0
data/bundler/exe/bundler +4 -0
data/bundler/lib/bundler/.document +1 -0
data/bundler/lib/bundler/build_metadata.rb +45 -0
data/bundler/lib/bundler/capistrano.rb +22 -0
data/bundler/lib/bundler/checksum.rb +254 -0
data/bundler/lib/bundler/ci_detector.rb +75 -0
data/bundler/lib/bundler/cli/add.rb +47 -0
data/bundler/lib/bundler/cli/binstubs.rb +57 -0
data/bundler/lib/bundler/cli/cache.rb +43 -0
data/bundler/lib/bundler/cli/check.rb +40 -0
data/bundler/lib/bundler/cli/clean.rb +25 -0
data/bundler/lib/bundler/cli/common.rb +138 -0
data/bundler/lib/bundler/cli/config.rb +204 -0
data/bundler/lib/bundler/cli/console.rb +44 -0
data/bundler/lib/bundler/cli/doctor.rb +157 -0
data/bundler/lib/bundler/cli/exec.rb +88 -0
data/bundler/lib/bundler/cli/fund.rb +36 -0
data/bundler/lib/bundler/cli/gem.rb +471 -0
data/bundler/lib/bundler/cli/info.rb +83 -0
data/bundler/lib/bundler/cli/init.rb +51 -0
data/bundler/lib/bundler/cli/inject.rb +60 -0
data/bundler/lib/bundler/cli/install.rb +190 -0
data/bundler/lib/bundler/cli/issue.rb +41 -0
data/bundler/lib/bundler/cli/list.rb +66 -0
data/bundler/lib/bundler/cli/lock.rb +73 -0
data/bundler/lib/bundler/cli/open.rb +29 -0
data/bundler/lib/bundler/cli/outdated.rb +297 -0
data/bundler/lib/bundler/cli/platform.rb +48 -0
data/bundler/lib/bundler/cli/plugin.rb +34 -0
data/bundler/lib/bundler/cli/pristine.rb +60 -0
data/bundler/lib/bundler/cli/remove.rb +17 -0
data/bundler/lib/bundler/cli/show.rb +75 -0
data/bundler/lib/bundler/cli/update.rb +123 -0
data/bundler/lib/bundler/cli/viz.rb +31 -0
data/bundler/lib/bundler/cli.rb +846 -0
data/bundler/lib/bundler/compact_index_client/cache.rb +121 -0
data/bundler/lib/bundler/compact_index_client/cache_file.rb +153 -0
data/bundler/lib/bundler/compact_index_client/gem_parser.rb +32 -0
data/bundler/lib/bundler/compact_index_client/updater.rb +115 -0
data/bundler/lib/bundler/compact_index_client.rb +126 -0
data/bundler/lib/bundler/constants.rb +7 -0
data/bundler/lib/bundler/current_ruby.rb +92 -0
data/bundler/lib/bundler/definition.rb +1015 -0
data/bundler/lib/bundler/dependency.rb +105 -0
data/bundler/lib/bundler/deployment.rb +69 -0
data/bundler/lib/bundler/deprecate.rb +44 -0
data/bundler/lib/bundler/digest.rb +71 -0
data/bundler/lib/bundler/dsl.rb +604 -0
data/bundler/lib/bundler/endpoint_specification.rb +147 -0
data/bundler/lib/bundler/env.rb +148 -0
data/bundler/lib/bundler/environment_preserver.rb +86 -0
data/bundler/lib/bundler/errors.rb +233 -0
data/bundler/lib/bundler/feature_flag.rb +53 -0
data/bundler/lib/bundler/fetcher/base.rb +52 -0
data/bundler/lib/bundler/fetcher/compact_index.rb +129 -0
data/bundler/lib/bundler/fetcher/dependency.rb +78 -0
data/bundler/lib/bundler/fetcher/downloader.rb +91 -0
data/bundler/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
data/bundler/lib/bundler/fetcher/index.rb +25 -0
data/bundler/lib/bundler/fetcher.rb +324 -0
data/bundler/lib/bundler/force_platform.rb +18 -0
data/bundler/lib/bundler/friendly_errors.rb +126 -0
data/bundler/lib/bundler/gem_helper.rb +237 -0
data/bundler/lib/bundler/gem_helpers.rb +127 -0
data/bundler/lib/bundler/gem_tasks.rb +7 -0
data/bundler/lib/bundler/gem_version_promoter.rb +145 -0
data/bundler/lib/bundler/graph.rb +152 -0
data/bundler/lib/bundler/index.rb +205 -0
data/bundler/lib/bundler/injector.rb +287 -0
data/bundler/lib/bundler/inline.rb +73 -0
data/bundler/lib/bundler/installer/gem_installer.rb +84 -0
data/bundler/lib/bundler/installer/parallel_installer.rb +202 -0
data/bundler/lib/bundler/installer/standalone.rb +116 -0
data/bundler/lib/bundler/installer.rb +267 -0
data/bundler/lib/bundler/lazy_specification.rb +172 -0
data/bundler/lib/bundler/lockfile_generator.rb +104 -0
data/bundler/lib/bundler/lockfile_parser.rb +289 -0
data/bundler/lib/bundler/man/.document +1 -0
data/bundler/lib/bundler/man/bundle-add.1 +59 -0
data/bundler/lib/bundler/man/bundle-add.1.ronn +58 -0
data/bundler/lib/bundler/man/bundle-binstubs.1 +30 -0
data/bundler/lib/bundler/man/bundle-binstubs.1.ronn +41 -0
data/bundler/lib/bundler/man/bundle-cache.1 +40 -0
data/bundler/lib/bundler/man/bundle-cache.1.ronn +79 -0
data/bundler/lib/bundler/man/bundle-check.1 +22 -0
data/bundler/lib/bundler/man/bundle-check.1.ronn +26 -0
data/bundler/lib/bundler/man/bundle-clean.1 +17 -0
data/bundler/lib/bundler/man/bundle-clean.1.ronn +18 -0
data/bundler/lib/bundler/man/bundle-config.1 +321 -0
data/bundler/lib/bundler/man/bundle-config.1.ronn +411 -0
data/bundler/lib/bundler/man/bundle-console.1 +35 -0
data/bundler/lib/bundler/man/bundle-console.1.ronn +44 -0
data/bundler/lib/bundler/man/bundle-doctor.1 +30 -0
data/bundler/lib/bundler/man/bundle-doctor.1.ronn +33 -0
data/bundler/lib/bundler/man/bundle-exec.1 +104 -0
data/bundler/lib/bundler/man/bundle-exec.1.ronn +151 -0
data/bundler/lib/bundler/man/bundle-gem.1 +69 -0
data/bundler/lib/bundler/man/bundle-gem.1.ronn +117 -0
data/bundler/lib/bundler/man/bundle-help.1 +9 -0
data/bundler/lib/bundler/man/bundle-help.1.ronn +12 -0
data/bundler/lib/bundler/man/bundle-info.1 +14 -0
data/bundler/lib/bundler/man/bundle-info.1.ronn +17 -0
data/bundler/lib/bundler/man/bundle-init.1 +20 -0
data/bundler/lib/bundler/man/bundle-init.1.ronn +31 -0
data/bundler/lib/bundler/man/bundle-inject.1 +23 -0
data/bundler/lib/bundler/man/bundle-inject.1.ronn +24 -0
data/bundler/lib/bundler/man/bundle-install.1 +215 -0
data/bundler/lib/bundler/man/bundle-install.1.ronn +383 -0
data/bundler/lib/bundler/man/bundle-list.1 +35 -0
data/bundler/lib/bundler/man/bundle-list.1.ronn +33 -0
data/bundler/lib/bundler/man/bundle-lock.1 +60 -0
data/bundler/lib/bundler/man/bundle-lock.1.ronn +94 -0
data/bundler/lib/bundler/man/bundle-open.1 +32 -0
data/bundler/lib/bundler/man/bundle-open.1.ronn +27 -0
data/bundler/lib/bundler/man/bundle-outdated.1 +100 -0
data/bundler/lib/bundler/man/bundle-outdated.1.ronn +106 -0
data/bundler/lib/bundler/man/bundle-platform.1 +49 -0
data/bundler/lib/bundler/man/bundle-platform.1.ronn +49 -0
data/bundler/lib/bundler/man/bundle-plugin.1 +55 -0
data/bundler/lib/bundler/man/bundle-plugin.1.ronn +59 -0
data/bundler/lib/bundler/man/bundle-pristine.1 +23 -0
data/bundler/lib/bundler/man/bundle-pristine.1.ronn +34 -0
data/bundler/lib/bundler/man/bundle-remove.1 +21 -0
data/bundler/lib/bundler/man/bundle-remove.1.ronn +23 -0
data/bundler/lib/bundler/man/bundle-show.1 +16 -0
data/bundler/lib/bundler/man/bundle-show.1.ronn +21 -0
data/bundler/lib/bundler/man/bundle-update.1 +275 -0
data/bundler/lib/bundler/man/bundle-update.1.ronn +351 -0
data/bundler/lib/bundler/man/bundle-version.1 +22 -0
data/bundler/lib/bundler/man/bundle-version.1.ronn +24 -0
data/bundler/lib/bundler/man/bundle-viz.1 +30 -0
data/bundler/lib/bundler/man/bundle-viz.1.ronn +32 -0
data/bundler/lib/bundler/man/bundle.1 +102 -0
data/bundler/lib/bundler/man/bundle.1.ronn +116 -0
data/bundler/lib/bundler/man/gemfile.5 +470 -0
data/bundler/lib/bundler/man/gemfile.5.ronn +552 -0
data/bundler/lib/bundler/man/index.txt +29 -0
data/bundler/lib/bundler/match_metadata.rb +17 -0
data/bundler/lib/bundler/match_platform.rb +23 -0
data/bundler/lib/bundler/match_remote_metadata.rb +29 -0
data/bundler/lib/bundler/mirror.rb +221 -0
data/bundler/lib/bundler/plugin/api/source.rb +321 -0
data/bundler/lib/bundler/plugin/api.rb +81 -0
data/bundler/lib/bundler/plugin/dsl.rb +53 -0
data/bundler/lib/bundler/plugin/events.rb +61 -0
data/bundler/lib/bundler/plugin/index.rb +193 -0
data/bundler/lib/bundler/plugin/installer/git.rb +34 -0
data/bundler/lib/bundler/plugin/installer/rubygems.rb +19 -0
data/bundler/lib/bundler/plugin/installer.rb +112 -0
data/bundler/lib/bundler/plugin/source_list.rb +31 -0
data/bundler/lib/bundler/plugin.rb +359 -0
data/bundler/lib/bundler/process_lock.rb +24 -0
data/bundler/lib/bundler/remote_specification.rb +121 -0
data/bundler/lib/bundler/resolver/base.rb +107 -0
data/bundler/lib/bundler/resolver/candidate.rb +94 -0
data/bundler/lib/bundler/resolver/incompatibility.rb +15 -0
data/bundler/lib/bundler/resolver/package.rb +77 -0
data/bundler/lib/bundler/resolver/root.rb +25 -0
