RubyGems - rubygems-update - Versions diffs - 2.7.11 → 3.0.9 - Mend

rubygems-update 2.7.11 → 3.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (359) hide show

checksums.yaml +4 -4
data/.rubocop.yml +67 -0
data/.travis.yml +24 -18
data/CODE_OF_CONDUCT.md +10 -8
data/CONTRIBUTING.md +148 -0
data/History.txt +458 -8
data/MAINTAINERS.txt +1 -0
data/Manifest.txt +16 -9
data/POLICIES.md +92 -0
data/README.md +53 -26
data/Rakefile +77 -211
data/{UPGRADING.rdoc → UPGRADING.md} +31 -32
data/appveyor.yml +20 -45
data/bin/gem +1 -2
data/bin/update_rubygems +2 -3
data/bundler/CHANGELOG.md +65 -0
data/bundler/bundler.gemspec +7 -1
data/bundler/lib/bundler/build_metadata.rb +1 -1
data/bundler/lib/bundler/cli/add.rb +15 -5
data/bundler/lib/bundler/cli/binstubs.rb +8 -2
data/bundler/lib/bundler/cli/doctor.rb +47 -1
data/bundler/lib/bundler/cli/install.rb +8 -5
data/bundler/lib/bundler/cli/list.rb +41 -5
data/bundler/lib/bundler/cli/outdated.rb +7 -1
data/bundler/lib/bundler/cli/pristine.rb +4 -0
data/bundler/lib/bundler/cli/remove.rb +18 -0
data/bundler/lib/bundler/cli.rb +63 -21
data/bundler/lib/bundler/definition.rb +15 -16
data/bundler/lib/bundler/dependency.rb +2 -2
data/bundler/lib/bundler/dsl.rb +19 -3
data/bundler/lib/bundler/feature_flag.rb +7 -0
data/bundler/lib/bundler/gem_version_promoter.rb +4 -2
data/bundler/lib/bundler/injector.rb +168 -9
data/bundler/lib/bundler/installer/parallel_installer.rb +5 -0
data/bundler/lib/bundler/installer.rb +29 -6
data/bundler/lib/bundler/plugin/events.rb +61 -0
data/bundler/lib/bundler/plugin.rb +10 -3
data/bundler/lib/bundler/resolver.rb +2 -2
data/bundler/lib/bundler/rubygems_gem_installer.rb +7 -0
data/bundler/lib/bundler/runtime.rb +8 -2
data/bundler/lib/bundler/settings/validator.rb +23 -0
data/bundler/lib/bundler/settings.rb +24 -3
data/bundler/lib/bundler/shared_helpers.rb +19 -3
data/bundler/lib/bundler/source/metadata.rb +2 -3
data/bundler/lib/bundler/source.rb +9 -9
data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +1 -0
data/bundler/lib/bundler/version.rb +1 -1
data/bundler/lib/bundler.rb +26 -8
data/bundler/man/bundle-add.ronn +13 -2
data/bundler/man/bundle-config.ronn +21 -0
data/bundler/man/bundle-install.ronn +1 -1
data/bundler/man/bundle-list.ronn +19 -1
data/bundler/man/bundle-outdated.ronn +4 -0
data/bundler/man/bundle-remove.ronn +23 -0
data/bundler/man/bundle-update.ronn +1 -1
data/bundler/man/bundle.ronn +3 -0
data/lib/rubygems/available_set.rb +1 -1
data/lib/rubygems/basic_specification.rb +12 -12
data/lib/rubygems/bundler_version_finder.rb +3 -3
data/lib/rubygems/command.rb +22 -15
data/lib/rubygems/command_manager.rb +22 -5
data/lib/rubygems/commands/build_command.rb +41 -7
data/lib/rubygems/commands/cert_command.rb +45 -24
data/lib/rubygems/commands/check_command.rb +1 -1
data/lib/rubygems/commands/cleanup_command.rb +14 -7
data/lib/rubygems/commands/contents_command.rb +14 -15
data/lib/rubygems/commands/dependency_command.rb +17 -17
data/lib/rubygems/commands/environment_command.rb +20 -1
data/lib/rubygems/commands/fetch_command.rb +2 -3
data/lib/rubygems/commands/generate_index_command.rb +2 -3
data/lib/rubygems/commands/help_command.rb +12 -13
data/lib/rubygems/commands/info_command.rb +33 -0
data/lib/rubygems/commands/install_command.rb +21 -17
data/lib/rubygems/commands/list_command.rb +0 -1
data/lib/rubygems/commands/lock_command.rb +3 -4
data/lib/rubygems/commands/open_command.rb +16 -10
