rubygems-update 2.6.4 → 2.6.5

data/bundler/lib/bundler/endpoint_specification.rb

@@ -0,0 +1,129 @@
+# frozen_string_literal: true
+module Bundler
+  # used for Creating Specifications from the Gemcutter Endpoint
+  class EndpointSpecification < Gem::Specification
+    ILLFORMED_MESSAGE = 'Ill-formed requirement ["#<YAML::Syck::DefaultKey'.freeze
+    include MatchPlatform
+
+    attr_reader :name, :version, :platform, :dependencies, :required_rubygems_version, :required_ruby_version, :checksum
+    attr_accessor :source, :remote
+
+    def initialize(name, version, platform, dependencies, metadata = nil)
+      @name         = name
+      @version      = Gem::Version.create version
+      @platform     = platform
+      @dependencies = dependencies.map {|dep, reqs| build_dependency(dep, reqs) }
+
+      parse_metadata(metadata)
+    end
+
+    def fetch_platform
+      @platform
+    end
+
+    # needed for standalone, load required_paths from local gemspec
+    # after the gem is installed
+    def require_paths
+      if @remote_specification
+        @remote_specification.require_paths
+      elsif _local_specification
+        _local_specification.require_paths
+      else
+        super
+      end
+    end
+
+    # needed for inline
+    def load_paths
+      # remote specs aren't installed, and can't have load_paths
+      if _local_specification
+        _local_specification.load_paths
+      else
+        super
+      end
+    end
+
+    # needed for binstubs
+    def executables
+      if @remote_specification
+        @remote_specification.executables
+      elsif _local_specification
+        _local_specification.executables
+      else
+        super
+      end
+    end
+
+    # needed for bundle clean
+    def bindir
+      if @remote_specification
+        @remote_specification.bindir
+      elsif _local_specification
+        _local_specification.bindir
+      else
+        super
+      end
+    end
+
+    # needed for post_install_messages during install
+    def post_install_message
+      if @remote_specification
+        @remote_specification.post_install_message
+      elsif _local_specification
+        _local_specification.post_install_message
+      end
+    end
+
+    # needed for "with native extensions" during install
+    def extensions
+      if @remote_specification
+        @remote_specification.extensions
+      elsif _local_specification
+        _local_specification.extensions
+      end
+    end
+
+    def _local_specification
+      return unless @loaded_from && File.exist?(local_specification_path)
+      eval(File.read(local_specification_path)).tap do |spec|
+        spec.loaded_from = @loaded_from
+      end
+    end
+
+    def __swap__(spec)
+      @remote_specification = spec
+    end
+
+  private
+
+    def local_specification_path
+      "#{base_dir}/specifications/#{full_name}.gemspec"
+    end
+
+    def parse_metadata(data)
+      return unless data
+      data.each do |k, v|
+        next unless v
+        case k.to_s
+        when "checksum"
+          @checksum = v.last
+        when "rubygems"
+          @required_rubygems_version = Gem::Requirement.new(v)
+        when "ruby"
+          @required_ruby_version = Gem::Requirement.new(v)
+        end
+      end
+    end
+
+    def build_dependency(name, requirements)
+      Gem::Dependency.new(name, requirements)
+    rescue ArgumentError => e
+      raise unless e.message.include?(ILLFORMED_MESSAGE)
+      puts # we shouldn't print the error message on the "fetching info" status line
+      raise GemspecError,
+        "Unfortunately, the gem #{name} (#{version}) has an invalid " \
+        "gemspec.\nPlease ask the gem author to yank the bad version to fix " \
+        "this issue. For more information, see http://bit.ly/syck-defaultkey."
+    end
+  end
+end

data/bundler/lib/bundler/env.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+require "bundler/rubygems_integration"
+require "bundler/source/git/git_proxy"
+
+module Bundler
+  class Env
+    def write(io)
+      io.write report(:print_gemfile => true, :print_gemspecs => true)
+    end
+
+    def report(options = {})
+      print_gemfile = options.delete(:print_gemfile)
+      print_gemspecs = options.delete(:print_gemspecs)
+
+      out = String.new("Environment\n\n")
+      out << "    Bundler   #{Bundler::VERSION}\n"
+      out << "    Rubygems  #{Gem::VERSION}\n"
+      out << "    Ruby      #{ruby_version}"
+      out << "    GEM_HOME  #{ENV["GEM_HOME"]}\n" unless ENV["GEM_HOME"].nil? || ENV["GEM_HOME"].empty?