data/bundler/lib/bundler/resolver/spec_group.rb +79 -0
data/bundler/lib/bundler/resolver.rb +462 -0
data/bundler/lib/bundler/retry.rb +66 -0
data/bundler/lib/bundler/ruby_dsl.rb +53 -0
data/bundler/lib/bundler/ruby_version.rb +131 -0
data/bundler/lib/bundler/rubygems_ext.rb +328 -0
data/bundler/lib/bundler/rubygems_gem_installer.rb +137 -0
data/bundler/lib/bundler/rubygems_integration.rb +493 -0
data/bundler/lib/bundler/runtime.rb +307 -0
data/bundler/lib/bundler/safe_marshal.rb +31 -0
data/bundler/lib/bundler/self_manager.rb +186 -0
data/bundler/lib/bundler/settings/validator.rb +102 -0
data/bundler/lib/bundler/settings.rb +588 -0
data/bundler/lib/bundler/setup.rb +33 -0
data/bundler/lib/bundler/shared_helpers.rb +380 -0
data/bundler/lib/bundler/similarity_detector.rb +63 -0
data/bundler/lib/bundler/source/gemspec.rb +18 -0
data/bundler/lib/bundler/source/git/git_proxy.rb +455 -0
data/bundler/lib/bundler/source/git.rb +380 -0
data/bundler/lib/bundler/source/metadata.rb +62 -0
data/bundler/lib/bundler/source/path/installer.rb +53 -0
data/bundler/lib/bundler/source/path.rb +261 -0
data/bundler/lib/bundler/source/rubygems/remote.rb +68 -0
data/bundler/lib/bundler/source/rubygems.rb +516 -0
data/bundler/lib/bundler/source/rubygems_aggregate.rb +68 -0
data/bundler/lib/bundler/source.rb +116 -0
data/bundler/lib/bundler/source_list.rb +227 -0
data/bundler/lib/bundler/source_map.rb +71 -0
data/bundler/lib/bundler/spec_set.rb +296 -0
data/bundler/lib/bundler/stub_specification.rb +119 -0
data/bundler/lib/bundler/templates/.document +1 -0
data/bundler/lib/bundler/templates/Executable +27 -0
data/bundler/lib/bundler/templates/Executable.bundler +109 -0
data/bundler/lib/bundler/templates/Executable.standalone +14 -0
data/bundler/lib/bundler/templates/Gemfile +5 -0
data/bundler/lib/bundler/templates/newgem/CHANGELOG.md.tt +5 -0
data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +84 -0
data/bundler/lib/bundler/templates/newgem/Cargo.toml.tt +7 -0
data/bundler/lib/bundler/templates/newgem/Gemfile.tt +26 -0
data/bundler/lib/bundler/templates/newgem/LICENSE.txt.tt +21 -0
data/bundler/lib/bundler/templates/newgem/README.md.tt +45 -0
data/bundler/lib/bundler/templates/newgem/Rakefile.tt +67 -0
data/bundler/lib/bundler/templates/newgem/bin/console.tt +11 -0
data/bundler/lib/bundler/templates/newgem/bin/setup.tt +8 -0
data/bundler/lib/bundler/templates/newgem/circleci/config.yml.tt +25 -0
data/bundler/lib/bundler/templates/newgem/exe/newgem.tt +3 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +15 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-c.rb.tt +10 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-rust.rb.tt +6 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +9 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.h.tt +6 -0
data/bundler/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +12 -0
data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +37 -0
data/bundler/lib/bundler/templates/newgem/gitignore.tt +23 -0
data/bundler/lib/bundler/templates/newgem/gitlab-ci.yml.tt +18 -0
data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +9 -0
data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +15 -0
data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +51 -0
data/bundler/lib/bundler/templates/newgem/rspec.tt +3 -0
data/bundler/lib/bundler/templates/newgem/rubocop.yml.tt +13 -0
data/bundler/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +11 -0
data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +15 -0
data/bundler/lib/bundler/templates/newgem/standard.yml.tt +3 -0
data/bundler/lib/bundler/templates/newgem/test/minitest/test_helper.rb.tt +6 -0
data/bundler/lib/bundler/templates/newgem/test/minitest/test_newgem.rb.tt +13 -0
data/bundler/lib/bundler/templates/newgem/test/test-unit/newgem_test.rb.tt +15 -0
data/bundler/lib/bundler/templates/newgem/test/test-unit/test_helper.rb.tt +6 -0
data/bundler/lib/bundler/ui/rg_proxy.rb +19 -0
data/bundler/lib/bundler/ui/shell.rb +165 -0
data/bundler/lib/bundler/ui/silent.rb +85 -0
data/bundler/lib/bundler/ui.rb +9 -0
data/bundler/lib/bundler/uri_credentials_filter.rb +43 -0
data/bundler/lib/bundler/uri_normalizer.rb +23 -0
data/bundler/lib/bundler/vendor/.document +1 -0
data/bundler/lib/bundler/vendor/connection_pool/.document +1 -0
data/bundler/lib/bundler/vendor/connection_pool/LICENSE +20 -0
data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +174 -0
data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +3 -0
data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +56 -0
data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +175 -0
data/bundler/lib/bundler/vendor/fileutils/.document +1 -0
data/bundler/lib/bundler/vendor/fileutils/LICENSE.txt +22 -0
data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +2694 -0
data/bundler/lib/bundler/vendor/net-http-persistent/.document +1 -0
data/bundler/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +41 -0
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +65 -0
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +79 -0
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1073 -0
data/bundler/lib/bundler/vendor/pub_grub/.document +1 -0
data/bundler/lib/bundler/vendor/pub_grub/LICENSE.txt +21 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb +20 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +189 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/failure_writer.rb +182 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/incompatibility.rb +150 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/package.rb +43 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/partial_solution.rb +121 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/rubygems.rb +45 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/solve_failure.rb +19 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +60 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/term.rb +105 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version.rb +3 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_constraint.rb +129 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +411 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +248 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb +178 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub.rb +31 -0
data/bundler/lib/bundler/vendor/thor/.document +1 -0
data/bundler/lib/bundler/vendor/thor/LICENSE.md +20 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +105 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +61 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +108 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +143 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +373 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +130 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +340 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +825 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +151 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +107 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +106 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +281 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +178 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +37 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor.rb +17 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/nested_context.rb +29 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +89 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +195 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +178 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +293 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +72 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +335 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +388 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +112 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +81 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +134 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +81 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +285 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +3 -0
