rubygems-update 2.6.1 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (801) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +5899 -0
  3. data/CODE_OF_CONDUCT.md +76 -35
  4. data/CONTRIBUTING.md +231 -0
  5. data/MAINTAINERS.txt +8 -0
  6. data/Manifest.txt +428 -216
  7. data/POLICIES.md +135 -0
  8. data/README.md +112 -0
  9. data/UPGRADING.md +15 -0
  10. data/bundler/CHANGELOG.md +4719 -0
  11. data/bundler/LICENSE.md +22 -0
  12. data/bundler/README.md +58 -0
  13. data/bundler/UPGRADING.md +222 -0
  14. data/bundler/bundler.gemspec +46 -0
  15. data/bundler/exe/bundle +29 -0
  16. data/bundler/exe/bundler +4 -0
  17. data/bundler/lib/bundler/.document +1 -0
  18. data/bundler/lib/bundler/build_metadata.rb +45 -0
  19. data/bundler/lib/bundler/capistrano.rb +22 -0
  20. data/bundler/lib/bundler/checksum.rb +245 -0
  21. data/bundler/lib/bundler/ci_detector.rb +75 -0
  22. data/bundler/lib/bundler/cli/add.rb +47 -0
  23. data/bundler/lib/bundler/cli/binstubs.rb +57 -0
  24. data/bundler/lib/bundler/cli/cache.rb +43 -0
  25. data/bundler/lib/bundler/cli/check.rb +40 -0
  26. data/bundler/lib/bundler/cli/clean.rb +25 -0
  27. data/bundler/lib/bundler/cli/common.rb +138 -0
  28. data/bundler/lib/bundler/cli/config.rb +204 -0
  29. data/bundler/lib/bundler/cli/console.rb +44 -0
  30. data/bundler/lib/bundler/cli/doctor.rb +157 -0
  31. data/bundler/lib/bundler/cli/exec.rb +88 -0
  32. data/bundler/lib/bundler/cli/fund.rb +36 -0
  33. data/bundler/lib/bundler/cli/gem.rb +471 -0
  34. data/bundler/lib/bundler/cli/info.rb +83 -0
  35. data/bundler/lib/bundler/cli/init.rb +51 -0
  36. data/bundler/lib/bundler/cli/inject.rb +60 -0
  37. data/bundler/lib/bundler/cli/install.rb +190 -0
  38. data/bundler/lib/bundler/cli/issue.rb +41 -0
  39. data/bundler/lib/bundler/cli/list.rb +66 -0
  40. data/bundler/lib/bundler/cli/lock.rb +73 -0
  41. data/bundler/lib/bundler/cli/open.rb +29 -0
  42. data/bundler/lib/bundler/cli/outdated.rb +297 -0
  43. data/bundler/lib/bundler/cli/platform.rb +48 -0
  44. data/bundler/lib/bundler/cli/plugin.rb +34 -0
  45. data/bundler/lib/bundler/cli/pristine.rb +60 -0
  46. data/bundler/lib/bundler/cli/remove.rb +17 -0
  47. data/bundler/lib/bundler/cli/show.rb +75 -0
  48. data/bundler/lib/bundler/cli/update.rb +123 -0
  49. data/bundler/lib/bundler/cli/viz.rb +31 -0
  50. data/bundler/lib/bundler/cli.rb +846 -0
  51. data/bundler/lib/bundler/compact_index_client/cache.rb +121 -0
  52. data/bundler/lib/bundler/compact_index_client/cache_file.rb +153 -0
  53. data/bundler/lib/bundler/compact_index_client/gem_parser.rb +32 -0
  54. data/bundler/lib/bundler/compact_index_client/updater.rb +115 -0
  55. data/bundler/lib/bundler/compact_index_client.rb +126 -0
  56. data/bundler/lib/bundler/constants.rb +7 -0
  57. data/bundler/lib/bundler/current_ruby.rb +92 -0
  58. data/bundler/lib/bundler/definition.rb +1005 -0
  59. data/bundler/lib/bundler/dependency.rb +101 -0
  60. data/bundler/lib/bundler/deployment.rb +69 -0
  61. data/bundler/lib/bundler/deprecate.rb +44 -0
  62. data/bundler/lib/bundler/digest.rb +71 -0
  63. data/bundler/lib/bundler/dsl.rb +601 -0
  64. data/bundler/lib/bundler/endpoint_specification.rb +147 -0
  65. data/bundler/lib/bundler/env.rb +148 -0
  66. data/bundler/lib/bundler/environment_preserver.rb +86 -0
  67. data/bundler/lib/bundler/errors.rb +233 -0
  68. data/bundler/lib/bundler/feature_flag.rb +53 -0
  69. data/bundler/lib/bundler/fetcher/base.rb +52 -0
  70. data/bundler/lib/bundler/fetcher/compact_index.rb +129 -0
  71. data/bundler/lib/bundler/fetcher/dependency.rb +78 -0
  72. data/bundler/lib/bundler/fetcher/downloader.rb +91 -0
  73. data/bundler/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
  74. data/bundler/lib/bundler/fetcher/index.rb +25 -0
  75. data/bundler/lib/bundler/fetcher.rb +324 -0
  76. data/bundler/lib/bundler/force_platform.rb +18 -0
  77. data/bundler/lib/bundler/friendly_errors.rb +126 -0
  78. data/bundler/lib/bundler/gem_helper.rb +237 -0
  79. data/bundler/lib/bundler/gem_helpers.rb +127 -0
  80. data/bundler/lib/bundler/gem_tasks.rb +7 -0
  81. data/bundler/lib/bundler/gem_version_promoter.rb +145 -0
  82. data/bundler/lib/bundler/graph.rb +152 -0
  83. data/bundler/lib/bundler/index.rb +205 -0
  84. data/bundler/lib/bundler/injector.rb +287 -0
  85. data/bundler/lib/bundler/inline.rb +73 -0
  86. data/bundler/lib/bundler/installer/gem_installer.rb +84 -0
  87. data/bundler/lib/bundler/installer/parallel_installer.rb +202 -0
  88. data/bundler/lib/bundler/installer/standalone.rb +116 -0
  89. data/bundler/lib/bundler/installer.rb +267 -0
  90. data/bundler/lib/bundler/lazy_specification.rb +170 -0
  91. data/bundler/lib/bundler/lockfile_generator.rb +104 -0
  92. data/bundler/lib/bundler/lockfile_parser.rb +289 -0
  93. data/bundler/lib/bundler/man/.document +1 -0
  94. data/bundler/lib/bundler/man/bundle-add.1 +59 -0
  95. data/bundler/lib/bundler/man/bundle-add.1.ronn +58 -0
  96. data/bundler/lib/bundler/man/bundle-binstubs.1 +30 -0
  97. data/bundler/lib/bundler/man/bundle-binstubs.1.ronn +41 -0
  98. data/bundler/lib/bundler/man/bundle-cache.1 +40 -0
  99. data/bundler/lib/bundler/man/bundle-cache.1.ronn +79 -0
  100. data/bundler/lib/bundler/man/bundle-check.1 +22 -0
  101. data/bundler/lib/bundler/man/bundle-check.1.ronn +26 -0
  102. data/bundler/lib/bundler/man/bundle-clean.1 +17 -0
  103. data/bundler/lib/bundler/man/bundle-clean.1.ronn +18 -0
  104. data/bundler/lib/bundler/man/bundle-config.1 +321 -0
  105. data/bundler/lib/bundler/man/bundle-config.1.ronn +411 -0
  106. data/bundler/lib/bundler/man/bundle-console.1 +35 -0
  107. data/bundler/lib/bundler/man/bundle-console.1.ronn +44 -0
  108. data/bundler/lib/bundler/man/bundle-doctor.1 +30 -0
  109. data/bundler/lib/bundler/man/bundle-doctor.1.ronn +33 -0
  110. data/bundler/lib/bundler/man/bundle-exec.1 +104 -0
  111. data/bundler/lib/bundler/man/bundle-exec.1.ronn +151 -0
  112. data/bundler/lib/bundler/man/bundle-gem.1 +69 -0
  113. data/bundler/lib/bundler/man/bundle-gem.1.ronn +117 -0
  114. data/bundler/lib/bundler/man/bundle-help.1 +9 -0
  115. data/bundler/lib/bundler/man/bundle-help.1.ronn +12 -0
  116. data/bundler/lib/bundler/man/bundle-info.1 +14 -0
  117. data/bundler/lib/bundler/man/bundle-info.1.ronn +17 -0
  118. data/bundler/lib/bundler/man/bundle-init.1 +20 -0
  119. data/bundler/lib/bundler/man/bundle-init.1.ronn +31 -0
  120. data/bundler/lib/bundler/man/bundle-inject.1 +23 -0
  121. data/bundler/lib/bundler/man/bundle-inject.1.ronn +24 -0
  122. data/bundler/lib/bundler/man/bundle-install.1 +215 -0
  123. data/bundler/lib/bundler/man/bundle-install.1.ronn +383 -0
  124. data/bundler/lib/bundler/man/bundle-list.1 +35 -0
  125. data/bundler/lib/bundler/man/bundle-list.1.ronn +33 -0
  126. data/bundler/lib/bundler/man/bundle-lock.1 +60 -0
  127. data/bundler/lib/bundler/man/bundle-lock.1.ronn +94 -0
  128. data/bundler/lib/bundler/man/bundle-open.1 +32 -0
  129. data/bundler/lib/bundler/man/bundle-open.1.ronn +27 -0
  130. data/bundler/lib/bundler/man/bundle-outdated.1 +100 -0
  131. data/bundler/lib/bundler/man/bundle-outdated.1.ronn +106 -0
  132. data/bundler/lib/bundler/man/bundle-platform.1 +49 -0
  133. data/bundler/lib/bundler/man/bundle-platform.1.ronn +49 -0
  134. data/bundler/lib/bundler/man/bundle-plugin.1 +55 -0
  135. data/bundler/lib/bundler/man/bundle-plugin.1.ronn +59 -0
  136. data/bundler/lib/bundler/man/bundle-pristine.1 +23 -0
  137. data/bundler/lib/bundler/man/bundle-pristine.1.ronn +34 -0
