rubygems-update 2.6.1 → 3.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/CHANGELOG.md +5899 -0
- data/CODE_OF_CONDUCT.md +76 -35
- data/CONTRIBUTING.md +231 -0
- data/MAINTAINERS.txt +8 -0
- data/Manifest.txt +428 -216
- data/POLICIES.md +135 -0
- data/README.md +112 -0
- data/UPGRADING.md +15 -0
- data/bundler/CHANGELOG.md +4719 -0
- data/bundler/LICENSE.md +22 -0
- data/bundler/README.md +58 -0
- data/bundler/UPGRADING.md +222 -0
- data/bundler/bundler.gemspec +46 -0
- data/bundler/exe/bundle +29 -0
- data/bundler/exe/bundler +4 -0
- data/bundler/lib/bundler/.document +1 -0
- data/bundler/lib/bundler/build_metadata.rb +45 -0
- data/bundler/lib/bundler/capistrano.rb +22 -0
- data/bundler/lib/bundler/checksum.rb +245 -0
- data/bundler/lib/bundler/ci_detector.rb +75 -0
- data/bundler/lib/bundler/cli/add.rb +47 -0
- data/bundler/lib/bundler/cli/binstubs.rb +57 -0
- data/bundler/lib/bundler/cli/cache.rb +43 -0
- data/bundler/lib/bundler/cli/check.rb +40 -0
- data/bundler/lib/bundler/cli/clean.rb +25 -0
- data/bundler/lib/bundler/cli/common.rb +138 -0
- data/bundler/lib/bundler/cli/config.rb +204 -0
- data/bundler/lib/bundler/cli/console.rb +44 -0
- data/bundler/lib/bundler/cli/doctor.rb +157 -0
- data/bundler/lib/bundler/cli/exec.rb +88 -0
- data/bundler/lib/bundler/cli/fund.rb +36 -0
- data/bundler/lib/bundler/cli/gem.rb +471 -0
- data/bundler/lib/bundler/cli/info.rb +83 -0
- data/bundler/lib/bundler/cli/init.rb +51 -0
- data/bundler/lib/bundler/cli/inject.rb +60 -0
- data/bundler/lib/bundler/cli/install.rb +190 -0
- data/bundler/lib/bundler/cli/issue.rb +41 -0
- data/bundler/lib/bundler/cli/list.rb +66 -0
- data/bundler/lib/bundler/cli/lock.rb +73 -0
- data/bundler/lib/bundler/cli/open.rb +29 -0
- data/bundler/lib/bundler/cli/outdated.rb +297 -0
- data/bundler/lib/bundler/cli/platform.rb +48 -0
- data/bundler/lib/bundler/cli/plugin.rb +34 -0
- data/bundler/lib/bundler/cli/pristine.rb +60 -0
- data/bundler/lib/bundler/cli/remove.rb +17 -0
- data/bundler/lib/bundler/cli/show.rb +75 -0
- data/bundler/lib/bundler/cli/update.rb +123 -0
- data/bundler/lib/bundler/cli/viz.rb +31 -0
- data/bundler/lib/bundler/cli.rb +846 -0
- data/bundler/lib/bundler/compact_index_client/cache.rb +121 -0
- data/bundler/lib/bundler/compact_index_client/cache_file.rb +153 -0
- data/bundler/lib/bundler/compact_index_client/gem_parser.rb +32 -0
- data/bundler/lib/bundler/compact_index_client/updater.rb +115 -0
- data/bundler/lib/bundler/compact_index_client.rb +126 -0
- data/bundler/lib/bundler/constants.rb +7 -0
- data/bundler/lib/bundler/current_ruby.rb +92 -0
- data/bundler/lib/bundler/definition.rb +1005 -0
- data/bundler/lib/bundler/dependency.rb +101 -0
- data/bundler/lib/bundler/deployment.rb +69 -0
- data/bundler/lib/bundler/deprecate.rb +44 -0
- data/bundler/lib/bundler/digest.rb +71 -0
- data/bundler/lib/bundler/dsl.rb +601 -0
- data/bundler/lib/bundler/endpoint_specification.rb +147 -0
- data/bundler/lib/bundler/env.rb +148 -0
- data/bundler/lib/bundler/environment_preserver.rb +86 -0
- data/bundler/lib/bundler/errors.rb +233 -0
- data/bundler/lib/bundler/feature_flag.rb +53 -0
- data/bundler/lib/bundler/fetcher/base.rb +52 -0
- data/bundler/lib/bundler/fetcher/compact_index.rb +129 -0
- data/bundler/lib/bundler/fetcher/dependency.rb +78 -0
- data/bundler/lib/bundler/fetcher/downloader.rb +91 -0
- data/bundler/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
- data/bundler/lib/bundler/fetcher/index.rb +25 -0
- data/bundler/lib/bundler/fetcher.rb +324 -0
- data/bundler/lib/bundler/force_platform.rb +18 -0
- data/bundler/lib/bundler/friendly_errors.rb +126 -0
- data/bundler/lib/bundler/gem_helper.rb +237 -0
- data/bundler/lib/bundler/gem_helpers.rb +127 -0
- data/bundler/lib/bundler/gem_tasks.rb +7 -0
- data/bundler/lib/bundler/gem_version_promoter.rb +145 -0
- data/bundler/lib/bundler/graph.rb +152 -0
- data/bundler/lib/bundler/index.rb +205 -0
- data/bundler/lib/bundler/injector.rb +287 -0
- data/bundler/lib/bundler/inline.rb +73 -0
- data/bundler/lib/bundler/installer/gem_installer.rb +84 -0
- data/bundler/lib/bundler/installer/parallel_installer.rb +202 -0
- data/bundler/lib/bundler/installer/standalone.rb +116 -0
- data/bundler/lib/bundler/installer.rb +267 -0
- data/bundler/lib/bundler/lazy_specification.rb +170 -0
- data/bundler/lib/bundler/lockfile_generator.rb +104 -0
- data/bundler/lib/bundler/lockfile_parser.rb +289 -0
- data/bundler/lib/bundler/man/.document +1 -0
- data/bundler/lib/bundler/man/bundle-add.1 +59 -0
- data/bundler/lib/bundler/man/bundle-add.1.ronn +58 -0
- data/bundler/lib/bundler/man/bundle-binstubs.1 +30 -0
- data/bundler/lib/bundler/man/bundle-binstubs.1.ronn +41 -0
- data/bundler/lib/bundler/man/bundle-cache.1 +40 -0
- data/bundler/lib/bundler/man/bundle-cache.1.ronn +79 -0
- data/bundler/lib/bundler/man/bundle-check.1 +22 -0
- data/bundler/lib/bundler/man/bundle-check.1.ronn +26 -0
- data/bundler/lib/bundler/man/bundle-clean.1 +17 -0
- data/bundler/lib/bundler/man/bundle-clean.1.ronn +18 -0
- data/bundler/lib/bundler/man/bundle-config.1 +321 -0
- data/bundler/lib/bundler/man/bundle-config.1.ronn +411 -0
- data/bundler/lib/bundler/man/bundle-console.1 +35 -0
- data/bundler/lib/bundler/man/bundle-console.1.ronn +44 -0
- data/bundler/lib/bundler/man/bundle-doctor.1 +30 -0
- data/bundler/lib/bundler/man/bundle-doctor.1.ronn +33 -0
- data/bundler/lib/bundler/man/bundle-exec.1 +104 -0
- data/bundler/lib/bundler/man/bundle-exec.1.ronn +151 -0
- data/bundler/lib/bundler/man/bundle-gem.1 +69 -0
- data/bundler/lib/bundler/man/bundle-gem.1.ronn +117 -0
- data/bundler/lib/bundler/man/bundle-help.1 +9 -0
- data/bundler/lib/bundler/man/bundle-help.1.ronn +12 -0
- data/bundler/lib/bundler/man/bundle-info.1 +14 -0
- data/bundler/lib/bundler/man/bundle-info.1.ronn +17 -0
- data/bundler/lib/bundler/man/bundle-init.1 +20 -0
- data/bundler/lib/bundler/man/bundle-init.1.ronn +31 -0
- data/bundler/lib/bundler/man/bundle-inject.1 +23 -0
- data/bundler/lib/bundler/man/bundle-inject.1.ronn +24 -0
- data/bundler/lib/bundler/man/bundle-install.1 +215 -0
- data/bundler/lib/bundler/man/bundle-install.1.ronn +383 -0
- data/bundler/lib/bundler/man/bundle-list.1 +35 -0
- data/bundler/lib/bundler/man/bundle-list.1.ronn +33 -0
- data/bundler/lib/bundler/man/bundle-lock.1 +60 -0
- data/bundler/lib/bundler/man/bundle-lock.1.ronn +94 -0
- data/bundler/lib/bundler/man/bundle-open.1 +32 -0
- data/bundler/lib/bundler/man/bundle-open.1.ronn +27 -0
- data/bundler/lib/bundler/man/bundle-outdated.1 +100 -0
- data/bundler/lib/bundler/man/bundle-outdated.1.ronn +106 -0
- data/bundler/lib/bundler/man/bundle-platform.1 +49 -0
- data/bundler/lib/bundler/man/bundle-platform.1.ronn +49 -0
- data/bundler/lib/bundler/man/bundle-plugin.1 +55 -0
- data/bundler/lib/bundler/man/bundle-plugin.1.ronn +59 -0
- data/bundler/lib/bundler/man/bundle-pristine.1 +23 -0
- data/bundler/lib/bundler/man/bundle-pristine.1.ronn +34 -0
- data/bundler/lib/bundler/man/bundle-remove.1 +21 -0
- data/bundler/lib/bundler/man/bundle-remove.1.ronn +23 -0
- data/bundler/lib/bundler/man/bundle-show.1 +16 -0
- data/bundler/lib/bundler/man/bundle-show.1.ronn +21 -0
- data/bundler/lib/bundler/man/bundle-update.1 +275 -0
- data/bundler/lib/bundler/man/bundle-update.1.ronn +351 -0
- data/bundler/lib/bundler/man/bundle-version.1 +22 -0
- data/bundler/lib/bundler/man/bundle-version.1.ronn +24 -0
- data/bundler/lib/bundler/man/bundle-viz.1 +30 -0
- data/bundler/lib/bundler/man/bundle-viz.1.ronn +32 -0
- data/bundler/lib/bundler/man/bundle.1 +102 -0
- data/bundler/lib/bundler/man/bundle.1.ronn +116 -0
- data/bundler/lib/bundler/man/gemfile.5 +470 -0
- data/bundler/lib/bundler/man/gemfile.5.ronn +552 -0
- data/bundler/lib/bundler/man/index.txt +29 -0
- data/bundler/lib/bundler/match_metadata.rb +17 -0
- data/bundler/lib/bundler/match_platform.rb +23 -0
- data/bundler/lib/bundler/match_remote_metadata.rb +29 -0
- data/bundler/lib/bundler/mirror.rb +221 -0
- data/bundler/lib/bundler/plugin/api/source.rb +321 -0
- data/bundler/lib/bundler/plugin/api.rb +81 -0
- data/bundler/lib/bundler/plugin/dsl.rb +53 -0
- data/bundler/lib/bundler/plugin/events.rb +61 -0
- data/bundler/lib/bundler/plugin/index.rb +193 -0
- data/bundler/lib/bundler/plugin/installer/git.rb +34 -0
- data/bundler/lib/bundler/plugin/installer/rubygems.rb +19 -0
- data/bundler/lib/bundler/plugin/installer.rb +112 -0
- data/bundler/lib/bundler/plugin/source_list.rb +31 -0
- data/bundler/lib/bundler/plugin.rb +359 -0
- data/bundler/lib/bundler/process_lock.rb +24 -0
- data/bundler/lib/bundler/remote_specification.rb +117 -0
