RubyGems - rubygems-update - Versions diffs - 2.7.11 → 3.0.0 - Mend

rubygems-update 2.7.11 → 3.0.0

Potentially problematic release.

This version of rubygems-update might be problematic. Click here for more details.

Files changed (350) hide show

checksums.yaml +4 -4
data/.rubocop.yml +66 -0
data/.travis.yml +22 -18
data/CONTRIBUTING.md +141 -0
data/History.txt +289 -19
data/MAINTAINERS.txt +1 -0
data/Manifest.txt +16 -11
data/POLICIES.md +92 -0
data/README.md +47 -26
data/Rakefile +47 -207
data/{UPGRADING.rdoc → UPGRADING.md} +31 -32
data/appveyor.yml +20 -45
data/bin/gem +1 -2
data/bin/update_rubygems +2 -3
data/bundler/CHANGELOG.md +54 -0
data/bundler/bundler.gemspec +7 -1
data/bundler/lib/bundler.rb +26 -8
data/bundler/lib/bundler/build_metadata.rb +2 -2
data/bundler/lib/bundler/cli.rb +63 -21
data/bundler/lib/bundler/cli/add.rb +15 -5
data/bundler/lib/bundler/cli/binstubs.rb +8 -2
data/bundler/lib/bundler/cli/doctor.rb +47 -1
data/bundler/lib/bundler/cli/install.rb +8 -5
data/bundler/lib/bundler/cli/list.rb +41 -5
data/bundler/lib/bundler/cli/outdated.rb +7 -1
data/bundler/lib/bundler/cli/pristine.rb +4 -0
data/bundler/lib/bundler/cli/remove.rb +18 -0
data/bundler/lib/bundler/definition.rb +15 -16
data/bundler/lib/bundler/dependency.rb +2 -2
data/bundler/lib/bundler/dsl.rb +19 -3
data/bundler/lib/bundler/feature_flag.rb +7 -0
data/bundler/lib/bundler/gem_version_promoter.rb +4 -2
data/bundler/lib/bundler/injector.rb +168 -9
data/bundler/lib/bundler/installer.rb +29 -6
data/bundler/lib/bundler/installer/parallel_installer.rb +5 -0
data/bundler/lib/bundler/plugin.rb +10 -3
data/bundler/lib/bundler/plugin/events.rb +61 -0
data/bundler/lib/bundler/resolver.rb +2 -2
data/bundler/lib/bundler/runtime.rb +8 -2
data/bundler/lib/bundler/settings.rb +24 -3
data/bundler/lib/bundler/settings/validator.rb +23 -0
data/bundler/lib/bundler/shared_helpers.rb +19 -3
data/bundler/lib/bundler/source.rb +9 -9
data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +1 -0
data/bundler/lib/bundler/version.rb +1 -1
data/bundler/man/bundle-add.ronn +13 -2
data/bundler/man/bundle-config.ronn +21 -0
data/bundler/man/bundle-install.ronn +1 -1
data/bundler/man/bundle-list.ronn +19 -1
data/bundler/man/bundle-outdated.ronn +4 -0
data/bundler/man/bundle-remove.ronn +23 -0
data/bundler/man/bundle-update.ronn +1 -1
data/lib/rubygems.rb +70 -96
data/lib/rubygems/available_set.rb +1 -1
data/lib/rubygems/basic_specification.rb +12 -12
data/lib/rubygems/bundler_version_finder.rb +3 -3
data/lib/rubygems/command.rb +22 -15
data/lib/rubygems/command_manager.rb +20 -11
data/lib/rubygems/commands/build_command.rb +27 -8
data/lib/rubygems/commands/cert_command.rb +45 -24
data/lib/rubygems/commands/check_command.rb +1 -1
data/lib/rubygems/commands/cleanup_command.rb +14 -7
data/lib/rubygems/commands/contents_command.rb +14 -15
data/lib/rubygems/commands/dependency_command.rb +17 -17
data/lib/rubygems/commands/environment_command.rb +20 -1
data/lib/rubygems/commands/fetch_command.rb +2 -3
data/lib/rubygems/commands/generate_index_command.rb +2 -3
data/lib/rubygems/commands/help_command.rb +12 -13
data/lib/rubygems/commands/info_command.rb +33 -0
data/lib/rubygems/commands/install_command.rb +21 -17
data/lib/rubygems/commands/list_command.rb +0 -1
data/lib/rubygems/commands/lock_command.rb +3 -4
data/lib/rubygems/commands/open_command.rb +16 -10
data/lib/rubygems/commands/owner_command.rb +20 -11
data/lib/rubygems/commands/pristine_command.rb +23 -16
data/lib/rubygems/commands/push_command.rb +17 -8
data/lib/rubygems/commands/query_command.rb +24 -24
data/lib/rubygems/commands/rdoc_command.rb +3 -4
data/lib/rubygems/commands/search_command.rb +0 -1