data/lib/rubygems/commands/owner_command.rb +21 -7
data/lib/rubygems/commands/pristine_command.rb +23 -16
data/lib/rubygems/commands/push_command.rb +19 -8
data/lib/rubygems/commands/query_command.rb +24 -24
data/lib/rubygems/commands/rdoc_command.rb +3 -4
data/lib/rubygems/commands/search_command.rb +0 -1
data/lib/rubygems/commands/server_command.rb +1 -2
data/lib/rubygems/commands/setup_command.rb +86 -48
data/lib/rubygems/commands/signin_command.rb +2 -1
data/lib/rubygems/commands/signout_command.rb +2 -2
data/lib/rubygems/commands/sources_command.rb +11 -12
data/lib/rubygems/commands/specification_command.rb +7 -7
data/lib/rubygems/commands/uninstall_command.rb +50 -18
data/lib/rubygems/commands/unpack_command.rb +16 -7
data/lib/rubygems/commands/update_command.rb +28 -23
data/lib/rubygems/commands/which_command.rb +5 -8
data/lib/rubygems/commands/yank_command.rb +1 -2
data/lib/rubygems/compatibility.rb +1 -21
data/lib/rubygems/config_file.rb +36 -36
data/lib/rubygems/core_ext/kernel_require.rb +6 -6
data/lib/rubygems/core_ext/kernel_warn.rb +45 -0
data/lib/rubygems/defaults.rb +31 -19
data/lib/rubygems/dependency.rb +15 -15
data/lib/rubygems/dependency_installer.rb +30 -33
data/lib/rubygems/dependency_list.rb +9 -10
data/lib/rubygems/deprecate.rb +2 -3
data/lib/rubygems/doctor.rb +5 -6
data/lib/rubygems/errors.rb +3 -3
data/lib/rubygems/exceptions.rb +11 -8
data/lib/rubygems/ext/build_error.rb +0 -1
data/lib/rubygems/ext/builder.rb +50 -23
data/lib/rubygems/ext/cmake_builder.rb +2 -2
data/lib/rubygems/ext/configure_builder.rb +2 -3
data/lib/rubygems/ext/ext_conf_builder.rb +8 -7
data/lib/rubygems/ext/rake_builder.rb +16 -18
data/lib/rubygems/ext.rb +0 -1
data/lib/rubygems/gem_runner.rb +2 -2
data/lib/rubygems/gemcutter_utilities.rb +46 -12
data/lib/rubygems/indexer.rb +19 -12
data/lib/rubygems/install_default_message.rb +0 -1
data/lib/rubygems/install_message.rb +0 -1
data/lib/rubygems/install_update_options.rb +3 -29
data/lib/rubygems/installer.rb +97 -55
data/lib/rubygems/installer_test_case.rb +2 -16
data/lib/rubygems/local_remote_options.rb +5 -4
data/lib/rubygems/mock_gem_ui.rb +3 -4
data/lib/rubygems/name_tuple.rb +4 -4
data/lib/rubygems/package/digest_io.rb +3 -4
data/lib/rubygems/package/file_source.rb +3 -4
data/lib/rubygems/package/io_source.rb +1 -2
data/lib/rubygems/package/old.rb +8 -16
data/lib/rubygems/package/source.rb +0 -1
data/lib/rubygems/package/tar_header.rb +13 -4
data/lib/rubygems/package/tar_reader/entry.rb +20 -4
data/lib/rubygems/package/tar_reader.rb +2 -4
data/lib/rubygems/package/tar_test_case.rb +2 -8
data/lib/rubygems/package/tar_writer.rb +13 -15
data/lib/rubygems/package.rb +90 -63
data/lib/rubygems/package_task.rb +0 -1
data/lib/rubygems/path_support.rb +16 -6
data/lib/rubygems/platform.rb +4 -5
data/lib/rubygems/psych_tree.rb +1 -1
data/lib/rubygems/rdoc.rb +2 -313
data/lib/rubygems/remote_fetcher.rb +29 -82
data/lib/rubygems/request/connection_pools.rb +24 -13
data/lib/rubygems/request/http_pool.rb +3 -4
data/lib/rubygems/request/https_pool.rb +1 -3
data/lib/rubygems/request.rb +17 -16
data/lib/rubygems/request_set/gem_dependency_api.rb +46 -49
data/lib/rubygems/request_set/lockfile/parser.rb +18 -29
data/lib/rubygems/request_set/lockfile/tokenizer.rb +9 -9
data/lib/rubygems/request_set/lockfile.rb +12 -12
data/lib/rubygems/request_set.rb +52 -25
data/lib/rubygems/requirement.rb +32 -21
