rubygems-update 2.6.3 → 2.7.7
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of rubygems-update might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/.travis.yml +17 -34
- data/CODE_OF_CONDUCT.md +36 -33
- data/CONTRIBUTING.rdoc +56 -55
- data/History.txt +467 -10
- data/Manifest.txt +276 -4
- data/POLICIES.rdoc +4 -4
- data/README.md +72 -0
- data/Rakefile +77 -10
- data/appveyor.yml +61 -31
- data/bin/gem +1 -1
- data/bin/update_rubygems +2 -2
- data/bundler/CHANGELOG.md +2910 -0
- data/bundler/CODE_OF_CONDUCT.md +42 -0
- data/bundler/CONTRIBUTING.md +17 -0
- data/bundler/LICENSE.md +23 -0
- data/bundler/README.md +63 -0
- data/bundler/bundler.gemspec +57 -0
- data/bundler/exe/bundle +31 -0
- data/bundler/exe/bundle_ruby +60 -0
- data/bundler/exe/bundler +4 -0
- data/bundler/lib/bundler/build_metadata.rb +36 -0
- data/bundler/lib/bundler/capistrano.rb +22 -0
- data/bundler/lib/bundler/cli/add.rb +25 -0
- data/bundler/lib/bundler/cli/binstubs.rb +43 -0
- data/bundler/lib/bundler/cli/cache.rb +36 -0
- data/bundler/lib/bundler/cli/check.rb +38 -0
- data/bundler/lib/bundler/cli/clean.rb +25 -0
- data/bundler/lib/bundler/cli/common.rb +102 -0
- data/bundler/lib/bundler/cli/config.rb +119 -0
- data/bundler/lib/bundler/cli/console.rb +43 -0
- data/bundler/lib/bundler/cli/doctor.rb +94 -0
- data/bundler/lib/bundler/cli/exec.rb +104 -0
- data/bundler/lib/bundler/cli/gem.rb +252 -0
- data/bundler/lib/bundler/cli/info.rb +50 -0
- data/bundler/lib/bundler/cli/init.rb +47 -0
- data/bundler/lib/bundler/cli/inject.rb +60 -0
- data/bundler/lib/bundler/cli/install.rb +214 -0
- data/bundler/lib/bundler/cli/issue.rb +40 -0
- data/bundler/lib/bundler/cli/list.rb +22 -0
- data/bundler/lib/bundler/cli/lock.rb +63 -0
- data/bundler/lib/bundler/cli/open.rb +26 -0
- data/bundler/lib/bundler/cli/outdated.rb +260 -0
- data/bundler/lib/bundler/cli/package.rb +49 -0
- data/bundler/lib/bundler/cli/platform.rb +46 -0
- data/bundler/lib/bundler/cli/plugin.rb +24 -0
- data/bundler/lib/bundler/cli/pristine.rb +43 -0
- data/bundler/lib/bundler/cli/show.rb +75 -0
- data/bundler/lib/bundler/cli/update.rb +91 -0
- data/bundler/lib/bundler/cli/viz.rb +31 -0
- data/bundler/lib/bundler/cli.rb +748 -0
- data/bundler/lib/bundler/compact_index_client/cache.rb +118 -0
- data/bundler/lib/bundler/compact_index_client/updater.rb +116 -0
- data/bundler/lib/bundler/compact_index_client.rb +109 -0
- data/bundler/lib/bundler/compatibility_guard.rb +14 -0
- data/bundler/lib/bundler/constants.rb +7 -0
- data/bundler/lib/bundler/current_ruby.rb +86 -0
- data/bundler/lib/bundler/definition.rb +989 -0
- data/bundler/lib/bundler/dep_proxy.rb +48 -0
- data/bundler/lib/bundler/dependency.rb +138 -0
- data/bundler/lib/bundler/deployment.rb +69 -0
- data/bundler/lib/bundler/deprecate.rb +43 -0
- data/bundler/lib/bundler/dsl.rb +599 -0
- data/bundler/lib/bundler/endpoint_specification.rb +141 -0
- data/bundler/lib/bundler/env.rb +153 -0
- data/bundler/lib/bundler/environment_preserver.rb +59 -0
- data/bundler/lib/bundler/errors.rb +158 -0
- data/bundler/lib/bundler/feature_flag.rb +67 -0
- data/bundler/lib/bundler/fetcher/base.rb +52 -0
- data/bundler/lib/bundler/fetcher/compact_index.rb +126 -0
- data/bundler/lib/bundler/fetcher/dependency.rb +82 -0
- data/bundler/lib/bundler/fetcher/downloader.rb +79 -0
- data/bundler/lib/bundler/fetcher/index.rb +52 -0
- data/bundler/lib/bundler/fetcher.rb +312 -0
- data/bundler/lib/bundler/friendly_errors.rb +131 -0
- data/bundler/lib/bundler/gem_helper.rb +202 -0
- data/bundler/lib/bundler/gem_helpers.rb +101 -0
- data/bundler/lib/bundler/gem_remote_fetcher.rb +43 -0
- data/bundler/lib/bundler/gem_tasks.rb +7 -0
- data/bundler/lib/bundler/gem_version_promoter.rb +176 -0
- data/bundler/lib/bundler/gemdeps.rb +29 -0
- data/bundler/lib/bundler/graph.rb +152 -0
- data/bundler/lib/bundler/index.rb +213 -0
- data/bundler/lib/bundler/injector.rb +94 -0
- data/bundler/lib/bundler/inline.rb +74 -0
- data/bundler/lib/bundler/installer/gem_installer.rb +83 -0
- data/bundler/lib/bundler/installer/parallel_installer.rb +228 -0
- data/bundler/lib/bundler/installer/standalone.rb +53 -0
- data/bundler/lib/bundler/installer.rb +295 -0
- data/bundler/lib/bundler/lazy_specification.rb +123 -0
- data/bundler/lib/bundler/lockfile_generator.rb +95 -0
- data/bundler/lib/bundler/lockfile_parser.rb +256 -0
- data/bundler/lib/bundler/match_platform.rb +24 -0
- data/bundler/lib/bundler/mirror.rb +223 -0
- data/bundler/lib/bundler/plugin/api/source.rb +306 -0
- data/bundler/lib/bundler/plugin/api.rb +81 -0
- data/bundler/lib/bundler/plugin/dsl.rb +53 -0
- data/bundler/lib/bundler/plugin/index.rb +162 -0
- data/bundler/lib/bundler/plugin/installer/git.rb +38 -0
- data/bundler/lib/bundler/plugin/installer/rubygems.rb +27 -0
- data/bundler/lib/bundler/plugin/installer.rb +96 -0
- data/bundler/lib/bundler/plugin/source_list.rb +27 -0
- data/bundler/lib/bundler/plugin.rb +285 -0
- data/bundler/lib/bundler/process_lock.rb +24 -0
- data/bundler/lib/bundler/psyched_yaml.rb +37 -0
- data/bundler/lib/bundler/remote_specification.rb +114 -0
- data/bundler/lib/bundler/resolver/spec_group.rb +110 -0
- data/bundler/lib/bundler/resolver.rb +372 -0
- data/bundler/lib/bundler/retry.rb +66 -0
- data/bundler/lib/bundler/ruby_dsl.rb +18 -0
- data/bundler/lib/bundler/ruby_version.rb +152 -0
- data/bundler/lib/bundler/rubygems_ext.rb +210 -0
- data/bundler/lib/bundler/rubygems_gem_installer.rb +99 -0
- data/bundler/lib/bundler/rubygems_integration.rb +898 -0
- data/bundler/lib/bundler/runtime.rb +316 -0
- data/bundler/lib/bundler/settings/validator.rb +79 -0
- data/bundler/lib/bundler/settings.rb +442 -0
- data/bundler/lib/bundler/setup.rb +28 -0
- data/bundler/lib/bundler/shared_helpers.rb +356 -0
- data/bundler/lib/bundler/similarity_detector.rb +63 -0
- data/bundler/lib/bundler/source/gemspec.rb +18 -0
- data/bundler/lib/bundler/source/git/git_proxy.rb +262 -0
- data/bundler/lib/bundler/source/git.rb +329 -0
- data/bundler/lib/bundler/source/metadata.rb +63 -0
- data/bundler/lib/bundler/source/path/installer.rb +74 -0
- data/bundler/lib/bundler/source/path.rb +249 -0
- data/bundler/lib/bundler/source/rubygems/remote.rb +66 -0
- data/bundler/lib/bundler/source/rubygems.rb +535 -0
- data/bundler/lib/bundler/source.rb +94 -0
- data/bundler/lib/bundler/source_list.rb +186 -0
- data/bundler/lib/bundler/spec_set.rb +192 -0
- data/bundler/lib/bundler/ssl_certs/.document +1 -0
- data/bundler/lib/bundler/ssl_certs/certificate_manager.rb +66 -0
- data/bundler/lib/bundler/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +21 -0