data/bundler/lib/bundler/vendor/thor/lib/thor.rb +663 -0
data/bundler/lib/bundler/vendor/tsort/.document +1 -0
data/bundler/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +455 -0
data/bundler/lib/bundler/vendor/uri/.document +1 -0
data/bundler/lib/bundler/vendor/uri/LICENSE.txt +22 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +853 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/file.rb +100 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/ftp.rb +267 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1588 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/http.rb +125 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/https.rb +23 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/ldap.rb +261 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/ldaps.rb +22 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/mailto.rb +293 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +539 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +183 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +6 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/ws.rb +83 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/wss.rb +23 -0
data/bundler/lib/bundler/vendor/uri/lib/uri.rb +104 -0
data/bundler/lib/bundler/vendored_fileutils.rb +4 -0
data/bundler/lib/bundler/vendored_net_http.rb +8 -0
data/bundler/lib/bundler/vendored_persistent.rb +11 -0
data/bundler/lib/bundler/vendored_pub_grub.rb +4 -0
data/bundler/lib/bundler/vendored_thor.rb +8 -0
data/bundler/lib/bundler/vendored_timeout.rb +8 -0
data/bundler/lib/bundler/vendored_tsort.rb +4 -0
data/bundler/lib/bundler/vendored_uri.rb +4 -0
data/bundler/lib/bundler/version.rb +13 -0
data/bundler/lib/bundler/vlad.rb +17 -0
data/bundler/lib/bundler/worker.rb +117 -0
data/bundler/lib/bundler/yaml_serializer.rb +93 -0
data/bundler/lib/bundler.rb +663 -0
data/{test/rubygems/bogussources.rb → exe/gem} +5 -2
data/exe/update_rubygems +38 -0
data/hide_lib_for_update/note.txt +0 -4
data/lib/rubygems/available_set.rb +12 -12
data/lib/rubygems/basic_specification.rb +82 -59
data/lib/rubygems/bundler_version_finder.rb +77 -0
data/lib/rubygems/ci_detector.rb +75 -0
data/lib/rubygems/command.rb +144 -71
data/lib/rubygems/command_manager.rb +64 -27
data/lib/rubygems/commands/build_command.rb +88 -17
data/lib/rubygems/commands/cert_command.rb +131 -83
data/lib/rubygems/commands/check_command.rb +30 -27
data/lib/rubygems/commands/cleanup_command.rb +57 -40
data/lib/rubygems/commands/contents_command.rb +37 -39
data/lib/rubygems/commands/dependency_command.rb +53 -65
data/lib/rubygems/commands/environment_command.rb +32 -16
data/lib/rubygems/commands/exec_command.rb +249 -0
data/lib/rubygems/commands/fetch_command.rb +36 -19
data/lib/rubygems/commands/generate_index_command.rb +40 -74
data/lib/rubygems/commands/help_command.rb +22 -22
data/lib/rubygems/commands/info_command.rb +38 -0
data/lib/rubygems/commands/install_command.rb +67 -143
data/lib/rubygems/commands/list_command.rb +10 -9
data/lib/rubygems/commands/lock_command.rb +12 -14
data/lib/rubygems/commands/mirror_command.rb +4 -4
data/lib/rubygems/commands/open_command.rb +28 -26
data/lib/rubygems/commands/outdated_command.rb +6 -6
data/lib/rubygems/commands/owner_command.rb +51 -27
data/lib/rubygems/commands/pristine_command.rb +99 -71
data/lib/rubygems/commands/push_command.rb +53 -46
data/lib/rubygems/commands/query_command.rb +21 -328
data/lib/rubygems/commands/rdoc_command.rb +33 -33
data/lib/rubygems/commands/search_command.rb +9 -9
data/lib/rubygems/commands/server_command.rb +15 -76
data/lib/rubygems/commands/setup_command.rb +370 -186
data/lib/rubygems/commands/signin_command.rb +34 -0
data/lib/rubygems/commands/signout_command.rb +32 -0
data/lib/rubygems/commands/sources_command.rb +57 -41
data/lib/rubygems/commands/specification_command.rb +38 -28
data/lib/rubygems/commands/stale_command.rb +6 -5
data/lib/rubygems/commands/uninstall_command.rb +96 -62
data/lib/rubygems/commands/unpack_command.rb +44 -53
data/lib/rubygems/commands/update_command.rb +153 -99
data/lib/rubygems/commands/which_command.rb +14 -17
data/lib/rubygems/commands/yank_command.rb +28 -32
data/lib/rubygems/compatibility.rb +13 -32
data/lib/rubygems/config_file.rb +214 -119
data/lib/rubygems/core_ext/kernel_gem.rb +10 -16
data/lib/rubygems/core_ext/kernel_require.rb +92 -90
data/lib/rubygems/core_ext/kernel_warn.rb +49 -0
data/lib/rubygems/core_ext/tcpsocket_init.rb +54 -0
data/lib/rubygems/defaults.rb +184 -54
data/lib/rubygems/dependency.rb +75 -62
data/lib/rubygems/dependency_installer.rb +74 -230
data/lib/rubygems/dependency_list.rb +32 -33
data/lib/rubygems/deprecate.rb +113 -17
data/lib/rubygems/doctor.rb +31 -31
data/lib/rubygems/errors.rb +51 -13
data/lib/rubygems/exceptions.rb +65 -35
data/lib/rubygems/ext/build_error.rb +3 -1
data/lib/rubygems/ext/builder.rb +103 -77
data/lib/rubygems/ext/cargo_builder/link_flag_converter.rb +27 -0
data/lib/rubygems/ext/cargo_builder.rb +360 -0
data/lib/rubygems/ext/cmake_builder.rb +6 -7
data/lib/rubygems/ext/configure_builder.rb +6 -9
data/lib/rubygems/ext/ext_conf_builder.rb +40 -61
data/lib/rubygems/ext/rake_builder.rb +18 -21
data/lib/rubygems/ext.rb +8 -7
data/lib/rubygems/gem_runner.rb +19 -21
data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +163 -0
data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +105 -0
data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +78 -0
data/lib/rubygems/gemcutter_utilities.rb +246 -43
data/lib/rubygems/install_default_message.rb +3 -3
data/lib/rubygems/install_message.rb +3 -3
data/lib/rubygems/install_update_options.rb +104 -98
data/lib/rubygems/installer.rb +407 -225
data/lib/rubygems/installer_uninstaller_utils.rb +27 -0
data/lib/rubygems/local_remote_options.rb +29 -32
data/lib/rubygems/name_tuple.rb +18 -23
data/lib/rubygems/net/http.rb +3 -0
data/lib/rubygems/net-http/.document +1 -0
data/lib/rubygems/net-http/LICENSE.txt +22 -0
data/lib/rubygems/net-http/lib/net/http/backward.rb +40 -0
data/lib/rubygems/net-http/lib/net/http/exceptions.rb +34 -0
data/lib/rubygems/net-http/lib/net/http/generic_request.rb +414 -0
data/lib/rubygems/net-http/lib/net/http/header.rb +981 -0
data/lib/rubygems/net-http/lib/net/http/proxy_delta.rb +17 -0
data/lib/rubygems/net-http/lib/net/http/request.rb +88 -0
data/lib/rubygems/net-http/lib/net/http/requests.rb +425 -0
data/lib/rubygems/net-http/lib/net/http/response.rb +738 -0
data/lib/rubygems/net-http/lib/net/http/responses.rb +1174 -0
data/lib/rubygems/net-http/lib/net/http/status.rb +84 -0
data/lib/rubygems/net-http/lib/net/http.rb +2496 -0
data/lib/rubygems/net-http/lib/net/https.rb +23 -0
data/lib/rubygems/net-protocol/.document +1 -0
data/lib/rubygems/net-protocol/LICENSE.txt +22 -0
data/lib/rubygems/net-protocol/lib/net/protocol.rb +544 -0
data/lib/rubygems/openssl.rb +7 -0
data/lib/rubygems/optparse/.document +1 -0
data/lib/rubygems/optparse/COPYING +56 -0
data/lib/rubygems/optparse/lib/optionparser.rb +2 -0
data/lib/rubygems/optparse/lib/optparse/ac.rb +54 -0
data/lib/rubygems/optparse/lib/optparse/date.rb +18 -0
data/lib/rubygems/optparse/lib/optparse/kwargs.rb +22 -0
data/lib/rubygems/optparse/lib/optparse/shellwords.rb +7 -0
data/lib/rubygems/optparse/lib/optparse/time.rb +11 -0
data/lib/rubygems/optparse/lib/optparse/uri.rb +7 -0
data/lib/rubygems/optparse/lib/optparse/version.rb +71 -0
data/lib/rubygems/optparse/lib/optparse.rb +2330 -0
data/lib/rubygems/optparse.rb +3 -0
data/lib/rubygems/package/digest_io.rb +5 -7
data/lib/rubygems/package/file_source.rb +6 -8
data/lib/rubygems/package/io_source.rb +6 -4
data/lib/rubygems/package/old.rb +19 -28
data/lib/rubygems/package/source.rb +1 -1
data/lib/rubygems/package/tar_header.rb +114 -93
data/lib/rubygems/package/tar_reader/entry.rb +116 -22
data/lib/rubygems/package/tar_reader.rb +18 -40
data/lib/rubygems/package/tar_writer.rb +42 -56