- data/bundler/lib/bundler/resolver/base.rb +107 -0
- data/bundler/lib/bundler/resolver/candidate.rb +94 -0
- data/bundler/lib/bundler/resolver/incompatibility.rb +15 -0
- data/bundler/lib/bundler/resolver/package.rb +77 -0
- data/bundler/lib/bundler/resolver/root.rb +25 -0
- data/bundler/lib/bundler/resolver/spec_group.rb +79 -0
- data/bundler/lib/bundler/resolver.rb +462 -0
- data/bundler/lib/bundler/retry.rb +66 -0
- data/bundler/lib/bundler/ruby_dsl.rb +53 -0
- data/bundler/lib/bundler/ruby_version.rb +131 -0
- data/bundler/lib/bundler/rubygems_ext.rb +328 -0
- data/bundler/lib/bundler/rubygems_gem_installer.rb +137 -0
- data/bundler/lib/bundler/rubygems_integration.rb +493 -0
- data/bundler/lib/bundler/runtime.rb +307 -0
- data/bundler/lib/bundler/safe_marshal.rb +31 -0
- data/bundler/lib/bundler/self_manager.rb +186 -0
- data/bundler/lib/bundler/settings/validator.rb +102 -0
- data/bundler/lib/bundler/settings.rb +588 -0
- data/bundler/lib/bundler/setup.rb +33 -0
- data/bundler/lib/bundler/shared_helpers.rb +380 -0
- data/bundler/lib/bundler/similarity_detector.rb +63 -0
- data/bundler/lib/bundler/source/gemspec.rb +18 -0
- data/bundler/lib/bundler/source/git/git_proxy.rb +455 -0
- data/bundler/lib/bundler/source/git.rb +380 -0
- data/bundler/lib/bundler/source/metadata.rb +62 -0
- data/bundler/lib/bundler/source/path/installer.rb +53 -0
- data/bundler/lib/bundler/source/path.rb +261 -0
- data/bundler/lib/bundler/source/rubygems/remote.rb +68 -0
- data/bundler/lib/bundler/source/rubygems.rb +516 -0
- data/bundler/lib/bundler/source/rubygems_aggregate.rb +68 -0
- data/bundler/lib/bundler/source.rb +116 -0
- data/bundler/lib/bundler/source_list.rb +227 -0
- data/bundler/lib/bundler/source_map.rb +71 -0
- data/bundler/lib/bundler/spec_set.rb +247 -0
- data/bundler/lib/bundler/stub_specification.rb +119 -0
- data/bundler/lib/bundler/templates/.document +1 -0
- data/bundler/lib/bundler/templates/Executable +27 -0
- data/bundler/lib/bundler/templates/Executable.bundler +109 -0
- data/bundler/lib/bundler/templates/Executable.standalone +14 -0
- data/bundler/lib/bundler/templates/Gemfile +5 -0
- data/bundler/lib/bundler/templates/newgem/CHANGELOG.md.tt +5 -0
- data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +84 -0
- data/bundler/lib/bundler/templates/newgem/Cargo.toml.tt +7 -0
- data/bundler/lib/bundler/templates/newgem/Gemfile.tt +26 -0
- data/bundler/lib/bundler/templates/newgem/LICENSE.txt.tt +21 -0
- data/bundler/lib/bundler/templates/newgem/README.md.tt +45 -0
- data/bundler/lib/bundler/templates/newgem/Rakefile.tt +67 -0
- data/bundler/lib/bundler/templates/newgem/bin/console.tt +11 -0
- data/bundler/lib/bundler/templates/newgem/bin/setup.tt +8 -0
- data/bundler/lib/bundler/templates/newgem/circleci/config.yml.tt +25 -0
- data/bundler/lib/bundler/templates/newgem/exe/newgem.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +15 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-c.rb.tt +10 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-rust.rb.tt +6 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +9 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.h.tt +6 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +12 -0
- data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +37 -0
- data/bundler/lib/bundler/templates/newgem/gitignore.tt +23 -0
- data/bundler/lib/bundler/templates/newgem/gitlab-ci.yml.tt +18 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +9 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +15 -0
- data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +51 -0
- data/bundler/lib/bundler/templates/newgem/rspec.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/rubocop.yml.tt +13 -0
- data/bundler/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
- data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +11 -0
- data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +15 -0
- data/bundler/lib/bundler/templates/newgem/standard.yml.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/test/minitest/test_helper.rb.tt +6 -0
- data/bundler/lib/bundler/templates/newgem/test/minitest/test_newgem.rb.tt +13 -0
- data/bundler/lib/bundler/templates/newgem/test/test-unit/newgem_test.rb.tt +15 -0
- data/bundler/lib/bundler/templates/newgem/test/test-unit/test_helper.rb.tt +6 -0
- data/bundler/lib/bundler/ui/rg_proxy.rb +19 -0
- data/bundler/lib/bundler/ui/shell.rb +165 -0
- data/bundler/lib/bundler/ui/silent.rb +85 -0
- data/bundler/lib/bundler/ui.rb +9 -0
- data/bundler/lib/bundler/uri_credentials_filter.rb +43 -0
- data/bundler/lib/bundler/uri_normalizer.rb +23 -0
- data/bundler/lib/bundler/vendor/.document +1 -0
- data/bundler/lib/bundler/vendor/connection_pool/LICENSE +20 -0
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +174 -0
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +3 -0
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +56 -0
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +175 -0
- data/bundler/lib/bundler/vendor/fileutils/LICENSE.txt +22 -0
- data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +2694 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +41 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +65 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +79 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1073 -0
- data/bundler/lib/bundler/vendor/pub_grub/LICENSE.txt +21 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb +20 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +189 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/failure_writer.rb +182 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/incompatibility.rb +150 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/package.rb +43 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/partial_solution.rb +121 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/rubygems.rb +45 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/solve_failure.rb +19 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +60 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/term.rb +105 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version.rb +3 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_constraint.rb +129 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +411 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +248 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb +178 -0
- data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub.rb +31 -0
- data/bundler/lib/bundler/vendor/thor/LICENSE.md +20 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +105 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +61 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +108 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +143 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +373 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +130 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +340 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +825 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +151 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +107 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +106 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +281 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +178 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +37 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor.rb +17 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/nested_context.rb +29 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +89 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +195 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +178 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +293 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +72 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +335 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +388 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +115 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +84 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/lcs_diff.rb +49 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +134 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +81 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +285 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +3 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor.rb +663 -0
- data/bundler/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
- data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +455 -0