data/lib/rubygems/resolver/activation_request.rb +6 -6
data/lib/rubygems/resolver/api_set.rb +5 -6
data/lib/rubygems/resolver/api_specification.rb +2 -3
data/lib/rubygems/resolver/best_set.rb +5 -6
data/lib/rubygems/resolver/composed_set.rb +5 -6
data/lib/rubygems/resolver/conflict.rb +5 -5
data/lib/rubygems/resolver/current_set.rb +1 -2
data/lib/rubygems/resolver/dependency_request.rb +4 -4
data/lib/rubygems/resolver/git_set.rb +5 -6
data/lib/rubygems/resolver/git_specification.rb +4 -5
data/lib/rubygems/resolver/index_set.rb +5 -6
data/lib/rubygems/resolver/index_specification.rb +3 -4
data/lib/rubygems/resolver/installed_specification.rb +3 -4
data/lib/rubygems/resolver/installer_set.rb +12 -12
data/lib/rubygems/resolver/local_specification.rb +1 -2
data/lib/rubygems/resolver/lock_set.rb +5 -6
data/lib/rubygems/resolver/lock_specification.rb +7 -8
data/lib/rubygems/resolver/requirement_list.rb +1 -1
data/lib/rubygems/resolver/set.rb +2 -2
data/lib/rubygems/resolver/source_set.rb +4 -5
data/lib/rubygems/resolver/spec_specification.rb +1 -2
data/lib/rubygems/resolver/specification.rb +10 -7
data/lib/rubygems/resolver/stats.rb +1 -1
data/lib/rubygems/resolver/vendor_set.rb +4 -5
data/lib/rubygems/resolver/vendor_specification.rb +2 -3
data/lib/rubygems/resolver.rb +14 -16
data/lib/rubygems/s3_uri_signer.rb +183 -0
data/lib/rubygems/safe_yaml.rb +18 -10
data/lib/rubygems/security/policies.rb +1 -2
data/lib/rubygems/security/policy.rb +25 -25
data/lib/rubygems/security/signer.rb +72 -24
data/lib/rubygems/security/trust_dir.rb +10 -10
data/lib/rubygems/security.rb +21 -22
data/lib/rubygems/security_option.rb +0 -1
data/lib/rubygems/server.rb +21 -21
data/lib/rubygems/source/git.rb +9 -10
data/lib/rubygems/source/installed.rb +3 -4
data/lib/rubygems/source/local.rb +7 -7
data/lib/rubygems/source/lock.rb +4 -4
data/lib/rubygems/source/specific_file.rb +5 -5
data/lib/rubygems/source/vendor.rb +2 -3
data/lib/rubygems/source.rb +16 -25
data/lib/rubygems/source_list.rb +2 -2
data/lib/rubygems/source_local.rb +0 -1
data/lib/rubygems/spec_fetcher.rb +5 -6
data/lib/rubygems/specification.rb +219 -558
data/lib/rubygems/specification_policy.rb +407 -0
data/lib/rubygems/stub_specification.rb +12 -17
data/lib/rubygems/test_case.rb +161 -75
data/lib/rubygems/test_utilities.rb +20 -35
data/lib/rubygems/text.rb +6 -6
data/lib/rubygems/uninstaller.rb +38 -27
data/lib/rubygems/uri_formatter.rb +1 -2
data/lib/rubygems/user_interaction.rb +37 -89
data/lib/rubygems/util/licenses.rb +27 -1
data/lib/rubygems/util/list.rb +1 -1
data/lib/rubygems/util.rb +32 -14
data/lib/rubygems/validator.rb +4 -5
data/lib/rubygems/version.rb +15 -15
data/lib/rubygems/version_option.rb +2 -3
data/lib/rubygems.rb +71 -102
data/rubygems-update.gemspec +43 -0
data/setup.rb +2 -8
data/test/rubygems/ca_cert.pem +74 -65
data/test/rubygems/client.pem +103 -45
data/test/rubygems/rubygems_plugin.rb +0 -1
data/test/rubygems/simple_gem.rb +1 -1
data/test/rubygems/ssl_cert.pem +78 -17
data/test/rubygems/ssl_key.pem +25 -13
data/test/rubygems/test_bundled_ca.rb +1 -1
data/test/rubygems/test_config.rb +7 -2
data/test/rubygems/test_gem.rb +205 -132
data/test/rubygems/test_gem_bundler_version_finder.rb +4 -0
data/test/rubygems/test_gem_command.rb +0 -1
data/test/rubygems/test_gem_command_manager.rb +18 -3
data/test/rubygems/test_gem_commands_build_command.rb +220 -15
data/test/rubygems/test_gem_commands_cert_command.rb +69 -8