data/lib/rubygems/commands/server_command.rb +1 -2
data/lib/rubygems/commands/setup_command.rb +78 -38
data/lib/rubygems/commands/signin_command.rb +2 -1
data/lib/rubygems/commands/signout_command.rb +2 -2
data/lib/rubygems/commands/sources_command.rb +11 -12
data/lib/rubygems/commands/specification_command.rb +7 -7
data/lib/rubygems/commands/uninstall_command.rb +41 -19
data/lib/rubygems/commands/unpack_command.rb +16 -7
data/lib/rubygems/commands/update_command.rb +28 -23
data/lib/rubygems/commands/which_command.rb +4 -5
data/lib/rubygems/commands/yank_command.rb +1 -2
data/lib/rubygems/compatibility.rb +1 -21
data/lib/rubygems/config_file.rb +36 -36
data/lib/rubygems/core_ext/kernel_require.rb +6 -6
data/lib/rubygems/core_ext/kernel_warn.rb +45 -0
data/lib/rubygems/defaults.rb +31 -12
data/lib/rubygems/dependency.rb +14 -14
data/lib/rubygems/dependency_installer.rb +29 -31
data/lib/rubygems/dependency_list.rb +8 -9
data/lib/rubygems/deprecate.rb +2 -3
data/lib/rubygems/doctor.rb +5 -6
data/lib/rubygems/errors.rb +3 -3
data/lib/rubygems/exceptions.rb +11 -4
data/lib/rubygems/ext.rb +0 -1
data/lib/rubygems/ext/build_error.rb +0 -1
data/lib/rubygems/ext/builder.rb +50 -23
data/lib/rubygems/ext/cmake_builder.rb +2 -2
data/lib/rubygems/ext/configure_builder.rb +2 -3
data/lib/rubygems/ext/ext_conf_builder.rb +8 -7
data/lib/rubygems/ext/rake_builder.rb +16 -18
data/lib/rubygems/gem_runner.rb +2 -2
data/lib/rubygems/gemcutter_utilities.rb +40 -13
data/lib/rubygems/indexer.rb +19 -12
data/lib/rubygems/install_default_message.rb +0 -1
data/lib/rubygems/install_message.rb +0 -1
data/lib/rubygems/install_update_options.rb +2 -28
data/lib/rubygems/installer.rb +95 -75
data/lib/rubygems/installer_test_case.rb +0 -14
data/lib/rubygems/local_remote_options.rb +5 -4
data/lib/rubygems/mock_gem_ui.rb +3 -4
data/lib/rubygems/name_tuple.rb +4 -4
data/lib/rubygems/package.rb +90 -73
data/lib/rubygems/package/digest_io.rb +3 -4
data/lib/rubygems/package/file_source.rb +3 -4
data/lib/rubygems/package/io_source.rb +1 -2
data/lib/rubygems/package/old.rb +8 -16
data/lib/rubygems/package/source.rb +0 -1
data/lib/rubygems/package/tar_header.rb +2 -2
data/lib/rubygems/package/tar_reader.rb +2 -4
data/lib/rubygems/package/tar_reader/entry.rb +20 -4
data/lib/rubygems/package/tar_test_case.rb +2 -8
data/lib/rubygems/package/tar_writer.rb +13 -15
data/lib/rubygems/package_task.rb +0 -1
data/lib/rubygems/path_support.rb +16 -6
data/lib/rubygems/platform.rb +4 -5
data/lib/rubygems/psych_tree.rb +1 -1
data/lib/rubygems/rdoc.rb +0 -311
data/lib/rubygems/remote_fetcher.rb +34 -48
data/lib/rubygems/request.rb +16 -15
data/lib/rubygems/request/connection_pools.rb +24 -13
data/lib/rubygems/request/http_pool.rb +3 -4
data/lib/rubygems/request/https_pool.rb +1 -3
data/lib/rubygems/request_set.rb +52 -25
data/lib/rubygems/request_set/gem_dependency_api.rb +36 -40
data/lib/rubygems/request_set/lockfile.rb +12 -12
data/lib/rubygems/request_set/lockfile/parser.rb +18 -29
data/lib/rubygems/request_set/lockfile/tokenizer.rb +9 -9
data/lib/rubygems/requirement.rb +16 -16
data/lib/rubygems/resolver.rb +10 -15
data/lib/rubygems/resolver/activation_request.rb +6 -6
data/lib/rubygems/resolver/api_set.rb +5 -6
data/lib/rubygems/resolver/api_specification.rb +2 -3
data/lib/rubygems/resolver/best_set.rb +5 -6
data/lib/rubygems/resolver/composed_set.rb +5 -6
data/lib/rubygems/resolver/conflict.rb +5 -5
data/lib/rubygems/resolver/current_set.rb +1 -2
data/lib/rubygems/resolver/dependency_request.rb +4 -4
data/lib/rubygems/resolver/git_set.rb +5 -6
data/lib/rubygems/resolver/git_specification.rb +4 -5
data/lib/rubygems/resolver/index_set.rb +5 -6