- data/bundler/lib/bundler/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem +23 -0
- data/bundler/lib/bundler/stub_specification.rb +108 -0
- data/bundler/lib/bundler/templates/.document +1 -0
- data/bundler/lib/bundler/templates/Executable +29 -0
- data/bundler/lib/bundler/templates/Executable.bundler +105 -0
- data/bundler/lib/bundler/templates/Executable.standalone +14 -0
- data/bundler/lib/bundler/templates/Gemfile +7 -0
- data/bundler/lib/bundler/templates/gems.rb +8 -0
- data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +74 -0
- data/bundler/lib/bundler/templates/newgem/Gemfile.tt +6 -0
- data/bundler/lib/bundler/templates/newgem/LICENSE.txt.tt +21 -0
- data/bundler/lib/bundler/templates/newgem/README.md.tt +47 -0
- data/bundler/lib/bundler/templates/newgem/Rakefile.tt +29 -0
- data/bundler/lib/bundler/templates/newgem/bin/console.tt +14 -0
- data/bundler/lib/bundler/templates/newgem/bin/setup.tt +8 -0
- data/bundler/lib/bundler/templates/newgem/exe/newgem.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf.rb.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +9 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.h.tt +6 -0
- data/bundler/lib/bundler/templates/newgem/gitignore.tt +20 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +7 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +12 -0
- data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +51 -0
- data/bundler/lib/bundler/templates/newgem/rspec.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +9 -0
- data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +14 -0
- data/bundler/lib/bundler/templates/newgem/test/newgem_test.rb.tt +11 -0
- data/bundler/lib/bundler/templates/newgem/test/test_helper.rb.tt +4 -0
- data/bundler/lib/bundler/templates/newgem/travis.yml.tt +5 -0
- data/bundler/lib/bundler/ui/rg_proxy.rb +19 -0
- data/bundler/lib/bundler/ui/shell.rb +146 -0
- data/bundler/lib/bundler/ui/silent.rb +69 -0
- data/bundler/lib/bundler/ui.rb +9 -0
- data/bundler/lib/bundler/uri_credentials_filter.rb +37 -0
- data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +1638 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/compatibility.rb +26 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/delegates/specification_provider.rb +81 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/action.rb +36 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +66 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +62 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +63 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +61 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/log.rb +126 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/set_payload.rb +46 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/tag.rb +36 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb +126 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +223 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/errors.rb +138 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb +6 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +101 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/modules/ui.rb +67 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb +837 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/resolver.rb +46 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/state.rb +58 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo.rb +12 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/faster.rb +27 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/ssl_reuse.rb +129 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1233 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +104 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +60 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +118 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +143 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +364 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +109 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +321 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +679 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +135 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +97 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/io_binary_read.rb +12 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/ordered_hash.rb +129 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +32 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +281 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +177 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +37 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor.rb +17 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +70 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +175 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +146 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +221 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +71 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +324 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +437 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +149 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +126 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +81 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +268 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +3 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor.rb +509 -0
- data/bundler/lib/bundler/vendored_fileutils.rb +9 -0
- data/bundler/lib/bundler/vendored_molinillo.rb +4 -0
- data/bundler/lib/bundler/vendored_persistent.rb +52 -0
- data/bundler/lib/bundler/vendored_thor.rb +8 -0
- data/bundler/lib/bundler/version.rb +28 -0
- data/bundler/lib/bundler/version_ranges.rb +76 -0
- data/bundler/lib/bundler/vlad.rb +17 -0
- data/bundler/lib/bundler/worker.rb +106 -0
- data/bundler/lib/bundler/yaml_serializer.rb +90 -0
- data/bundler/lib/bundler.rb +545 -0
- data/bundler/man/bundle-add.ronn +29 -0
- data/bundler/man/bundle-binstubs.ronn +43 -0
- data/bundler/man/bundle-check.ronn +26 -0
- data/bundler/man/bundle-clean.ronn +18 -0
- data/bundler/man/bundle-config.ronn +376 -0
- data/bundler/man/bundle-doctor.ronn +33 -0
- data/bundler/man/bundle-exec.ronn +152 -0
- data/bundler/man/bundle-gem.ronn +78 -0
- data/bundler/man/bundle-info.ronn +17 -0
- data/bundler/man/bundle-init.ronn +29 -0
- data/bundler/man/bundle-inject.ronn +22 -0
- data/bundler/man/bundle-install.ronn +369 -0
- data/bundler/man/bundle-list.ronn +15 -0
- data/bundler/man/bundle-lock.ronn +94 -0
- data/bundler/man/bundle-open.ronn +19 -0