data/test/rubygems/test_gem_commands_check_command.rb +1 -1
data/test/rubygems/test_gem_commands_cleanup_command.rb +27 -1
data/test/rubygems/test_gem_commands_contents_command.rb +1 -2
data/test/rubygems/test_gem_commands_dependency_command.rb +33 -34
data/test/rubygems/test_gem_commands_environment_command.rb +1 -0
data/test/rubygems/test_gem_commands_fetch_command.rb +0 -1
data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -1
data/test/rubygems/test_gem_commands_help_command.rb +7 -4
data/test/rubygems/test_gem_commands_info_command.rb +44 -0
data/test/rubygems/test_gem_commands_install_command.rb +79 -12
data/test/rubygems/test_gem_commands_lock_command.rb +0 -1
data/test/rubygems/test_gem_commands_open_command.rb +29 -0
data/test/rubygems/test_gem_commands_outdated_command.rb +0 -1
data/test/rubygems/test_gem_commands_owner_command.rb +93 -57
data/test/rubygems/test_gem_commands_pristine_command.rb +65 -30
data/test/rubygems/test_gem_commands_push_command.rb +54 -0
data/test/rubygems/test_gem_commands_query_command.rb +102 -100
data/test/rubygems/test_gem_commands_search_command.rb +0 -1
data/test/rubygems/test_gem_commands_server_command.rb +0 -1
data/test/rubygems/test_gem_commands_setup_command.rb +50 -15
data/test/rubygems/test_gem_commands_signin_command.rb +1 -1
data/test/rubygems/test_gem_commands_sources_command.rb +0 -1
data/test/rubygems/test_gem_commands_specification_command.rb +2 -3
data/test/rubygems/test_gem_commands_stale_command.rb +3 -2
data/test/rubygems/test_gem_commands_uninstall_command.rb +161 -8
data/test/rubygems/test_gem_commands_unpack_command.rb +17 -1
data/test/rubygems/test_gem_commands_update_command.rb +19 -2
data/test/rubygems/test_gem_commands_which_command.rb +0 -1
data/test/rubygems/test_gem_commands_yank_command.rb +0 -1
data/test/rubygems/test_gem_config_file.rb +4 -2
data/test/rubygems/test_gem_dependency.rb +0 -1
data/test/rubygems/test_gem_dependency_installer.rb +8 -5
data/test/rubygems/test_gem_dependency_list.rb +6 -7
data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -1
data/test/rubygems/test_gem_doctor.rb +1 -2
data/test/rubygems/test_gem_ext_builder.rb +10 -23
data/test/rubygems/test_gem_ext_cmake_builder.rb +5 -4
data/test/rubygems/test_gem_ext_configure_builder.rb +3 -3
data/test/rubygems/test_gem_ext_ext_conf_builder.rb +8 -9
data/test/rubygems/test_gem_ext_rake_builder.rb +20 -5
data/test/rubygems/test_gem_gem_runner.rb +0 -1
data/test/rubygems/test_gem_gemcutter_utilities.rb +32 -6
data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -1
data/test/rubygems/test_gem_indexer.rb +16 -10
data/test/rubygems/test_gem_install_update_options.rb +1 -20
data/test/rubygems/test_gem_installer.rb +154 -119
data/test/rubygems/test_gem_local_remote_options.rb +3 -3
data/test/rubygems/test_gem_name_tuple.rb +0 -1
data/test/rubygems/test_gem_package.rb +77 -31
data/test/rubygems/test_gem_package_old.rb +0 -1
data/test/rubygems/test_gem_package_tar_header.rb +42 -2
data/test/rubygems/test_gem_package_tar_reader.rb +0 -1
data/test/rubygems/test_gem_package_tar_reader_entry.rb +11 -0
data/test/rubygems/test_gem_package_tar_writer.rb +43 -7
data/test/rubygems/test_gem_package_task.rb +2 -2
data/test/rubygems/test_gem_path_support.rb +28 -11
data/test/rubygems/test_gem_platform.rb +4 -5
data/test/rubygems/test_gem_rdoc.rb +1 -136
data/test/rubygems/test_gem_remote_fetcher.rb +241 -141
data/test/rubygems/test_gem_request.rb +9 -9