data/lib/rubygems/resolver/index_specification.rb +3 -4
data/lib/rubygems/resolver/installed_specification.rb +3 -4
data/lib/rubygems/resolver/installer_set.rb +12 -12
data/lib/rubygems/resolver/local_specification.rb +1 -2
data/lib/rubygems/resolver/lock_set.rb +5 -6
data/lib/rubygems/resolver/lock_specification.rb +7 -8
data/lib/rubygems/resolver/requirement_list.rb +1 -1
data/lib/rubygems/resolver/set.rb +2 -2
data/lib/rubygems/resolver/source_set.rb +4 -5
data/lib/rubygems/resolver/spec_specification.rb +1 -2
data/lib/rubygems/resolver/specification.rb +10 -7
data/lib/rubygems/resolver/stats.rb +1 -1
data/lib/rubygems/resolver/vendor_set.rb +4 -5
data/lib/rubygems/resolver/vendor_specification.rb +2 -3
data/lib/rubygems/safe_yaml.rb +18 -10
data/lib/rubygems/security.rb +21 -22
data/lib/rubygems/security/policies.rb +1 -2
data/lib/rubygems/security/policy.rb +25 -25
data/lib/rubygems/security/signer.rb +72 -24
data/lib/rubygems/security/trust_dir.rb +10 -10
data/lib/rubygems/server.rb +21 -21
data/lib/rubygems/source.rb +16 -25
data/lib/rubygems/source/git.rb +9 -10
data/lib/rubygems/source/installed.rb +3 -4
data/lib/rubygems/source/local.rb +7 -7
data/lib/rubygems/source/lock.rb +4 -4
data/lib/rubygems/source/specific_file.rb +5 -5
data/lib/rubygems/source/vendor.rb +2 -3
data/lib/rubygems/source_list.rb +2 -2
data/lib/rubygems/source_local.rb +0 -1
data/lib/rubygems/spec_fetcher.rb +5 -6
data/lib/rubygems/specification.rb +199 -536
data/lib/rubygems/specification_policy.rb +407 -0
data/lib/rubygems/ssl_certs/{rubygems.org → index.rubygems.org}/GlobalSignRootCA.pem +0 -0
data/lib/rubygems/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem +23 -0
data/lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem +25 -0
data/lib/rubygems/stub_specification.rb +11 -15
data/lib/rubygems/test_case.rb +141 -66
data/lib/rubygems/test_utilities.rb +20 -35
data/lib/rubygems/text.rb +6 -6
data/lib/rubygems/uninstaller.rb +37 -26
data/lib/rubygems/uri_formatter.rb +1 -2
data/lib/rubygems/user_interaction.rb +38 -93
data/lib/rubygems/util.rb +20 -14
data/lib/rubygems/util/licenses.rb +27 -1
data/lib/rubygems/util/list.rb +1 -1
data/lib/rubygems/validator.rb +4 -5
data/lib/rubygems/version.rb +15 -15
data/lib/rubygems/version_option.rb +2 -3
data/rubygems-update.gemspec +43 -0
data/setup.rb +2 -8
data/test/rubygems/rubygems_plugin.rb +0 -1
data/test/rubygems/simple_gem.rb +1 -1
data/test/rubygems/test_bundled_ca.rb +4 -7
data/test/rubygems/test_config.rb +7 -2
data/test/rubygems/test_gem.rb +161 -130
data/test/rubygems/test_gem_command.rb +0 -1
data/test/rubygems/test_gem_command_manager.rb +8 -3
data/test/rubygems/test_gem_commands_build_command.rb +219 -15
data/test/rubygems/test_gem_commands_cert_command.rb +69 -8
data/test/rubygems/test_gem_commands_check_command.rb +1 -1
data/test/rubygems/test_gem_commands_cleanup_command.rb +27 -1
data/test/rubygems/test_gem_commands_contents_command.rb +1 -2
data/test/rubygems/test_gem_commands_dependency_command.rb +33 -34
data/test/rubygems/test_gem_commands_environment_command.rb +1 -0
data/test/rubygems/test_gem_commands_fetch_command.rb +0 -1
data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -1
data/test/rubygems/test_gem_commands_help_command.rb +7 -4
data/test/rubygems/test_gem_commands_info_command.rb +44 -0
data/test/rubygems/test_gem_commands_install_command.rb +79 -12
data/test/rubygems/test_gem_commands_lock_command.rb +0 -1
data/test/rubygems/test_gem_commands_open_command.rb +29 -0
data/test/rubygems/test_gem_commands_outdated_command.rb +0 -1
data/test/rubygems/test_gem_commands_owner_command.rb +93 -57
data/test/rubygems/test_gem_commands_pristine_command.rb +65 -30