- data/bundler/man/bundle-outdated.ronn +107 -0
- data/bundler/man/bundle-package.ronn +72 -0
- data/bundler/man/bundle-platform.ronn +42 -0
- data/bundler/man/bundle-pristine.ronn +34 -0
- data/bundler/man/bundle-show.ronn +20 -0
- data/bundler/man/bundle-update.ronn +346 -0
- data/bundler/man/bundle-viz.ronn +30 -0
- data/bundler/man/bundle.ronn +108 -0
- data/bundler/man/gemfile.5.ronn +506 -0
- data/lib/rubygems/basic_specification.rb +8 -4
- data/lib/rubygems/bundler_version_finder.rb +116 -0
- data/lib/rubygems/command.rb +10 -2
- data/lib/rubygems/command_manager.rb +3 -1
- data/lib/rubygems/commands/cert_command.rb +31 -6
- data/lib/rubygems/commands/cleanup_command.rb +10 -3
- data/lib/rubygems/commands/generate_index_command.rb +1 -1
- data/lib/rubygems/commands/help_command.rb +1 -1
- data/lib/rubygems/commands/open_command.rb +1 -1
- data/lib/rubygems/commands/owner_command.rb +4 -2
- data/lib/rubygems/commands/pristine_command.rb +11 -8
- data/lib/rubygems/commands/push_command.rb +3 -2
- data/lib/rubygems/commands/query_command.rb +17 -17
- data/lib/rubygems/commands/setup_command.rb +175 -70
- data/lib/rubygems/commands/signin_command.rb +33 -0
- data/lib/rubygems/commands/signout_command.rb +33 -0
- data/lib/rubygems/commands/sources_command.rb +1 -1
- data/lib/rubygems/commands/uninstall_command.rb +4 -3
- data/lib/rubygems/commands/unpack_command.rb +19 -7
- data/lib/rubygems/commands/update_command.rb +2 -2
- data/lib/rubygems/commands/which_command.rb +1 -1
- data/lib/rubygems/commands/yank_command.rb +4 -11
- data/lib/rubygems/config_file.rb +21 -28
- data/lib/rubygems/core_ext/kernel_require.rb +10 -9
- data/lib/rubygems/defaults.rb +18 -0
- data/lib/rubygems/dependency.rb +10 -4
- data/lib/rubygems/dependency_installer.rb +8 -2
- data/lib/rubygems/dependency_list.rb +1 -1
- data/lib/rubygems/errors.rb +4 -0
- data/lib/rubygems/exceptions.rb +11 -1
- data/lib/rubygems/ext/builder.rb +2 -2
- data/lib/rubygems/ext/ext_conf_builder.rb +7 -7
- data/lib/rubygems/ext/rake_builder.rb +2 -2
- data/lib/rubygems/gem_runner.rb +5 -1
- data/lib/rubygems/indexer.rb +6 -5
- data/lib/rubygems/install_update_options.rb +5 -28
- data/lib/rubygems/installer.rb +53 -22
- data/lib/rubygems/installer_test_case.rb +6 -3
- data/lib/rubygems/package/file_source.rb +2 -2
- data/lib/rubygems/package/old.rb +3 -3
- data/lib/rubygems/package/tar_header.rb +14 -9
- data/lib/rubygems/package/tar_writer.rb +12 -16
- data/lib/rubygems/package.rb +48 -9
- data/lib/rubygems/platform.rb +1 -1
- data/lib/rubygems/remote_fetcher.rb +13 -18
- data/lib/rubygems/request.rb +47 -1
- data/lib/rubygems/request_set/gem_dependency_api.rb +3 -3
- data/lib/rubygems/request_set/lockfile/tokenizer.rb +1 -1
- data/lib/rubygems/request_set/lockfile.rb +1 -1
- data/lib/rubygems/request_set.rb +22 -3
- data/lib/rubygems/requirement.rb +5 -1
- data/lib/rubygems/resolver/installer_set.rb +4 -6
- data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +50 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb +80 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb +35 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +65 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +61 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +62 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +60 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb +125 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb +45 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb +35 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb +125 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +78 -147
- data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb +1 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +1 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb +1 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb +110 -75
- data/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb +4 -2
- data/lib/rubygems/resolver/set.rb +1 -1
- data/lib/rubygems/resolver.rb +61 -5
- data/lib/rubygems/safe_yaml.rb +51 -0
- data/lib/rubygems/security/signer.rb +2 -0
- data/lib/rubygems/security/trust_dir.rb +1 -1
- data/lib/rubygems/security.rb +12 -5
- data/lib/rubygems/security_option.rb +43 -0
- data/lib/rubygems/server.rb +49 -40
- data/lib/rubygems/source/git.rb +2 -1
- data/lib/rubygems/source/local.rb +38 -35
- data/lib/rubygems/source/lock.rb +4 -1
- data/lib/rubygems/source.rb +9 -6
- data/lib/rubygems/source_local.rb +3 -1
- data/lib/rubygems/source_specific_file.rb +3 -2
- data/lib/rubygems/spec_fetcher.rb +7 -3
- data/lib/rubygems/specification.rb +317 -251
- data/lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +21 -0
- data/lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem +25 -0
- data/lib/rubygems/stub_specification.rb +10 -4
- data/lib/rubygems/test_case.rb +51 -11
- data/lib/rubygems/test_utilities.rb +2 -2
- data/lib/rubygems/text.rb +14 -1
- data/lib/rubygems/user_interaction.rb +22 -20
- data/lib/rubygems/util/licenses.rb +37 -0
- data/lib/rubygems/util.rb +6 -16
- data/lib/rubygems/validator.rb +3 -3
- data/lib/rubygems/version.rb +24 -5
- data/lib/rubygems/version_option.rb +6 -1
- data/lib/rubygems.rb +147 -45
- data/lib/ubygems.rb +3 -0
- data/setup.rb +1 -1
- data/test/rubygems/alternate_cert.pem +10 -9
- data/test/rubygems/alternate_cert_32.pem +10 -9
- data/test/rubygems/child_cert.pem +11 -9
- data/test/rubygems/child_cert_32.pem +11 -9
- data/test/rubygems/encrypted_private_key.pem +26 -26
- data/test/rubygems/expired_cert.pem +9 -8
- data/test/rubygems/future_cert.pem +9 -8
- data/test/rubygems/future_cert_32.pem +9 -8
- data/test/rubygems/grandchild_cert.pem +11 -9
- data/test/rubygems/grandchild_cert_32.pem +11 -9
- data/test/rubygems/invalid_issuer_cert.pem +11 -9
- data/test/rubygems/invalid_issuer_cert_32.pem +11 -9
- data/test/rubygems/invalid_signer_cert.pem +10 -9
- data/test/rubygems/invalid_signer_cert_32.pem +10 -9
- data/test/rubygems/invalidchild_cert.pem +11 -9
- data/test/rubygems/invalidchild_cert_32.pem +11 -9
- data/test/rubygems/private3072_key.pem +40 -0
- data/test/rubygems/public3072_cert.pem +25 -0
- data/test/rubygems/public_cert.pem +11 -9
- data/test/rubygems/public_cert_32.pem +10 -9
- data/test/rubygems/rubygems_plugin.rb +4 -0
- data/test/rubygems/test_bundled_ca.rb +1 -1
- data/test/rubygems/test_config.rb +1 -1
- data/test/rubygems/test_gem.rb +168 -55
- data/test/rubygems/test_gem_bundler_version_finder.rb +125 -0
- data/test/rubygems/test_gem_command.rb +7 -1