+      out << "    GEM_PATH  #{ENV["GEM_PATH"]}\n" unless ENV["GEM_PATH"] == ENV["GEM_HOME"]
+      out << "    RVM       #{ENV["rvm_version"]}\n" if ENV["rvm_version"]
+      out << "    Git       #{git_version}\n"
+      %w(rubygems-bundler open_gem).each do |name|
+        specs = Bundler.rubygems.find_name(name)
+        out << "    #{name} (#{specs.map(&:version).join(",")})\n" unless specs.empty?
+      end
+
+      out << "\nBundler settings\n\n" unless Bundler.settings.all.empty?
+      Bundler.settings.all.each do |setting|
+        out << "    " << setting << "\n"
+        Bundler.settings.pretty_values_for(setting).each do |line|
+          out << "      " << line << "\n"
+        end
+      end
+
+      if print_gemfile
+        out << "\n#{Bundler.default_gemfile.relative_path_from(SharedHelpers.pwd)}\n\n"
+        out << "    " << read_file(Bundler.default_gemfile).gsub(/\n/, "\n    ") << "\n"
+
+        out << "\n#{Bundler.default_lockfile.relative_path_from(SharedHelpers.pwd)}\n\n"
+        out << "    " << read_file(Bundler.default_lockfile).gsub(/\n/, "\n    ") << "\n"
+      end
+
+      if print_gemspecs
+        dsl = Dsl.new.tap {|d| d.eval_gemfile(Bundler.default_gemfile) }
+        dsl.gemspecs.each do |gs|
+          out << "\n#{File.basename(gs.loaded_from)}"
+          out << "\n\n    " << read_file(gs.loaded_from).gsub(/\n/, "\n    ") << "\n"
+        end
+      end
+
+      out
+    end
+
+  private
+
+    def read_file(filename)
+      File.read(filename.to_s).strip
+    rescue Errno::ENOENT
+      "<No #{filename} found>"
+    rescue => e
+      "#{e.class}: #{e.message}"
+    end
+
+    def ruby_version
+      str = String.new("#{RUBY_VERSION}")
+      if RUBY_VERSION < "1.9"
+        str << " (#{RUBY_RELEASE_DATE}"
+        str << " patchlevel #{RUBY_PATCHLEVEL}" if defined? RUBY_PATCHLEVEL
+        str << ") [#{RUBY_PLATFORM}]\n"
+      else
+        str << "p#{RUBY_PATCHLEVEL}" if defined? RUBY_PATCHLEVEL
+        str << " (#{RUBY_RELEASE_DATE} revision #{RUBY_REVISION}) [#{RUBY_PLATFORM}]\n"
+      end
+    end
+
+    def git_version
+      Bundler::Source::Git::GitProxy.new(nil, nil, nil).version
+    rescue Bundler::Source::Git::GitNotInstalledError
+      "not installed"
+    end
+  end
+end

data/bundler/lib/bundler/environment.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+module Bundler
+  class Environment
+    attr_reader :root
+
+    def initialize(root, definition)
+      @root = root
+      @definition = definition
+
+      env_file = Bundler.app_config_path.join("environment.rb")
+      env_file.rmtree if env_file.exist?
+    end
+
+    def inspect
+      @definition.to_lock.inspect
+    end
+
+    def requested_specs
+      @definition.requested_specs
+    end
+
+    def specs
+      @definition.specs
+    end
+
+    def dependencies
+      @definition.dependencies
+    end
+
+    def current_dependencies
+      @definition.current_dependencies
+    end
+
+    def lock(opts = {})
+      @definition.lock(Bundler.default_lockfile, opts[:preserve_unknown_sections])
+    end
+
+    def update(*gems)
+      # Nothing
+    end
+  end
+end

data/bundler/lib/bundler/environment_preserver.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+module Bundler
+  class EnvironmentPreserver
+    # @param env [ENV]
+    # @param keys [Array<String>]
+    def initialize(env, keys)
+      @original = env.to_hash
+      @keys = keys
+      @prefix = "BUNDLE_ORIG_"
+    end
+
+    # @return [Hash]
+    def backup
+      env = @original.clone
+      @keys.each do |key|
+        value = env[key]
+        original_value = env[@prefix + key]
+        if !value.nil? && !value.empty? && original_value.nil?