  138. data/bundler/lib/bundler/man/bundle-remove.1 +21 -0
  139. data/bundler/lib/bundler/man/bundle-remove.1.ronn +23 -0
  140. data/bundler/lib/bundler/man/bundle-show.1 +16 -0
  141. data/bundler/lib/bundler/man/bundle-show.1.ronn +21 -0
  142. data/bundler/lib/bundler/man/bundle-update.1 +275 -0
  143. data/bundler/lib/bundler/man/bundle-update.1.ronn +351 -0
  144. data/bundler/lib/bundler/man/bundle-version.1 +22 -0
  145. data/bundler/lib/bundler/man/bundle-version.1.ronn +24 -0
  146. data/bundler/lib/bundler/man/bundle-viz.1 +30 -0
  147. data/bundler/lib/bundler/man/bundle-viz.1.ronn +32 -0
  148. data/bundler/lib/bundler/man/bundle.1 +102 -0
  149. data/bundler/lib/bundler/man/bundle.1.ronn +116 -0
  150. data/bundler/lib/bundler/man/gemfile.5 +470 -0
  151. data/bundler/lib/bundler/man/gemfile.5.ronn +552 -0
  152. data/bundler/lib/bundler/man/index.txt +29 -0
  153. data/bundler/lib/bundler/match_metadata.rb +17 -0
  154. data/bundler/lib/bundler/match_platform.rb +23 -0
  155. data/bundler/lib/bundler/match_remote_metadata.rb +29 -0
  156. data/bundler/lib/bundler/mirror.rb +221 -0
  157. data/bundler/lib/bundler/plugin/api/source.rb +321 -0
  158. data/bundler/lib/bundler/plugin/api.rb +81 -0
  159. data/bundler/lib/bundler/plugin/dsl.rb +53 -0
  160. data/bundler/lib/bundler/plugin/events.rb +61 -0
  161. data/bundler/lib/bundler/plugin/index.rb +193 -0
  162. data/bundler/lib/bundler/plugin/installer/git.rb +34 -0
  163. data/bundler/lib/bundler/plugin/installer/rubygems.rb +19 -0
  164. data/bundler/lib/bundler/plugin/installer.rb +112 -0
  165. data/bundler/lib/bundler/plugin/source_list.rb +31 -0
  166. data/bundler/lib/bundler/plugin.rb +359 -0
  167. data/bundler/lib/bundler/process_lock.rb +24 -0
  168. data/bundler/lib/bundler/remote_specification.rb +117 -0
  169. data/bundler/lib/bundler/resolver/base.rb +107 -0
  170. data/bundler/lib/bundler/resolver/candidate.rb +94 -0
  171. data/bundler/lib/bundler/resolver/incompatibility.rb +15 -0
  172. data/bundler/lib/bundler/resolver/package.rb +77 -0
  173. data/bundler/lib/bundler/resolver/root.rb +25 -0
  174. data/bundler/lib/bundler/resolver/spec_group.rb +79 -0
  175. data/bundler/lib/bundler/resolver.rb +462 -0
  176. data/bundler/lib/bundler/retry.rb +66 -0
  177. data/bundler/lib/bundler/ruby_dsl.rb +53 -0
  178. data/bundler/lib/bundler/ruby_version.rb +131 -0
  179. data/bundler/lib/bundler/rubygems_ext.rb +328 -0
  180. data/bundler/lib/bundler/rubygems_gem_installer.rb +137 -0
  181. data/bundler/lib/bundler/rubygems_integration.rb +493 -0
  182. data/bundler/lib/bundler/runtime.rb +307 -0
  183. data/bundler/lib/bundler/safe_marshal.rb +31 -0
  184. data/bundler/lib/bundler/self_manager.rb +186 -0
  185. data/bundler/lib/bundler/settings/validator.rb +102 -0
  186. data/bundler/lib/bundler/settings.rb +588 -0
  187. data/bundler/lib/bundler/setup.rb +33 -0
  188. data/bundler/lib/bundler/shared_helpers.rb +380 -0
  189. data/bundler/lib/bundler/similarity_detector.rb +63 -0
  190. data/bundler/lib/bundler/source/gemspec.rb +18 -0
  191. data/bundler/lib/bundler/source/git/git_proxy.rb +455 -0
  192. data/bundler/lib/bundler/source/git.rb +380 -0
  193. data/bundler/lib/bundler/source/metadata.rb +62 -0
  194. data/bundler/lib/bundler/source/path/installer.rb +53 -0
  195. data/bundler/lib/bundler/source/path.rb +261 -0
  196. data/bundler/lib/bundler/source/rubygems/remote.rb +68 -0
  197. data/bundler/lib/bundler/source/rubygems.rb +516 -0
  198. data/bundler/lib/bundler/source/rubygems_aggregate.rb +68 -0
  199. data/bundler/lib/bundler/source.rb +116 -0
  200. data/bundler/lib/bundler/source_list.rb +227 -0
  201. data/bundler/lib/bundler/source_map.rb +71 -0
  202. data/bundler/lib/bundler/spec_set.rb +247 -0
  203. data/bundler/lib/bundler/stub_specification.rb +119 -0
  204. data/bundler/lib/bundler/templates/.document +1 -0
  205. data/bundler/lib/bundler/templates/Executable +27 -0
  206. data/bundler/lib/bundler/templates/Executable.bundler +109 -0
  207. data/bundler/lib/bundler/templates/Executable.standalone +14 -0
  208. data/bundler/lib/bundler/templates/Gemfile +5 -0
  209. data/bundler/lib/bundler/templates/newgem/CHANGELOG.md.tt +5 -0
  210. data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +84 -0
  211. data/bundler/lib/bundler/templates/newgem/Cargo.toml.tt +7 -0
  212. data/bundler/lib/bundler/templates/newgem/Gemfile.tt +26 -0
  213. data/bundler/lib/bundler/templates/newgem/LICENSE.txt.tt +21 -0
  214. data/bundler/lib/bundler/templates/newgem/README.md.tt +45 -0
  215. data/bundler/lib/bundler/templates/newgem/Rakefile.tt +67 -0
  216. data/bundler/lib/bundler/templates/newgem/bin/console.tt +11 -0
  217. data/bundler/lib/bundler/templates/newgem/bin/setup.tt +8 -0
  218. data/bundler/lib/bundler/templates/newgem/circleci/config.yml.tt +25 -0
  219. data/bundler/lib/bundler/templates/newgem/exe/newgem.tt +3 -0
  220. data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +15 -0
  221. data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-c.rb.tt +10 -0
  222. data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf-rust.rb.tt +6 -0
  223. data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +9 -0
  224. data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.h.tt +6 -0
  225. data/bundler/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +12 -0
  226. data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +37 -0
  227. data/bundler/lib/bundler/templates/newgem/gitignore.tt +23 -0
  228. data/bundler/lib/bundler/templates/newgem/gitlab-ci.yml.tt +18 -0
  229. data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +9 -0
  230. data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +15 -0
  231. data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +51 -0
  232. data/bundler/lib/bundler/templates/newgem/rspec.tt +3 -0
  233. data/bundler/lib/bundler/templates/newgem/rubocop.yml.tt +13 -0
  234. data/bundler/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
  235. data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +11 -0
  236. data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +15 -0
  237. data/bundler/lib/bundler/templates/newgem/standard.yml.tt +3 -0
  238. data/bundler/lib/bundler/templates/newgem/test/minitest/test_helper.rb.tt +6 -0
  239. data/bundler/lib/bundler/templates/newgem/test/minitest/test_newgem.rb.tt +13 -0
  240. data/bundler/lib/bundler/templates/newgem/test/test-unit/newgem_test.rb.tt +15 -0
  241. data/bundler/lib/bundler/templates/newgem/test/test-unit/test_helper.rb.tt +6 -0
  242. data/bundler/lib/bundler/ui/rg_proxy.rb +19 -0
  243. data/bundler/lib/bundler/ui/shell.rb +165 -0
  244. data/bundler/lib/bundler/ui/silent.rb +85 -0
  245. data/bundler/lib/bundler/ui.rb +9 -0
  246. data/bundler/lib/bundler/uri_credentials_filter.rb +43 -0
  247. data/bundler/lib/bundler/uri_normalizer.rb +23 -0
  248. data/bundler/lib/bundler/vendor/.document +1 -0
  249. data/bundler/lib/bundler/vendor/connection_pool/LICENSE +20 -0
  250. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +174 -0
  251. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +3 -0
  252. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +56 -0
  253. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +175 -0
  254. data/bundler/lib/bundler/vendor/fileutils/LICENSE.txt +22 -0
  255. data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +2694 -0
  256. data/bundler/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
  257. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +41 -0