data/test/rubygems/test_gem_request_connection_pools.rb +24 -3
data/test/rubygems/test_gem_request_set.rb +5 -5
data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +82 -64
data/test/rubygems/test_gem_request_set_lockfile.rb +1 -2
data/test/rubygems/test_gem_request_set_lockfile_parser.rb +4 -9
data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -1
data/test/rubygems/test_gem_requirement.rb +24 -4
data/test/rubygems/test_gem_resolver.rb +13 -17
data/test/rubygems/test_gem_resolver_activation_request.rb +0 -1
data/test/rubygems/test_gem_resolver_api_set.rb +0 -1
data/test/rubygems/test_gem_resolver_api_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_best_set.rb +0 -1
data/test/rubygems/test_gem_resolver_composed_set.rb +0 -1
data/test/rubygems/test_gem_resolver_conflict.rb +0 -1
data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -1
data/test/rubygems/test_gem_resolver_git_set.rb +0 -1
data/test/rubygems/test_gem_resolver_git_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_index_set.rb +0 -1
data/test/rubygems/test_gem_resolver_index_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_installer_set.rb +2 -3
data/test/rubygems/test_gem_resolver_local_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_lock_set.rb +0 -1
data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -1
data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -1
data/test/rubygems/test_gem_resolver_specification.rb +1 -2
data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -1
data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -1
data/test/rubygems/test_gem_security.rb +1 -3
data/test/rubygems/test_gem_security_policy.rb +5 -6
data/test/rubygems/test_gem_security_signer.rb +4 -3
data/test/rubygems/test_gem_security_trust_dir.rb +1 -2
data/test/rubygems/test_gem_server.rb +4 -4
data/test/rubygems/test_gem_source.rb +0 -13
data/test/rubygems/test_gem_source_fetch_problem.rb +0 -1
data/test/rubygems/test_gem_source_git.rb +0 -1
data/test/rubygems/test_gem_source_installed.rb +0 -1
data/test/rubygems/test_gem_source_lock.rb +0 -1
data/test/rubygems/test_gem_source_vendor.rb +0 -1
data/test/rubygems/test_gem_spec_fetcher.rb +0 -1
data/test/rubygems/test_gem_specification.rb +366 -198
data/test/rubygems/test_gem_stream_ui.rb +15 -32
data/test/rubygems/test_gem_stub_specification.rb +0 -2
data/test/rubygems/test_gem_text.rb +4 -0
data/test/rubygems/test_gem_uninstaller.rb +42 -3
data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -1
data/test/rubygems/test_gem_uri_formatter.rb +0 -1
data/test/rubygems/test_gem_util.rb +31 -11
data/test/rubygems/test_gem_validator.rb +0 -1
data/test/rubygems/test_gem_version.rb +11 -11
data/test/rubygems/test_gem_version_option.rb +0 -1
data/test/rubygems/test_remote_fetch_error.rb +0 -1
data/test/rubygems/test_require.rb +67 -52
data/util/CL2notes +1 -2
data/util/ci +20 -12
data/util/cops/deprecations.rb +52 -0
data/util/create_certs.rb +6 -7
data/util/create_certs.sh +27 -0
data/util/create_encrypted_key.rb +4 -5
data/util/patch_with_prs.rb +1 -1
data/util/rubocop +8 -0
data/util/update_bundled_ca_certificates.rb +12 -13
data/util/update_changelog.rb +1 -1
metadata +61 -51
data/.autotest +0 -71
data/.document +0 -5
data/CONTRIBUTING.rdoc +0 -130
data/CVE-2013-4287.txt +0 -35
data/CVE-2013-4363.txt +0 -45
data/CVE-2015-3900.txt +0 -40
data/POLICIES.rdoc +0 -74
data/test/rubygems/fix_openssl_warnings.rb +0 -13