+          env[@prefix + key] = value
+        end
+      end
+      env
+    end
+
+    # @return [Hash]
+    def restore
+      env = @original.clone
+      @keys.each do |key|
+        value_original = env[@prefix + key]
+        unless value_original.nil? || value_original.empty?
+          env[key] = value_original
+          env.delete(@prefix + key)
+        end
+      end
+      env
+    end
+  end
+end

data/bundler/lib/bundler/errors.rb

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+module Bundler
+  class BundlerError < StandardError
+    def self.status_code(code)
+      define_method(:status_code) { code }
+    end
+  end
+
+  class GemfileError < BundlerError; status_code(4); end
+  class InstallError < BundlerError; status_code(5); end
+
+  # Internal error, should be rescued
+  class VersionConflict < BundlerError
+    attr_reader :conflicts
+
+    def initialize(conflicts, msg = nil)
+      super(msg)
+      @conflicts = conflicts
+    end
+
+    status_code(6)
+  end
+
+  class GemNotFound < BundlerError; status_code(7); end
+  class InstallHookError < BundlerError; status_code(8); end
+  class GemfileNotFound < BundlerError; status_code(10); end
+  class GitError < BundlerError; status_code(11); end
+  class DeprecatedError < BundlerError; status_code(12); end
+  class PathError < BundlerError; status_code(13); end
+  class GemspecError < BundlerError; status_code(14); end
+  class InvalidOption < BundlerError; status_code(15); end
+  class ProductionError < BundlerError; status_code(16); end
+  class HTTPError < BundlerError
+    status_code(17)
+    def filter_uri(uri)
+      URICredentialsFilter.credential_filtered_uri(uri)
+    end
+  end
+  class RubyVersionMismatch < BundlerError; status_code(18); end
+  class SecurityError < BundlerError; status_code(19); end
+  class LockfileError < BundlerError; status_code(20); end
+  class CyclicDependencyError < BundlerError; status_code(21); end
+  class GemfileLockNotFound < BundlerError; status_code(22); end
+  class PluginError < BundlerError; status_code(23); end
+  class GemfileEvalError < GemfileError; end
+  class MarshalError < StandardError; end
+
+  class PermissionError < BundlerError
+    def initialize(path, permission_type = :write)
+      @path = path
+      @permission_type = permission_type
+    end
+
+    def action
+      case @permission_type
+      when :read then "read from"
+      when :write then "write to"
+      when :executable, :exec then "execute"
+      else @permission_type.to_s
+      end
+    end
+
+    def message
+      "There was an error while trying to #{action} `#{@path}`. " \
+      "It is likely that you need to grant #{@permission_type} permissions " \
+      "for that path."
+    end
+
+    status_code(23)
+  end
+
+  class GemRequireError < BundlerError
+    attr_reader :orig_exception
+
+    def initialize(orig_exception, msg)
+      full_message = msg + "\nGem Load Error is: #{orig_exception.message}\n"\
+                      "Backtrace for gem load error is:\n"\
+                      "#{orig_exception.backtrace.join("\n")}\n"\
+                      "Bundler Error Backtrace:\n"
+      super(full_message)
+      @orig_exception = orig_exception
+    end
+
+    status_code(24)
+  end
+
+  class YamlSyntaxError < BundlerError
+    attr_reader :orig_exception
+
+    def initialize(orig_exception, msg)
+      super(msg)
+      @orig_exception = orig_exception
+    end
+
+    status_code(25)
+  end
+
+  class TemporaryResourceError < PermissionError
+    def message
+      "There was an error while trying to #{action} `#{@path}`. " \
+      "Some resource was temporarily unavailable. It's suggested that you try" \
+      "the operation again."