- data/test/rubygems/test_gem_commands_build_command.rb +27 -1
- data/test/rubygems/test_gem_commands_cert_command.rb +64 -0
- data/test/rubygems/test_gem_commands_cleanup_command.rb +44 -1
- data/test/rubygems/test_gem_commands_install_command.rb +36 -2
- data/test/rubygems/test_gem_commands_open_command.rb +2 -1
- data/test/rubygems/test_gem_commands_owner_command.rb +25 -0
- data/test/rubygems/test_gem_commands_pristine_command.rb +1 -1
- data/test/rubygems/test_gem_commands_push_command.rb +5 -5
- data/test/rubygems/test_gem_commands_query_command.rb +154 -1
- data/test/rubygems/test_gem_commands_setup_command.rb +140 -10
- data/test/rubygems/test_gem_commands_signin_command.rb +98 -0
- data/test/rubygems/test_gem_commands_signout_command.rb +37 -0
- data/test/rubygems/test_gem_commands_sources_command.rb +52 -0
- data/test/rubygems/test_gem_commands_uninstall_command.rb +14 -2
- data/test/rubygems/test_gem_commands_update_command.rb +1 -7
- data/test/rubygems/test_gem_commands_which_command.rb +3 -3
- data/test/rubygems/test_gem_config_file.rb +1 -2
- data/test/rubygems/test_gem_dependency.rb +28 -0
- data/test/rubygems/test_gem_dependency_installer.rb +1 -1
- data/test/rubygems/test_gem_doctor.rb +2 -2
- data/test/rubygems/test_gem_ext_builder.rb +8 -8
- data/test/rubygems/test_gem_ext_configure_builder.rb +1 -1
- data/test/rubygems/test_gem_ext_ext_conf_builder.rb +23 -0
- data/test/rubygems/test_gem_ext_rake_builder.rb +33 -16
- data/test/rubygems/test_gem_gemcutter_utilities.rb +4 -4
- data/test/rubygems/test_gem_indexer.rb +1 -2
- data/test/rubygems/test_gem_install_update_options.rb +4 -1
- data/test/rubygems/test_gem_installer.rb +230 -32
- data/test/rubygems/test_gem_package.rb +156 -29
- data/test/rubygems/test_gem_package_old.rb +1 -1
- data/test/rubygems/test_gem_package_tar_header.rb +21 -0
- data/test/rubygems/test_gem_package_tar_writer.rb +24 -0
- data/test/rubygems/test_gem_rdoc.rb +2 -0
- data/test/rubygems/test_gem_remote_fetcher.rb +38 -19
- data/test/rubygems/test_gem_request.rb +132 -0
- data/test/rubygems/test_gem_request_connection_pools.rb +6 -7
- data/test/rubygems/test_gem_request_set.rb +7 -7
- data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +3 -3
- data/test/rubygems/test_gem_request_set_lockfile.rb +4 -4
- data/test/rubygems/test_gem_request_set_lockfile_parser.rb +1 -1
- data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -1
- data/test/rubygems/test_gem_requirement.rb +6 -0
- data/test/rubygems/test_gem_resolver.rb +29 -3
- data/test/rubygems/test_gem_resolver_conflict.rb +1 -1
- data/test/rubygems/test_gem_resolver_git_specification.rb +1 -1
- data/test/rubygems/test_gem_security.rb +5 -0
- data/test/rubygems/test_gem_security_policy.rb +27 -27
- data/test/rubygems/test_gem_security_signer.rb +14 -6
- data/test/rubygems/test_gem_security_trust_dir.rb +2 -2
- data/test/rubygems/test_gem_server.rb +210 -12
- data/test/rubygems/test_gem_source.rb +12 -3
- data/test/rubygems/test_gem_source_fetch_problem.rb +8 -0
- data/test/rubygems/test_gem_source_git.rb +1 -1
- data/test/rubygems/test_gem_spec_fetcher.rb +20 -0
- data/test/rubygems/test_gem_specification.rb +163 -32
- data/test/rubygems/test_gem_stream_ui.rb +6 -6
- data/test/rubygems/test_gem_stub_specification.rb +85 -6
- data/test/rubygems/test_gem_text.rb +11 -0
- data/test/rubygems/test_gem_util.rb +26 -0
- data/test/rubygems/test_gem_version.rb +46 -7
- data/test/rubygems/test_gem_version_option.rb +15 -0
- data/test/rubygems/test_kernel.rb +30 -0
- data/test/rubygems/test_remote_fetch_error.rb +21 -0
- data/test/rubygems/test_require.rb +95 -21
- data/test/rubygems/wrong_key_cert.pem +10 -9
- data/test/rubygems/wrong_key_cert_32.pem +10 -9
- data/util/ci +74 -0
- data/util/create_certs.rb +64 -49
- data/util/generate_spdx_license_list.rb +2 -1
- data/util/patch_with_prs.rb +77 -0
- data/util/update_bundled_ca_certificates.rb +23 -2
- data/util/update_changelog.rb +67 -0
- metadata +301 -48
- data/README.rdoc +0 -54
- data/lib/gauntlet_rubygems.rb +0 -51
- data/lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRoot.pem +0 -18
- /data/{lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot-2048.pem → bundler/lib/bundler/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem} +0 -0
|
@@ -52,6 +52,7 @@ module Gem::Resolver::Molinillo
|
|
|
52
52
|
@base = base
|
|
53
53
|
@states = []
|
|
54
54
|
@iteration_counter = 0
|
|
55
|
+
@parents_of = Hash.new { |h, k| h[k] = [] }
|
|
55
56
|
end
|
|
56
57
|
|
|
57
58
|
# Resolves the {#original_requested} dependencies into a full dependency
|
|
@@ -67,7 +68,12 @@ module Gem::Resolver::Molinillo
|
|
|
67
68
|
indicate_progress
|
|
68
69
|
if state.respond_to?(:pop_possibility_state) # DependencyState
|
|
69
70
|
debug(depth) { "Creating possibility state for #{requirement} (#{possibilities.count} remaining)" }
|
|
70
|
-
state.pop_possibility_state.tap
|
|
71
|
+
state.pop_possibility_state.tap do |s|
|
|
72
|
+
if s
|
|
73
|
+
states.push(s)
|
|
74
|
+
activated.tag(s)
|
|
75
|
+
end
|
|
76
|
+
end
|
|
71
77
|
end
|
|
72
78
|
process_topmost_state
|
|
73
79
|
end
|
|
@@ -99,7 +105,7 @@ module Gem::Resolver::Molinillo
|
|
|
99
105
|
|
|
100
106
|
handle_missing_or_push_dependency_state(initial_state)
|
|
101
107
|
|
|
102
|
-
debug { "Starting resolution (#{@started_at})" }
|
|
108
|
+
debug { "Starting resolution (#{@started_at})\nUser-requested dependencies: #{original_requested}" }
|
|
103
109
|
resolver_ui.before_resolution
|
|
104
110
|
end
|
|
105
111
|
|
|
@@ -118,27 +124,11 @@ module Gem::Resolver::Molinillo
|
|
|
118
124
|
require 'rubygems/resolver/molinillo/lib/molinillo/state'
|
|
119
125
|
require 'rubygems/resolver/molinillo/lib/molinillo/modules/specification_provider'
|
|
120
126
|
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
current_state = state || ResolutionState.empty
|
|
124
|
-
current_state.send(member, *args, &block)
|
|
125
|
-
end
|
|
126
|
-
end
|
|
127
|
+
require 'rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state'
|
|
128
|
+
require 'rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider'
|
|
127
129
|
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
begin
|
|
131
|
-
specification_provider.send(instance_method, *args, &block)
|
|
132
|
-
rescue NoSuchDependencyError => error
|
|
133
|
-
if state
|
|
134
|
-
vertex = activated.vertex_named(name_for error.dependency)
|
|
135
|
-
error.required_by += vertex.incoming_edges.map { |e| e.origin.name }
|
|
136
|
-
error.required_by << name_for_explicit_dependency_source unless vertex.explicit_requirements.empty?