- data/bundler/lib/bundler/vendor/uri/LICENSE.txt +22 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +853 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/file.rb +100 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/ftp.rb +267 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1588 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/http.rb +125 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/https.rb +23 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/ldap.rb +261 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/ldaps.rb +22 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/mailto.rb +293 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +539 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +183 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +6 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/ws.rb +83 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/wss.rb +23 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri.rb +104 -0
- data/bundler/lib/bundler/vendored_fileutils.rb +4 -0
- data/bundler/lib/bundler/vendored_net_http.rb +8 -0
- data/bundler/lib/bundler/vendored_persistent.rb +11 -0
- data/bundler/lib/bundler/vendored_pub_grub.rb +4 -0
- data/bundler/lib/bundler/vendored_thor.rb +8 -0
- data/bundler/lib/bundler/vendored_timeout.rb +8 -0
- data/bundler/lib/bundler/vendored_tsort.rb +4 -0
- data/bundler/lib/bundler/vendored_uri.rb +4 -0
- data/bundler/lib/bundler/version.rb +13 -0
- data/bundler/lib/bundler/vlad.rb +17 -0
- data/bundler/lib/bundler/worker.rb +117 -0
- data/bundler/lib/bundler/yaml_serializer.rb +93 -0
- data/bundler/lib/bundler.rb +665 -0
- data/{test/rubygems/bogussources.rb → exe/gem} +5 -2
- data/exe/update_rubygems +38 -0
- data/hide_lib_for_update/note.txt +0 -4
- data/lib/rubygems/available_set.rb +12 -12
- data/lib/rubygems/basic_specification.rb +75 -58
- data/lib/rubygems/bundler_version_finder.rb +77 -0
- data/lib/rubygems/ci_detector.rb +75 -0
- data/lib/rubygems/command.rb +144 -71
- data/lib/rubygems/command_manager.rb +64 -27
- data/lib/rubygems/commands/build_command.rb +88 -17
- data/lib/rubygems/commands/cert_command.rb +131 -83
- data/lib/rubygems/commands/check_command.rb +30 -27
- data/lib/rubygems/commands/cleanup_command.rb +57 -40
- data/lib/rubygems/commands/contents_command.rb +37 -39
- data/lib/rubygems/commands/dependency_command.rb +53 -65
- data/lib/rubygems/commands/environment_command.rb +32 -16
- data/lib/rubygems/commands/exec_command.rb +249 -0
- data/lib/rubygems/commands/fetch_command.rb +36 -19
- data/lib/rubygems/commands/generate_index_command.rb +40 -74
- data/lib/rubygems/commands/help_command.rb +22 -22
- data/lib/rubygems/commands/info_command.rb +38 -0
- data/lib/rubygems/commands/install_command.rb +67 -143
- data/lib/rubygems/commands/list_command.rb +10 -9
- data/lib/rubygems/commands/lock_command.rb +12 -14
- data/lib/rubygems/commands/mirror_command.rb +4 -4
- data/lib/rubygems/commands/open_command.rb +28 -26
- data/lib/rubygems/commands/outdated_command.rb +6 -6
- data/lib/rubygems/commands/owner_command.rb +51 -27
- data/lib/rubygems/commands/pristine_command.rb +99 -71
- data/lib/rubygems/commands/push_command.rb +53 -46
- data/lib/rubygems/commands/query_command.rb +21 -328
- data/lib/rubygems/commands/rdoc_command.rb +33 -33
- data/lib/rubygems/commands/search_command.rb +9 -9
- data/lib/rubygems/commands/server_command.rb +15 -76
- data/lib/rubygems/commands/setup_command.rb +370 -186
- data/lib/rubygems/commands/signin_command.rb +34 -0
- data/lib/rubygems/commands/signout_command.rb +32 -0
- data/lib/rubygems/commands/sources_command.rb +57 -41
- data/lib/rubygems/commands/specification_command.rb +38 -28
- data/lib/rubygems/commands/stale_command.rb +6 -5
- data/lib/rubygems/commands/uninstall_command.rb +96 -62
- data/lib/rubygems/commands/unpack_command.rb +44 -53
- data/lib/rubygems/commands/update_command.rb +155 -99
- data/lib/rubygems/commands/which_command.rb +14 -17
- data/lib/rubygems/commands/yank_command.rb +28 -32
- data/lib/rubygems/compatibility.rb +13 -32
- data/lib/rubygems/config_file.rb +214 -119
- data/lib/rubygems/core_ext/kernel_gem.rb +10 -16
- data/lib/rubygems/core_ext/kernel_require.rb +92 -90
- data/lib/rubygems/core_ext/kernel_warn.rb +49 -0
- data/lib/rubygems/core_ext/tcpsocket_init.rb +54 -0
- data/lib/rubygems/defaults.rb +184 -54
- data/lib/rubygems/dependency.rb +75 -62
- data/lib/rubygems/dependency_installer.rb +74 -230
- data/lib/rubygems/dependency_list.rb +32 -33
- data/lib/rubygems/deprecate.rb +113 -17
- data/lib/rubygems/doctor.rb +31 -31
- data/lib/rubygems/errors.rb +51 -13
- data/lib/rubygems/exceptions.rb +65 -35
- data/lib/rubygems/ext/build_error.rb +3 -1
- data/lib/rubygems/ext/builder.rb +103 -77
- data/lib/rubygems/ext/cargo_builder/link_flag_converter.rb +27 -0
- data/lib/rubygems/ext/cargo_builder.rb +360 -0
- data/lib/rubygems/ext/cmake_builder.rb +6 -7
- data/lib/rubygems/ext/configure_builder.rb +6 -9
- data/lib/rubygems/ext/ext_conf_builder.rb +40 -61
- data/lib/rubygems/ext/rake_builder.rb +18 -21
- data/lib/rubygems/ext.rb +8 -7
- data/lib/rubygems/gem_runner.rb +19 -21
- data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +163 -0
- data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +105 -0
- data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +78 -0
- data/lib/rubygems/gemcutter_utilities.rb +246 -43
- data/lib/rubygems/install_default_message.rb +3 -3
- data/lib/rubygems/install_message.rb +3 -3
- data/lib/rubygems/install_update_options.rb +104 -98
- data/lib/rubygems/installer.rb +407 -225
- data/lib/rubygems/installer_uninstaller_utils.rb +27 -0
- data/lib/rubygems/local_remote_options.rb +29 -32
- data/lib/rubygems/name_tuple.rb +18 -23
- data/lib/rubygems/net/http.rb +3 -0
- data/lib/rubygems/net-http/LICENSE.txt +22 -0
- data/lib/rubygems/net-http/lib/net/http/backward.rb +40 -0
- data/lib/rubygems/net-http/lib/net/http/exceptions.rb +34 -0
- data/lib/rubygems/net-http/lib/net/http/generic_request.rb +414 -0
- data/lib/rubygems/net-http/lib/net/http/header.rb +981 -0
- data/lib/rubygems/net-http/lib/net/http/proxy_delta.rb +17 -0
- data/lib/rubygems/net-http/lib/net/http/request.rb +88 -0
- data/lib/rubygems/net-http/lib/net/http/requests.rb +425 -0
- data/lib/rubygems/net-http/lib/net/http/response.rb +738 -0
- data/lib/rubygems/net-http/lib/net/http/responses.rb +1174 -0
- data/lib/rubygems/net-http/lib/net/http/status.rb +84 -0
- data/lib/rubygems/net-http/lib/net/http.rb +2496 -0
- data/lib/rubygems/net-http/lib/net/https.rb +23 -0
- data/lib/rubygems/net-protocol/LICENSE.txt +22 -0
- data/lib/rubygems/net-protocol/lib/net/protocol.rb +544 -0
- data/lib/rubygems/openssl.rb +7 -0
- data/lib/rubygems/optparse/.document +1 -0
- data/lib/rubygems/optparse/COPYING +56 -0
- data/lib/rubygems/optparse/lib/optionparser.rb +2 -0
- data/lib/rubygems/optparse/lib/optparse/ac.rb +54 -0
- data/lib/rubygems/optparse/lib/optparse/date.rb +18 -0
- data/lib/rubygems/optparse/lib/optparse/kwargs.rb +22 -0
- data/lib/rubygems/optparse/lib/optparse/shellwords.rb +7 -0
- data/lib/rubygems/optparse/lib/optparse/time.rb +11 -0
- data/lib/rubygems/optparse/lib/optparse/uri.rb +7 -0
- data/lib/rubygems/optparse/lib/optparse/version.rb +71 -0
- data/lib/rubygems/optparse/lib/optparse.rb +2330 -0
- data/lib/rubygems/optparse.rb +3 -0
- data/lib/rubygems/package/digest_io.rb +5 -7
- data/lib/rubygems/package/file_source.rb +6 -8
- data/lib/rubygems/package/io_source.rb +6 -4
- data/lib/rubygems/package/old.rb +19 -28
- data/lib/rubygems/package/source.rb +1 -1
- data/lib/rubygems/package/tar_header.rb +114 -93
- data/lib/rubygems/package/tar_reader/entry.rb +116 -22
- data/lib/rubygems/package/tar_reader.rb +18 -40
- data/lib/rubygems/package/tar_writer.rb +42 -56
- data/lib/rubygems/package.rb +245 -145
- data/lib/rubygems/package_task.rb +8 -14
- data/lib/rubygems/path_support.rb +21 -16
- data/lib/rubygems/platform.rb +135 -74
- data/lib/rubygems/psych_tree.rb +3 -2
- data/lib/rubygems/query_utils.rb +349 -0
- data/lib/rubygems/rdoc.rb +4 -326
- data/lib/rubygems/remote_fetcher.rb +99 -181
- data/lib/rubygems/request/connection_pools.rb +31 -24
- data/lib/rubygems/request/http_pool.rb +6 -7
- data/lib/rubygems/request/https_pool.rb +2 -3
- data/lib/rubygems/request.rb +103 -53
- data/lib/rubygems/request_set/gem_dependency_api.rb +182 -190
- data/lib/rubygems/request_set/lockfile/parser.rb +42 -52
- data/lib/rubygems/request_set/lockfile/tokenizer.rb +34 -24
- data/lib/rubygems/request_set/lockfile.rb +32 -35
- data/lib/rubygems/request_set.rb +115 -71
- data/lib/rubygems/requirement.rb +77 -68
- data/lib/rubygems/resolv/LICENSE.txt +22 -0