  258. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +65 -0
  259. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +79 -0
  260. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1073 -0
  261. data/bundler/lib/bundler/vendor/pub_grub/LICENSE.txt +21 -0
  262. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb +20 -0
  263. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +189 -0
  264. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/failure_writer.rb +182 -0
  265. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/incompatibility.rb +150 -0
  266. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/package.rb +43 -0
  267. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/partial_solution.rb +121 -0
  268. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/rubygems.rb +45 -0
  269. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/solve_failure.rb +19 -0
  270. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +60 -0
  271. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/term.rb +105 -0
  272. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version.rb +3 -0
  273. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_constraint.rb +129 -0
  274. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +411 -0
  275. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +248 -0
  276. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb +178 -0
  277. data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub.rb +31 -0
  278. data/bundler/lib/bundler/vendor/thor/LICENSE.md +20 -0
  279. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +105 -0
  280. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +61 -0
  281. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +108 -0
  282. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +143 -0
  283. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +373 -0
  284. data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +130 -0
  285. data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +340 -0
  286. data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +825 -0
  287. data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +151 -0
  288. data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +107 -0
  289. data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +106 -0
  290. data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +281 -0
  291. data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +178 -0
  292. data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +37 -0
  293. data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
  294. data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor.rb +17 -0
  295. data/bundler/lib/bundler/vendor/thor/lib/thor/nested_context.rb +29 -0
  296. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +89 -0
  297. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +195 -0
  298. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +178 -0
  299. data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +293 -0
  300. data/bundler/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -0
  301. data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +72 -0
  302. data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +335 -0
  303. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +388 -0
  304. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +115 -0
  305. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
  306. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +84 -0
  307. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/lcs_diff.rb +49 -0
  308. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +134 -0
  309. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
  310. data/bundler/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
  311. data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +81 -0
  312. data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +285 -0
  313. data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +3 -0
  314. data/bundler/lib/bundler/vendor/thor/lib/thor.rb +663 -0
  315. data/bundler/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
  316. data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +455 -0
  317. data/bundler/lib/bundler/vendor/uri/LICENSE.txt +22 -0
  318. data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +853 -0
  319. data/bundler/lib/bundler/vendor/uri/lib/uri/file.rb +100 -0
  320. data/bundler/lib/bundler/vendor/uri/lib/uri/ftp.rb +267 -0
  321. data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1588 -0
  322. data/bundler/lib/bundler/vendor/uri/lib/uri/http.rb +125 -0
  323. data/bundler/lib/bundler/vendor/uri/lib/uri/https.rb +23 -0
  324. data/bundler/lib/bundler/vendor/uri/lib/uri/ldap.rb +261 -0
  325. data/bundler/lib/bundler/vendor/uri/lib/uri/ldaps.rb +22 -0
  326. data/bundler/lib/bundler/vendor/uri/lib/uri/mailto.rb +293 -0
  327. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +539 -0
  328. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +183 -0
  329. data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +6 -0
  330. data/bundler/lib/bundler/vendor/uri/lib/uri/ws.rb +83 -0
  331. data/bundler/lib/bundler/vendor/uri/lib/uri/wss.rb +23 -0
  332. data/bundler/lib/bundler/vendor/uri/lib/uri.rb +104 -0
  333. data/bundler/lib/bundler/vendored_fileutils.rb +4 -0
  334. data/bundler/lib/bundler/vendored_net_http.rb +8 -0
  335. data/bundler/lib/bundler/vendored_persistent.rb +11 -0
  336. data/bundler/lib/bundler/vendored_pub_grub.rb +4 -0
  337. data/bundler/lib/bundler/vendored_thor.rb +8 -0
  338. data/bundler/lib/bundler/vendored_timeout.rb +8 -0
  339. data/bundler/lib/bundler/vendored_tsort.rb +4 -0
  340. data/bundler/lib/bundler/vendored_uri.rb +4 -0
  341. data/bundler/lib/bundler/version.rb +13 -0
  342. data/bundler/lib/bundler/vlad.rb +17 -0
  343. data/bundler/lib/bundler/worker.rb +117 -0
  344. data/bundler/lib/bundler/yaml_serializer.rb +93 -0
  345. data/bundler/lib/bundler.rb +665 -0
  346. data/{test/rubygems/bogussources.rb → exe/gem} +5 -2
  347. data/exe/update_rubygems +38 -0
  348. data/hide_lib_for_update/note.txt +0 -4
  349. data/lib/rubygems/available_set.rb +12 -12
  350. data/lib/rubygems/basic_specification.rb +75 -58
  351. data/lib/rubygems/bundler_version_finder.rb +77 -0
  352. data/lib/rubygems/ci_detector.rb +75 -0
  353. data/lib/rubygems/command.rb +144 -71
  354. data/lib/rubygems/command_manager.rb +64 -27
  355. data/lib/rubygems/commands/build_command.rb +88 -17
  356. data/lib/rubygems/commands/cert_command.rb +131 -83
  357. data/lib/rubygems/commands/check_command.rb +30 -27
  358. data/lib/rubygems/commands/cleanup_command.rb +57 -40
  359. data/lib/rubygems/commands/contents_command.rb +37 -39
  360. data/lib/rubygems/commands/dependency_command.rb +53 -65
  361. data/lib/rubygems/commands/environment_command.rb +32 -16
  362. data/lib/rubygems/commands/exec_command.rb +249 -0
  363. data/lib/rubygems/commands/fetch_command.rb +36 -19
  364. data/lib/rubygems/commands/generate_index_command.rb +40 -74
  365. data/lib/rubygems/commands/help_command.rb +22 -22
  366. data/lib/rubygems/commands/info_command.rb +38 -0
  367. data/lib/rubygems/commands/install_command.rb +67 -143
  368. data/lib/rubygems/commands/list_command.rb +10 -9
  369. data/lib/rubygems/commands/lock_command.rb +12 -14
  370. data/lib/rubygems/commands/mirror_command.rb +4 -4
  371. data/lib/rubygems/commands/open_command.rb +28 -26
  372. data/lib/rubygems/commands/outdated_command.rb +6 -6