|
|
137
|
-
end
|
|
138
|
-
raise
|
|
139
|
-
end
|
|
140
|
-
end
|
|
141
|
-
end
|
|
130
|
+
include Gem::Resolver::Molinillo::Delegates::ResolutionState
|
|
131
|
+
include Gem::Resolver::Molinillo::Delegates::SpecificationProvider
|
|
142
132
|
|
|
143
133
|
# Processes the topmost available {RequirementState} on the stack
|
|
144
134
|
# @return [void]
|
|
@@ -169,6 +159,7 @@ module Gem::Resolver::Molinillo
|
|
|
169
159
|
def initial_state
|
|
170
160
|
graph = DependencyGraph.new.tap do |dg|
|
|
171
161
|
original_requested.each { |r| dg.add_vertex(name_for(r), nil, true).tap { |v| v.explicit_requirements << r } }
|
|
162
|
+
dg.tag(:initial_state)
|
|
172
163
|
end
|
|
173
164
|
|
|
174
165
|
requirements = sort_dependencies(original_requested, graph, {})
|
|
@@ -187,11 +178,14 @@ module Gem::Resolver::Molinillo
|
|
|
187
178
|
# Unwinds the states stack because a conflict has been encountered
|
|
188
179
|
# @return [void]
|
|
189
180
|
def unwind_for_conflict
|
|
190
|
-
debug(depth) { "Unwinding for conflict: #{requirement}" }
|
|
181
|
+
debug(depth) { "Unwinding for conflict: #{requirement} to #{state_index_for_unwind / 2}" }
|
|
191
182
|
conflicts.tap do |c|
|
|
192
|
-
states.slice!((state_index_for_unwind + 1)..-1)
|
|
183
|
+
sliced_states = states.slice!((state_index_for_unwind + 1)..-1)
|
|
193
184
|
raise VersionConflict.new(c) unless state
|
|
185
|
+
activated.rewind_to(sliced_states.first || :initial_state) if sliced_states
|
|
194
186
|
state.conflicts = c
|
|
187
|
+
index = states.size - 1
|
|
188
|
+
@parents_of.each { |_, a| a.reject! { |i| i >= index } }
|
|
195
189
|
end
|
|
196
190
|
end
|
|
197
191
|
|
|
@@ -200,37 +194,36 @@ module Gem::Resolver::Molinillo
|
|
|
200
194
|
def state_index_for_unwind
|
|
201
195
|
current_requirement = requirement
|
|
202
196
|
existing_requirement = requirement_for_existing_name(name)
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
197
|
+
index = -1
|
|
198
|
+
[current_requirement, existing_requirement].each do |r|
|
|
199
|
+
until r.nil?
|
|
200
|
+
current_state = find_state_for(r)
|
|
201
|
+
if state_any?(current_state)
|
|
202
|
+
current_index = states.index(current_state)
|
|
203
|
+
index = current_index if current_index > index
|
|
204
|
+
break
|
|
205
|
+
end
|
|
206
|
+
r = parent_of(r)
|
|
207
|
+
end
|
|
207
208
|
end
|
|
208
209
|
|
|
209
|
-
|
|
210
|
-
existing_state = find_state_for(existing_requirement)
|
|
211
|
-
return states.index(existing_state) if state_any?(existing_state)
|
|
212
|
-
existing_requirement = parent_of(existing_requirement)
|
|
213
|
-
end
|
|
214
|
-
-1
|
|
210
|
+
index
|
|
215
211
|
end
|
|
216
212
|
|
|
217
213
|
# @return [Object] the requirement that led to `requirement` being added
|
|
218
214
|
# to the list of requirements.
|
|
219
215
|
def parent_of(requirement)
|
|
220
|
-
return
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
seen && s.requirement != requirement && !s.requirements.include?(requirement)
|
|
225
|
-
end
|
|
226
|
-
state && state.requirement
|
|
216
|
+
return unless requirement
|
|
217
|
+
return unless index = @parents_of[requirement].last
|
|
218
|
+
return unless parent_state = @states[index]
|
|
219
|
+
parent_state.requirement
|
|
227
220
|
end
|
|
228
221
|
|
|
229
222
|
# @return [Object] the requirement that led to a version of a possibility
|
|
230
223
|
# with the given name being activated.
|
|
231
224
|
def requirement_for_existing_name(name)
|
|
232
225
|
return nil unless activated.vertex_named(name).payload
|
|
233
|
-
states.
|
|
226
|
+
states.find { |s| s.name == name }.requirement
|
|
234
227
|
end
|
|
235
228
|
|
|
236
229
|
# @return [ResolutionState] the state whose `requirement` is the given
|
|
@@ -250,19 +243,25 @@ module Gem::Resolver::Molinillo
|
|
|
250
243
|
# the {#possibility} in conjunction with the current {#state}
|
|
251
244
|
def create_conflict
|
|
252
245
|
vertex = activated.vertex_named(name)
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
246
|
+
locked_requirement = locked_requirement_named(name)
|
|
247
|
+
|
|
248
|
+
requirements = {}
|
|
249
|
+
unless vertex.explicit_requirements.empty?
|
|
250
|
+
requirements[name_for_explicit_dependency_source] = vertex.explicit_requirements
|
|
251
|
+
end
|
|
252
|
+
requirements[name_for_locking_dependency_source] = [locked_requirement] if locked_requirement
|
|
257
253
|
vertex.incoming_edges.each { |edge| (requirements[edge.origin.payload] ||= []).unshift(edge.requirement) }
|
|
254
|
+
|
|
255
|
+
activated_by_name = {}
|
|
256
|
+
activated.each { |v| activated_by_name[v.name] = v.payload if v.payload }
|
|
258
257
|
conflicts[name] = Conflict.new(
|
|
259
258
|
requirement,
|
|
260
|
-
|
|
259
|
+
requirements,
|
|
261
260
|
vertex.payload,
|
|
262
261
|
possibility,
|
|
263
|
-
|
|
262
|
+
locked_requirement,
|
|
264
263
|
requirement_trees,
|
|
265
|
-
|
|
264
|
+
activated_by_name
|
|
266
265
|
)
|
|
267
266
|
end
|
|
268
267
|
|
|
@@ -341,29 +340,56 @@ module Gem::Resolver::Molinillo
|
|
|
341
340
|
# spec with the given name
|
|
342
341
|
# @return [Boolean] Whether the possibility was swapped into {#activated}
|
|
343
342
|
def attempt_to_swap_possibility
|
|
344
|
-
|
|
345
|
-
vertex =
|
|
346
|
-
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
343
|
+
activated.tag(:swap)
|
|
344
|
+
vertex = activated.vertex_named(name)
|
|
345
|
+
activated.set_payload(name, possibility)
|
|
346
|
+
if !vertex.requirements.