data/lib/rubygems/package.rb +254 -144
data/lib/rubygems/package_task.rb +8 -14
data/lib/rubygems/path_support.rb +21 -16
data/lib/rubygems/platform.rb +135 -74
data/lib/rubygems/psych_tree.rb +3 -2
data/lib/rubygems/query_utils.rb +349 -0
data/lib/rubygems/rdoc.rb +4 -326
data/lib/rubygems/remote_fetcher.rb +99 -181
data/lib/rubygems/request/connection_pools.rb +31 -24
data/lib/rubygems/request/http_pool.rb +6 -7
data/lib/rubygems/request/https_pool.rb +2 -3
data/lib/rubygems/request.rb +107 -57
data/lib/rubygems/request_set/gem_dependency_api.rb +182 -190
data/lib/rubygems/request_set/lockfile/parser.rb +42 -52
data/lib/rubygems/request_set/lockfile/tokenizer.rb +34 -24
data/lib/rubygems/request_set/lockfile.rb +32 -35
data/lib/rubygems/request_set.rb +115 -71
data/lib/rubygems/requirement.rb +77 -68
data/lib/rubygems/resolv/.document +1 -0
data/lib/rubygems/resolv/LICENSE.txt +22 -0
data/lib/rubygems/resolv/lib/resolv.rb +3387 -0
data/lib/rubygems/resolver/activation_request.rb +34 -61
data/lib/rubygems/resolver/api_set/gem_parser.rb +24 -0
data/lib/rubygems/resolver/api_set.rb +40 -32
data/lib/rubygems/resolver/api_specification.rb +37 -18
data/lib/rubygems/resolver/best_set.rb +15 -17
data/lib/rubygems/resolver/composed_set.rb +9 -11
data/lib/rubygems/resolver/conflict.rb +19 -33
data/lib/rubygems/resolver/current_set.rb +2 -4
data/lib/rubygems/resolver/dependency_request.rb +8 -9
data/lib/rubygems/resolver/git_set.rb +8 -10
data/lib/rubygems/resolver/git_specification.rb +11 -13
data/lib/rubygems/resolver/index_set.rb +13 -15
data/lib/rubygems/resolver/index_specification.rb +42 -11
data/lib/rubygems/resolver/installed_specification.rb +9 -11
data/lib/rubygems/resolver/installer_set.rb +93 -47
data/lib/rubygems/resolver/local_specification.rb +5 -7
data/lib/rubygems/resolver/lock_set.rb +13 -15
data/lib/rubygems/resolver/lock_specification.rb +13 -15
data/lib/rubygems/resolver/molinillo/.document +1 -0
data/lib/rubygems/resolver/molinillo/LICENSE +9 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb +88 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb +36 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +66 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +62 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +63 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +61 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb +126 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb +46 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb +36 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb +164 -0
data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +110 -146
data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb +83 -9
data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +2 -1
data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/specification_provider.rb +13 -1
data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb +3 -1
data/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb +552 -172
data/lib/rubygems/resolver/molinillo/lib/molinillo/resolver.rb +3 -2
data/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb +12 -6
data/lib/rubygems/resolver/molinillo/lib/molinillo.rb +6 -5
data/lib/rubygems/resolver/molinillo.rb +2 -1
data/lib/rubygems/resolver/requirement_list.rb +2 -2
data/lib/rubygems/resolver/set.rb +3 -5
data/lib/rubygems/resolver/source_set.rb +6 -7
data/lib/rubygems/resolver/spec_specification.rb +16 -4
data/lib/rubygems/resolver/specification.rb +25 -10
data/lib/rubygems/resolver/stats.rb +1 -0
data/lib/rubygems/resolver/vendor_set.rb +6 -8
data/lib/rubygems/resolver/vendor_specification.rb +6 -8
data/lib/rubygems/resolver.rb +121 -72
data/lib/rubygems/s3_uri_signer.rb +177 -0
data/lib/rubygems/safe_marshal/elements.rb +146 -0
data/lib/rubygems/safe_marshal/reader.rb +308 -0
data/lib/rubygems/safe_marshal/visitors/stream_printer.rb +31 -0
data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +415 -0
data/lib/rubygems/safe_marshal/visitors/visitor.rb +74 -0
data/lib/rubygems/safe_marshal.rb +74 -0
data/lib/rubygems/safe_yaml.rb +36 -0
data/lib/rubygems/security/policies.rb +49 -51
data/lib/rubygems/security/policy.rb +46 -53
data/lib/rubygems/security/signer.rb +86 -29
data/lib/rubygems/security/trust_dir.rb +22 -24
data/lib/rubygems/security.rb +101 -82
data/lib/rubygems/security_option.rb +43 -0
data/lib/rubygems/shellwords.rb +3 -0
data/lib/rubygems/source/git.rb +40 -42
data/lib/rubygems/source/installed.rb +5 -9
data/lib/rubygems/source/local.rb +30 -33
data/lib/rubygems/source/lock.rb +10 -10
data/lib/rubygems/source/specific_file.rb +7 -9
data/lib/rubygems/source/vendor.rb +3 -7
data/lib/rubygems/source.rb +78 -68
data/lib/rubygems/source_list.rb +11 -15
data/lib/rubygems/spec_fetcher.rb +71 -83
data/lib/rubygems/specification.rb +833 -1115
data/lib/rubygems/specification_policy.rb +538 -0
data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem +21 -0
data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem +21 -0
data/lib/rubygems/stub_specification.rb +55 -57
data/lib/rubygems/text.rb +39 -27
data/lib/rubygems/timeout/.document +1 -0
data/lib/rubygems/timeout/LICENSE.txt +22 -0
data/lib/rubygems/timeout/lib/timeout.rb +199 -0
data/lib/rubygems/timeout.rb +3 -0
data/lib/rubygems/tsort/.document +1 -0
data/lib/rubygems/tsort/LICENSE.txt +22 -0
data/lib/rubygems/tsort/lib/tsort.rb +455 -0
data/lib/rubygems/tsort.rb +3 -0
data/lib/rubygems/uninstaller.rb +150 -87
data/lib/rubygems/unknown_command_spell_checker.rb +21 -0
data/lib/rubygems/update_suggestion.rb +56 -0
data/lib/rubygems/uri.rb +126 -0
data/lib/rubygems/uri_formatter.rb +4 -7
data/lib/rubygems/user_interaction.rb +92 -146
data/lib/rubygems/util/licenses.rb +712 -317
data/lib/rubygems/util/list.rb +5 -2
data/lib/rubygems/util.rb +58 -75
data/lib/rubygems/validator.rb +26 -48
data/lib/rubygems/version.rb +106 -56
data/lib/rubygems/version_option.rb +22 -14
data/lib/rubygems/yaml_serializer.rb +93 -0
data/lib/rubygems.rb +453 -358
data/rubygems-update.gemspec +38 -0
data/setup.rb +13 -27
metadata +511 -363
data/.autotest +0 -71
data/.document +0 -5
data/.travis.yml +0 -46
data/CONTRIBUTING.rdoc +0 -129
data/CVE-2013-4287.txt +0 -35
data/CVE-2013-4363.txt +0 -45
data/CVE-2015-3900.txt +0 -40
data/History.txt +0 -3094
data/MAINTAINERS.md +0 -5
data/POLICIES.rdoc +0 -61
data/README.rdoc +0 -54
data/Rakefile +0 -449
data/UPGRADING.rdoc +0 -92
data/appveyor.yml +0 -36
data/bin/gem +0 -25
data/bin/update_rubygems +0 -37
data/lib/gauntlet_rubygems.rb +0 -51
data/lib/rubygems/indexer.rb +0 -434
data/lib/rubygems/installer_test_case.rb +0 -194
data/lib/rubygems/mock_gem_ui.rb +0 -89
data/lib/rubygems/package/tar_test_case.rb +0 -147
data/lib/rubygems/psych_additions.rb +0 -10
data/lib/rubygems/server.rb +0 -869
data/lib/rubygems/source_local.rb +0 -6
data/lib/rubygems/source_specific_file.rb +0 -5
data/lib/rubygems/ssl_certs/AddTrustExternalCARoot-2048.pem +0 -25
data/lib/rubygems/ssl_certs/AddTrustExternalCARoot.pem +0 -32
data/lib/rubygems/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem +0 -14
data/lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem +0 -23
data/lib/rubygems/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem +0 -28
data/lib/rubygems/ssl_certs/GeoTrustGlobalCA.pem +0 -20
data/lib/rubygems/syck_hack.rb +0 -77
data/lib/rubygems/test_case.rb +0 -1496
data/lib/rubygems/test_utilities.rb +0 -384
data/lib/ubygems.rb +0 -11
data/test/rubygems/alternate_cert.pem +0 -18
data/test/rubygems/alternate_cert_32.pem +0 -18
data/test/rubygems/alternate_key.pem +0 -27
data/test/rubygems/bad_rake.rb +0 -2
data/test/rubygems/ca_cert.pem +0 -68
data/test/rubygems/child_cert.pem +0 -18
data/test/rubygems/child_cert_32.pem +0 -18
data/test/rubygems/child_key.pem +0 -27
data/test/rubygems/client.pem +0 -49
data/test/rubygems/data/gem-private_key.pem +0 -27
data/test/rubygems/data/gem-public_cert.pem +0 -20
data/test/rubygems/data/null-type.gemspec.rz +0 -0
data/test/rubygems/encrypted_private_key.pem +0 -30