  373. data/lib/rubygems/commands/owner_command.rb +51 -27
  374. data/lib/rubygems/commands/pristine_command.rb +99 -71
  375. data/lib/rubygems/commands/push_command.rb +53 -46
  376. data/lib/rubygems/commands/query_command.rb +21 -328
  377. data/lib/rubygems/commands/rdoc_command.rb +33 -33
  378. data/lib/rubygems/commands/search_command.rb +9 -9
  379. data/lib/rubygems/commands/server_command.rb +15 -76
  380. data/lib/rubygems/commands/setup_command.rb +370 -186
  381. data/lib/rubygems/commands/signin_command.rb +34 -0
  382. data/lib/rubygems/commands/signout_command.rb +32 -0
  383. data/lib/rubygems/commands/sources_command.rb +57 -41
  384. data/lib/rubygems/commands/specification_command.rb +38 -28
  385. data/lib/rubygems/commands/stale_command.rb +6 -5
  386. data/lib/rubygems/commands/uninstall_command.rb +96 -62
  387. data/lib/rubygems/commands/unpack_command.rb +44 -53
  388. data/lib/rubygems/commands/update_command.rb +155 -99
  389. data/lib/rubygems/commands/which_command.rb +14 -17
  390. data/lib/rubygems/commands/yank_command.rb +28 -32
  391. data/lib/rubygems/compatibility.rb +13 -32
  392. data/lib/rubygems/config_file.rb +214 -119
  393. data/lib/rubygems/core_ext/kernel_gem.rb +10 -16
  394. data/lib/rubygems/core_ext/kernel_require.rb +92 -90
  395. data/lib/rubygems/core_ext/kernel_warn.rb +49 -0
  396. data/lib/rubygems/core_ext/tcpsocket_init.rb +54 -0
  397. data/lib/rubygems/defaults.rb +184 -54
  398. data/lib/rubygems/dependency.rb +75 -62
  399. data/lib/rubygems/dependency_installer.rb +74 -230
  400. data/lib/rubygems/dependency_list.rb +32 -33
  401. data/lib/rubygems/deprecate.rb +113 -17
  402. data/lib/rubygems/doctor.rb +31 -31
  403. data/lib/rubygems/errors.rb +51 -13
  404. data/lib/rubygems/exceptions.rb +65 -35
  405. data/lib/rubygems/ext/build_error.rb +3 -1
  406. data/lib/rubygems/ext/builder.rb +103 -77
  407. data/lib/rubygems/ext/cargo_builder/link_flag_converter.rb +27 -0
  408. data/lib/rubygems/ext/cargo_builder.rb +360 -0
  409. data/lib/rubygems/ext/cmake_builder.rb +6 -7
  410. data/lib/rubygems/ext/configure_builder.rb +6 -9
  411. data/lib/rubygems/ext/ext_conf_builder.rb +40 -61
  412. data/lib/rubygems/ext/rake_builder.rb +18 -21
  413. data/lib/rubygems/ext.rb +8 -7
  414. data/lib/rubygems/gem_runner.rb +19 -21
  415. data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +163 -0
  416. data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +105 -0
  417. data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +78 -0
  418. data/lib/rubygems/gemcutter_utilities.rb +246 -43
  419. data/lib/rubygems/install_default_message.rb +3 -3
  420. data/lib/rubygems/install_message.rb +3 -3
  421. data/lib/rubygems/install_update_options.rb +104 -98
  422. data/lib/rubygems/installer.rb +407 -225
  423. data/lib/rubygems/installer_uninstaller_utils.rb +27 -0
  424. data/lib/rubygems/local_remote_options.rb +29 -32
  425. data/lib/rubygems/name_tuple.rb +18 -23
  426. data/lib/rubygems/net/http.rb +3 -0
  427. data/lib/rubygems/net-http/LICENSE.txt +22 -0
  428. data/lib/rubygems/net-http/lib/net/http/backward.rb +40 -0
  429. data/lib/rubygems/net-http/lib/net/http/exceptions.rb +34 -0
  430. data/lib/rubygems/net-http/lib/net/http/generic_request.rb +414 -0
  431. data/lib/rubygems/net-http/lib/net/http/header.rb +981 -0
  432. data/lib/rubygems/net-http/lib/net/http/proxy_delta.rb +17 -0
  433. data/lib/rubygems/net-http/lib/net/http/request.rb +88 -0
  434. data/lib/rubygems/net-http/lib/net/http/requests.rb +425 -0
  435. data/lib/rubygems/net-http/lib/net/http/response.rb +738 -0
  436. data/lib/rubygems/net-http/lib/net/http/responses.rb +1174 -0
  437. data/lib/rubygems/net-http/lib/net/http/status.rb +84 -0
  438. data/lib/rubygems/net-http/lib/net/http.rb +2496 -0
  439. data/lib/rubygems/net-http/lib/net/https.rb +23 -0
  440. data/lib/rubygems/net-protocol/LICENSE.txt +22 -0
  441. data/lib/rubygems/net-protocol/lib/net/protocol.rb +544 -0
  442. data/lib/rubygems/openssl.rb +7 -0
  443. data/lib/rubygems/optparse/.document +1 -0
  444. data/lib/rubygems/optparse/COPYING +56 -0
  445. data/lib/rubygems/optparse/lib/optionparser.rb +2 -0
  446. data/lib/rubygems/optparse/lib/optparse/ac.rb +54 -0
  447. data/lib/rubygems/optparse/lib/optparse/date.rb +18 -0
  448. data/lib/rubygems/optparse/lib/optparse/kwargs.rb +22 -0
  449. data/lib/rubygems/optparse/lib/optparse/shellwords.rb +7 -0
  450. data/lib/rubygems/optparse/lib/optparse/time.rb +11 -0
  451. data/lib/rubygems/optparse/lib/optparse/uri.rb +7 -0
  452. data/lib/rubygems/optparse/lib/optparse/version.rb +71 -0
  453. data/lib/rubygems/optparse/lib/optparse.rb +2330 -0
  454. data/lib/rubygems/optparse.rb +3 -0
  455. data/lib/rubygems/package/digest_io.rb +5 -7
  456. data/lib/rubygems/package/file_source.rb +6 -8
  457. data/lib/rubygems/package/io_source.rb +6 -4
  458. data/lib/rubygems/package/old.rb +19 -28
  459. data/lib/rubygems/package/source.rb +1 -1
  460. data/lib/rubygems/package/tar_header.rb +114 -93
  461. data/lib/rubygems/package/tar_reader/entry.rb +116 -22
  462. data/lib/rubygems/package/tar_reader.rb +18 -40
  463. data/lib/rubygems/package/tar_writer.rb +42 -56
  464. data/lib/rubygems/package.rb +245 -145
  465. data/lib/rubygems/package_task.rb +8 -14
  466. data/lib/rubygems/path_support.rb +21 -16
  467. data/lib/rubygems/platform.rb +135 -74
  468. data/lib/rubygems/psych_tree.rb +3 -2
  469. data/lib/rubygems/query_utils.rb +349 -0
  470. data/lib/rubygems/rdoc.rb +4 -326
  471. data/lib/rubygems/remote_fetcher.rb +99 -181
  472. data/lib/rubygems/request/connection_pools.rb +31 -24
  473. data/lib/rubygems/request/http_pool.rb +6 -7
  474. data/lib/rubygems/request/https_pool.rb +2 -3
  475. data/lib/rubygems/request.rb +103 -53
  476. data/lib/rubygems/request_set/gem_dependency_api.rb +182 -190
  477. data/lib/rubygems/request_set/lockfile/parser.rb +42 -52
  478. data/lib/rubygems/request_set/lockfile/tokenizer.rb +34 -24
  479. data/lib/rubygems/request_set/lockfile.rb +32 -35
  480. data/lib/rubygems/request_set.rb +115 -71
  481. data/lib/rubygems/requirement.rb +77 -68
  482. data/lib/rubygems/resolv/LICENSE.txt +22 -0
  483. data/lib/rubygems/resolv/lib/resolv.rb +3387 -0
  484. data/lib/rubygems/resolver/activation_request.rb +34 -61
  485. data/lib/rubygems/resolver/api_set/gem_parser.rb +24 -0
  486. data/lib/rubygems/resolver/api_set.rb +40 -32
  487. data/lib/rubygems/resolver/api_specification.rb +37 -18
  488. data/lib/rubygems/resolver/best_set.rb +15 -17
  489. data/lib/rubygems/resolver/composed_set.rb +9 -11
  490. data/lib/rubygems/resolver/conflict.rb +19 -33
  491. data/lib/rubygems/resolver/current_set.rb +2 -4
  492. data/lib/rubygems/resolver/dependency_request.rb +8 -9
  493. data/lib/rubygems/resolver/git_set.rb +8 -10
  494. data/lib/rubygems/resolver/git_specification.rb +11 -13
  495. data/lib/rubygems/resolver/index_set.rb +13 -15
  496. data/lib/rubygems/resolver/index_specification.rb +42 -11
  497. data/lib/rubygems/resolver/installed_specification.rb +9 -11
  498. data/lib/rubygems/resolver/installer_set.rb +87 -45
  499. data/lib/rubygems/resolver/local_specification.rb +5 -7
  500. data/lib/rubygems/resolver/lock_set.rb +13 -15
  501. data/lib/rubygems/resolver/lock_specification.rb +13 -15
  502. data/lib/rubygems/resolver/molinillo/LICENSE +9 -0
  503. data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
  504. data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb +88 -0
  505. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb +36 -0