data/test/rubygems/test_gem_commands_push_command.rb +39 -0
data/test/rubygems/test_gem_commands_query_command.rb +102 -100
data/test/rubygems/test_gem_commands_search_command.rb +0 -1
data/test/rubygems/test_gem_commands_server_command.rb +0 -1
data/test/rubygems/test_gem_commands_setup_command.rb +39 -8
data/test/rubygems/test_gem_commands_signin_command.rb +1 -1
data/test/rubygems/test_gem_commands_sources_command.rb +0 -1
data/test/rubygems/test_gem_commands_specification_command.rb +2 -3
data/test/rubygems/test_gem_commands_stale_command.rb +3 -2
data/test/rubygems/test_gem_commands_uninstall_command.rb +81 -7
data/test/rubygems/test_gem_commands_unpack_command.rb +17 -1
data/test/rubygems/test_gem_commands_update_command.rb +19 -2
data/test/rubygems/test_gem_commands_which_command.rb +0 -1
data/test/rubygems/test_gem_commands_yank_command.rb +0 -1
data/test/rubygems/test_gem_config_file.rb +4 -2
data/test/rubygems/test_gem_dependency.rb +0 -1
data/test/rubygems/test_gem_dependency_installer.rb +8 -5
data/test/rubygems/test_gem_dependency_list.rb +6 -7
data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -1
data/test/rubygems/test_gem_doctor.rb +1 -2
data/test/rubygems/test_gem_ext_builder.rb +10 -23
data/test/rubygems/test_gem_ext_cmake_builder.rb +5 -4
data/test/rubygems/test_gem_ext_configure_builder.rb +3 -3
data/test/rubygems/test_gem_ext_ext_conf_builder.rb +8 -9
data/test/rubygems/test_gem_ext_rake_builder.rb +20 -5
data/test/rubygems/test_gem_gem_runner.rb +0 -1
data/test/rubygems/test_gem_gemcutter_utilities.rb +32 -6
data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -1
data/test/rubygems/test_gem_indexer.rb +1 -2
data/test/rubygems/test_gem_install_update_options.rb +1 -20
data/test/rubygems/test_gem_installer.rb +69 -203
data/test/rubygems/test_gem_local_remote_options.rb +3 -3
data/test/rubygems/test_gem_name_tuple.rb +0 -1
data/test/rubygems/test_gem_package.rb +59 -50
data/test/rubygems/test_gem_package_old.rb +0 -1
data/test/rubygems/test_gem_package_tar_header.rb +1 -2
data/test/rubygems/test_gem_package_tar_reader.rb +0 -1
data/test/rubygems/test_gem_package_tar_reader_entry.rb +11 -0
data/test/rubygems/test_gem_package_tar_writer.rb +40 -7
data/test/rubygems/test_gem_package_task.rb +2 -2
data/test/rubygems/test_gem_path_support.rb +28 -11
data/test/rubygems/test_gem_platform.rb +4 -5
data/test/rubygems/test_gem_rdoc.rb +1 -2
data/test/rubygems/test_gem_remote_fetcher.rb +111 -130
data/test/rubygems/test_gem_request.rb +5 -5
data/test/rubygems/test_gem_request_connection_pools.rb +24 -3
data/test/rubygems/test_gem_request_set.rb +5 -5
data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +2 -7
data/test/rubygems/test_gem_request_set_lockfile.rb +1 -2
data/test/rubygems/test_gem_request_set_lockfile_parser.rb +4 -9
data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -1
data/test/rubygems/test_gem_requirement.rb +18 -4
data/test/rubygems/test_gem_resolver.rb +13 -17
data/test/rubygems/test_gem_resolver_activation_request.rb +0 -1
data/test/rubygems/test_gem_resolver_api_set.rb +0 -1
data/test/rubygems/test_gem_resolver_api_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_best_set.rb +0 -1
data/test/rubygems/test_gem_resolver_composed_set.rb +0 -1
data/test/rubygems/test_gem_resolver_conflict.rb +0 -1
data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -1
data/test/rubygems/test_gem_resolver_git_set.rb +0 -1
data/test/rubygems/test_gem_resolver_git_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_index_set.rb +0 -1
data/test/rubygems/test_gem_resolver_index_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_installer_set.rb +2 -3