data/test/rubygems/expired_cert.pem +0 -18
data/test/rubygems/fake_certlib/openssl.rb +0 -8
data/test/rubygems/fix_openssl_warnings.rb +0 -13
data/test/rubygems/foo/discover.rb +0 -1
data/test/rubygems/future_cert.pem +0 -18
data/test/rubygems/future_cert_32.pem +0 -18
data/test/rubygems/good_rake.rb +0 -2
data/test/rubygems/grandchild_cert.pem +0 -18
data/test/rubygems/grandchild_cert_32.pem +0 -18
data/test/rubygems/grandchild_key.pem +0 -27
data/test/rubygems/invalid_client.pem +0 -49
data/test/rubygems/invalid_issuer_cert.pem +0 -18
data/test/rubygems/invalid_issuer_cert_32.pem +0 -18
data/test/rubygems/invalid_key.pem +0 -27
data/test/rubygems/invalid_signer_cert.pem +0 -18
data/test/rubygems/invalid_signer_cert_32.pem +0 -18
data/test/rubygems/invalidchild_cert.pem +0 -18
data/test/rubygems/invalidchild_cert_32.pem +0 -18
data/test/rubygems/invalidchild_key.pem +0 -27
data/test/rubygems/plugin/exception/rubygems_plugin.rb +0 -3
data/test/rubygems/plugin/load/rubygems_plugin.rb +0 -4
data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +0 -3
data/test/rubygems/private_key.pem +0 -27
data/test/rubygems/public_cert.pem +0 -18
data/test/rubygems/public_cert_32.pem +0 -18
data/test/rubygems/public_key.pem +0 -9
data/test/rubygems/rubygems/commands/crash_command.rb +0 -6
data/test/rubygems/rubygems_plugin.rb +0 -22
data/test/rubygems/sff/discover.rb +0 -1
data/test/rubygems/simple_gem.rb +0 -67
data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -9
data/test/rubygems/specifications/foo-0.0.1-x86-mswin32.gemspec +0 -0
data/test/rubygems/ssl_cert.pem +0 -19
data/test/rubygems/ssl_key.pem +0 -15
data/test/rubygems/test_bundled_ca.rb +0 -59
data/test/rubygems/test_config.rb +0 -24
data/test/rubygems/test_deprecate.rb +0 -77
data/test/rubygems/test_gem.rb +0 -1679
data/test/rubygems/test_gem_available_set.rb +0 -130
data/test/rubygems/test_gem_command.rb +0 -248
data/test/rubygems/test_gem_command_manager.rb +0 -264
data/test/rubygems/test_gem_commands_build_command.rb +0 -121
data/test/rubygems/test_gem_commands_cert_command.rb +0 -671
data/test/rubygems/test_gem_commands_check_command.rb +0 -69
data/test/rubygems/test_gem_commands_cleanup_command.rb +0 -197
data/test/rubygems/test_gem_commands_contents_command.rb +0 -240
data/test/rubygems/test_gem_commands_dependency_command.rb +0 -230
data/test/rubygems/test_gem_commands_environment_command.rb +0 -154
data/test/rubygems/test_gem_commands_fetch_command.rb +0 -127
data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -51
data/test/rubygems/test_gem_commands_help_command.rb +0 -75
data/test/rubygems/test_gem_commands_install_command.rb +0 -987
data/test/rubygems/test_gem_commands_list_command.rb +0 -34
data/test/rubygems/test_gem_commands_lock_command.rb +0 -69
data/test/rubygems/test_gem_commands_mirror.rb +0 -20
data/test/rubygems/test_gem_commands_open_command.rb +0 -70
data/test/rubygems/test_gem_commands_outdated_command.rb +0 -33
data/test/rubygems/test_gem_commands_owner_command.rb +0 -205
data/test/rubygems/test_gem_commands_pristine_command.rb +0 -491
data/test/rubygems/test_gem_commands_push_command.rb +0 -330
data/test/rubygems/test_gem_commands_query_command.rb +0 -657
data/test/rubygems/test_gem_commands_search_command.rb +0 -18
data/test/rubygems/test_gem_commands_server_command.rb +0 -60
data/test/rubygems/test_gem_commands_setup_command.rb +0 -136
data/test/rubygems/test_gem_commands_sources_command.rb +0 -249
data/test/rubygems/test_gem_commands_specification_command.rb +0 -251
data/test/rubygems/test_gem_commands_stale_command.rb +0 -43
data/test/rubygems/test_gem_commands_uninstall_command.rb +0 -283
data/test/rubygems/test_gem_commands_unpack_command.rb +0 -209
data/test/rubygems/test_gem_commands_update_command.rb +0 -514
data/test/rubygems/test_gem_commands_which_command.rb +0 -87
data/test/rubygems/test_gem_commands_yank_command.rb +0 -100
data/test/rubygems/test_gem_config_file.rb +0 -491
data/test/rubygems/test_gem_dependency.rb +0 -362
data/test/rubygems/test_gem_dependency_installer.rb +0 -1235
data/test/rubygems/test_gem_dependency_list.rb +0 -260
data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -29
data/test/rubygems/test_gem_doctor.rb +0 -169
data/test/rubygems/test_gem_ext_builder.rb +0 -341
data/test/rubygems/test_gem_ext_cmake_builder.rb +0 -87
data/test/rubygems/test_gem_ext_configure_builder.rb +0 -87
data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -211
data/test/rubygems/test_gem_ext_rake_builder.rb +0 -65
data/test/rubygems/test_gem_gem_runner.rb +0 -69
data/test/rubygems/test_gem_gemcutter_utilities.rb +0 -235
data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -62
data/test/rubygems/test_gem_indexer.rb +0 -367
data/test/rubygems/test_gem_install_update_options.rb +0 -197
data/test/rubygems/test_gem_installer.rb +0 -1552
data/test/rubygems/test_gem_local_remote_options.rb +0 -134
data/test/rubygems/test_gem_name_tuple.rb +0 -45
data/test/rubygems/test_gem_package.rb +0 -876
data/test/rubygems/test_gem_package_old.rb +0 -90
data/test/rubygems/test_gem_package_tar_header.rb +0 -147
data/test/rubygems/test_gem_package_tar_reader.rb +0 -90
data/test/rubygems/test_gem_package_tar_reader_entry.rb +0 -142
data/test/rubygems/test_gem_package_tar_writer.rb +0 -264
data/test/rubygems/test_gem_package_task.rb +0 -84
data/test/rubygems/test_gem_path_support.rb +0 -121
data/test/rubygems/test_gem_platform.rb +0 -308
data/test/rubygems/test_gem_rdoc.rb +0 -270
data/test/rubygems/test_gem_remote_fetcher.rb +0 -1051
data/test/rubygems/test_gem_request.rb +0 -363
data/test/rubygems/test_gem_request_connection_pools.rb +0 -130
data/test/rubygems/test_gem_request_set.rb +0 -595
data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +0 -831
data/test/rubygems/test_gem_request_set_lockfile.rb +0 -470
data/test/rubygems/test_gem_request_set_lockfile_parser.rb +0 -549
data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +0 -306
data/test/rubygems/test_gem_requirement.rb +0 -387
data/test/rubygems/test_gem_resolver.rb +0 -715
data/test/rubygems/test_gem_resolver_activation_request.rb +0 -74
data/test/rubygems/test_gem_resolver_api_set.rb +0 -209
data/test/rubygems/test_gem_resolver_api_specification.rb +0 -145
data/test/rubygems/test_gem_resolver_best_set.rb +0 -138
data/test/rubygems/test_gem_resolver_composed_set.rb +0 -46
data/test/rubygems/test_gem_resolver_conflict.rb +0 -88
data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -85
data/test/rubygems/test_gem_resolver_git_set.rb +0 -190
data/test/rubygems/test_gem_resolver_git_specification.rb +0 -114
data/test/rubygems/test_gem_resolver_index_set.rb +0 -90
data/test/rubygems/test_gem_resolver_index_specification.rb +0 -90
data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -50
data/test/rubygems/test_gem_resolver_installer_set.rb +0 -258
data/test/rubygems/test_gem_resolver_local_specification.rb +0 -46
data/test/rubygems/test_gem_resolver_lock_set.rb +0 -64
data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -100
data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -21
data/test/rubygems/test_gem_resolver_specification.rb +0 -65
data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -84
data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -84
data/test/rubygems/test_gem_security.rb +0 -307
data/test/rubygems/test_gem_security_policy.rb +0 -541
data/test/rubygems/test_gem_security_signer.rb +0 -209
data/test/rubygems/test_gem_security_trust_dir.rb +0 -101
data/test/rubygems/test_gem_server.rb +0 -409
data/test/rubygems/test_gem_silent_ui.rb +0 -117
data/test/rubygems/test_gem_source.rb +0 -242
data/test/rubygems/test_gem_source_fetch_problem.rb +0 -20
data/test/rubygems/test_gem_source_git.rb +0 -309
data/test/rubygems/test_gem_source_installed.rb +0 -37
data/test/rubygems/test_gem_source_list.rb +0 -118
data/test/rubygems/test_gem_source_local.rb +0 -107
data/test/rubygems/test_gem_source_lock.rb +0 -115
data/test/rubygems/test_gem_source_specific_file.rb +0 -76