- data/lib/rubygems/resolv/lib/resolv.rb +3387 -0
- data/lib/rubygems/resolver/activation_request.rb +34 -61
- data/lib/rubygems/resolver/api_set/gem_parser.rb +24 -0
- data/lib/rubygems/resolver/api_set.rb +40 -32
- data/lib/rubygems/resolver/api_specification.rb +37 -18
- data/lib/rubygems/resolver/best_set.rb +15 -17
- data/lib/rubygems/resolver/composed_set.rb +9 -11
- data/lib/rubygems/resolver/conflict.rb +19 -33
- data/lib/rubygems/resolver/current_set.rb +2 -4
- data/lib/rubygems/resolver/dependency_request.rb +8 -9
- data/lib/rubygems/resolver/git_set.rb +8 -10
- data/lib/rubygems/resolver/git_specification.rb +11 -13
- data/lib/rubygems/resolver/index_set.rb +13 -15
- data/lib/rubygems/resolver/index_specification.rb +42 -11
- data/lib/rubygems/resolver/installed_specification.rb +9 -11
- data/lib/rubygems/resolver/installer_set.rb +87 -45
- data/lib/rubygems/resolver/local_specification.rb +5 -7
- data/lib/rubygems/resolver/lock_set.rb +13 -15
- data/lib/rubygems/resolver/lock_specification.rb +13 -15
- data/lib/rubygems/resolver/molinillo/LICENSE +9 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb +88 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb +36 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +66 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +62 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +63 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +61 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb +126 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb +46 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb +36 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb +164 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +110 -146
- data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb +83 -9
- data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +2 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/specification_provider.rb +13 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb +3 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb +552 -172
- data/lib/rubygems/resolver/molinillo/lib/molinillo/resolver.rb +3 -2
- data/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb +12 -6
- data/lib/rubygems/resolver/molinillo/lib/molinillo.rb +6 -5
- data/lib/rubygems/resolver/molinillo.rb +2 -1
- data/lib/rubygems/resolver/requirement_list.rb +2 -2
- data/lib/rubygems/resolver/set.rb +3 -5
- data/lib/rubygems/resolver/source_set.rb +6 -7
- data/lib/rubygems/resolver/spec_specification.rb +16 -4
- data/lib/rubygems/resolver/specification.rb +25 -10
- data/lib/rubygems/resolver/stats.rb +1 -0
- data/lib/rubygems/resolver/vendor_set.rb +6 -8
- data/lib/rubygems/resolver/vendor_specification.rb +6 -8
- data/lib/rubygems/resolver.rb +121 -72
- data/lib/rubygems/s3_uri_signer.rb +177 -0
- data/lib/rubygems/safe_marshal/elements.rb +138 -0
- data/lib/rubygems/safe_marshal/reader.rb +306 -0
- data/lib/rubygems/safe_marshal/visitors/stream_printer.rb +31 -0
- data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +385 -0
- data/lib/rubygems/safe_marshal/visitors/visitor.rb +74 -0
- data/lib/rubygems/safe_marshal.rb +74 -0
- data/lib/rubygems/safe_yaml.rb +36 -0
- data/lib/rubygems/security/policies.rb +49 -51
- data/lib/rubygems/security/policy.rb +46 -53
- data/lib/rubygems/security/signer.rb +86 -29
- data/lib/rubygems/security/trust_dir.rb +22 -24
- data/lib/rubygems/security.rb +101 -82
- data/lib/rubygems/security_option.rb +43 -0
- data/lib/rubygems/shellwords.rb +3 -0
- data/lib/rubygems/source/git.rb +40 -42
- data/lib/rubygems/source/installed.rb +5 -9
- data/lib/rubygems/source/local.rb +30 -33
- data/lib/rubygems/source/lock.rb +10 -10
- data/lib/rubygems/source/specific_file.rb +7 -9
- data/lib/rubygems/source/vendor.rb +3 -7
- data/lib/rubygems/source.rb +78 -68
- data/lib/rubygems/source_list.rb +11 -15
- data/lib/rubygems/spec_fetcher.rb +71 -83
- data/lib/rubygems/specification.rb +833 -1115
- data/lib/rubygems/specification_policy.rb +538 -0
- data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem +21 -0
- data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem +21 -0
- data/lib/rubygems/stub_specification.rb +55 -57
- data/lib/rubygems/text.rb +39 -27
- data/lib/rubygems/timeout/LICENSE.txt +22 -0
- data/lib/rubygems/timeout/lib/timeout.rb +199 -0
- data/lib/rubygems/timeout.rb +3 -0
- data/lib/rubygems/tsort/.document +1 -0
- data/lib/rubygems/tsort/LICENSE.txt +22 -0
- data/lib/rubygems/tsort/lib/tsort.rb +455 -0
- data/lib/rubygems/tsort.rb +3 -0
- data/lib/rubygems/uninstaller.rb +150 -87
- data/lib/rubygems/unknown_command_spell_checker.rb +21 -0
- data/lib/rubygems/update_suggestion.rb +56 -0
- data/lib/rubygems/uri.rb +126 -0
- data/lib/rubygems/uri_formatter.rb +4 -7
- data/lib/rubygems/user_interaction.rb +92 -146
- data/lib/rubygems/util/licenses.rb +712 -317
- data/lib/rubygems/util/list.rb +5 -2
- data/lib/rubygems/util.rb +58 -75
- data/lib/rubygems/validator.rb +26 -48
- data/lib/rubygems/version.rb +106 -56
- data/lib/rubygems/version_option.rb +22 -14
- data/lib/rubygems/yaml_serializer.rb +93 -0
- data/lib/rubygems.rb +427 -361
- data/rubygems-update.gemspec +38 -0
- data/setup.rb +13 -27
- metadata +500 -363
- data/.autotest +0 -71
- data/.document +0 -5
- data/.travis.yml +0 -46
- data/CONTRIBUTING.rdoc +0 -129
- data/CVE-2013-4287.txt +0 -35
- data/CVE-2013-4363.txt +0 -45
- data/CVE-2015-3900.txt +0 -40
- data/History.txt +0 -3105
- data/MAINTAINERS.md +0 -5
- data/POLICIES.rdoc +0 -61
- data/README.rdoc +0 -54
- data/Rakefile +0 -449
- data/UPGRADING.rdoc +0 -92
- data/appveyor.yml +0 -36
- data/bin/gem +0 -25
- data/bin/update_rubygems +0 -37
- data/lib/gauntlet_rubygems.rb +0 -51
- data/lib/rubygems/indexer.rb +0 -434
- data/lib/rubygems/installer_test_case.rb +0 -194
- data/lib/rubygems/mock_gem_ui.rb +0 -89
- data/lib/rubygems/package/tar_test_case.rb +0 -147
- data/lib/rubygems/psych_additions.rb +0 -10
- data/lib/rubygems/server.rb +0 -869
- data/lib/rubygems/source_local.rb +0 -6
- data/lib/rubygems/source_specific_file.rb +0 -5
- data/lib/rubygems/ssl_certs/AddTrustExternalCARoot-2048.pem +0 -25
- data/lib/rubygems/ssl_certs/AddTrustExternalCARoot.pem +0 -32
- data/lib/rubygems/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem +0 -14
- data/lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem +0 -23
- data/lib/rubygems/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem +0 -28
- data/lib/rubygems/ssl_certs/GeoTrustGlobalCA.pem +0 -20
- data/lib/rubygems/syck_hack.rb +0 -77
- data/lib/rubygems/test_case.rb +0 -1496
- data/lib/rubygems/test_utilities.rb +0 -384
- data/lib/ubygems.rb +0 -11
- data/test/rubygems/alternate_cert.pem +0 -18
- data/test/rubygems/alternate_cert_32.pem +0 -18
- data/test/rubygems/alternate_key.pem +0 -27
- data/test/rubygems/bad_rake.rb +0 -2
- data/test/rubygems/ca_cert.pem +0 -68
- data/test/rubygems/child_cert.pem +0 -18
- data/test/rubygems/child_cert_32.pem +0 -18
- data/test/rubygems/child_key.pem +0 -27
- data/test/rubygems/client.pem +0 -49
- data/test/rubygems/data/gem-private_key.pem +0 -27
- data/test/rubygems/data/gem-public_cert.pem +0 -20
- data/test/rubygems/data/null-type.gemspec.rz +0 -0
- data/test/rubygems/encrypted_private_key.pem +0 -30
- data/test/rubygems/expired_cert.pem +0 -18
- data/test/rubygems/fake_certlib/openssl.rb +0 -8
- data/test/rubygems/fix_openssl_warnings.rb +0 -13
- data/test/rubygems/foo/discover.rb +0 -1
- data/test/rubygems/future_cert.pem +0 -18
- data/test/rubygems/future_cert_32.pem +0 -18
- data/test/rubygems/good_rake.rb +0 -2
- data/test/rubygems/grandchild_cert.pem +0 -18
- data/test/rubygems/grandchild_cert_32.pem +0 -18
- data/test/rubygems/grandchild_key.pem +0 -27
- data/test/rubygems/invalid_client.pem +0 -49
- data/test/rubygems/invalid_issuer_cert.pem +0 -18
- data/test/rubygems/invalid_issuer_cert_32.pem +0 -18
- data/test/rubygems/invalid_key.pem +0 -27
- data/test/rubygems/invalid_signer_cert.pem +0 -18
- data/test/rubygems/invalid_signer_cert_32.pem +0 -18
- data/test/rubygems/invalidchild_cert.pem +0 -18
- data/test/rubygems/invalidchild_cert_32.pem +0 -18
- data/test/rubygems/invalidchild_key.pem +0 -27
- data/test/rubygems/plugin/exception/rubygems_plugin.rb +0 -3
- data/test/rubygems/plugin/load/rubygems_plugin.rb +0 -4
- data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +0 -3
- data/test/rubygems/private_key.pem +0 -27
- data/test/rubygems/public_cert.pem +0 -18
- data/test/rubygems/public_cert_32.pem +0 -18
- data/test/rubygems/public_key.pem +0 -9