|
|
347
|
+
all? { |r| requirement_satisfied_by?(r, activated, possibility) } ||
|
|
348
|
+
!new_spec_satisfied?
|
|
349
|
+
activated.rewind_to(:swap)
|
|
350
|
+
return
|
|
351
|
+
end
|
|
352
|
+
fixup_swapped_children(vertex)
|
|
353
353
|
activate_spec
|
|
354
354
|
end
|
|
355
355
|
|
|
356
356
|
# Ensures there are no orphaned successors to the given {vertex}.
|
|
357
357
|
# @param [DependencyGraph::Vertex] vertex the vertex to fix up.
|
|
358
358
|
# @return [void]
|
|
359
|
-
def fixup_swapped_children(vertex)
|
|
359
|
+
def fixup_swapped_children(vertex) # rubocop:disable Metrics/CyclomaticComplexity
|
|
360
360
|
payload = vertex.payload
|
|
361
|
-
|
|
362
|
-
vertex.
|
|
363
|
-
|
|
361
|
+
deps = dependencies_for(payload).group_by(&method(:name_for))
|
|
362
|
+
vertex.outgoing_edges.each do |outgoing_edge|
|
|
363
|
+
requirement = outgoing_edge.requirement
|
|
364
|
+
parent_index = @parents_of[requirement].last
|
|
365
|
+
succ = outgoing_edge.destination
|
|
366
|
+
matching_deps = Array(deps[succ.name])
|
|
367
|
+
dep_matched = matching_deps.include?(requirement)
|
|
368
|
+
|
|
369
|
+
# only push the current index when it was originally required by the
|
|
370
|
+
# same named spec
|
|
371
|
+
if parent_index && states[parent_index].name == name
|
|
372
|
+
@parents_of[requirement].push(states.size - 1)
|
|
373
|
+
end
|
|
374
|
+
|
|
375
|
+
if matching_deps.empty? && !succ.root? && succ.predecessors.to_a == [vertex]
|
|
364
376
|
debug(depth) { "Removing orphaned spec #{succ.name} after swapping #{name}" }
|
|
365
|
-
|
|
366
|
-
|
|
377
|
+
succ.requirements.each { |r| @parents_of.delete(r) }
|
|
378
|
+
|
|
379
|
+
removed_names = activated.detach_vertex_named(succ.name).map(&:name)
|
|
380
|
+
requirements.delete_if do |r|
|
|
381
|
+
# the only removed vertices are those with no other requirements,
|
|
382
|
+
# so it's safe to delete only based upon name here
|
|
383
|
+
removed_names.include?(name_for(r))
|
|
384
|
+
end
|
|
385
|
+
elsif !dep_matched
|
|
386
|
+
debug(depth) { "Removing orphaned dependency #{requirement} after swapping #{name}" }
|
|
387
|
+
# also reset if we're removing the edge, but only if its parent has
|
|
388
|
+
# already been fixed up
|
|
389
|
+
@parents_of[requirement].push(states.size - 1) if @parents_of[requirement].empty?
|
|
390
|
+
|
|
391
|
+
activated.delete_edge(outgoing_edge)
|
|
392
|
+
requirements.delete(requirement)
|
|
367
393
|
end
|
|
368
394
|
end
|
|
369
395
|
end
|
|
@@ -383,13 +409,18 @@ module Gem::Resolver::Molinillo
|
|
|
383
409
|
# @return [Boolean] whether the current spec is satisfied as a new
|
|
384
410
|
# possibility.
|
|
385
411
|
def new_spec_satisfied?
|
|
412
|
+
unless requirement_satisfied_by?(requirement, activated, possibility)
|
|
413
|
+
debug(depth) { 'Unsatisfied by requested spec' }
|
|
414
|
+
return false
|
|
415
|
+
end
|
|
416
|
+
|
|
386
417
|
locked_requirement = locked_requirement_named(name)
|
|
387
|
-
|
|
418
|
+
|
|
388
419
|
locked_spec_satisfied = !locked_requirement ||
|
|
389
420
|
requirement_satisfied_by?(locked_requirement, activated, possibility)
|
|
390
|
-
debug(depth) { 'Unsatisfied by requested spec' } unless requested_spec_satisfied
|
|
391
421
|
debug(depth) { 'Unsatisfied by locked spec' } unless locked_spec_satisfied
|
|
392
|
-
|
|
422
|
+
|
|
423
|
+
locked_spec_satisfied
|
|
393
424
|
end
|
|
394
425
|
|
|
395
426
|
# @param [String] requirement_name the spec name to search for
|
|
@@ -405,9 +436,8 @@ module Gem::Resolver::Molinillo
|
|
|
405
436
|
# @return [void]
|
|
406
437
|
def activate_spec
|
|
407
438
|
conflicts.delete(name)
|
|
408
|
-
debug(depth) {
|
|
409
|
-
|
|
410
|
-
vertex.payload = possibility
|
|
439
|
+
debug(depth) { "Activated #{name} at #{possibility}" }
|
|
440
|
+
activated.set_payload(name, possibility)
|
|
411
441
|
require_nested_dependencies_for(possibility)
|
|
412
442
|
end
|
|
413
443
|
|
|
@@ -418,19 +448,24 @@ module Gem::Resolver::Molinillo
|
|
|
418
448
|
def require_nested_dependencies_for(activated_spec)
|
|
419
449
|
nested_dependencies = dependencies_for(activated_spec)
|
|
420
450
|
debug(depth) { "Requiring nested dependencies (#{nested_dependencies.join(', ')})" }
|
|
421
|
-
nested_dependencies.each
|
|
451
|
+
nested_dependencies.each do |d|
|
|
452
|
+
activated.add_child_vertex(name_for(d), nil, [name_for(activated_spec)], d)
|
|
453
|
+
parent_index = states.size - 1
|
|
454
|
+
parents = @parents_of[d]
|
|
455
|
+
parents << parent_index if parents.empty?
|
|
456
|
+
end
|
|
422
457
|
|
|
423
|
-
push_state_for_requirements(requirements + nested_dependencies, nested_dependencies.
|
|
458
|
+
push_state_for_requirements(requirements + nested_dependencies, !nested_dependencies.empty?)