data/test/rubygems/test_gem_resolver_local_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_lock_set.rb +0 -1
data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -1
data/test/rubygems/test_gem_resolver_specification.rb +1 -2
data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -1
data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -1
data/test/rubygems/test_gem_security.rb +1 -3
data/test/rubygems/test_gem_security_policy.rb +4 -5
data/test/rubygems/test_gem_security_signer.rb +4 -3
data/test/rubygems/test_gem_security_trust_dir.rb +1 -2
data/test/rubygems/test_gem_server.rb +4 -4
data/test/rubygems/test_gem_source.rb +0 -13
data/test/rubygems/test_gem_source_fetch_problem.rb +0 -1
data/test/rubygems/test_gem_source_git.rb +0 -1
data/test/rubygems/test_gem_source_installed.rb +0 -1
data/test/rubygems/test_gem_source_lock.rb +0 -1
data/test/rubygems/test_gem_source_vendor.rb +0 -1
data/test/rubygems/test_gem_spec_fetcher.rb +0 -1
data/test/rubygems/test_gem_specification.rb +334 -198
data/test/rubygems/test_gem_stream_ui.rb +13 -30
data/test/rubygems/test_gem_stub_specification.rb +0 -2
data/test/rubygems/test_gem_text.rb +4 -5
data/test/rubygems/test_gem_uninstaller.rb +21 -1
data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -1
data/test/rubygems/test_gem_uri_formatter.rb +0 -1
data/test/rubygems/test_gem_util.rb +6 -11
data/test/rubygems/test_gem_validator.rb +0 -1
data/test/rubygems/test_gem_version.rb +11 -11
data/test/rubygems/test_gem_version_option.rb +0 -1
data/test/rubygems/test_remote_fetch_error.rb +0 -1
data/test/rubygems/test_require.rb +67 -52
data/util/CL2notes +1 -2
data/util/ci +15 -12
data/util/create_certs.rb +6 -7
data/util/create_encrypted_key.rb +0 -1
data/util/patch_with_prs.rb +1 -1
data/util/rubocop +8 -0
data/util/update_bundled_ca_certificates.rb +15 -14
data/util/update_changelog.rb +1 -1
metadata +67 -59
data/.autotest +0 -71
data/.document +0 -5
data/CONTRIBUTING.rdoc +0 -130
data/CVE-2013-4287.txt +0 -35
data/CVE-2013-4363.txt +0 -45
data/CVE-2015-3900.txt +0 -40
data/POLICIES.rdoc +0 -74
data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem +0 -21
data/test/rubygems/fix_openssl_warnings.rb +0 -13

data/lib/rubygems/mock_gem_ui.rb CHANGED

@@ -12,7 +12,7 @@ class Gem::MockGemUi < Gem::StreamUI
   class InputEOFError < RuntimeError
-    def initialize question
+    def initialize(question)
       super "Out of input for MockGemUi on #{question.inspect}"
     end
@@ -21,7 +21,7 @@ class Gem::MockGemUi < Gem::StreamUI
   class TermError < RuntimeError
     attr_reader :exit_code
-    def initialize exit_code
+    def initialize(exit_code)
       super
       @exit_code = exit_code
     end
@@ -56,7 +56,7 @@ class Gem::MockGemUi < Gem::StreamUI
     @terminated = false
   end
-  def ask question
+  def ask(question)
     raise InputEOFError, question if @ins.eof?
     super
@@ -86,4 +86,3 @@ class Gem::MockGemUi < Gem::StreamUI
   end
 end

data/lib/rubygems/name_tuple.rb CHANGED

@@ -24,7 +24,7 @@ class Gem::NameTuple
   # Turn an array of [name, version, platform] into an array of
   # NameTuple objects.
-  def self.from_list list
+  def self.from_list(list)
     list.map { |t| new(*t) }
   end
@@ -32,7 +32,7 @@ class Gem::NameTuple
   # Turn an array of NameTuple objects back into an array of
   # [name, version, platform] tuples.
-  def self.to_basic list
+  def self.to_basic(list)
     list.map { |t| t.to_a }
   end
@@ -90,7 +90,7 @@ class Gem::NameTuple
   alias to_s inspect # :nodoc:
-  def <=> other
+  def <=>(other)
     [@name, @version, @platform == Gem::Platform::RUBY ? -1 : 1] <=>
       [other.name, other.version,
        other.platform == Gem::Platform::RUBY ? -1 : 1]