- data/test/rubygems/rubygems/commands/crash_command.rb +0 -6
- data/test/rubygems/rubygems_plugin.rb +0 -22
- data/test/rubygems/sff/discover.rb +0 -1
- data/test/rubygems/simple_gem.rb +0 -67
- data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -9
- data/test/rubygems/specifications/foo-0.0.1-x86-mswin32.gemspec +0 -0
- data/test/rubygems/ssl_cert.pem +0 -19
- data/test/rubygems/ssl_key.pem +0 -15
- data/test/rubygems/test_bundled_ca.rb +0 -59
- data/test/rubygems/test_config.rb +0 -24
- data/test/rubygems/test_deprecate.rb +0 -77
- data/test/rubygems/test_gem.rb +0 -1718
- data/test/rubygems/test_gem_available_set.rb +0 -130
- data/test/rubygems/test_gem_command.rb +0 -248
- data/test/rubygems/test_gem_command_manager.rb +0 -264
- data/test/rubygems/test_gem_commands_build_command.rb +0 -121
- data/test/rubygems/test_gem_commands_cert_command.rb +0 -671
- data/test/rubygems/test_gem_commands_check_command.rb +0 -69
- data/test/rubygems/test_gem_commands_cleanup_command.rb +0 -197
- data/test/rubygems/test_gem_commands_contents_command.rb +0 -240
- data/test/rubygems/test_gem_commands_dependency_command.rb +0 -230
- data/test/rubygems/test_gem_commands_environment_command.rb +0 -154
- data/test/rubygems/test_gem_commands_fetch_command.rb +0 -127
- data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -51
- data/test/rubygems/test_gem_commands_help_command.rb +0 -75
- data/test/rubygems/test_gem_commands_install_command.rb +0 -1007
- data/test/rubygems/test_gem_commands_list_command.rb +0 -34
- data/test/rubygems/test_gem_commands_lock_command.rb +0 -69
- data/test/rubygems/test_gem_commands_mirror.rb +0 -20
- data/test/rubygems/test_gem_commands_open_command.rb +0 -70
- data/test/rubygems/test_gem_commands_outdated_command.rb +0 -33
- data/test/rubygems/test_gem_commands_owner_command.rb +0 -205
- data/test/rubygems/test_gem_commands_pristine_command.rb +0 -491
- data/test/rubygems/test_gem_commands_push_command.rb +0 -330
- data/test/rubygems/test_gem_commands_query_command.rb +0 -657
- data/test/rubygems/test_gem_commands_search_command.rb +0 -18
- data/test/rubygems/test_gem_commands_server_command.rb +0 -60
- data/test/rubygems/test_gem_commands_setup_command.rb +0 -136
- data/test/rubygems/test_gem_commands_sources_command.rb +0 -249
- data/test/rubygems/test_gem_commands_specification_command.rb +0 -251
- data/test/rubygems/test_gem_commands_stale_command.rb +0 -43
- data/test/rubygems/test_gem_commands_uninstall_command.rb +0 -283
- data/test/rubygems/test_gem_commands_unpack_command.rb +0 -209
- data/test/rubygems/test_gem_commands_update_command.rb +0 -514
- data/test/rubygems/test_gem_commands_which_command.rb +0 -87
- data/test/rubygems/test_gem_commands_yank_command.rb +0 -100
- data/test/rubygems/test_gem_config_file.rb +0 -491
- data/test/rubygems/test_gem_dependency.rb +0 -362
- data/test/rubygems/test_gem_dependency_installer.rb +0 -1235
- data/test/rubygems/test_gem_dependency_list.rb +0 -260
- data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -29
- data/test/rubygems/test_gem_doctor.rb +0 -169
- data/test/rubygems/test_gem_ext_builder.rb +0 -341
- data/test/rubygems/test_gem_ext_cmake_builder.rb +0 -87
- data/test/rubygems/test_gem_ext_configure_builder.rb +0 -87
- data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -211
- data/test/rubygems/test_gem_ext_rake_builder.rb +0 -65
- data/test/rubygems/test_gem_gem_runner.rb +0 -69
- data/test/rubygems/test_gem_gemcutter_utilities.rb +0 -235
- data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -62
- data/test/rubygems/test_gem_indexer.rb +0 -367
- data/test/rubygems/test_gem_install_update_options.rb +0 -197
- data/test/rubygems/test_gem_installer.rb +0 -1552
- data/test/rubygems/test_gem_local_remote_options.rb +0 -134
- data/test/rubygems/test_gem_name_tuple.rb +0 -45
- data/test/rubygems/test_gem_package.rb +0 -876
- data/test/rubygems/test_gem_package_old.rb +0 -90
- data/test/rubygems/test_gem_package_tar_header.rb +0 -147
- data/test/rubygems/test_gem_package_tar_reader.rb +0 -90
- data/test/rubygems/test_gem_package_tar_reader_entry.rb +0 -142
- data/test/rubygems/test_gem_package_tar_writer.rb +0 -264
- data/test/rubygems/test_gem_package_task.rb +0 -84
- data/test/rubygems/test_gem_path_support.rb +0 -121
- data/test/rubygems/test_gem_platform.rb +0 -308
- data/test/rubygems/test_gem_rdoc.rb +0 -270
- data/test/rubygems/test_gem_remote_fetcher.rb +0 -1051
- data/test/rubygems/test_gem_request.rb +0 -363
- data/test/rubygems/test_gem_request_connection_pools.rb +0 -130
- data/test/rubygems/test_gem_request_set.rb +0 -595
- data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +0 -831
- data/test/rubygems/test_gem_request_set_lockfile.rb +0 -470
- data/test/rubygems/test_gem_request_set_lockfile_parser.rb +0 -549
- data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +0 -306
- data/test/rubygems/test_gem_requirement.rb +0 -387
- data/test/rubygems/test_gem_resolver.rb +0 -715
- data/test/rubygems/test_gem_resolver_activation_request.rb +0 -74
- data/test/rubygems/test_gem_resolver_api_set.rb +0 -209
- data/test/rubygems/test_gem_resolver_api_specification.rb +0 -145
- data/test/rubygems/test_gem_resolver_best_set.rb +0 -138
- data/test/rubygems/test_gem_resolver_composed_set.rb +0 -46
- data/test/rubygems/test_gem_resolver_conflict.rb +0 -88
- data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -85
- data/test/rubygems/test_gem_resolver_git_set.rb +0 -190
- data/test/rubygems/test_gem_resolver_git_specification.rb +0 -114
- data/test/rubygems/test_gem_resolver_index_set.rb +0 -90
- data/test/rubygems/test_gem_resolver_index_specification.rb +0 -90
- data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -50
- data/test/rubygems/test_gem_resolver_installer_set.rb +0 -258
- data/test/rubygems/test_gem_resolver_local_specification.rb +0 -46
- data/test/rubygems/test_gem_resolver_lock_set.rb +0 -64
- data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -100
- data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -21
- data/test/rubygems/test_gem_resolver_specification.rb +0 -65
- data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -84
- data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -84
- data/test/rubygems/test_gem_security.rb +0 -307
- data/test/rubygems/test_gem_security_policy.rb +0 -541
- data/test/rubygems/test_gem_security_signer.rb +0 -209
- data/test/rubygems/test_gem_security_trust_dir.rb +0 -101
- data/test/rubygems/test_gem_server.rb +0 -409
- data/test/rubygems/test_gem_silent_ui.rb +0 -117
- data/test/rubygems/test_gem_source.rb +0 -242
- data/test/rubygems/test_gem_source_fetch_problem.rb +0 -20
- data/test/rubygems/test_gem_source_git.rb +0 -309
- data/test/rubygems/test_gem_source_installed.rb +0 -37
- data/test/rubygems/test_gem_source_list.rb +0 -118
- data/test/rubygems/test_gem_source_local.rb +0 -107
- data/test/rubygems/test_gem_source_lock.rb +0 -115
- data/test/rubygems/test_gem_source_specific_file.rb +0 -76
- data/test/rubygems/test_gem_source_vendor.rb +0 -32
- data/test/rubygems/test_gem_spec_fetcher.rb +0 -311
- data/test/rubygems/test_gem_specification.rb +0 -3519
- data/test/rubygems/test_gem_stream_ui.rb +0 -239
- data/test/rubygems/test_gem_stub_specification.rb +0 -217
- data/test/rubygems/test_gem_text.rb +0 -77
- data/test/rubygems/test_gem_uninstaller.rb +0 -485
- data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -33
- data/test/rubygems/test_gem_uri_formatter.rb +0 -29
- data/test/rubygems/test_gem_util.rb +0 -40
- data/test/rubygems/test_gem_validator.rb +0 -46
- data/test/rubygems/test_gem_version.rb +0 -222
- data/test/rubygems/test_gem_version_option.rb +0 -152
- data/test/rubygems/test_kernel.rb +0 -86
- data/test/rubygems/test_require.rb +0 -322
- data/test/rubygems/wrong_key_cert.pem +0 -18
- data/test/rubygems/wrong_key_cert_32.pem +0 -18
- data/util/CL2notes +0 -56
- data/util/create_certs.rb +0 -157
- data/util/create_encrypted_key.rb +0 -17
- data/util/generate_spdx_license_list.rb +0 -51
- data/util/update_bundled_ca_certificates.rb +0 -118
data/lib/rubygems/package.rb
CHANGED
@@ -1,14 +1,22 @@
|
|
1
|
-
# -*- coding: utf-8 -*-
|
2
1
|
# frozen_string_literal: true
|
3
|
-
|
2
|
+
|
3
|
+
# rubocop:disable Style/AsciiComments
|
4
|
+
|
4
5
|
# Copyright (C) 2004 Mauricio Julio Fernández Pradier
|
5
6
|
# See LICENSE.txt for additional licensing information.
|
6
|
-
|
7
|
-
#
|
7
|
+
|
8
|
+
# rubocop:enable Style/AsciiComments
|
9
|
+
|
10
|
+
require_relative "../rubygems"
|
11
|
+
require_relative "security"
|
12
|
+
require_relative "user_interaction"