+    end
+
+    status_code(26)
+  end
+
+  class VirtualProtocolError < BundlerError
+    def message
+      "There was an error relating to virtualization and file access." \
+      "It is likely that you need to grant access to or mount some file system correctly."
+    end
+
+    status_code(27)
+  end
+
+  class OperationNotSupportedError < PermissionError
+    def message
+      "Attempting to #{action} `#{@path}` is unsupported by your OS."
+    end
+
+    status_code(28)
+  end
+end

data/bundler/lib/bundler/fetcher.rb

@@ -0,0 +1,304 @@
+# frozen_string_literal: true
+require "bundler/vendored_persistent"
+require "cgi"
+require "securerandom"
+require "zlib"
+
+module Bundler
+  # Handles all the fetching with the rubygems server
+  class Fetcher
+    autoload :CompactIndex, "bundler/fetcher/compact_index"
+    autoload :Downloader, "bundler/fetcher/downloader"
+    autoload :Dependency, "bundler/fetcher/dependency"
+    autoload :Index, "bundler/fetcher/index"
+
+    # This error is raised when it looks like the network is down
+    class NetworkDownError < HTTPError; end
+    # This error is raised if the API returns a 413 (only printed in verbose)
+    class FallbackError < HTTPError; end
+    # This is the error raised if OpenSSL fails the cert verification
+    class CertificateFailureError < HTTPError
+      def initialize(remote_uri)
+        remote_uri = filter_uri(remote_uri)
+        super "Could not verify the SSL certificate for #{remote_uri}.\nThere" \
+          " is a chance you are experiencing a man-in-the-middle attack, but" \
+          " most likely your system doesn't have the CA certificates needed" \
+          " for verification. For information about OpenSSL certificates, see" \
+          " http://bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile" \
+          " sources and change 'https' to 'http'."
+      end
+    end
+    # This is the error raised when a source is HTTPS and OpenSSL didn't load
+    class SSLError < HTTPError
+      def initialize(msg = nil)
+        super msg || "Could not load OpenSSL.\n" \
+            "You must recompile Ruby with OpenSSL support or change the sources in your " \
+            "Gemfile from 'https' to 'http'. Instructions for compiling with OpenSSL " \
+            "using RVM are available at rvm.io/packages/openssl."
+      end
+    end
+    # This error is raised if HTTP authentication is required, but not provided.
+    class AuthenticationRequiredError < HTTPError
+      def initialize(remote_uri)
+        remote_uri = filter_uri(remote_uri)
+        super "Authentication is required for #{remote_uri}.\n" \
+          "Please supply credentials for this source. You can do this by running:\n" \
+          " bundle config #{remote_uri} username:password"
+      end
+    end
+    # This error is raised if HTTP authentication is provided, but incorrect.
+    class BadAuthenticationError < HTTPError
+      def initialize(remote_uri)
+        remote_uri = filter_uri(remote_uri)
+        super "Bad username or password for #{remote_uri}.\n" \
+          "Please double-check your credentials and correct them."
+      end
+    end
+
+    # Exceptions classes that should bypass retry attempts. If your password didn't work the
+    # first time, it's not going to the third time.