|
|
424
459
|
end
|
|
425
460
|
|
|
426
461
|
# Pushes a new {DependencyState} that encapsulates both existing and new
|
|
427
462
|
# requirements
|
|
428
463
|
# @param [Array] new_requirements
|
|
429
464
|
# @return [void]
|
|
430
|
-
def push_state_for_requirements(new_requirements, requires_sort = true, new_activated = activated
|
|
465
|
+
def push_state_for_requirements(new_requirements, requires_sort = true, new_activated = activated)
|
|
431
466
|
new_requirements = sort_dependencies(new_requirements.uniq, new_activated, conflicts) if requires_sort
|
|
432
467
|
new_requirement = new_requirements.shift
|
|
433
|
-
new_name = new_requirement ? name_for(new_requirement) : ''
|
|
468
|
+
new_name = new_requirement ? name_for(new_requirement) : ''.freeze
|
|
434
469
|
possibilities = new_requirement ? search_for(new_requirement) : []
|
|
435
470
|
handle_missing_or_push_dependency_state DependencyState.new(
|
|
436
471
|
new_name, new_requirements, new_activated,
|
|
@@ -451,7 +486,7 @@ module Gem::Resolver::Molinillo
|
|
|
451
486
|
state.activated.detach_vertex_named(state.name)
|
|
452
487
|
push_state_for_requirements(state.requirements.dup, false, state.activated)
|
|
453
488
|
else
|
|
454
|
-
states.push state
|
|
489
|
+
states.push(state).tap { activated.tag(state) }
|
|
455
490
|
end
|
|
456
491
|
end
|
|
457
492
|
end
|
|
@@ -36,12 +36,14 @@ module Gem::Resolver::Molinillo
|
|
|
36
36
|
PossibilityState.new(
|
|
37
37
|
name,
|
|
38
38
|
requirements.dup,
|
|
39
|
-
activated
|
|
39
|
+
activated,
|
|
40
40
|
requirement,
|
|
41
41
|
[possibilities.pop],
|
|
42
42
|
depth + 1,
|
|
43
43
|
conflicts.dup
|
|
44
|
-
)
|
|
44
|
+
).tap do |state|
|
|
45
|
+
state.activated.tag(state)
|
|
46
|
+
end
|
|
45
47
|
end
|
|
46
48
|
end
|
|
47
49
|
|
data/lib/rubygems/resolver.rb
CHANGED
|
@@ -4,9 +4,6 @@ require 'rubygems/exceptions'
|
|
|
4
4
|
require 'rubygems/util'
|
|
5
5
|
require 'rubygems/util/list'
|
|
6
6
|
|
|
7
|
-
require 'uri'
|
|
8
|
-
require 'net/http'
|
|
9
|
-
|
|
10
7
|
##
|
|
11
8
|
# Given a set of Gem::Dependency objects as +needed+ and a way to query the
|
|
12
9
|
# set of available specs via +set+, calculates a set of ActivationRequest
|
|
@@ -233,8 +230,28 @@ class Gem::Resolver
|
|
|
233
230
|
exc.errors = @set.errors
|
|
234
231
|
raise exc
|
|
235
232
|
end
|
|
236
|
-
|
|
237
|
-
|
|
233
|
+
|
|
234
|
+
sources = []
|
|
235
|
+
|
|
236
|
+
groups = Hash.new { |hash, key| hash[key] = [] }
|
|
237
|
+
|
|
238
|
+
# create groups & sources in the same loop
|
|
239
|
+
sources = possibles.map { |spec|
|
|
240
|
+
source = spec.source
|
|
241
|
+
groups[source] << spec
|
|
242
|
+
source
|
|
243
|
+
}.uniq.reverse
|
|
244
|
+
|
|
245
|
+
activation_requests = []
|
|
246
|
+
|
|
247
|
+
sources.each do |source|
|
|
248
|
+
groups[source].
|
|
249
|
+
sort_by { |spec| [spec.version, Gem::Platform.local =~ spec.platform ? 1 : 0] }.
|
|
250
|
+
map { |spec| ActivationRequest.new spec, dependency, [] }.
|
|
251
|
+
each { |activation_request| activation_requests << activation_request }
|
|
252
|
+
end
|
|
253
|
+
|
|
254
|
+
activation_requests
|
|
238
255
|
end
|
|
239
256
|
|
|
240
257
|
def dependencies_for(specification)
|
|
@@ -256,6 +273,45 @@ class Gem::Resolver
|
|
|
256
273
|
@soft_missing
|
|
257
274
|
end
|
|
258
275
|
|
|
276
|
+
def sort_dependencies(dependencies, activated, conflicts)
|
|
277
|
+
dependencies.sort_by.with_index do |dependency, i|
|
|
278
|
+
name = name_for(dependency)
|
|
279
|
+
[
|
|
280
|
+
activated.vertex_named(name).payload ? 0 : 1,
|
|
281
|
+
amount_constrained(dependency),
|
|
282
|
+
conflicts[name] ? 0 : 1,
|
|
283
|
+
activated.vertex_named(name).payload ? 0 : search_for(dependency).count,
|
|
284
|
+
i # for stable sort
|
|
285
|
+
]
|
|
286
|
+
end
|
|
287
|
+
end
|
|
288
|
+
|
|
289
|
+
SINGLE_POSSIBILITY_CONSTRAINT_PENALTY = 1_000_000
|
|
290
|
+
private_constant :SINGLE_POSSIBILITY_CONSTRAINT_PENALTY if defined?(private_constant)
|
|
291
|
+
|
|
292
|
+
# returns an integer \in (-\infty, 0]
|
|
293
|
+
# a number closer to 0 means the dependency is less constraining
|
|
294
|
+
#
|
|
295
|
+
# dependencies w/ 0 or 1 possibilities (ignoring version requirements)
|
|
296
|
+
# are given very negative values, so they _always_ sort first,
|
|
297
|
+
# before dependencies that are unconstrained
|
|
298
|
+
def amount_constrained(dependency)
|
|
299
|
+
@amount_constrained ||= {}
|
|
300
|
+
@amount_constrained[dependency.name] ||= begin
|
|
301
|
+
name_dependency = Gem::Dependency.new(dependency.name)
|
|
302
|
+
dependency_request_for_name = Gem::Resolver::DependencyRequest.new(name_dependency, dependency.requester)
|
|
303
|
+
all = @set.find_all(dependency_request_for_name).size
|
|
304
|
+
|
|
305
|
+
if all <= 1
|
|
306
|
+
all - SINGLE_POSSIBILITY_CONSTRAINT_PENALTY
|
|
307
|
+
else
|
|
308
|
+
search = search_for(dependency).size
|
|
309
|
+
search - all
|
|
310
|
+
end
|
|
311
|
+
end
|
|
312
|
+
end
|
|
313
|
+
private :amount_constrained
|
|
314
|
+
|
|
259
315
|
end
|
|
260
316
|
|
|
261
317
|
##
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
module Gem
|
|
2
|
+
|
|
3
|
+
###
|
|
4
|
+
# This module is used for safely loading YAML specs from a gem. The
|
|
5
|
+
# `safe_load` method defined on this module is specifically designed for
|
|
6
|
+
# loading Gem specifications. For loading other YAML safely, please see
|
|
7
|
+
# Psych.safe_load
|
|
8
|
+
|
|
9
|
+
module SafeYAML
|
|
10
|
+
WHITELISTED_CLASSES = %w(
|
|
11
|
+
Symbol
|
|
12
|
+
Time
|
|
13
|
+
Date
|
|
14
|
+
Gem::Dependency
|
|
15
|
+
Gem::Platform
|
|
16
|
+
Gem::Requirement
|
|
17
|
+
Gem::Specification
|
|
18
|
+
Gem::Version
|
|
19
|
+
Gem::Version::Requirement
|
|
20
|
+
YAML::Syck::DefaultKey
|
|
21
|
+
Syck::DefaultKey
|
|
22
|
+
)
|
|
23
|
+
|
|
24
|
+
WHITELISTED_SYMBOLS = %w(
|
|
25
|
+
development
|
|
26
|
+
runtime
|
|
27
|
+
)
|
|
28
|
+
|
|
29
|
+
if ::YAML.respond_to? :safe_load
|
|
30
|
+
def self.safe_load input
|
|
31
|
+
::YAML.safe_load(input, WHITELISTED_CLASSES, WHITELISTED_SYMBOLS, true)
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def self.load input
|
|
35
|
+
::YAML.safe_load(input, [::Symbol])
|
|
36
|
+
end
|
|
37
|
+
else
|
|
38
|
+
unless Gem::Deprecate.skip
|
|
39
|
+
warn "YAML safe loading is not available. Please upgrade psych to a version that supports safe loading (>= 2.0)."