|
13
|
+
|
14
|
+
##
|
8
15
|
# Example using a Gem::Package
|
9
16
|
#
|
10
17
|
# Builds a .gem file given a Gem::Specification. A .gem file is a tarball
|
11
|
-
# which contains a data.tar.gz
|
18
|
+
# which contains a data.tar.gz, metadata.gz, checksums.yaml.gz and possibly
|
19
|
+
# signatures.
|
12
20
|
#
|
13
21
|
# require 'rubygems'
|
14
22
|
# require 'rubygems/package'
|
@@ -41,13 +49,7 @@
|
|
41
49
|
# #files are the files in the .gem tar file, not the Ruby files in the gem
|
42
50
|
# #extract_files and #contents automatically call #verify
|
43
51
|
|
44
|
-
require 'rubygems/security'
|
45
|
-
require 'rubygems/specification'
|
46
|
-
require 'rubygems/user_interaction'
|
47
|
-
require 'zlib'
|
48
|
-
|
49
52
|
class Gem::Package
|
50
|
-
|
51
53
|
include Gem::UserInteraction
|
52
54
|
|
53
55
|
class Error < Gem::Exception; end
|
@@ -55,22 +57,26 @@ class Gem::Package
|
|
55
57
|
class FormatError < Error
|
56
58
|
attr_reader :path
|
57
59
|
|
58
|
-
def initialize
|
60
|
+
def initialize(message, source = nil)
|
59
61
|
if source
|
60
62
|
@path = source.path
|
61
63
|
|
62
|
-
message
|
64
|
+
message += " in #{path}" if path
|
63
65
|
end
|
64
66
|
|
65
67
|
super message
|
66
68
|
end
|
67
|
-
|
68
69
|
end
|
69
70
|
|
70
71
|
class PathError < Error
|
71
|
-
def initialize
|
72
|
-
super "installing into parent path %s of %s is not allowed"
|
73
|
-
|
72
|
+
def initialize(destination, destination_dir)
|
73
|
+
super format("installing into parent path %s of %s is not allowed", destination, destination_dir)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
class SymlinkError < Error
|
78
|
+
def initialize(name, destination, destination_dir)
|
79
|
+
super format("installing symlink '%s' pointing to parent path %s of %s is not allowed", name, destination, destination_dir)
|
74
80
|
end
|
75
81
|
end
|
76
82
|
|
@@ -83,7 +89,6 @@ class Gem::Package
|
|
83
89
|
|
84
90
|
class TarInvalidError < Error; end
|
85
91
|
|
86
|
-
|
87
92
|
attr_accessor :build_time # :nodoc:
|
88
93
|
|
89
94
|
##
|
@@ -97,6 +102,11 @@ class Gem::Package
|
|
97
102
|
|
98
103
|
attr_reader :files
|
99
104
|
|
105
|
+
##
|
106
|
+
# Reference to the gem being packaged.
|
107
|
+
|
108
|
+
attr_reader :gem
|
109
|
+
|
100
110
|
##
|
101
111
|
# The security policy used for verifying the contents of this package.
|
102
112
|
|
@@ -107,12 +117,24 @@ class Gem::Package
|
|
107
117
|
|
108
118
|
attr_writer :spec
|
109
119
|
|
110
|
-
|
111
|
-
|
120
|
+
##
|
121
|
+
# Permission for directories
|
122
|
+
attr_accessor :dir_mode
|
123
|
+
|
124
|
+
##
|
125
|
+
# Permission for program files
|
126
|
+
attr_accessor :prog_mode
|
127
|
+
|
128
|
+
##
|
129
|
+
# Permission for other files
|
130
|
+
attr_accessor :data_mode
|
131
|
+
|
132
|
+
def self.build(spec, skip_validation = false, strict_validation = false, file_name = nil)
|
133
|
+
gem_file = file_name || spec.file_name
|
112
134
|
|
113
135
|
package = new gem_file
|
114
136
|
package.spec = spec
|
115
|
-
package.build skip_validation
|
137
|
+
package.build skip_validation, strict_validation
|
116
138
|
|
117
139
|
gem_file
|
118
140
|
end
|
@@ -124,34 +146,62 @@ class Gem::Package
|
|
124
146
|
# If +gem+ is an existing file in the old format a Gem::Package::Old will be
|
125
147
|
# returned.
|
126
148
|
|
127
|
-
def self.new
|
149
|
+
def self.new(gem, security_policy = nil)
|
128
150
|
gem = if gem.is_a?(Gem::Package::Source)
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
151
|
+
gem
|
152
|
+
elsif gem.respond_to? :read
|
153
|
+
Gem::Package::IOSource.new gem
|
154
|
+
else
|
155
|
+
Gem::Package::FileSource.new gem
|
156
|
+
end
|
135
157
|
|
136
|
-
return super unless Gem::Package
|
158
|
+
return super unless self == Gem::Package
|
137
159
|
return super unless gem.present?
|
138
160
|
|
139
161
|
return super unless gem.start
|
140
|
-
return super unless gem.start.include?
|
162
|
+
return super unless gem.start.include? "MD5SUM ="
|
141
163
|
|
142
164
|
Gem::Package::Old.new gem
|
143
165
|
end
|
144
166
|
|
167
|
+
##
|
168
|
+
# Extracts the Gem::Specification and raw metadata from the .gem file at
|
169
|
+
# +path+.
|
170
|
+
#--
|
171
|
+
|
172
|
+
def self.raw_spec(path, security_policy = nil)
|
173
|
+
format = new(path, security_policy)
|
174
|
+
spec = format.spec
|
175
|
+
|
176
|
+
metadata = nil
|
177
|
+
|
178
|
+
File.open path, Gem.binary_mode do |io|
|
179
|
+
tar = Gem::Package::TarReader.new io
|
180
|
+
tar.each_entry do |entry|
|
181
|
+
case entry.full_name
|
182
|
+
when "metadata" then
|
183
|
+
metadata = entry.read
|
184
|
+
when "metadata.gz" then
|
185
|
+
metadata = Gem::Util.gunzip entry.read
|
186
|
+
end
|
187
|
+
end
|
188
|
+
end
|
189
|
+
|
190
|
+
[spec, metadata]
|
191
|
+
end
|
192
|
+
|
145
193
|
##
|
146
194
|
# Creates a new package that will read or write to the file +gem+.
|
147
195
|
|
148
|
-
def initialize
|
196
|
+
def initialize(gem, security_policy) # :notnew:
|
197
|
+
require "zlib"
|
198
|
+
|
149
199
|
@gem = gem
|
150
200
|
|
151
|
-
@build_time =
|
201
|
+
@build_time = Gem.source_date_epoch
|
152
202
|
@checksums = {}
|
153
203
|
@contents = nil
|
154
|
-
@digests = Hash.new {
|
204
|
+
@digests = Hash.new {|h, algorithm| h[algorithm] = {} }
|
155
205
|
@files = nil
|
156
206
|
@security_policy = security_policy
|
157
207
|
@signatures = {}
|
@@ -162,17 +212,17 @@ class Gem::Package
|
|
162
212
|
##
|
163
213
|
# Copies this package to +path+ (if possible)
|
164
214
|
|
165
|
-
def copy_to
|
215
|
+
def copy_to(path)
|
166
216
|
FileUtils.cp @gem.path, path unless File.exist? path
|
167
217
|
end
|
168
218
|
|
169
219
|
##
|
170
220
|
# Adds a checksum for each entry in the gem to checksums.yaml.gz.
|
171
221
|
|
172
|
-
def add_checksums
|
222
|
+
def add_checksums(tar)
|
173
223
|
Gem.load_yaml
|
174
224
|
|
175
|
-
checksums_by_algorithm = Hash.new {
|
225
|
+
checksums_by_algorithm = Hash.new {|h, algorithm| h[algorithm] = {} }
|
176
226
|
|
177
227
|
@checksums.each do |name, digests|
|
178
228
|
digests.each do |algorithm, digest|
|
@@ -180,9 +230,9 @@ class Gem::Package
|
|
180
230
|
end
|
181
231
|
end
|
182
232
|
|
183
|
-
tar.add_file_signed
|
233
|
+
tar.add_file_signed "checksums.yaml.gz", 0o444, @signer do |io|
|
184
234
|
gzip_to io do |gz_io|
|
185
|
-
|
235
|
+
Psych.dump checksums_by_algorithm, gz_io
|
186
236
|
end
|
187
237
|
end
|
188
238
|
end
|
@@ -191,8 +241,8 @@ class Gem::Package
|
|
191
241
|
# Adds the files listed in the packages's Gem::Specification to data.tar.gz
|
192
242
|
# and adds this file to the +tar+.
|
193
243
|
|
194
|
-
def add_contents
|
195
|
-
digests = tar.add_file_signed
|
244
|
+
def add_contents(tar) # :nodoc:
|
245
|
+
digests = tar.add_file_signed "data.tar.gz", 0o444, @signer do |io|
|
196
246
|
gzip_to io do |gz_io|
|
197
247
|
Gem::Package::TarWriter.new gz_io do |data_tar|
|
198
248
|
add_files data_tar
|
@@ -200,13 +250,13 @@ class Gem::Package
|
|
200
250
|
end
|
201
251
|
end
|
202
252
|
|
203
|
-
@checksums[
|
253
|
+
@checksums["data.tar.gz"] = digests
|
204
254
|
end
|
205
255
|
|
206
256
|
##
|
207
257
|
# Adds files included the package's Gem::Specification to the +tar+ file
|
208
258
|
|
209
|
-
def add_files
|
259
|
+
def add_files(tar) # :nodoc:
|
210
260
|
@spec.files.each do |file|
|
211
261
|
stat = File.lstat file
|
212
262
|
|
@@ -217,8 +267,8 @@ class Gem::Package
|
|
217
267
|
next unless stat.file?
|
218
268
|
|
219
269
|
tar.add_file_simple file, stat.mode, stat.size do |dst_io|
|
220
|
-
open file,
|
221
|
-
dst_io.write src_io.read
|
270
|
+
File.open file, "rb" do |src_io|
|
271
|
+
dst_io.write src_io.read 16_384 until src_io.eof?