data/test/rubygems/test_gem_source_vendor.rb +0 -32
data/test/rubygems/test_gem_spec_fetcher.rb +0 -311
data/test/rubygems/test_gem_specification.rb +0 -3519
data/test/rubygems/test_gem_stream_ui.rb +0 -239
data/test/rubygems/test_gem_stub_specification.rb +0 -217
data/test/rubygems/test_gem_text.rb +0 -77
data/test/rubygems/test_gem_uninstaller.rb +0 -485
data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -33
data/test/rubygems/test_gem_uri_formatter.rb +0 -29
data/test/rubygems/test_gem_util.rb +0 -40
data/test/rubygems/test_gem_validator.rb +0 -46
data/test/rubygems/test_gem_version.rb +0 -222
data/test/rubygems/test_gem_version_option.rb +0 -152
data/test/rubygems/test_kernel.rb +0 -86
data/test/rubygems/test_require.rb +0 -322
data/test/rubygems/wrong_key_cert.pem +0 -18
data/test/rubygems/wrong_key_cert_32.pem +0 -18
data/util/CL2notes +0 -56
data/util/create_certs.rb +0 -157
data/util/create_encrypted_key.rb +0 -17
data/util/generate_spdx_license_list.rb +0 -51
data/util/update_bundled_ca_certificates.rb +0 -118

data/lib/rubygems/package.rb CHANGED Viewed

@@ -1,14 +1,22 @@
-# -*- coding: utf-8 -*-
 # frozen_string_literal: true
-#--
+# rubocop:disable Style/AsciiComments
 # Copyright (C) 2004 Mauricio Julio Fernández Pradier
 # See LICENSE.txt for additional licensing information.
-#++
-#
+# rubocop:enable Style/AsciiComments
+require_relative "../rubygems"
+require_relative "security"
+require_relative "user_interaction"
+##
 # Example using a Gem::Package
 #
 # Builds a .gem file given a Gem::Specification. A .gem file is a tarball
-# which contains a data.tar.gz and metadata.gz, and possibly signatures.
+# which contains a data.tar.gz, metadata.gz, checksums.yaml.gz and possibly
+# signatures.
 #
 #   require 'rubygems'
 #   require 'rubygems/package'
@@ -41,13 +49,7 @@
 # #files are the files in the .gem tar file, not the Ruby files in the gem
 # #extract_files and #contents automatically call #verify
-require 'rubygems/security'
-require 'rubygems/specification'
-require 'rubygems/user_interaction'
-require 'zlib'
 class Gem::Package
   include Gem::UserInteraction
   class Error < Gem::Exception; end
@@ -55,22 +57,26 @@ class Gem::Package
   class FormatError < Error
     attr_reader :path
-    def initialize message, source = nil
+    def initialize(message, source = nil)
       if source
         @path = source.path
-        message = message + " in #{path}" if path
+        message += " in #{path}" if path
       end
       super message
     end
   end
   class PathError < Error
-    def initialize destination, destination_dir
-      super "installing into parent path %s of %s is not allowed" %
-              [destination, destination_dir]
+    def initialize(destination, destination_dir)
+      super format("installing into parent path %s of %s is not allowed", destination, destination_dir)
+    end
+  end
+  class SymlinkError < Error
+    def initialize(name, destination, destination_dir)
+      super format("installing symlink '%s' pointing to parent path %s of %s is not allowed", name, destination, destination_dir)
     end
   end
@@ -83,7 +89,6 @@ class Gem::Package
   class TarInvalidError < Error; end
   attr_accessor :build_time # :nodoc:
   ##
@@ -97,6 +102,11 @@ class Gem::Package
   attr_reader :files
+  ##
+  # Reference to the gem being packaged.
+  attr_reader :gem
   ##
   # The security policy used for verifying the contents of this package.
@@ -107,12 +117,24 @@ class Gem::Package
   attr_writer :spec
-  def self.build spec, skip_validation=false
-    gem_file = spec.file_name
+  ##
+  # Permission for directories
+  attr_accessor :dir_mode
+  ##
+  # Permission for program files
+  attr_accessor :prog_mode
+  ##
+  # Permission for other files
+  attr_accessor :data_mode
+  def self.build(spec, skip_validation = false, strict_validation = false, file_name = nil)
+    gem_file = file_name || spec.file_name
     package = new gem_file
     package.spec = spec
-    package.build skip_validation
+    package.build skip_validation, strict_validation
     gem_file
   end
@@ -124,34 +146,62 @@ class Gem::Package
   # If +gem+ is an existing file in the old format a Gem::Package::Old will be
   # returned.
-  def self.new gem, security_policy = nil
+  def self.new(gem, security_policy = nil)
     gem = if gem.is_a?(Gem::Package::Source)
-            gem
-          elsif gem.respond_to? :read
-            Gem::Package::IOSource.new gem
-          else
-            Gem::Package::FileSource.new gem
-          end
+      gem
+    elsif gem.respond_to? :read
+      Gem::Package::IOSource.new gem
+    else
+      Gem::Package::FileSource.new gem
+    end
-    return super unless Gem::Package == self
+    return super unless self == Gem::Package
     return super unless gem.present?
     return super unless gem.start
-    return super unless gem.start.include? 'MD5SUM ='
+    return super unless gem.start.include? "MD5SUM ="
     Gem::Package::Old.new gem
   end
+  ##
+  # Extracts the Gem::Specification and raw metadata from the .gem file at
+  # +path+.
+  #--
+  def self.raw_spec(path, security_policy = nil)
+    format = new(path, security_policy)
+    spec = format.spec
+    metadata = nil
+    File.open path, Gem.binary_mode do |io|
+      tar = Gem::Package::TarReader.new io
+      tar.each_entry do |entry|
+        case entry.full_name
+        when "metadata" then
+          metadata = entry.read
+        when "metadata.gz" then
+          metadata = Gem::Util.gunzip entry.read
+        end
+      end
+    end
+    [spec, metadata]
+  end
   ##
   # Creates a new package that will read or write to the file +gem+.
-  def initialize gem, security_policy # :notnew:
+  def initialize(gem, security_policy) # :notnew:
+    require "zlib"
     @gem = gem
-    @build_time      = Time.now
+    @build_time      = Gem.source_date_epoch
     @checksums       = {}
     @contents        = nil
-    @digests         = Hash.new { |h, algorithm| h[algorithm] = {} }
+    @digests         = Hash.new {|h, algorithm| h[algorithm] = {} }
     @files           = nil
     @security_policy = security_policy
     @signatures      = {}
@@ -162,17 +212,17 @@ class Gem::Package
   ##
   # Copies this package to +path+ (if possible)
-  def copy_to path
+  def copy_to(path)
     FileUtils.cp @gem.path, path unless File.exist? path
   end
   ##
   # Adds a checksum for each entry in the gem to checksums.yaml.gz.
-  def add_checksums tar
+  def add_checksums(tar)
     Gem.load_yaml
-    checksums_by_algorithm = Hash.new { |h, algorithm| h[algorithm] = {} }
+    checksums_by_algorithm = Hash.new {|h, algorithm| h[algorithm] = {} }
     @checksums.each do |name, digests|
       digests.each do |algorithm, digest|
@@ -180,9 +230,9 @@ class Gem::Package
       end
     end
-    tar.add_file_signed 'checksums.yaml.gz', 0444, @signer do |io|
+    tar.add_file_signed "checksums.yaml.gz", 0o444, @signer do |io|
       gzip_to io do |gz_io|
-        YAML.dump checksums_by_algorithm, gz_io
+        Psych.dump checksums_by_algorithm, gz_io
       end
     end
   end
@@ -191,8 +241,8 @@ class Gem::Package
   # Adds the files listed in the packages's Gem::Specification to data.tar.gz
   # and adds this file to the +tar+.
-  def add_contents tar # :nodoc:
-    digests = tar.add_file_signed 'data.tar.gz', 0444, @signer do |io|
+  def add_contents(tar) # :nodoc:
+    digests = tar.add_file_signed "data.tar.gz", 0o444, @signer do |io|
       gzip_to io do |gz_io|
         Gem::Package::TarWriter.new gz_io do |data_tar|
           add_files data_tar
@@ -200,13 +250,13 @@ class Gem::Package
       end
     end
-    @checksums['data.tar.gz'] = digests
+    @checksums["data.tar.gz"] = digests
   end
   ##
   # Adds files included the package's Gem::Specification to the +tar+ file
-  def add_files tar # :nodoc:
+  def add_files(tar) # :nodoc:
     @spec.files.each do |file|
       stat = File.lstat file
@@ -217,8 +267,8 @@ class Gem::Package
       next unless stat.file?