@@ -102,7 +102,7 @@ class Gem::NameTuple
   # Compare with +other+. Supports another NameTuple or an Array
   # in the [name, version, platform] format.
-  def == other
+  def ==(other)
     case other
     when self.class
       @name == other.name and

data/lib/rubygems/package.rb CHANGED

@@ -55,7 +55,7 @@ class Gem::Package
   class FormatError < Error
     attr_reader :path
-    def initialize message, source = nil
+    def initialize(message, source = nil)
       if source
         @path = source.path
@@ -68,7 +68,7 @@ class Gem::Package
   end
   class PathError < Error
-    def initialize destination, destination_dir
+    def initialize(destination, destination_dir)
       super "installing into parent path %s of %s is not allowed" %
               [destination, destination_dir]
     end
@@ -107,12 +107,24 @@ class Gem::Package
   attr_writer :spec
-  def self.build spec, skip_validation=false
-    gem_file = spec.file_name
+  ##
+  # Permission for directories
+  attr_accessor :dir_mode
+  ##
+  # Permission for program files
+  attr_accessor :prog_mode
+  ##
+  # Permission for other files
+  attr_accessor :data_mode
+  def self.build(spec, skip_validation = false, strict_validation = false, file_name = nil)
+    gem_file = file_name || spec.file_name
     package = new gem_file
     package.spec = spec
-    package.build skip_validation
+    package.build skip_validation, strict_validation
     gem_file
   end
@@ -124,7 +136,7 @@ class Gem::Package
   # If +gem+ is an existing file in the old format a Gem::Package::Old will be
   # returned.
-  def self.new gem, security_policy = nil
+  def self.new(gem, security_policy = nil)
     gem = if gem.is_a?(Gem::Package::Source)
             gem
           elsif gem.respond_to? :read
@@ -145,10 +157,10 @@ class Gem::Package
   ##
   # Creates a new package that will read or write to the file +gem+.
-  def initialize gem, security_policy # :notnew:
+  def initialize(gem, security_policy) # :notnew:
     @gem = gem
-    @build_time      = Time.now
+    @build_time      = ENV["SOURCE_DATE_EPOCH"] ? Time.at(ENV["SOURCE_DATE_EPOCH"].to_i).utc : Time.now
     @checksums       = {}
     @contents        = nil
     @digests         = Hash.new { |h, algorithm| h[algorithm] = {} }
@@ -162,14 +174,14 @@ class Gem::Package
   ##
   # Copies this package to +path+ (if possible)
-  def copy_to path
+  def copy_to(path)
     FileUtils.cp @gem.path, path unless File.exist? path
   end
   ##
   # Adds a checksum for each entry in the gem to checksums.yaml.gz.
-  def add_checksums tar
+  def add_checksums(tar)
     Gem.load_yaml
     checksums_by_algorithm = Hash.new { |h, algorithm| h[algorithm] = {} }
@@ -191,7 +203,7 @@ class Gem::Package
   # Adds the files listed in the packages's Gem::Specification to data.tar.gz
   # and adds this file to the +tar+.
-  def add_contents tar # :nodoc:
+  def add_contents(tar) # :nodoc:
     digests = tar.add_file_signed 'data.tar.gz', 0444, @signer do |io|
       gzip_to io do |gz_io|
         Gem::Package::TarWriter.new gz_io do |data_tar|
@@ -206,13 +218,18 @@ class Gem::Package
   ##
   # Adds files included the package's Gem::Specification to the +tar+ file
-  def add_files tar # :nodoc:
+  def add_files(tar) # :nodoc:
     @spec.files.each do |file|
       stat = File.lstat file
       if stat.symlink?
-        relative_dir = File.dirname(file).sub("#{Dir.pwd}/", '')
-        target_path = File.join(relative_dir, File.readlink(file))
+        target_path = File.readlink(file)
+        unless target_path.start_with? '.'
+          relative_dir = File.dirname(file).sub("#{Dir.pwd}/", '')
+          target_path = File.join(relative_dir, target_path)
+        end
         tar.add_symlink file, target_path, stat.mode
       end
@@ -229,7 +246,7 @@ class Gem::Package
   ##
   # Adds the package's Gem::Specification to the +tar+ file
-  def add_metadata tar # :nodoc:
+  def add_metadata(tar) # :nodoc:
     digests = tar.add_file_signed 'metadata.gz', 0444, @signer do |io|
       gzip_to io do |gz_io|
         gz_io.write @spec.to_yaml
@@ -242,14 +259,20 @@ class Gem::Package
   ##
   # Builds this package based on the specification set by #spec=
-  def build skip_validation = false
+  def build(skip_validation = false, strict_validation = false)
+    raise ArgumentError, "skip_validation = true and strict_validation = true are incompatible" if skip_validation && strict_validation
     Gem.load_yaml
     require 'rubygems/security'
     @spec.mark_version
-    @spec.validate unless skip_validation
+    @spec.validate true, strict_validation unless skip_validation
-    setup_signer
+    setup_signer(
+      signer_options: {
+        expiration_length_days: Gem.configuration.cert_expiration_length_days
+      }
+    )