+    NET_ERRORS = [:HTTPBadGateway, :HTTPBadRequest, :HTTPFailedDependency,
+                  :HTTPForbidden, :HTTPInsufficientStorage, :HTTPMethodNotAllowed,
+                  :HTTPMovedPermanently, :HTTPNoContent, :HTTPNotFound,
+                  :HTTPNotImplemented, :HTTPPreconditionFailed, :HTTPRequestEntityTooLarge,
+                  :HTTPRequestURITooLong, :HTTPUnauthorized, :HTTPUnprocessableEntity,
+                  :HTTPUnsupportedMediaType, :HTTPVersionNotSupported].freeze
+    FAIL_ERRORS = begin
+      fail_errors = [AuthenticationRequiredError, BadAuthenticationError, FallbackError]
+      fail_errors << Gem::Requirement::BadRequirementError if defined?(Gem::Requirement::BadRequirementError)
+      fail_errors.concat(NET_ERRORS.map {|e| SharedHelpers.const_get_safely(e, Net) }.compact)
+    end.freeze
+
+    class << self
+      attr_accessor :disable_endpoint, :api_timeout, :redirect_limit, :max_retries
+    end
+
+    self.redirect_limit = Bundler.settings[:redirect] # How many redirects to allow in one request
+    self.api_timeout    = Bundler.settings[:timeout] # How long to wait for each API call
+    self.max_retries    = Bundler.settings[:retry] # How many retries for the API call
+
+    def initialize(remote)
+      @remote = remote
+
+      Socket.do_not_reverse_lookup = true
+      connection # create persistent connection
+    end
+
+    def uri
+      @remote.anonymized_uri
+    end
+
+    # fetch a gem specification
+    def fetch_spec(spec)
+      spec -= [nil, "ruby", ""]
+      spec_file_name = "#{spec.join "-"}.gemspec"
+
+      uri = URI.parse("#{remote_uri}#{Gem::MARSHAL_SPEC_DIR}#{spec_file_name}.rz")
+      if uri.scheme == "file"
+        Bundler.load_marshal Gem.inflate(Gem.read_binary(uri.path))
+      elsif cached_spec_path = gemspec_cached_path(spec_file_name)
+        Bundler.load_gemspec(cached_spec_path)
+      else
+        Bundler.load_marshal Gem.inflate(downloader.fetch(uri).body)
+      end
+    rescue MarshalError
+      raise HTTPError, "Gemspec #{spec} contained invalid data.\n" \
+        "Your network or your gem server is probably having issues right now."
+    end
+
+    # return the specs in the bundler format as an index with retries
+    def specs_with_retry(gem_names, source)
+      Bundler::Retry.new("fetcher", FAIL_ERRORS).attempts do
+        specs(gem_names, source)
+      end
+    end
+
+    # return the specs in the bundler format as an index
+    def specs(gem_names, source)
+      old = Bundler.rubygems.sources
+      index = Bundler::Index.new
+
+      if Bundler::Fetcher.disable_endpoint
+        @use_api = false
+        specs = fetchers.last.specs(gem_names)
+      else
+        specs = []
+        fetchers.shift until fetchers.first.available? || fetchers.empty?
+        fetchers.dup.each do |f|
+          break unless f.api_fetcher? && !gem_names || !specs = f.specs(gem_names)
+          fetchers.delete(f)
+        end
+        @use_api = false if fetchers.none?(&:api_fetcher?)
+      end
+
+      specs.each do |name, version, platform, dependencies|
+        next if name == "bundler"
+        spec = if dependencies
+          EndpointSpecification.new(name, version, platform, dependencies)
+        else
+          RemoteSpecification.new(name, version, platform, self)
+        end
+        spec.source = source
+        spec.remote = @remote
+        index << spec
+      end
+
+      index
+    rescue CertificateFailureError
+      Bundler.ui.info "" if gem_names && use_api # newline after dots
+      raise
+    ensure
+      Bundler.rubygems.sources = old
+    end
+
+    def use_api
+      return @use_api if defined?(@use_api)
+
+      fetchers.shift until fetchers.first.available?
+
+      @use_api = if remote_uri.scheme == "file" || Bundler::Fetcher.disable_endpoint
+        false
+      else
+        fetchers.first.api_fetcher?
+      end
+    end
+
+    def user_agent
+      @user_agent ||= begin
+        ruby = Bundler::RubyVersion.system
+
+        agent = String.new("bundler/#{Bundler::VERSION}")
+        agent << " rubygems/#{Gem::VERSION}"
+        agent << " ruby/#{ruby.versions_string(ruby.versions)}"
+        agent << " (#{ruby.host})"
+        agent << " command/#{ARGV.first}"
+
+        if ruby.engine != "ruby"
+          # engine_version raises on unknown engines
+          engine_version = begin
+                             ruby.engine_versions
+                           rescue
+                             "???"
+                           end
+          agent << " #{ruby.engine}/#{ruby.versions_string(engine_version)}"
+        end
+
+        agent << " options/#{Bundler.settings.all.join(",")}"
+
+        agent << " ci/#{cis.join(",")}" if cis.any?