       tar.add_file_simple file, stat.mode, stat.size do |dst_io|
-        open file, 'rb' do |src_io|
-          dst_io.write src_io.read 16384 until src_io.eof?
+        File.open file, "rb" do |src_io|
+          copy_stream(src_io, dst_io)
         end
       end
     end
@@ -227,27 +277,32 @@ class Gem::Package
   ##
   # Adds the package's Gem::Specification to the +tar+ file
-  def add_metadata tar # :nodoc:
-    digests = tar.add_file_signed 'metadata.gz', 0444, @signer do |io|
+  def add_metadata(tar) # :nodoc:
+    digests = tar.add_file_signed "metadata.gz", 0o444, @signer do |io|
       gzip_to io do |gz_io|
         gz_io.write @spec.to_yaml
       end
     end
-    @checksums['metadata.gz'] = digests
+    @checksums["metadata.gz"] = digests
   end
   ##
   # Builds this package based on the specification set by #spec=
-  def build skip_validation = false
+  def build(skip_validation = false, strict_validation = false)
+    raise ArgumentError, "skip_validation = true and strict_validation = true are incompatible" if skip_validation && strict_validation
     Gem.load_yaml
-    require 'rubygems/security'
     @spec.mark_version
-    @spec.validate unless skip_validation
+    @spec.validate true, strict_validation unless skip_validation
-    setup_signer
+    setup_signer(
+      signer_options: {
+        expiration_length_days: Gem.configuration.cert_expiration_length_days,
+      }
+    )
     @gem.with_write_io do |gem_io|
       Gem::Package::TarWriter.new gem_io do |gem|
@@ -261,7 +316,7 @@ class Gem::Package
   Successfully built RubyGem
   Name: #{@spec.name}
   Version: #{@spec.version}
-  File: #{File.basename @spec.cache_file}
+  File: #{File.basename @gem.path}
 EOM
   ensure
     @signer = nil
@@ -281,7 +336,7 @@ EOM
       gem_tar = Gem::Package::TarReader.new io
       gem_tar.each do |entry|
-        next unless entry.full_name == 'data.tar.gz'
+        next unless entry.full_name == "data.tar.gz"
         open_tar_gz entry do |pkg_tar|
           pkg_tar.each do |contents_entry|
@@ -292,31 +347,31 @@ EOM
         return @contents
       end
     end
+  rescue Zlib::GzipFile::Error, EOFError, Gem::Package::TarInvalidError => e
+    raise Gem::Package::FormatError.new e.message, @gem
   end
   ##
   # Creates a digest of the TarEntry +entry+ from the digest algorithm set by
   # the security policy.
-  def digest entry # :nodoc:
-    algorithms = if @checksums then
-                   @checksums.keys
-                 else
-                   [Gem::Security::DIGEST_NAME].compact
-                 end
-    algorithms.each do |algorithm|
-      digester =
-        if defined?(OpenSSL::Digest) then
-          OpenSSL::Digest.new algorithm
-        else
-          Digest.const_get(algorithm).new
-        end
+  def digest(entry) # :nodoc:
+    algorithms = if @checksums
+      @checksums.to_h {|algorithm, _| [algorithm, Gem::Security.create_digest(algorithm)] }
+    elsif Gem::Security::DIGEST_NAME
+      { Gem::Security::DIGEST_NAME => Gem::Security.create_digest(Gem::Security::DIGEST_NAME) }
+    end
-      digester << entry.read(16384) until entry.eof?
+    return @digests if algorithms.nil? || algorithms.empty?
-      entry.rewind
+    buf = String.new(capacity: 16_384, encoding: Encoding::BINARY)
+    until entry.eof?
+      entry.readpartial(16_384, buf)
+      algorithms.each_value {|digester| digester << buf }
+    end
+    entry.rewind
+    algorithms.each do |algorithm, digester|
       @digests[algorithm][entry.full_name] = digester
     end
@@ -329,22 +384,24 @@ EOM
   # If +pattern+ is specified, only entries matching that glob will be
   # extracted.
-  def extract_files destination_dir, pattern = "*"
+  def extract_files(destination_dir, pattern = "*")
     verify unless @spec
-    FileUtils.mkdir_p destination_dir
+    FileUtils.mkdir_p destination_dir, mode: dir_mode && 0o755
     @gem.with_read_io do |io|
       reader = Gem::Package::TarReader.new io
       reader.each do |entry|
-        next unless entry.full_name == 'data.tar.gz'
+        next unless entry.full_name == "data.tar.gz"
         extract_tar_gz entry, destination_dir, pattern
-        return # ignore further entries
+        break # ignore further entries
       end
     end
+  rescue Zlib::GzipFile::Error, EOFError, Gem::Package::TarInvalidError => e
+    raise Gem::Package::FormatError.new e.message, @gem
   end
   ##
@@ -358,36 +415,72 @@ EOM
   # If +pattern+ is specified, only entries matching that glob will be
   # extracted.
-  def extract_tar_gz io, destination_dir, pattern = "*" # :nodoc:
+  def extract_tar_gz(io, destination_dir, pattern = "*") # :nodoc:
+    destination_dir = File.realpath(destination_dir)
+    directories = []
+    symlinks = []
     open_tar_gz io do |tar|
       tar.each do |entry|
-        next unless File.fnmatch pattern, entry.full_name, File::FNM_DOTMATCH
+        full_name = entry.full_name
+        next unless File.fnmatch pattern, full_name, File::FNM_DOTMATCH
-        destination = install_location entry.full_name, destination_dir
+        destination = install_location full_name, destination_dir
+        if entry.symlink?
+          link_target = entry.header.linkname
+          real_destination = link_target.start_with?("/") ? link_target : File.expand_path(link_target, File.dirname(destination))
+          raise Gem::Package::SymlinkError.new(full_name, real_destination, destination_dir) unless
+            normalize_path(real_destination).start_with? normalize_path(destination_dir + "/")
+          symlinks << [full_name, link_target, destination, real_destination]
+        end
         FileUtils.rm_rf destination
-        mkdir_options = {}
-        mkdir_options[:mode] = entry.header.mode if entry.directory?
         mkdir =
-          if entry.directory? then
+          if entry.directory?
             destination
           else
             File.dirname destination
           end
-        FileUtils.mkdir_p mkdir, mkdir_options
-        open destination, 'wb' do |out|
-          out.write entry.read
-          FileUtils.chmod entry.header.mode, destination
-        end if entry.file?
+        unless directories.include?(mkdir)
+          FileUtils.mkdir_p mkdir, mode: dir_mode ? 0o755 : (entry.header.mode if entry.directory?)
+          directories << mkdir
+        end
-        File.symlink(entry.header.linkname, destination) if entry.symlink?
+        if entry.file?
+          File.open(destination, "wb") {|out| copy_stream(entry, out) }
+          FileUtils.chmod file_mode(entry.header.mode), destination
+        end
         verbose destination
       end
     end
+    symlinks.each do |name, target, destination, real_destination|
+      if File.exist?(real_destination)
+        File.symlink(target, destination)
+      else
+        alert_warning "#{@spec.full_name} ships with a dangling symlink named #{name} pointing to missing #{target} file. Ignoring"
+      end
+    end
+    if dir_mode
+      File.chmod(dir_mode, *directories)
+    end
+  end
+  def file_mode(mode) # :nodoc:
+    ((mode & 0o111).zero? ? data_mode : prog_mode) ||
+      # If we're not using one of the default modes, then we're going to fall
+      # back to the mode from the tarball. In this case we need to mask it down
+      # to fit into 2^16 bits (the maximum value for a mode in CRuby since it
+      # gets put into an unsigned short).