     @gem.with_write_io do |gem_io|
       Gem::Package::TarWriter.new gem_io do |gem|
@@ -263,7 +286,7 @@ class Gem::Package
   Successfully built RubyGem
   Name: #{@spec.name}
   Version: #{@spec.version}
-  File: #{File.basename @spec.cache_file}
+  File: #{File.basename @gem.path}
 EOM
   ensure
     @signer = nil
@@ -300,8 +323,8 @@ EOM
   # Creates a digest of the TarEntry +entry+ from the digest algorithm set by
   # the security policy.
-  def digest entry # :nodoc:
-    algorithms = if @checksums then
+  def digest(entry) # :nodoc:
+    algorithms = if @checksums
                    @checksums.keys
                  else
                    [Gem::Security::DIGEST_NAME].compact
@@ -309,7 +332,7 @@ EOM
     algorithms.each do |algorithm|
       digester =
-        if defined?(OpenSSL::Digest) then
+        if defined?(OpenSSL::Digest)
           OpenSSL::Digest.new algorithm
         else
           Digest.const_get(algorithm).new
@@ -331,10 +354,10 @@ EOM
   # If +pattern+ is specified, only entries matching that glob will be
   # extracted.
-  def extract_files destination_dir, pattern = "*"
+  def extract_files(destination_dir, pattern = "*")
     verify unless @spec
-    FileUtils.mkdir_p destination_dir
+    FileUtils.mkdir_p destination_dir, :mode => dir_mode && 0700
     @gem.with_read_io do |io|
       reader = Gem::Package::TarReader.new io
@@ -360,7 +383,8 @@ EOM
   # If +pattern+ is specified, only entries matching that glob will be
   # extracted.
-  def extract_tar_gz io, destination_dir, pattern = "*" # :nodoc:
+  def extract_tar_gz(io, destination_dir, pattern = "*") # :nodoc:
+    directories = [] if dir_mode
     open_tar_gz io do |tar|
       tar.each do |entry|
         next unless File.fnmatch pattern, entry.full_name, File::FNM_DOTMATCH
@@ -370,19 +394,20 @@ EOM
         FileUtils.rm_rf destination
         mkdir_options = {}
-        mkdir_options[:mode] = entry.header.mode if entry.directory?
+        mkdir_options[:mode] = dir_mode ? 0700 : (entry.header.mode if entry.directory?)
         mkdir =
-          if entry.directory? then
+          if entry.directory?
             destination
           else
             File.dirname destination
           end
+        directories << mkdir if directories
         mkdir_p_safe mkdir, mkdir_options, destination_dir, entry.full_name
         File.open destination, 'wb' do |out|
           out.write entry.read
-          FileUtils.chmod entry.header.mode, destination
+          FileUtils.chmod file_mode(entry.header.mode), destination
         end if entry.file?
         File.symlink(entry.header.linkname, destination) if entry.symlink?
@@ -390,6 +415,15 @@ EOM
         verbose destination
       end
     end
+    if directories
+      directories.uniq!
+      File.chmod(dir_mode, *directories)
+    end
+  end
+  def file_mode(mode) # :nodoc:
+    ((mode & 0111).zero? ? data_mode : prog_mode) || mode
   end
   ##
@@ -398,7 +432,7 @@ EOM
   # Also sets the gzip modification time to the package build time to ease
   # testing.
-  def gzip_to io # :yields: gz_io
+  def gzip_to(io) # :yields: gz_io
     gz_io = Zlib::GzipWriter.new io, Zlib::BEST_COMPRESSION
     gz_io.mtime = @build_time
@@ -412,29 +446,16 @@ EOM
   #
   # If +filename+ is not inside +destination_dir+ an exception is raised.
-  def install_location filename, destination_dir # :nodoc:
+  def install_location(filename, destination_dir) # :nodoc:
     raise Gem::Package::PathError.new(filename, destination_dir) if
       filename.start_with? '/'
-    destination_dir = realpath destination_dir
-    destination_dir = File.expand_path destination_dir
-    destination = File.join destination_dir, filename
-    destination = File.expand_path destination
+    destination_dir = File.expand_path(File.realpath(destination_dir))
+    destination = File.expand_path(File.join(destination_dir, filename))
     raise Gem::Package::PathError.new(destination, destination_dir) unless
       destination.start_with? destination_dir + '/'
-    begin
-      real_destination = File.expand_path(File.realpath(destination))
-    rescue
-      # it's fine if the destination doesn't exist, because rm -rf'ing it can't cause any damage
-      nil
-    else
-      raise Gem::Package::PathError.new(real_destination, destination_dir) unless
-        real_destination.start_with? destination_dir + '/'
-    end
     destination.untaint
     destination
   end
@@ -447,11 +468,11 @@ EOM
     end
   end
-  def mkdir_p_safe mkdir, mkdir_options, destination_dir, file_name
-    destination_dir = realpath File.expand_path(destination_dir)
+  def mkdir_p_safe(mkdir, mkdir_options, destination_dir, file_name)
+    destination_dir = File.realpath(File.expand_path(destination_dir))
     parts = mkdir.split(File::SEPARATOR)
     parts.reduce do |path, basename|
-      path = realpath path  unless path == ""
+      path = File.realpath(path) unless path == ""
       path = File.expand_path(path + File::SEPARATOR + basename)
       lstat = File.lstat path rescue nil
       if !lstat || !lstat.directory?