data/lib/rubygems/package/source.rb CHANGED Viewed

@@ -1,4 +1,3 @@
 # frozen_string_literal: true
 class Gem::Package::Source # :nodoc:
 end

data/lib/rubygems/package/tar_header.rb CHANGED Viewed

@@ -50,7 +50,7 @@ class Gem::Package::TarHeader
     :uid,
     :uname,
     :version,
-  ]
+  ].freeze
   ##
   # Pack format for a tar header
@@ -107,8 +107,8 @@ class Gem::Package::TarHeader
     new :name     => fields.shift,
         :mode     => strict_oct(fields.shift),
-        :uid      => strict_oct(fields.shift),
-        :gid      => strict_oct(fields.shift),
+        :uid      => oct_or_256based(fields.shift),
+        :gid      => oct_or_256based(fields.shift),
         :size     => strict_oct(fields.shift),
         :mtime    => strict_oct(fields.shift),
         :checksum => strict_oct(fields.shift),
@@ -130,11 +130,20 @@ class Gem::Package::TarHeader
     raise ArgumentError, "#{str.inspect} is not an octal string"
   end
+  def self.oct_or_256based(str)
+    # \x80 flags a positive 256-based number
+    # \ff flags a negative 256-based number
+    # In case we have a match, parse it as a signed binary value
+    # in big-endian order, except that the high-order bit is ignored.
+    return str.unpack('N2').last if str =~ /\A[\x80\xff]/n
+    strict_oct(str)
+  end
   ##
   # Creates a new TarHeader using +vals+
   def initialize(vals)
-    unless vals[:name] && vals[:size] && vals[:prefix] && vals[:mode] then
+    unless vals[:name] && vals[:size] && vals[:prefix] && vals[:mode]
       raise ArgumentError, ":name, :size, :prefix and :mode required"
     end

data/lib/rubygems/package/tar_reader/entry.rb CHANGED Viewed

@@ -64,7 +64,7 @@ class Gem::Package::TarReader::Entry
   # Full name of the tar entry
   def full_name
-    if @header.prefix != "" then
+    if @header.prefix != ""
       File.join @header.prefix, @header.name
     else
       @header.name
@@ -119,6 +119,12 @@ class Gem::Package::TarReader::Entry
     bytes_read
   end
+  def size
+    @header.size
+  end
+  alias length size
   ##
   # Reads +len+ bytes from the tar file entry, or the rest of the entry if
   # nil
@@ -137,7 +143,19 @@ class Gem::Package::TarReader::Entry
     ret
   end
-  alias readpartial read # :nodoc:
+  def readpartial(maxlen = nil, outbuf = "".b)
+    check_closed
+    raise EOFError if @read >= @header.size
+    maxlen ||= @header.size - @read
+    max_read = [maxlen, @header.size - @read].min
+    @io.readpartial(max_read, outbuf)
+    @read += outbuf.size
+    outbuf
+  end
   ##
   # Rewinds to the beginning of the tar file entry
@@ -145,8 +163,6 @@ class Gem::Package::TarReader::Entry
   def rewind
     check_closed
-    raise Gem::Package::NonSeekableIO unless @io.respond_to? :pos=
     @io.pos = @orig_pos
     @read = 0
   end

data/lib/rubygems/package/tar_reader.rb CHANGED Viewed

@@ -92,11 +92,9 @@ class Gem::Package::TarReader
   # NOTE: Do not call #rewind during #each
   def rewind
-    if @init_pos == 0 then
-      raise Gem::Package::NonSeekableIO unless @io.respond_to? :rewind
+    if @init_pos == 0
       @io.rewind
     else
-      raise Gem::Package::NonSeekableIO unless @io.respond_to? :pos=
       @io.pos = @init_pos
     end
   end
@@ -106,7 +104,7 @@ class Gem::Package::TarReader
   # yields it.  Rewinds the tar file to the beginning when the block
   # terminates.
-  def seek name # :yields: entry
+  def seek(name) # :yields: entry
     found = find do |entry|
       entry.full_name == name
     end