  506. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +66 -0
  507. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +62 -0
  508. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +63 -0
  509. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +61 -0
  510. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb +126 -0
  511. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb +46 -0
  512. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb +36 -0
  513. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb +164 -0
  514. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +110 -146
  515. data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb +83 -9
  516. data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +2 -1
  517. data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/specification_provider.rb +13 -1
  518. data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb +3 -1
  519. data/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb +552 -172
  520. data/lib/rubygems/resolver/molinillo/lib/molinillo/resolver.rb +3 -2
  521. data/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb +12 -6
  522. data/lib/rubygems/resolver/molinillo/lib/molinillo.rb +6 -5
  523. data/lib/rubygems/resolver/molinillo.rb +2 -1
  524. data/lib/rubygems/resolver/requirement_list.rb +2 -2
  525. data/lib/rubygems/resolver/set.rb +3 -5
  526. data/lib/rubygems/resolver/source_set.rb +6 -7
  527. data/lib/rubygems/resolver/spec_specification.rb +16 -4
  528. data/lib/rubygems/resolver/specification.rb +25 -10
  529. data/lib/rubygems/resolver/stats.rb +1 -0
  530. data/lib/rubygems/resolver/vendor_set.rb +6 -8
  531. data/lib/rubygems/resolver/vendor_specification.rb +6 -8
  532. data/lib/rubygems/resolver.rb +121 -72
  533. data/lib/rubygems/s3_uri_signer.rb +177 -0
  534. data/lib/rubygems/safe_marshal/elements.rb +138 -0
  535. data/lib/rubygems/safe_marshal/reader.rb +306 -0
  536. data/lib/rubygems/safe_marshal/visitors/stream_printer.rb +31 -0
  537. data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +385 -0
  538. data/lib/rubygems/safe_marshal/visitors/visitor.rb +74 -0
  539. data/lib/rubygems/safe_marshal.rb +74 -0
  540. data/lib/rubygems/safe_yaml.rb +36 -0
  541. data/lib/rubygems/security/policies.rb +49 -51
  542. data/lib/rubygems/security/policy.rb +46 -53
  543. data/lib/rubygems/security/signer.rb +86 -29
  544. data/lib/rubygems/security/trust_dir.rb +22 -24
  545. data/lib/rubygems/security.rb +101 -82
  546. data/lib/rubygems/security_option.rb +43 -0
  547. data/lib/rubygems/shellwords.rb +3 -0
  548. data/lib/rubygems/source/git.rb +40 -42
  549. data/lib/rubygems/source/installed.rb +5 -9
  550. data/lib/rubygems/source/local.rb +30 -33
  551. data/lib/rubygems/source/lock.rb +10 -10
  552. data/lib/rubygems/source/specific_file.rb +7 -9
  553. data/lib/rubygems/source/vendor.rb +3 -7
  554. data/lib/rubygems/source.rb +78 -68
  555. data/lib/rubygems/source_list.rb +11 -15
  556. data/lib/rubygems/spec_fetcher.rb +71 -83
  557. data/lib/rubygems/specification.rb +833 -1115
  558. data/lib/rubygems/specification_policy.rb +538 -0
  559. data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem +21 -0
  560. data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem +21 -0
  561. data/lib/rubygems/stub_specification.rb +55 -57
  562. data/lib/rubygems/text.rb +39 -27
  563. data/lib/rubygems/timeout/LICENSE.txt +22 -0
  564. data/lib/rubygems/timeout/lib/timeout.rb +199 -0
  565. data/lib/rubygems/timeout.rb +3 -0
  566. data/lib/rubygems/tsort/.document +1 -0
  567. data/lib/rubygems/tsort/LICENSE.txt +22 -0
  568. data/lib/rubygems/tsort/lib/tsort.rb +455 -0
  569. data/lib/rubygems/tsort.rb +3 -0
  570. data/lib/rubygems/uninstaller.rb +150 -87
  571. data/lib/rubygems/unknown_command_spell_checker.rb +21 -0
  572. data/lib/rubygems/update_suggestion.rb +56 -0
  573. data/lib/rubygems/uri.rb +126 -0
  574. data/lib/rubygems/uri_formatter.rb +4 -7
  575. data/lib/rubygems/user_interaction.rb +92 -146
  576. data/lib/rubygems/util/licenses.rb +712 -317
  577. data/lib/rubygems/util/list.rb +5 -2
  578. data/lib/rubygems/util.rb +58 -75
  579. data/lib/rubygems/validator.rb +26 -48
  580. data/lib/rubygems/version.rb +106 -56
  581. data/lib/rubygems/version_option.rb +22 -14
  582. data/lib/rubygems/yaml_serializer.rb +93 -0
  583. data/lib/rubygems.rb +427 -361
  584. data/rubygems-update.gemspec +38 -0
  585. data/setup.rb +13 -27
  586. metadata +500 -363
  587. data/.autotest +0 -71
  588. data/.document +0 -5
  589. data/.travis.yml +0 -46
  590. data/CONTRIBUTING.rdoc +0 -129
  591. data/CVE-2013-4287.txt +0 -35
  592. data/CVE-2013-4363.txt +0 -45
  593. data/CVE-2015-3900.txt +0 -40
  594. data/History.txt +0 -3105
  595. data/MAINTAINERS.md +0 -5
  596. data/POLICIES.rdoc +0 -61
  597. data/README.rdoc +0 -54
  598. data/Rakefile +0 -449
  599. data/UPGRADING.rdoc +0 -92
  600. data/appveyor.yml +0 -36
  601. data/bin/gem +0 -25
  602. data/bin/update_rubygems +0 -37
  603. data/lib/gauntlet_rubygems.rb +0 -51
  604. data/lib/rubygems/indexer.rb +0 -434
  605. data/lib/rubygems/installer_test_case.rb +0 -194
  606. data/lib/rubygems/mock_gem_ui.rb +0 -89
  607. data/lib/rubygems/package/tar_test_case.rb +0 -147
  608. data/lib/rubygems/psych_additions.rb +0 -10
  609. data/lib/rubygems/server.rb +0 -869
  610. data/lib/rubygems/source_local.rb +0 -6
  611. data/lib/rubygems/source_specific_file.rb +0 -5
  612. data/lib/rubygems/ssl_certs/AddTrustExternalCARoot-2048.pem +0 -25
  613. data/lib/rubygems/ssl_certs/AddTrustExternalCARoot.pem +0 -32
  614. data/lib/rubygems/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem +0 -14
  615. data/lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem +0 -23
  616. data/lib/rubygems/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem +0 -28
  617. data/lib/rubygems/ssl_certs/GeoTrustGlobalCA.pem +0 -20
  618. data/lib/rubygems/syck_hack.rb +0 -77
  619. data/lib/rubygems/test_case.rb +0 -1496
  620. data/lib/rubygems/test_utilities.rb +0 -384
  621. data/lib/ubygems.rb +0 -11
  622. data/test/rubygems/alternate_cert.pem +0 -18
  623. data/test/rubygems/alternate_cert_32.pem +0 -18
  624. data/test/rubygems/alternate_key.pem +0 -27
  625. data/test/rubygems/bad_rake.rb +0 -2
  626. data/test/rubygems/ca_cert.pem +0 -68
  627. data/test/rubygems/child_cert.pem +0 -18
  628. data/test/rubygems/child_cert_32.pem +0 -18
  629. data/test/rubygems/child_key.pem +0 -27
  630. data/test/rubygems/client.pem +0 -49
  631. data/test/rubygems/data/gem-private_key.pem +0 -27
  632. data/test/rubygems/data/gem-public_cert.pem +0 -20
  633. data/test/rubygems/data/null-type.gemspec.rz +0 -0
  634. data/test/rubygems/encrypted_private_key.pem +0 -30
  635. data/test/rubygems/expired_cert.pem +0 -18
  636. data/test/rubygems/fake_certlib/openssl.rb +0 -8
  637. data/test/rubygems/fix_openssl_warnings.rb +0 -13
  638. data/test/rubygems/foo/discover.rb +0 -1
  639. data/test/rubygems/future_cert.pem +0 -18
  640. data/test/rubygems/future_cert_32.pem +0 -18
  641. data/test/rubygems/good_rake.rb +0 -2
  642. data/test/rubygems/grandchild_cert.pem +0 -18
  643. data/test/rubygems/grandchild_cert_32.pem +0 -18
  644. data/test/rubygems/grandchild_key.pem +0 -27
  645. data/test/rubygems/invalid_client.pem +0 -49
  646. data/test/rubygems/invalid_issuer_cert.pem +0 -18
  647. data/test/rubygems/invalid_issuer_cert_32.pem +0 -18
  648. data/test/rubygems/invalid_key.pem +0 -27