@@ -466,15 +487,14 @@ EOM
   ##
   # Loads a Gem::Specification from the TarEntry +entry+
-  def load_spec entry # :nodoc:
+  def load_spec(entry) # :nodoc:
     case entry.full_name
     when 'metadata' then
       @spec = Gem::Specification.from_yaml entry.read
     when 'metadata.gz' then
       args = [entry]
       args << { :external_encoding => Encoding::UTF_8 } if
-        Object.const_defined?(:Encoding) &&
-          Zlib::GzipReader.method(:wrap).arity != 1
+        Zlib::GzipReader.method(:wrap).arity != 1
       Zlib::GzipReader.wrap(*args) do |gzio|
         @spec = Gem::Specification.from_yaml gzio.read
@@ -485,7 +505,7 @@ EOM
   ##
   # Opens +io+ as a gzipped tar archive
-  def open_tar_gz io # :nodoc:
+  def open_tar_gz(io) # :nodoc:
     Zlib::GzipReader.wrap io do |gzio|
       tar = Gem::Package::TarReader.new gzio
@@ -496,7 +516,7 @@ EOM
   ##
   # Reads and loads checksums.yaml.gz from the tar file +gem+
-  def read_checksums gem
+  def read_checksums(gem)
     Gem.load_yaml
     @checksums = gem.seek 'checksums.yaml.gz' do |entry|
@@ -510,10 +530,17 @@ EOM
   # Prepares the gem for signing and checksum generation.  If a signing
   # certificate and key are not present only checksum generation is set up.
-  def setup_signer
+  def setup_signer(signer_options: {})
     passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
-    if @spec.signing_key then
-      @signer = Gem::Security::Signer.new @spec.signing_key, @spec.cert_chain, passphrase
+    if @spec.signing_key
+      @signer =
+        Gem::Security::Signer.new(
+          @spec.signing_key,
+          @spec.cert_chain,
+          passphrase,
+          signer_options
+        )
       @spec.signing_key = nil
       @spec.cert_chain = @signer.cert_chain.map { |cert| cert.to_s }
     else
@@ -578,14 +605,14 @@ EOM
   # Verifies the +checksums+ against the +digests+.  This check is not
   # cryptographically secure.  Missing checksums are ignored.
-  def verify_checksums digests, checksums # :nodoc:
+  def verify_checksums(digests, checksums) # :nodoc:
     return unless checksums
     checksums.sort.each do |algorithm, gem_digests|
       gem_digests.sort.each do |file_name, gem_hexdigest|
         computed_digest = digests[algorithm][file_name]
-        unless computed_digest.hexdigest == gem_hexdigest then
+        unless computed_digest.hexdigest == gem_hexdigest
           raise Gem::Package::FormatError.new \
             "#{algorithm} checksum mismatch for #{file_name}", @gem
         end
@@ -596,7 +623,7 @@ EOM
   ##
   # Verifies +entry+ in a .gem file.
-  def verify_entry entry
+  def verify_entry(entry)
     file_name = entry.full_name
     @files << file_name
@@ -623,16 +650,16 @@ EOM
   ##
   # Verifies the files of the +gem+
-  def verify_files gem
+  def verify_files(gem)
     gem.each do |entry|
       verify_entry entry
     end
-    unless @spec then
+    unless @spec
       raise Gem::Package::FormatError.new 'package metadata is missing', @gem
     end
-    unless @files.include? 'data.tar.gz' then
+    unless @files.include? 'data.tar.gz'
       raise Gem::Package::FormatError.new \
               'package content (data.tar.gz) is missing', @gem
     end
@@ -645,7 +672,7 @@ EOM
   ##
   # Verifies that +entry+ is a valid gzipped file.
-  def verify_gz entry # :nodoc:
+  def verify_gz(entry) # :nodoc:
     Zlib::GzipReader.wrap entry do |gzio|
       gzio.read 16384 until gzio.eof? # gzip checksum verification
     end
@@ -653,16 +680,6 @@ EOM
     raise Gem::Package::FormatError.new(e.message, entry.full_name)
   end
-  if File.respond_to? :realpath
-    def realpath file
-      File.realpath file
-    end
-  else
-    def realpath file
-      file
-    end
-  end
 end
 require 'rubygems/package/digest_io'