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def self.safe_load input, *args
|
|
43
|
+
::YAML.load input
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def self.load input
|
|
47
|
+
::YAML.load input
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
|
@@ -102,6 +102,8 @@ class Gem::Security::Signer
|
|
|
102
102
|
def sign data
|
|
103
103
|
return unless @key
|
|
104
104
|
|
|
105
|
+
raise Gem::Security::Exception, 'no certs provided' if @cert_chain.empty?
|
|
106
|
+
|
|
105
107
|
if @cert_chain.length == 1 and @cert_chain.last.not_after < Time.now then
|
|
106
108
|
re_sign_key
|
|
107
109
|
end
|
data/lib/rubygems/security.rb
CHANGED
|
@@ -340,7 +340,9 @@ module Gem::Security
|
|
|
340
340
|
# Digest algorithm used to sign gems
|
|
341
341
|
|
|
342
342
|
DIGEST_ALGORITHM =
|
|
343
|
-
if defined?(OpenSSL::Digest::
|
|
343
|
+
if defined?(OpenSSL::Digest::SHA256) then
|
|
344
|
+
OpenSSL::Digest::SHA256
|
|
345
|
+
elsif defined?(OpenSSL::Digest::SHA1) then
|
|
344
346
|
OpenSSL::Digest::SHA1
|
|
345
347
|
end
|
|
346
348
|
|
|
@@ -363,7 +365,7 @@ module Gem::Security
|
|
|
363
365
|
##
|
|
364
366
|
# Length of keys created by KEY_ALGORITHM
|
|
365
367
|
|
|
366
|
-
KEY_LENGTH =
|
|
368
|
+
KEY_LENGTH = 3072
|
|
367
369
|
|
|
368
370
|
##
|
|
369
371
|
# Cipher used to encrypt the key pair used to sign gems.
|
|
@@ -371,10 +373,15 @@ module Gem::Security
|
|
|
371
373
|
|
|
372
374
|
KEY_CIPHER = OpenSSL::Cipher.new('AES-256-CBC') if defined?(OpenSSL::Cipher)
|
|
373
375
|
|
|
376
|
+
##
|
|
377
|
+
# One day in seconds
|
|
378
|
+
|
|
379
|
+
ONE_DAY = 86400
|
|
380
|
+
|
|
374
381
|
##
|
|
375
382
|
# One year in seconds
|
|
376
383
|
|
|
377
|
-
ONE_YEAR =
|
|
384
|
+
ONE_YEAR = ONE_DAY * 365
|
|
378
385
|
|
|
379
386
|
##
|
|
380
387
|
# The default set of extensions are:
|
|
@@ -455,7 +462,7 @@ module Gem::Security
|
|
|
455
462
|
|
|
456
463
|
##
|
|
457
464
|
# Creates a new key pair of the specified +length+ and +algorithm+. The
|
|
458
|
-
# default is a
|
|
465
|
+
# default is a 3072 bit RSA key.
|
|
459
466
|
|
|
460
467
|
def self.create_key length = KEY_LENGTH, algorithm = KEY_ALGORITHM
|
|
461
468
|
algorithm.new length
|
|
@@ -571,7 +578,7 @@ module Gem::Security
|
|
|
571
578
|
def self.write pemmable, path, permissions = 0600, passphrase = nil, cipher = KEY_CIPHER
|
|
572
579
|
path = File.expand_path path
|
|
573
580
|
|
|
574
|
-
open path, 'wb', permissions do |io|
|
|
581
|
+
File.open path, 'wb', permissions do |io|
|
|
575
582
|
if passphrase and cipher
|
|
576
583
|
io.write pemmable.to_pem cipher, passphrase
|
|
577
584
|
else
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
#--
|
|
3
|
+
# Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
|
|
4
|
+
# All rights reserved.
|
|
5
|
+
# See LICENSE.txt for permissions.
|
|
6
|
+
#++
|
|
7
|
+
|
|
8
|
+
require 'rubygems'
|
|
9
|
+
|
|
10
|
+
# forward-declare
|
|
11
|
+
|
|
12
|
+
module Gem::Security # :nodoc:
|
|
13
|
+
class Policy # :nodoc:
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
##
|
|
18
|
+
# Mixin methods for security option for Gem::Commands
|
|
19
|
+
|
|
20
|
+
module Gem::SecurityOption
|
|
21
|
+
def add_security_option
|
|
22
|
+
# TODO: use @parser.accept
|
|
23
|
+
OptionParser.accept Gem::Security::Policy do |value|
|
|
24
|
+
require 'rubygems/security'
|
|
25
|
+
|
|
26
|
+
raise OptionParser::InvalidArgument, 'OpenSSL not installed' unless
|
|
27
|
+
defined?(Gem::Security::HighSecurity)
|
|
28
|
+
|
|
29
|
+
policy = Gem::Security::Policies[value]
|
|
30
|
+
unless policy
|
|
31
|
+
valid = Gem::Security::Policies.keys.sort
|
|
32
|
+
raise OptionParser::InvalidArgument, "#{value} (#{valid.join ', '} are valid)"
|
|
33
|
+
end
|
|
34
|
+
policy
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
add_option(:"Install/Update", '-P', '--trust-policy POLICY',
|
|
38
|
+
Gem::Security::Policy,
|
|
39
|
+
'Specify gem trust policy') do |value, options|
|
|
40
|
+
options[:security_policy] = value
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|