data/lib/rubygems/package/tar_test_case.rb CHANGED Viewed

@@ -52,7 +52,7 @@ class Gem::Package::TarTestCase < Gem::TestCase
       name = fields.shift
       length = fields.shift.to_i
-      if name == "checksum" then
+      if name == "checksum"
         chksum_off = offset
         offset += length
         next
@@ -94,13 +94,7 @@ class Gem::Package::TarTestCase < Gem::TestCase
       ASCIIZ(dname, 155)     # char prefix[155];   ASCII + (Z unless filled)
     ]
-    format = "C100C8C8C8C12C12C8CC100C6C2C32C32C8C8C155"
-    h = if RUBY_VERSION >= "1.9" then
-          arr.join
-        else
-          arr = arr.join("").split(//).map{|x| x[0]}
-          arr.pack format
-        end
+    h = arr.join
     ret = h + "\0" * (512 - h.size)
     assert_equal(512, ret.size)
     ret

data/lib/rubygems/package/tar_writer.rb CHANGED Viewed

@@ -106,8 +106,6 @@ class Gem::Package::TarWriter
   def add_file(name, mode) # :yields: io
     check_closed
-    raise Gem::Package::NonSeekableIO unless @io.respond_to? :pos=
     name, prefix = split_name name
     init_pos = @io.pos
@@ -125,7 +123,7 @@ class Gem::Package::TarWriter
     header = Gem::Package::TarHeader.new :name => name, :mode => mode,
                                          :size => size, :prefix => prefix,
-                                         :mtime => Time.now
+                                         :mtime => ENV["SOURCE_DATE_EPOCH"] ? Time.at(ENV["SOURCE_DATE_EPOCH"].to_i).utc : Time.now
     @io.write header
     @io.pos = final_pos
@@ -141,11 +139,11 @@ class Gem::Package::TarWriter
   #
   # The created digest object is returned.
-  def add_file_digest name, mode, digest_algorithms # :yields: io
+  def add_file_digest(name, mode, digest_algorithms) # :yields: io
     digests = digest_algorithms.map do |digest_algorithm|
       digest = digest_algorithm.new
       digest_name =
-        if digest.respond_to? :name then
+        if digest.respond_to? :name
           digest.name
         else
           /::([^:]+)$/ =~ digest_algorithm.name
@@ -174,7 +172,7 @@ class Gem::Package::TarWriter
   #
   # Returns the digest.
-  def add_file_signed name, mode, signer
+  def add_file_signed(name, mode, signer)
     digest_algorithms = [
       signer.digest_algorithm,
       Digest::SHA512,
@@ -186,7 +184,7 @@ class Gem::Package::TarWriter
     signature_digest = digests.values.compact.find do |digest|
       digest_name =
-        if digest.respond_to? :name then
+        if digest.respond_to? :name
           digest.name
         else
           digest.class.name[/::([^:]+)\z/, 1]
@@ -197,7 +195,7 @@ class Gem::Package::TarWriter
     raise "no #{signer.digest_name} in #{digests.values.compact}" unless signature_digest
-    if signer.key then
+    if signer.key
       signature = signer.sign signature_digest.digest
       add_file_simple "#{name}.sig", 0444, signature.length do |io|
@@ -219,7 +217,7 @@ class Gem::Package::TarWriter
     header = Gem::Package::TarHeader.new(:name => name, :mode => mode,
                                          :size => size, :prefix => prefix,
-                                         :mtime => Time.now).to_s
+                                         :mtime => ENV["SOURCE_DATE_EPOCH"] ? Time.at(ENV["SOURCE_DATE_EPOCH"].to_i).utc : Time.now).to_s
     @io.write header
     os = BoundedStream.new @io, size
@@ -247,7 +245,7 @@ class Gem::Package::TarWriter
                                          :size => 0, :typeflag => "2",
                                          :linkname => target,
                                          :prefix => prefix,
-                                         :mtime => Time.now).to_s
+                                         :mtime => ENV["SOURCE_DATE_EPOCH"] ? Time.at(ENV["SOURCE_DATE_EPOCH"].to_i).utc : Time.now).to_s
     @io.write header
@@ -300,7 +298,7 @@ class Gem::Package::TarWriter
     header = Gem::Package::TarHeader.new :name => name, :mode => mode,
                                          :typeflag => "5", :size => 0,
                                          :prefix => prefix,
-                                         :mtime => Time.now
+                                         :mtime => ENV["SOURCE_DATE_EPOCH"] ? Time.at(ENV["SOURCE_DATE_EPOCH"].to_i).utc : Time.now
     @io.write header
@@ -311,12 +309,12 @@ class Gem::Package::TarWriter
   # Splits +name+ into a name and prefix that can fit in the TarHeader
   def split_name(name) # :nodoc:
-    if name.bytesize > 256 then
+    if name.bytesize > 256
       raise Gem::Package::TooLongFileName.new("File \"#{name}\" has a too long path (should be 256 or less)")
     end
     prefix = ''
-    if name.bytesize > 100 then
+    if name.bytesize > 100
       parts = name.split('/', -1) # parts are never empty here
       name = parts.pop            # initially empty for names with a trailing slash ("foo/.../bar/")
       prefix = parts.join('/')    # if empty, then it's impossible to split (parts is empty too)
@@ -325,11 +323,11 @@ class Gem::Package::TarWriter
         prefix = parts.join('/')
       end
-      if name.bytesize > 100 or prefix.empty? then
+      if name.bytesize > 100 or prefix.empty?
         raise Gem::Package::TooLongFileName.new("File \"#{prefix}/#{name}\" has a too long name (should be 100 or less)")
       end
-      if prefix.bytesize > 155 then
+      if prefix.bytesize > 155
         raise Gem::Package::TooLongFileName.new("File \"#{prefix}/#{name}\" has a too long base path (should be 155 or less)")
       end
     end