+
+        # add a random ID so we can consolidate runs server-side
+        agent << " " << SecureRandom.hex(8)
+
+        # add any user agent strings set in the config
+        extra_ua = Bundler.settings[:user_agent]
+        agent << " " << extra_ua if extra_ua
+
+        agent
+      end
+    end
+
+    def fetchers
+      @fetchers ||= FETCHERS.map {|f| f.new(downloader, @remote, uri) }
+    end
+
+    def http_proxy
+      return unless uri = connection.proxy_uri
+      uri.to_s
+    end
+
+    def inspect
+      "#<#{self.class}:0x#{object_id} uri=#{uri}>"
+    end
+
+  private
+
+    FETCHERS = [CompactIndex, Dependency, Index].freeze
+
+    def cis
+      env_cis = {
+        "TRAVIS" => "travis",
+        "CIRCLECI" => "circle",
+        "SEMAPHORE" => "semaphore",
+        "JENKINS_URL" => "jenkins",
+        "BUILDBOX" => "buildbox",
+        "GO_SERVER_URL" => "go",
+        "SNAP_CI" => "snap",
+        "CI_NAME" => ENV["CI_NAME"],
+        "CI" => "ci"
+      }
+      env_cis.find_all {|env, _| ENV[env] }.map {|_, ci| ci }
+    end
+
+    def connection
+      @connection ||= begin
+        needs_ssl = remote_uri.scheme == "https" ||
+          Bundler.settings[:ssl_verify_mode] ||
+          Bundler.settings[:ssl_client_cert]
+        raise SSLError if needs_ssl && !defined?(OpenSSL::SSL)
+
+        con = Net::HTTP::Persistent.new "bundler", :ENV
+        if gem_proxy = Bundler.rubygems.configuration[:http_proxy]
+          con.proxy = URI.parse(gem_proxy) if gem_proxy != :no_proxy
+        end
+
+        if remote_uri.scheme == "https"
+          con.verify_mode = (Bundler.settings[:ssl_verify_mode] ||
+            OpenSSL::SSL::VERIFY_PEER)
+          con.cert_store = bundler_cert_store
+        end
+
+        if Bundler.settings[:ssl_client_cert]
+          pem = File.read(Bundler.settings[:ssl_client_cert])
+          con.cert = OpenSSL::X509::Certificate.new(pem)
+          con.key  = OpenSSL::PKey::RSA.new(pem)
+        end
+
+        con.read_timeout = Fetcher.api_timeout
+        con.override_headers["User-Agent"] = user_agent
+        con.override_headers["X-Gemfile-Source"] = @remote.original_uri.to_s if @remote.original_uri
+        con
+      end
+    end
+
+    # cached gem specification path, if one exists
+    def gemspec_cached_path(spec_file_name)
+      paths = Bundler.rubygems.spec_cache_dirs.map {|dir| File.join(dir, spec_file_name) }
+      paths = paths.select {|path| File.file? path }
+      paths.first
+    end
+
+    HTTP_ERRORS = [
+      Timeout::Error, EOFError, SocketError, Errno::ENETDOWN, Errno::ENETUNREACH,
+      Errno::EINVAL, Errno::ECONNRESET, Errno::ETIMEDOUT, Errno::EAGAIN,
+      Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError,
+      Net::HTTP::Persistent::Error, Zlib::BufError, Errno::EHOSTUNREACH
+    ].freeze
+
+    def bundler_cert_store
+      store = OpenSSL::X509::Store.new
+      if Bundler.settings[:ssl_ca_cert]
+        if File.directory? Bundler.settings[:ssl_ca_cert]
+          store.add_path Bundler.settings[:ssl_ca_cert]
+        else
+          store.add_file Bundler.settings[:ssl_ca_cert]
+        end
+      else
+        store.set_default_paths
+        certs = File.expand_path("../ssl_certs/*/*.pem", __FILE__)
+        Dir.glob(certs).each {|c| store.add_file c }
+      end
+      store
+    end
+
+  private
+
+    def remote_uri
+      @remote.uri
+    end
+
+    def downloader
+      @downloader ||= Downloader.new(connection, self.class.redirect_limit)
+    end
+  end
+end