+      (mode & ((1 << 16) - 1))
   end
   ##
@@ -396,7 +489,7 @@ EOM
   # Also sets the gzip modification time to the package build time to ease
   # testing.
-  def gzip_to io # :yields: gz_io
+  def gzip_to(io) # :yields: gz_io
     gz_io = Zlib::GzipWriter.new io, Zlib::BEST_COMPRESSION
     gz_io.mtime = @build_time
@@ -410,38 +503,36 @@ EOM
   #
   # If +filename+ is not inside +destination_dir+ an exception is raised.
-  def install_location filename, destination_dir # :nodoc:
+  def install_location(filename, destination_dir) # :nodoc:
     raise Gem::Package::PathError.new(filename, destination_dir) if
-      filename.start_with? '/'
+      filename.start_with? "/"
-    destination_dir = File.realpath destination_dir if
-      File.respond_to? :realpath
-    destination_dir = File.expand_path destination_dir
-    destination = File.join destination_dir, filename
-    destination = File.expand_path destination
+    destination_dir = File.realpath(destination_dir)
+    destination = File.expand_path(filename, destination_dir)
     raise Gem::Package::PathError.new(destination, destination_dir) unless
-      destination.start_with? destination_dir
+      normalize_path(destination).start_with? normalize_path(destination_dir + "/")
-    destination.untaint
     destination
   end
+  def normalize_path(pathname)
+    if Gem.win_platform?
+      pathname.downcase
+    else
+      pathname
+    end
+  end
   ##
   # Loads a Gem::Specification from the TarEntry +entry+
-  def load_spec entry # :nodoc:
+  def load_spec(entry) # :nodoc:
     case entry.full_name
-    when 'metadata' then
+    when "metadata" then
       @spec = Gem::Specification.from_yaml entry.read
-    when 'metadata.gz' then
-      args = [entry]
-      args << { :external_encoding => Encoding::UTF_8 } if
-        Object.const_defined?(:Encoding) &&
-          Zlib::GzipReader.method(:wrap).arity != 1
-      Zlib::GzipReader.wrap(*args) do |gzio|
+    when "metadata.gz" then
+      Zlib::GzipReader.wrap(entry, external_encoding: Encoding::UTF_8) do |gzio|
         @spec = Gem::Specification.from_yaml gzio.read
       end
     end
@@ -450,7 +541,7 @@ EOM
   ##
   # Opens +io+ as a gzipped tar archive
-  def open_tar_gz io # :nodoc:
+  def open_tar_gz(io) # :nodoc:
     Zlib::GzipReader.wrap io do |gzio|
       tar = Gem::Package::TarReader.new gzio
@@ -461,12 +552,12 @@ EOM
   ##
   # Reads and loads checksums.yaml.gz from the tar file +gem+
-  def read_checksums gem
+  def read_checksums(gem)
     Gem.load_yaml
-    @checksums = gem.seek 'checksums.yaml.gz' do |entry|
+    @checksums = gem.seek "checksums.yaml.gz" do |entry|
       Zlib::GzipReader.wrap entry do |gz_io|
-        YAML.load gz_io.read
+        Gem::SafeYAML.safe_load gz_io.read
       end
     end
   end
@@ -475,15 +566,22 @@ EOM
   # Prepares the gem for signing and checksum generation.  If a signing
   # certificate and key are not present only checksum generation is set up.
-  def setup_signer
-    passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
-    if @spec.signing_key then
-      @signer = Gem::Security::Signer.new @spec.signing_key, @spec.cert_chain, passphrase
+  def setup_signer(signer_options: {})
+    passphrase = ENV["GEM_PRIVATE_KEY_PASSPHRASE"]
+    if @spec.signing_key
+      @signer =
+        Gem::Security::Signer.new(
+          @spec.signing_key,
+          @spec.cert_chain,
+          passphrase,
+          signer_options
+        )
       @spec.signing_key = nil
-      @spec.cert_chain = @signer.cert_chain.map { |cert| cert.to_s }
+      @spec.cert_chain = @signer.cert_chain.map(&:to_s)
     else
       @signer = Gem::Security::Signer.new nil, nil, passphrase
-      @spec.cert_chain = @signer.cert_chain.map { |cert| cert.to_pem } if
+      @spec.cert_chain = @signer.cert_chain.map(&:to_pem) if
         @signer.cert_chain
     end
   end
@@ -525,8 +623,7 @@ EOM
     verify_checksums @digests, @checksums
-    @security_policy.verify_signatures @spec, @digests, @signatures if
-      @security_policy
+    @security_policy&.verify_signatures @spec, @digests, @signatures
     true
   rescue Gem::Security::Exception
@@ -535,7 +632,7 @@ EOM
     raise
   rescue Errno::ENOENT => e
     raise Gem::Package::FormatError.new e.message
-  rescue Gem::Package::TarInvalidError => e
+  rescue Zlib::GzipFile::Error, EOFError, Gem::Package::TarInvalidError => e
     raise Gem::Package::FormatError.new e.message, @gem
   end
@@ -543,14 +640,14 @@ EOM
   # Verifies the +checksums+ against the +digests+.  This check is not
   # cryptographically secure.  Missing checksums are ignored.
-  def verify_checksums digests, checksums # :nodoc:
+  def verify_checksums(digests, checksums) # :nodoc:
     return unless checksums
     checksums.sort.each do |algorithm, gem_digests|
       gem_digests.sort.each do |file_name, gem_hexdigest|
         computed_digest = digests[algorithm][file_name]
-        unless computed_digest.hexdigest == gem_hexdigest then
+        unless computed_digest.hexdigest == gem_hexdigest
           raise Gem::Package::FormatError.new \
             "#{algorithm} checksum mismatch for #{file_name}", @gem
         end
@@ -561,7 +658,7 @@ EOM
   ##
   # Verifies +entry+ in a .gem file.
-  def verify_entry entry
+  def verify_entry(entry)
     file_name = entry.full_name
     @files << file_name
@@ -574,54 +671,67 @@ EOM
     end
     case file_name
-    when /^metadata(.gz)?$/ then
+    when "metadata", "metadata.gz" then
       load_spec entry
-    when 'data.tar.gz' then
+    when "data.tar.gz" then
       verify_gz entry
     end
-  rescue => e
-    message = "package is corrupt, exception while verifying: " +
-              "#{e.message} (#{e.class})"
-    raise Gem::Package::FormatError.new message, @gem
+  rescue StandardError
+    warn "Exception while verifying #{@gem.path}"
+    raise
   end
   ##
   # Verifies the files of the +gem+
-  def verify_files gem
+  def verify_files(gem)
     gem.each do |entry|
       verify_entry entry
     end
-    unless @spec then
-      raise Gem::Package::FormatError.new 'package metadata is missing', @gem
+    unless @spec
+      raise Gem::Package::FormatError.new "package metadata is missing", @gem
     end
-    unless @files.include? 'data.tar.gz' then
+    unless @files.include? "data.tar.gz"
       raise Gem::Package::FormatError.new \
-              'package content (data.tar.gz) is missing', @gem
+        "package content (data.tar.gz) is missing", @gem
+    end
+    if (duplicates = @files.group_by {|f| f }.select {|_k,v| v.size > 1 }.map(&:first)) && duplicates.any?
+      raise Gem::Security::Exception, "duplicate files in the package: (#{duplicates.map(&:inspect).join(", ")})"
     end
   end
   ##
   # Verifies that +entry+ is a valid gzipped file.
-  def verify_gz entry # :nodoc:
+  def verify_gz(entry) # :nodoc:
     Zlib::GzipReader.wrap entry do |gzio|
-      gzio.read 16384 until gzio.eof? # gzip checksum verification
+      # TODO: read into a buffer once zlib supports it
+      gzio.read 16_384 until gzio.eof? # gzip checksum verification
     end
   rescue Zlib::GzipFile::Error => e
     raise Gem::Package::FormatError.new(e.message, entry.full_name)
   end
+  if RUBY_ENGINE == "truffleruby"
+    def copy_stream(src, dst) # :nodoc:
+      dst.write src.read
+    end
+  else
+    def copy_stream(src, dst) # :nodoc:
+      IO.copy_stream(src, dst)
+    end
+  end
 end
-require 'rubygems/package/digest_io'
-require 'rubygems/package/source'
-require 'rubygems/package/file_source'
-require 'rubygems/package/io_source'
-require 'rubygems/package/old'
-require 'rubygems/package/tar_header'
-require 'rubygems/package/tar_reader'
-require 'rubygems/package/tar_reader/entry'
-require 'rubygems/package/tar_writer'
+require_relative "package/digest_io"
+require_relative "package/source"
+require_relative "package/file_source"
+require_relative "package/io_source"
+require_relative "package/old"
+require_relative "package/tar_header"
+require_relative "package/tar_reader"
+require_relative "package/tar_reader/entry"
+require_relative "package/tar_writer"