|
222
272
|
end
|
223
273
|
end
|
224
274
|
end
|
@@ -227,27 +277,32 @@ class Gem::Package
|
|
227
277
|
##
|
228
278
|
# Adds the package's Gem::Specification to the +tar+ file
|
229
279
|
|
230
|
-
def add_metadata
|
231
|
-
digests = tar.add_file_signed
|
280
|
+
def add_metadata(tar) # :nodoc:
|
281
|
+
digests = tar.add_file_signed "metadata.gz", 0o444, @signer do |io|
|
232
282
|
gzip_to io do |gz_io|
|
233
283
|
gz_io.write @spec.to_yaml
|
234
284
|
end
|
235
285
|
end
|
236
286
|
|
237
|
-
@checksums[
|
287
|
+
@checksums["metadata.gz"] = digests
|
238
288
|
end
|
239
289
|
|
240
290
|
##
|
241
291
|
# Builds this package based on the specification set by #spec=
|
242
292
|
|
243
|
-
def build
|
293
|
+
def build(skip_validation = false, strict_validation = false)
|
294
|
+
raise ArgumentError, "skip_validation = true and strict_validation = true are incompatible" if skip_validation && strict_validation
|
295
|
+
|
244
296
|
Gem.load_yaml
|
245
|
-
require 'rubygems/security'
|
246
297
|
|
247
298
|
@spec.mark_version
|
248
|
-
@spec.validate unless skip_validation
|
299
|
+
@spec.validate true, strict_validation unless skip_validation
|
249
300
|
|
250
|
-
setup_signer
|
301
|
+
setup_signer(
|
302
|
+
signer_options: {
|
303
|
+
expiration_length_days: Gem.configuration.cert_expiration_length_days,
|
304
|
+
}
|
305
|
+
)
|
251
306
|
|
252
307
|
@gem.with_write_io do |gem_io|
|
253
308
|
Gem::Package::TarWriter.new gem_io do |gem|
|
@@ -261,7 +316,7 @@ class Gem::Package
|
|
261
316
|
Successfully built RubyGem
|
262
317
|
Name: #{@spec.name}
|
263
318
|
Version: #{@spec.version}
|
264
|
-
File: #{File.basename @
|
319
|
+
File: #{File.basename @gem.path}
|
265
320
|
EOM
|
266
321
|
ensure
|
267
322
|
@signer = nil
|
@@ -281,7 +336,7 @@ EOM
|
|
281
336
|
gem_tar = Gem::Package::TarReader.new io
|
282
337
|
|
283
338
|
gem_tar.each do |entry|
|
284
|
-
next unless entry.full_name ==
|
339
|
+
next unless entry.full_name == "data.tar.gz"
|
285
340
|
|
286
341
|
open_tar_gz entry do |pkg_tar|
|
287
342
|
pkg_tar.each do |contents_entry|
|
@@ -292,31 +347,31 @@ EOM
|
|
292
347
|
return @contents
|
293
348
|
end
|
294
349
|
end
|
350
|
+
rescue Zlib::GzipFile::Error, EOFError, Gem::Package::TarInvalidError => e
|
351
|
+
raise Gem::Package::FormatError.new e.message, @gem
|
295
352
|
end
|
296
353
|
|
297
354
|
##
|
298
355
|
# Creates a digest of the TarEntry +entry+ from the digest algorithm set by
|
299
356
|
# the security policy.
|
300
357
|
|
301
|
-
def digest
|
302
|
-
algorithms = if @checksums
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
algorithms.each do |algorithm|
|
309
|
-
digester =
|
310
|
-
if defined?(OpenSSL::Digest) then
|
311
|
-
OpenSSL::Digest.new algorithm
|
312
|
-
else
|
313
|
-
Digest.const_get(algorithm).new
|
314
|
-
end
|
358
|
+
def digest(entry) # :nodoc:
|
359
|
+
algorithms = if @checksums
|
360
|
+
@checksums.to_h {|algorithm, _| [algorithm, Gem::Security.create_digest(algorithm)] }
|
361
|
+
elsif Gem::Security::DIGEST_NAME
|
362
|
+
{ Gem::Security::DIGEST_NAME => Gem::Security.create_digest(Gem::Security::DIGEST_NAME) }
|
363
|
+
end
|
315
364
|
|
316
|
-
|
365
|
+
return @digests if algorithms.nil? || algorithms.empty?
|
317
366
|
|
318
|
-
|
367
|
+
buf = String.new(capacity: 16_384, encoding: Encoding::BINARY)
|
368
|
+
until entry.eof?
|
369
|
+
entry.readpartial(16_384, buf)
|
370
|
+
algorithms.each_value {|digester| digester << buf }
|
371
|
+
end
|
372
|
+
entry.rewind
|
319
373
|
|
374
|
+
algorithms.each do |algorithm, digester|
|
320
375
|
@digests[algorithm][entry.full_name] = digester
|
321
376
|
end
|
322
377
|
|
@@ -329,22 +384,24 @@ EOM
|
|
329
384
|
# If +pattern+ is specified, only entries matching that glob will be
|
330
385
|
# extracted.
|
331
386
|
|
332
|
-
def extract_files
|
387
|
+
def extract_files(destination_dir, pattern = "*")
|
333
388
|
verify unless @spec
|
334
389
|
|
335
|
-
FileUtils.mkdir_p destination_dir
|
390
|
+
FileUtils.mkdir_p destination_dir, mode: dir_mode && 0o755
|
336
391
|
|
337
392
|
@gem.with_read_io do |io|
|
338
393
|
reader = Gem::Package::TarReader.new io
|
339
394
|
|
340
395
|
reader.each do |entry|
|
341
|
-
next unless entry.full_name ==
|
396
|
+
next unless entry.full_name == "data.tar.gz"
|
342
397
|
|
343
398
|
extract_tar_gz entry, destination_dir, pattern
|
344
399
|
|
345
|
-
|
400
|
+
break # ignore further entries
|
346
401
|
end
|
347
402
|
end
|
403
|
+
rescue Zlib::GzipFile::Error, EOFError, Gem::Package::TarInvalidError => e
|
404
|
+
raise Gem::Package::FormatError.new e.message, @gem
|
348
405
|
end
|
349
406
|
|
350
407
|
##
|
@@ -358,36 +415,72 @@ EOM
|
|
358
415
|
# If +pattern+ is specified, only entries matching that glob will be
|
359
416
|
# extracted.
|
360
417
|
|
361
|
-
def extract_tar_gz
|
418
|
+
def extract_tar_gz(io, destination_dir, pattern = "*") # :nodoc:
|
419
|
+
destination_dir = File.realpath(destination_dir)
|
420
|
+
|
421
|
+
directories = []
|
422
|
+
symlinks = []
|
423
|
+
|
362
424
|
open_tar_gz io do |tar|
|
363
425
|
tar.each do |entry|
|
364
|
-
|
426
|
+
full_name = entry.full_name
|
427
|
+
next unless File.fnmatch pattern, full_name, File::FNM_DOTMATCH
|
428
|
+
|
429
|
+
destination = install_location full_name, destination_dir
|
430
|
+
|
431
|
+
if entry.symlink?
|
432
|
+
link_target = entry.header.linkname
|
433
|
+
real_destination = link_target.start_with?("/") ? link_target : File.expand_path(link_target, File.dirname(destination))
|
365
434
|
|
366
|
-
|
435
|
+
raise Gem::Package::SymlinkError.new(full_name, real_destination, destination_dir) unless
|
436
|
+
normalize_path(real_destination).start_with? normalize_path(destination_dir + "/")
|
437
|
+
|
438
|
+
symlinks << [full_name, link_target, destination, real_destination]
|
439
|
+
end
|
367
440
|
|
368
441
|
FileUtils.rm_rf destination
|
369
442
|
|
370
|
-
mkdir_options = {}
|
371
|
-
mkdir_options[:mode] = entry.header.mode if entry.directory?
|
372
443
|
mkdir =
|
373
|
-
if entry.directory?
|
444
|
+
if entry.directory?
|
374
445
|
destination
|
375
446
|
else
|
376
447
|
File.dirname destination
|
377
448
|
end
|
378
449
|
|
379
|
-
|
380
|
-
|
381
|
-
|
382
|
-
|
383
|
-
FileUtils.chmod entry.header.mode, destination
|
384
|
-
end if entry.file?
|
450
|
+
unless directories.include?(mkdir)
|
451
|
+
FileUtils.mkdir_p mkdir, mode: dir_mode ? 0o755 : (entry.header.mode if entry.directory?)
|
452
|
+
directories << mkdir
|
453
|
+
end
|
385
454
|
|
386
|
-
|
455
|
+
if entry.file?
|
456
|
+
File.open(destination, "wb") {|out| out.write entry.read }
|
457
|
+
FileUtils.chmod file_mode(entry.header.mode), destination
|
458
|
+
end
|
387
459
|
|
388
460
|
verbose destination
|
389
461
|
end
|
390
462
|
end
|
463
|
+
|
464
|
+
symlinks.each do |name, target, destination, real_destination|
|
465
|
+
if File.exist?(real_destination)
|
466
|
+
File.symlink(target, destination)
|
467
|
+
else
|
468
|
+
alert_warning "#{@spec.full_name} ships with a dangling symlink named #{name} pointing to missing #{target} file. Ignoring"
|
469
|
+
end
|
470
|
+
end
|
471
|
+
|
472
|
+
if dir_mode
|
473
|
+
File.chmod(dir_mode, *directories)
|
474
|
+
end
|
475
|
+
end
|
476
|
+
|
477
|
+
def file_mode(mode) # :nodoc:
|
478
|
+
((mode & 0o111).zero? ? data_mode : prog_mode) ||
|
479
|
+
# If we're not using one of the default modes, then we're going to fall
|
480
|
+
# back to the mode from the tarball. In this case we need to mask it down
|
481
|
+
# to fit into 2^16 bits (the maximum value for a mode in CRuby since it
|
482
|
+
# gets put into an unsigned short).
|
483
|
+
(mode & ((1 << 16) - 1))
|
391
484
|
end
|
392
485
|
|
393
486
|
##
|
@@ -396,7 +489,7 @@ EOM
|
|
396
489
|
# Also sets the gzip modification time to the package build time to ease
|
397
490
|
# testing.
|
398
491
|
|
399
|
-
def gzip_to
|
492
|
+
def gzip_to(io) # :yields: gz_io
|
400
493
|
gz_io = Zlib::GzipWriter.new io, Zlib::BEST_COMPRESSION
|
401
494
|
gz_io.mtime = @build_time
|
402
495
|
|
@@ -410,38 +503,36 @@ EOM
|
|
410
503
|
#
|
411
504
|
# If +filename+ is not inside +destination_dir+ an exception is raised.
|
412
505
|
|
413
|
-
def install_location
|
506
|
+
def install_location(filename, destination_dir) # :nodoc:
|
414
507
|
raise Gem::Package::PathError.new(filename, destination_dir) if
|
415
|
-
filename.start_with?