  649. data/test/rubygems/invalid_signer_cert.pem +0 -18
  650. data/test/rubygems/invalid_signer_cert_32.pem +0 -18
  651. data/test/rubygems/invalidchild_cert.pem +0 -18
  652. data/test/rubygems/invalidchild_cert_32.pem +0 -18
  653. data/test/rubygems/invalidchild_key.pem +0 -27
  654. data/test/rubygems/plugin/exception/rubygems_plugin.rb +0 -3
  655. data/test/rubygems/plugin/load/rubygems_plugin.rb +0 -4
  656. data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +0 -3
  657. data/test/rubygems/private_key.pem +0 -27
  658. data/test/rubygems/public_cert.pem +0 -18
  659. data/test/rubygems/public_cert_32.pem +0 -18
  660. data/test/rubygems/public_key.pem +0 -9
  661. data/test/rubygems/rubygems/commands/crash_command.rb +0 -6
  662. data/test/rubygems/rubygems_plugin.rb +0 -22
  663. data/test/rubygems/sff/discover.rb +0 -1
  664. data/test/rubygems/simple_gem.rb +0 -67
  665. data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -9
  666. data/test/rubygems/specifications/foo-0.0.1-x86-mswin32.gemspec +0 -0
  667. data/test/rubygems/ssl_cert.pem +0 -19
  668. data/test/rubygems/ssl_key.pem +0 -15
  669. data/test/rubygems/test_bundled_ca.rb +0 -59
  670. data/test/rubygems/test_config.rb +0 -24
  671. data/test/rubygems/test_deprecate.rb +0 -77
  672. data/test/rubygems/test_gem.rb +0 -1718
  673. data/test/rubygems/test_gem_available_set.rb +0 -130
  674. data/test/rubygems/test_gem_command.rb +0 -248
  675. data/test/rubygems/test_gem_command_manager.rb +0 -264
  676. data/test/rubygems/test_gem_commands_build_command.rb +0 -121
  677. data/test/rubygems/test_gem_commands_cert_command.rb +0 -671
  678. data/test/rubygems/test_gem_commands_check_command.rb +0 -69
  679. data/test/rubygems/test_gem_commands_cleanup_command.rb +0 -197
  680. data/test/rubygems/test_gem_commands_contents_command.rb +0 -240
  681. data/test/rubygems/test_gem_commands_dependency_command.rb +0 -230
  682. data/test/rubygems/test_gem_commands_environment_command.rb +0 -154
  683. data/test/rubygems/test_gem_commands_fetch_command.rb +0 -127
  684. data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -51
  685. data/test/rubygems/test_gem_commands_help_command.rb +0 -75
  686. data/test/rubygems/test_gem_commands_install_command.rb +0 -1007
  687. data/test/rubygems/test_gem_commands_list_command.rb +0 -34
  688. data/test/rubygems/test_gem_commands_lock_command.rb +0 -69
  689. data/test/rubygems/test_gem_commands_mirror.rb +0 -20
  690. data/test/rubygems/test_gem_commands_open_command.rb +0 -70
  691. data/test/rubygems/test_gem_commands_outdated_command.rb +0 -33
  692. data/test/rubygems/test_gem_commands_owner_command.rb +0 -205
  693. data/test/rubygems/test_gem_commands_pristine_command.rb +0 -491
  694. data/test/rubygems/test_gem_commands_push_command.rb +0 -330
  695. data/test/rubygems/test_gem_commands_query_command.rb +0 -657
  696. data/test/rubygems/test_gem_commands_search_command.rb +0 -18
  697. data/test/rubygems/test_gem_commands_server_command.rb +0 -60
  698. data/test/rubygems/test_gem_commands_setup_command.rb +0 -136
  699. data/test/rubygems/test_gem_commands_sources_command.rb +0 -249
  700. data/test/rubygems/test_gem_commands_specification_command.rb +0 -251
  701. data/test/rubygems/test_gem_commands_stale_command.rb +0 -43
  702. data/test/rubygems/test_gem_commands_uninstall_command.rb +0 -283
  703. data/test/rubygems/test_gem_commands_unpack_command.rb +0 -209
  704. data/test/rubygems/test_gem_commands_update_command.rb +0 -514
  705. data/test/rubygems/test_gem_commands_which_command.rb +0 -87
  706. data/test/rubygems/test_gem_commands_yank_command.rb +0 -100
  707. data/test/rubygems/test_gem_config_file.rb +0 -491
  708. data/test/rubygems/test_gem_dependency.rb +0 -362
  709. data/test/rubygems/test_gem_dependency_installer.rb +0 -1235
  710. data/test/rubygems/test_gem_dependency_list.rb +0 -260
  711. data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -29
  712. data/test/rubygems/test_gem_doctor.rb +0 -169
  713. data/test/rubygems/test_gem_ext_builder.rb +0 -341
  714. data/test/rubygems/test_gem_ext_cmake_builder.rb +0 -87
  715. data/test/rubygems/test_gem_ext_configure_builder.rb +0 -87
  716. data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -211
  717. data/test/rubygems/test_gem_ext_rake_builder.rb +0 -65
  718. data/test/rubygems/test_gem_gem_runner.rb +0 -69
  719. data/test/rubygems/test_gem_gemcutter_utilities.rb +0 -235
  720. data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -62
  721. data/test/rubygems/test_gem_indexer.rb +0 -367
  722. data/test/rubygems/test_gem_install_update_options.rb +0 -197
  723. data/test/rubygems/test_gem_installer.rb +0 -1552
  724. data/test/rubygems/test_gem_local_remote_options.rb +0 -134
  725. data/test/rubygems/test_gem_name_tuple.rb +0 -45
  726. data/test/rubygems/test_gem_package.rb +0 -876
  727. data/test/rubygems/test_gem_package_old.rb +0 -90
  728. data/test/rubygems/test_gem_package_tar_header.rb +0 -147
  729. data/test/rubygems/test_gem_package_tar_reader.rb +0 -90
  730. data/test/rubygems/test_gem_package_tar_reader_entry.rb +0 -142
  731. data/test/rubygems/test_gem_package_tar_writer.rb +0 -264
  732. data/test/rubygems/test_gem_package_task.rb +0 -84
  733. data/test/rubygems/test_gem_path_support.rb +0 -121
  734. data/test/rubygems/test_gem_platform.rb +0 -308
  735. data/test/rubygems/test_gem_rdoc.rb +0 -270
  736. data/test/rubygems/test_gem_remote_fetcher.rb +0 -1051
  737. data/test/rubygems/test_gem_request.rb +0 -363
  738. data/test/rubygems/test_gem_request_connection_pools.rb +0 -130
  739. data/test/rubygems/test_gem_request_set.rb +0 -595
  740. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +0 -831
  741. data/test/rubygems/test_gem_request_set_lockfile.rb +0 -470
  742. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +0 -549
  743. data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +0 -306
  744. data/test/rubygems/test_gem_requirement.rb +0 -387
  745. data/test/rubygems/test_gem_resolver.rb +0 -715
  746. data/test/rubygems/test_gem_resolver_activation_request.rb +0 -74
  747. data/test/rubygems/test_gem_resolver_api_set.rb +0 -209
  748. data/test/rubygems/test_gem_resolver_api_specification.rb +0 -145
  749. data/test/rubygems/test_gem_resolver_best_set.rb +0 -138
  750. data/test/rubygems/test_gem_resolver_composed_set.rb +0 -46
  751. data/test/rubygems/test_gem_resolver_conflict.rb +0 -88
  752. data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -85
  753. data/test/rubygems/test_gem_resolver_git_set.rb +0 -190
  754. data/test/rubygems/test_gem_resolver_git_specification.rb +0 -114
  755. data/test/rubygems/test_gem_resolver_index_set.rb +0 -90
  756. data/test/rubygems/test_gem_resolver_index_specification.rb +0 -90
  757. data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -50
  758. data/test/rubygems/test_gem_resolver_installer_set.rb +0 -258
  759. data/test/rubygems/test_gem_resolver_local_specification.rb +0 -46
  760. data/test/rubygems/test_gem_resolver_lock_set.rb +0 -64
  761. data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -100
  762. data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -21
  763. data/test/rubygems/test_gem_resolver_specification.rb +0 -65
  764. data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -84
  765. data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -84
  766. data/test/rubygems/test_gem_security.rb +0 -307
  767. data/test/rubygems/test_gem_security_policy.rb +0 -541
  768. data/test/rubygems/test_gem_security_signer.rb +0 -209
  769. data/test/rubygems/test_gem_security_trust_dir.rb +0 -101
  770. data/test/rubygems/test_gem_server.rb +0 -409
  771. data/test/rubygems/test_gem_silent_ui.rb +0 -117
  772. data/test/rubygems/test_gem_source.rb +0 -242
  773. data/test/rubygems/test_gem_source_fetch_problem.rb +0 -20
  774. data/test/rubygems/test_gem_source_git.rb +0 -309
  775. data/test/rubygems/test_gem_source_installed.rb +0 -37
  776. data/test/rubygems/test_gem_source_list.rb +0 -118
  777. data/test/rubygems/test_gem_source_local.rb +0 -107
  778. data/test/rubygems/test_gem_source_lock.rb +0 -115
  779. data/test/rubygems/test_gem_source_specific_file.rb +0 -76
  780. data/test/rubygems/test_gem_source_vendor.rb +0 -32
  781. data/test/rubygems/test_gem_spec_fetcher.rb +0 -311
  782. data/test/rubygems/test_gem_specification.rb +0 -3519
  783. data/test/rubygems/test_gem_stream_ui.rb +0 -239
  784. data/test/rubygems/test_gem_stub_specification.rb +0 -217
  785. data/test/rubygems/test_gem_text.rb +0 -77
  786. data/test/rubygems/test_gem_uninstaller.rb +0 -485
  787. data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -33
  788. data/test/rubygems/test_gem_uri_formatter.rb +0 -29
  789. data/test/rubygems/test_gem_util.rb +0 -40
  790. data/test/rubygems/test_gem_validator.rb +0 -46
  791. data/test/rubygems/test_gem_version.rb +0 -222
  792. data/test/rubygems/test_gem_version_option.rb +0 -152
  793. data/test/rubygems/test_kernel.rb +0 -86
  794. data/test/rubygems/test_require.rb +0 -322
  795. data/test/rubygems/wrong_key_cert.pem +0 -18
  796. data/test/rubygems/wrong_key_cert_32.pem +0 -18
  797. data/util/CL2notes +0 -56
  798. data/util/create_certs.rb +0 -157
  799. data/util/create_encrypted_key.rb +0 -17
  800. data/util/generate_spdx_license_list.rb +0 -51
  801. data/util/update_bundled_ca_certificates.rb +0 -118
data/.autotest DELETED
@@ -1,71 +0,0 @@
1
- # -*- ruby -*-
2
-
3
- Gem.refresh
4
-
5
- require 'autotest/restart'
6
- require 'autotest/isolate'
7
-
8
- Autotest.add_hook :run_command do |_, cmd|
9
- cmd.sub! ' -e ', ' -we '
10
- end
11
-
12
- Autotest.add_hook :initialize do |at|
13
- at.testlib = ''
14
-
15
- at.failed_results_re = /^\s+\d+\) (?:Failure|Error):\n(.*?):/
16
- at.completed_re = /\d+ tests, \d+ assertions, \d+ failures, \d+ errors/
17
-
18
- at.add_exception %r%/\.git/%
19
- at.add_exception %r%\.rbc$%
20
- at.add_exception %r%test/rubygems/rubygems%
21
-
22
- at.find_directories.clear
23
- at.find_directories.push 'lib', 'test'
24
-
25
- at.add_mapping %r%^lib/rubygems.rb$% do |_, m|
26
- "test/rubygems/test_gem.rb"
27
- end
28
-
29
- at.add_mapping %r%^lib/rubygems/(.*).rb$% do |_, m|
30
- "test/rubygems/test_gem_#{m[1].gsub '/', '_'}.rb"
31
- end
32
-
33
- args = ARGV.reject { |a| a =~ /^-/ }
34
- at.find_directories = args unless args.empty?
35
-
36
- def at.handle_results results
37
- results = results.gsub(/\e\[\d+m/, '') # strip ascii color
38
- failed = results.scan(self.failed_results_re).map { |m, k|
39
- /(?<k>\w+)#(?<m>\w+)/ =~ m
40
- [m, k]
41
- }
42
-
43
- completed = results[self.completed_re]
44
-
45
- if completed then
46
- completed = completed.scan(/(\d+) (\w+)/).map { |v, k| [k, v.to_i] }
47
-
48
- self.latest_results = Hash[*completed.flatten]
49
- self.files_to_test = consolidate_failures failed
50
-
51
- color = failed.empty? ? :green : :red
52
- hook color unless $TESTING
53
- else
54
- self.latest_results = nil
55
- end
56
-
57
- self.tainted = true unless self.files_to_test.empty?
58
- end
59
-
60
- def at.path_to_classname s
61
- sep = File::SEPARATOR
62
-
63
- f = s.sub(/^test#{sep}rubygems#{sep}/, '').sub(/\.rb$/, '').split sep
64
-
65
- f = f.map { |path| path.split(/_|(\d+)/).map { |seg| seg.capitalize }.join }
66
-
67
- f.join('::').
68
- gsub('Rdoc', 'RDoc').
69
- gsub('GemDependencyApi', 'GemDependencyAPI')
70
- end
71
- end
data/.document DELETED
@@ -1,5 +0,0 @@
1
- README
2
- LICENSE.txt
3
- GPL.txt
4
- lib
5
- release_notes
data/.travis.yml DELETED
@@ -1,46 +0,0 @@
1
- ---
2
- after_script:
3
- - rake travis:after -t
4
- before_script:
5
- - gem uninstall executable-hooks gem-wrappers -x --force -i `gem env home`@global
6
- - gem install rake --no-document
7
- - gem install hoe-travis --no-document
8
- - gem install minitest -v '~> 4.7' --no-document
9
- - rake travis:before -t
10
- - gem list --details
11
- - gem env
12
- language: ruby
13
- notifications:
14
- email:
15
- - drbrain@segment7.net
16
- - evan+notify@phx.io
17
- rvm:
18
- - 1.8.7
19
- - 1.9.2
20
- - 1.9.3
21
- - 2.0.0
22
- - 2.1.7
23
- - 2.2.3
24
- - 2.3.0
25
- - ruby-head
26
- env:
27
- - "YAML=syck"
28
- - "YAML=psych"
29
- script: rake travis
30
- matrix:
31
- exclude:
32
- - rvm: 1.8.7
33
- env: "YAML=psych"
34
- - rvm: 2.0.0
35
- env: "YAML=syck"
36
- - rvm: 2.1.7
37
- env: "YAML=syck"
38
- - rvm: 2.2.3
39
- env: "YAML=syck"
40
- - rvm: 2.3.0
41
- env: "YAML=syck"
42
- - rvm: ruby-head
43
- env: "YAML=syck"
44
- allow_failures:
45
- - rvm: ruby-head
46
- sudo: false
data/CONTRIBUTING.rdoc DELETED
@@ -1,129 +0,0 @@
1
- = How to contribute
2
-
3
- Community involvement is essential to RubyGems. We want to keep it easy as
4
- possible to contribute changes. There are a few guidelines that we need
5
- contributors to follow to reduce the time it takes to get changes merged in.
6
-
7
- == Guidelines
8
-
9
- 1. New features should be coupled with tests.
10
-
11
- 2. Ensure that your code blends well with ours:
12
- * No trailing whitespace
13
- * Match indentation (two spaces)
14
- * Match coding style (`if`, `elsif`, `when` need trailing `then`)
15
-
16
- 3. Don't modify the history file or version number.
17
-
18
- 4. If you have any questions, just ask on IRC in #rubygems on Freenode or file
19
- an issue here: http://github.com/rubygems/rubygems/issues
20
-
21
- For more information and ideas on how to contribute to RubyGems ecosystem, see
22
- here: http://guides.rubygems.org/contributing/
23
-
24
- == Getting Started
25
-
26
- $ gem install hoe
27
- $ rake newb
28
-
29
- To run commands like `gem install` from the repo:
30
-
31
- $ ruby -Ilib bin/gem install
32
-
33
- == Issues
34
-
35
- RubyGems uses labels to track all issues and pull requests. In order to provide
36
- guidance to the community this is documentation of how labels are used in the
37
- rubygems repository.
38
-
39
- === Type
40
-
41
- Most Issues or pull requests will have one of these labels, which describes the
42
- type of the issue or pull request.
43
-
44
- * <b>bug report</b> - An issue describing a bug in rubygems. This would be something
45
- that is broken, confusing, unexpected behavior etc.
46
- * <b>bugfix</b> - A pull request that fixes a bug report.
47
- * <b>feature request</b> - An issue describing a request for a new feature or
48
- enhancement.
49
- * <b>feature implementation</b> - A pull request implementing a feature request.
50
- * <b>question</b> - An issue that is a more of a question than a call for specific
51
- changes in the codebase.
52
- * <b>cleanup</b> - Generally for a pull request that improves the code base without
53
- fixing a bug or implementing a feature.
54
- * <b>major bump</b> - This issue or pull request requires a major version bump
55
- * <b>administrative</b> - This issue relates to adminstrative tasks that need to
56
- take place as it relates to rubygems
57
-
58
- Bug report and Bugfix have the same color. And feature implementation and
59
- feature request have the same color since they are related labels.