|
416
|
-
|
417
|
-
destination_dir = File.realpath destination_dir if
|
418
|
-
File.respond_to? :realpath
|
419
|
-
destination_dir = File.expand_path destination_dir
|
508
|
+
filename.start_with? "/"
|
420
509
|
|
421
|
-
|
422
|
-
destination = File.expand_path
|
510
|
+
destination_dir = File.realpath(destination_dir)
|
511
|
+
destination = File.expand_path(filename, destination_dir)
|
423
512
|
|
424
513
|
raise Gem::Package::PathError.new(destination, destination_dir) unless
|
425
|
-
destination.start_with? destination_dir
|
514
|
+
normalize_path(destination).start_with? normalize_path(destination_dir + "/")
|
426
515
|
|
427
|
-
destination.untaint
|
428
516
|
destination
|
429
517
|
end
|
430
518
|
|
519
|
+
def normalize_path(pathname)
|
520
|
+
if Gem.win_platform?
|
521
|
+
pathname.downcase
|
522
|
+
else
|
523
|
+
pathname
|
524
|
+
end
|
525
|
+
end
|
526
|
+
|
431
527
|
##
|
432
528
|
# Loads a Gem::Specification from the TarEntry +entry+
|
433
529
|
|
434
|
-
def load_spec
|
530
|
+
def load_spec(entry) # :nodoc:
|
435
531
|
case entry.full_name
|
436
|
-
when
|
532
|
+
when "metadata" then
|
437
533
|
@spec = Gem::Specification.from_yaml entry.read
|
438
|
-
when
|
439
|
-
|
440
|
-
args << { :external_encoding => Encoding::UTF_8 } if
|
441
|
-
Object.const_defined?(:Encoding) &&
|
442
|
-
Zlib::GzipReader.method(:wrap).arity != 1
|
443
|
-
|
444
|
-
Zlib::GzipReader.wrap(*args) do |gzio|
|
534
|
+
when "metadata.gz" then
|
535
|
+
Zlib::GzipReader.wrap(entry, external_encoding: Encoding::UTF_8) do |gzio|
|
445
536
|
@spec = Gem::Specification.from_yaml gzio.read
|
446
537
|
end
|
447
538
|
end
|
@@ -450,7 +541,7 @@ EOM
|
|
450
541
|
##
|
451
542
|
# Opens +io+ as a gzipped tar archive
|
452
543
|
|
453
|
-
def open_tar_gz
|
544
|
+
def open_tar_gz(io) # :nodoc:
|
454
545
|
Zlib::GzipReader.wrap io do |gzio|
|
455
546
|
tar = Gem::Package::TarReader.new gzio
|
456
547
|
|
@@ -461,12 +552,12 @@ EOM
|
|
461
552
|
##
|
462
553
|
# Reads and loads checksums.yaml.gz from the tar file +gem+
|
463
554
|
|
464
|
-
def read_checksums
|
555
|
+
def read_checksums(gem)
|
465
556
|
Gem.load_yaml
|
466
557
|
|
467
|
-
@checksums = gem.seek
|
558
|
+
@checksums = gem.seek "checksums.yaml.gz" do |entry|
|
468
559
|
Zlib::GzipReader.wrap entry do |gz_io|
|
469
|
-
|
560
|
+
Gem::SafeYAML.safe_load gz_io.read
|
470
561
|
end
|
471
562
|
end
|
472
563
|
end
|
@@ -475,15 +566,22 @@ EOM
|
|
475
566
|
# Prepares the gem for signing and checksum generation. If a signing
|
476
567
|
# certificate and key are not present only checksum generation is set up.
|
477
568
|
|
478
|
-
def setup_signer
|
479
|
-
passphrase = ENV[
|
480
|
-
if @spec.signing_key
|
481
|
-
@signer =
|
569
|
+
def setup_signer(signer_options: {})
|
570
|
+
passphrase = ENV["GEM_PRIVATE_KEY_PASSPHRASE"]
|
571
|
+
if @spec.signing_key
|
572
|
+
@signer =
|
573
|
+
Gem::Security::Signer.new(
|
574
|
+
@spec.signing_key,
|
575
|
+
@spec.cert_chain,
|
576
|
+
passphrase,
|
577
|
+
signer_options
|
578
|
+
)
|
579
|
+
|
482
580
|
@spec.signing_key = nil
|
483
|
-
@spec.cert_chain = @signer.cert_chain.map
|
581
|
+
@spec.cert_chain = @signer.cert_chain.map(&:to_s)
|
484
582
|
else
|
485
583
|
@signer = Gem::Security::Signer.new nil, nil, passphrase
|
486
|
-
@spec.cert_chain = @signer.cert_chain.map
|
584
|
+
@spec.cert_chain = @signer.cert_chain.map(&:to_pem) if
|
487
585
|
@signer.cert_chain
|
488
586
|
end
|
489
587
|
end
|
@@ -525,8 +623,7 @@ EOM
|
|
525
623
|
|
526
624
|
verify_checksums @digests, @checksums
|
527
625
|
|
528
|
-
@security_policy
|
529
|
-
@security_policy
|
626
|
+
@security_policy&.verify_signatures @spec, @digests, @signatures
|
530
627
|
|
531
628
|
true
|
532
629
|
rescue Gem::Security::Exception
|
@@ -535,7 +632,7 @@ EOM
|
|
535
632
|
raise
|
536
633
|
rescue Errno::ENOENT => e
|
537
634
|
raise Gem::Package::FormatError.new e.message
|
538
|
-
rescue Gem::Package::TarInvalidError => e
|
635
|
+
rescue Zlib::GzipFile::Error, EOFError, Gem::Package::TarInvalidError => e
|
539
636
|
raise Gem::Package::FormatError.new e.message, @gem
|
540
637
|
end
|
541
638
|
|
@@ -543,14 +640,14 @@ EOM
|
|
543
640
|
# Verifies the +checksums+ against the +digests+. This check is not
|
544
641
|
# cryptographically secure. Missing checksums are ignored.
|
545
642
|
|
546
|
-
def verify_checksums
|
643
|
+
def verify_checksums(digests, checksums) # :nodoc:
|
547
644
|
return unless checksums
|
548
645
|
|
549
646
|
checksums.sort.each do |algorithm, gem_digests|
|
550
647
|
gem_digests.sort.each do |file_name, gem_hexdigest|
|
551
648
|
computed_digest = digests[algorithm][file_name]
|
552
649
|
|
553
|
-
unless computed_digest.hexdigest == gem_hexdigest
|
650
|
+
unless computed_digest.hexdigest == gem_hexdigest
|
554
651
|
raise Gem::Package::FormatError.new \
|
555
652
|
"#{algorithm} checksum mismatch for #{file_name}", @gem
|
556
653
|
end
|
@@ -561,7 +658,7 @@ EOM
|
|
561
658
|
##
|
562
659
|
# Verifies +entry+ in a .gem file.
|
563
660
|
|
564
|
-
def verify_entry
|
661
|
+
def verify_entry(entry)
|
565
662
|
file_name = entry.full_name
|
566
663
|
@files << file_name
|
567
664
|
|
@@ -574,54 +671,57 @@ EOM
|
|
574
671
|
end
|
575
672
|
|
576
673
|
case file_name
|
577
|
-
when
|
674
|
+
when "metadata", "metadata.gz" then
|
578
675
|
load_spec entry
|
579
|
-
when
|
676
|
+
when "data.tar.gz" then
|
580
677
|
verify_gz entry
|
581
678
|
end
|
582
|
-
rescue
|
583
|
-
|
584
|
-
|
585
|
-
raise Gem::Package::FormatError.new message, @gem
|
679
|
+
rescue StandardError
|
680
|
+
warn "Exception while verifying #{@gem.path}"
|
681
|
+
raise
|
586
682
|
end
|
587
683
|
|
588
684
|
##
|
589
685
|
# Verifies the files of the +gem+
|
590
686
|
|
591
|
-
def verify_files
|
687
|
+
def verify_files(gem)
|
592
688
|
gem.each do |entry|
|
593
689
|
verify_entry entry
|
594
690
|
end
|
595
691
|
|
596
|
-
unless @spec
|
597
|
-
raise Gem::Package::FormatError.new
|
692
|
+
unless @spec
|
693
|
+
raise Gem::Package::FormatError.new "package metadata is missing", @gem
|
598
694
|
end
|
599
695
|
|
600
|
-
unless @files.include?
|
696
|
+
unless @files.include? "data.tar.gz"
|
601
697
|
raise Gem::Package::FormatError.new \
|
602
|
-
|
698
|
+
"package content (data.tar.gz) is missing", @gem
|
699
|
+
end
|
700
|
+
|
701
|
+
if (duplicates = @files.group_by {|f| f }.select {|_k,v| v.size > 1 }.map(&:first)) && duplicates.any?
|
702
|
+
raise Gem::Security::Exception, "duplicate files in the package: (#{duplicates.map(&:inspect).join(", ")})"
|
603
703
|
end
|
604
704
|
end
|
605
705
|
|
606
706
|
##
|
607
707
|
# Verifies that +entry+ is a valid gzipped file.
|
608
708
|
|
609
|
-
def verify_gz
|
709
|
+
def verify_gz(entry) # :nodoc:
|
610
710
|
Zlib::GzipReader.wrap entry do |gzio|
|
611
|
-
|
711
|
+
# TODO: read into a buffer once zlib supports it
|
712
|
+
gzio.read 16_384 until gzio.eof? # gzip checksum verification
|
612
713
|
end
|
613
714
|
rescue Zlib::GzipFile::Error => e
|
614
715
|
raise Gem::Package::FormatError.new(e.message, entry.full_name)
|
615
716
|
end
|
616
|
-
|
617
717
|
end
|
618
718
|
|
619
|
-
|
620
|
-
|
621
|
-
|
622
|
-
|
623
|
-
|
624
|
-
|
625
|
-
|
626
|
-
|
627
|
-
|
719
|
+
require_relative "package/digest_io"
|
720
|
+
require_relative "package/source"
|
721
|
+
require_relative "package/file_source"
|
722
|
+
require_relative "package/io_source"
|
723
|
+
require_relative "package/old"
|
724
|
+
require_relative "package/tar_header"
|
725
|
+
require_relative "package/tar_reader"
|
726
|
+
require_relative "package/tar_reader/entry"
|
727
|
+
require_relative "package/tar_writer"
|