60
-
61
- === Workflow
62
-
63
- These are labels that indicate the state of an issue, where it is in the process
64
- from being submitted to being closed. These are listed in rough progression
65
- order from submitted to closed.
66
-
67
- * <b>triage</b> - This is an issue or pull request that needs to be properly
68
- labeled by by a maintainer.
69
- * <b>accepted</b> - This issue / pull request has been accepted as valid and
70
- will be worked on by someone.
71
- * <b>ready for work</b> - An issue that is available for collaboration. This issue
72
- should have existing discussion on the problem, and a description of how to go
73
- about solving it. This label should be removed once someone has said they are
74
- going to work on it.
75
- * <b>claimed</b> - An issue that is claimed by a member of the community and is
76
- working on it. If the member can be assigned to the issue, they should be.
77
- * <b>feedback</b>- This issue/pull request is waiting on feedback from
78
- one ore more of the folks involved in the issue. Generally their should be an
79
- <tt>@username/team</tt> in the issue indicating who should respond.
80
- * <b>blocked</b> - the issue/pull request is currently unable to move forward because
81
- of some specific reason, generally this will be a reason that is outside
82
- RubyGems or needs feedback from some specific individual or group, and it may
83
- be a while before something it is resolved.
84
-
85
- Feedback and blocked all have the same color since they are all waiting on
86
- someone in particular to do something.
87
-
88
- === Inactive Reason
89
-
90
- Reasons are why an issue / pull request was closed without being worked on or
91
- accepted. There should also be more detailed information in the comments.
92
-
93
- * *duplicate* - This is a duplicate of an existing bug. The comments must
94
- reference the existing issue.
95
- * *abandonded* - This is an issue/pull request that has aged off, is no longer
96
- applicable or similar.
97
- * *declined* - An issue that won't be fixed/implemented or a pull request that
98
- is not accepted.
99
- * *deprecated* - An issue/pull request that no longer applies to the actively
100
- maintained codebase.
101
-
102
- All the reason labels are the same maroon color.
103
-
104
- === Categories
105
-
106
- These are aspects of the codebase, or what general area the issue or pull
107
- request pertains too. Not all issues will have a category.
108
-
109
- * <b>gemspec</b> - related to the gem specification itself
110
- * <b>API</b> - related to the public supported rubygems API. This is the code api,
111
- not a network related API.
112
- * <b>command</b> - related to something in <tt>Gem::Commands</tt>
113
- * <b>install</b> - related to gem installations
114
- * <b>documentation</b> - related to updating / fixing / clarifiying documentation or
115
- guides
116
-
117
- All category labels are the same blue color.
118
-
119
- === Platforms
120
-
121
- If an issue or pull request pertains to only one platform, then it should have
122
- an appropriate platform tag.
123
-
124
- * *windows*
125
- * *java*
126
- * *osx*
127
- * *linux*
128
-
129
- All platform tags are the same purple color.
data/CVE-2013-4287.txt DELETED
@@ -1,35 +0,0 @@
1
- = Algorithmic complexity vulnerability in RubyGems 2.0.7 and older
2
-
3
- RubyGems validates versions with a regular expression that is vulnerable to
4
- denial of service due to backtracking. For specially crafted RubyGems
5
- versions attackers can cause denial of service through CPU consumption.
6
-
7
- RubyGems versions 2.0.7 and older, 2.1.0.rc.1 and 2.1.0.rc.2 are vulnerable.
8
-
9
- Ruby versions 1.9.0 through 2.0.0p247 are vulnerable as they contain embedded
10
- versions of RubyGems.
11
-
12
- It does not appear to be possible to exploit this vulnerability by installing a
13
- gem for RubyGems 1.8.x or 2.0.x. Vulnerable uses of RubyGems API include
14
- packaging a gem (through `gem build`, Gem::Package or Gem::PackageTask),
15
- sending user input to Gem::Version.new, Gem::Version.correct? or use of the
16
- Gem::Version::VERSION_PATTERN or Gem::Version::ANCHORED_VERSION_PATTERN
17
- constants.
18
-
19
- Notably, users of bundler that install gems from git are vulnerable if a
20
- malicious author changes the gemspec to an invalid version.
21
-
22
- The vulnerability can be fixed by changing the first grouping to an atomic
23
- grouping in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb. For
24
- RubyGems 2.0.x:
25
-
26
- - VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?' # :nodoc:
27
- + VERSION_PATTERN = '[0-9]+(?>\.[0-9a-zA-Z]+)*(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?' # :nodoc:
28
-
29
- For RubyGems 1.8.x:
30
-
31
- - VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*' # :nodoc:
32
- + VERSION_PATTERN = '[0-9]+(?>\.[0-9a-zA-Z]+)*' # :nodoc:
33
-
34
- This vulnerability was discovered by Damir Sharipov <dammer2k@gmail.com>
35
-
data/CVE-2013-4363.txt DELETED
@@ -1,45 +0,0 @@
1
- = Algorithmic complexity vulnerability in RubyGems 2.1.4 and older
2
-
3
- The patch for CVE-2013-4287 was insufficiently verified so the combined
4
- regular expression for verifying gem version remains vulnerable following
5
- CVE-2013-4287.
6
-
7
- RubyGems validates versions with a regular expression that is vulnerable to
8
- denial of service due to backtracking. For specially crafted RubyGems
9
- versions attackers can cause denial of service through CPU consumption.
10
-
11
- RubyGems versions 2.1.4 and older are vulnerable.
12
-
13
- Ruby versions 1.9.0 through 2.0.0p247 are vulnerable as they contain embedded
14
- versions of RubyGems.
15
-
16
- It does not appear to be possible to exploit this vulnerability by installing a
17
- gem for RubyGems 1.8.x or newer. Vulnerable uses of RubyGems API include
18
- packaging a gem (through `gem build`, Gem::Package or Gem::PackageTask),
19
- sending user input to Gem::Version.new, Gem::Version.correct? or use of the
20
- Gem::Version::VERSION_PATTERN or Gem::Version::ANCHORED_VERSION_PATTERN
21
- constants.
22
-
23
- Notably, users of bundler that install gems from git are vulnerable if a
24
- malicious author changes the gemspec to an invalid version.
25
-
26
- The vulnerability can be fixed by changing the "*" repetition to a "?"
27
- repetition in Gem::Version::ANCHORED_VERSION_PATTERN in
28
- lib/rubygems/version.rb. For RubyGems 2.1.x:
29
-
30
- - ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc:
31
- + ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/ # :nodoc:
32
-
33
- For RubyGems 2.0.x:
34
-
35
- - ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc:
36
- + ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/ # :nodoc:
37
-
38
- For RubyGems 1.8.x:
39
-
40
- - ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc:
41
- + ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})?\s*\z/ # :nodoc:
42
-
43
-
44
- This vulnerability was discovered by Alexander Cherepanov <cherepan@mccme.ru>
45
-
data/CVE-2015-3900.txt DELETED
@@ -1,40 +0,0 @@
1
- = Request hijacking vulnerability in RubyGems 2.4.6 and earlier
2
-
3
- RubyGems provides the ability of a domain to direct clients to a separate
4
- host that is used to fetch gems and make API calls against. This mechanism
5
- is implemented via DNS, specificly a SRV record _rubygems._tcp under the
6
- original requested domain.
7
-
8
- For example, this is the one that users who use rubygems.org see:
9
-
10
- > dig _rubygems._tcp.rubygems.org SRV
11
-
12
- ;; ANSWER SECTION:
13
- _rubygems._tcp.rubygems.org. 600 IN SRV 0 1 80 api.rubygems.org.
14
-
15
- RubyGems did not validate the hostname returned in the SRV record before
16
- sending requests to it.
17
-
18
- This left clients open to a DNS hijack attack, whereby an attacker could
19
- return a SRV of their choosing and get the client to use it. For example:
20
-
21
- > dig _rubygems._tcp.rubygems.org SRV
22
-
23
- ;; ANSWER SECTION:
24
- _rubygems._tcp.rubygems.org. 600 IN SRV 0 1 80 gems.nottobetrusted.wtf
25
-
26
- The fix, detailed at https://github.com/rubygems/rubygems/commit/6bbee35,
27
- shows that we validate the record now to be under the original domain. This
28
- restricts the client to be using the original trust/security domain as they
29
- would have otherwise.
30
-
31
- RubyGems versions between 2.0 and 2.4.6 are vulnerable.
32
-
33
- RubyGems version 2.0.16, 2.2.4, and 2.4.7 have been released that fix this
34
- issue.
35
-
36
- Ruby versions 1.9.0 through 2.2.0 are vulnerable as they contain embedded
37
- versions of RubyGems.
38
-
39
- This vulnerability was reported by Jonathan Claudius <JClaudius@trustwave.com>.
40
-