data/lib/rubygems/package.rb CHANGED Viewed

@@ -55,7 +55,7 @@ class Gem::Package
   class FormatError < Error
     attr_reader :path
-    def initialize message, source = nil
+    def initialize(message, source = nil)
       if source
         @path = source.path
@@ -68,7 +68,7 @@ class Gem::Package
   end
   class PathError < Error
-    def initialize destination, destination_dir
+    def initialize(destination, destination_dir)
       super "installing into parent path %s of %s is not allowed" %
               [destination, destination_dir]
     end
@@ -107,12 +107,24 @@ class Gem::Package
   attr_writer :spec
-  def self.build spec, skip_validation=false
-    gem_file = spec.file_name
+  ##
+  # Permission for directories
+  attr_accessor :dir_mode
+  ##
+  # Permission for program files
+  attr_accessor :prog_mode
+  ##
+  # Permission for other files
+  attr_accessor :data_mode
+  def self.build(spec, skip_validation = false, strict_validation = false, file_name = nil)
+    gem_file = file_name || spec.file_name
     package = new gem_file
     package.spec = spec
-    package.build skip_validation
+    package.build skip_validation, strict_validation
     gem_file
   end
@@ -124,7 +136,7 @@ class Gem::Package
   # If +gem+ is an existing file in the old format a Gem::Package::Old will be
   # returned.
-  def self.new gem, security_policy = nil
+  def self.new(gem, security_policy = nil)
     gem = if gem.is_a?(Gem::Package::Source)
             gem
           elsif gem.respond_to? :read
@@ -145,10 +157,10 @@ class Gem::Package
   ##
   # Creates a new package that will read or write to the file +gem+.
-  def initialize gem, security_policy # :notnew:
+  def initialize(gem, security_policy) # :notnew:
     @gem = gem
-    @build_time      = Time.now
+    @build_time      = ENV["SOURCE_DATE_EPOCH"] ? Time.at(ENV["SOURCE_DATE_EPOCH"].to_i).utc : Time.now
     @checksums       = {}
     @contents        = nil
     @digests         = Hash.new { |h, algorithm| h[algorithm] = {} }
@@ -162,14 +174,14 @@ class Gem::Package
   ##
   # Copies this package to +path+ (if possible)
-  def copy_to path
+  def copy_to(path)
     FileUtils.cp @gem.path, path unless File.exist? path
   end
   ##
   # Adds a checksum for each entry in the gem to checksums.yaml.gz.
-  def add_checksums tar
+  def add_checksums(tar)
     Gem.load_yaml
     checksums_by_algorithm = Hash.new { |h, algorithm| h[algorithm] = {} }
@@ -191,7 +203,7 @@ class Gem::Package
   # Adds the files listed in the packages's Gem::Specification to data.tar.gz
   # and adds this file to the +tar+.
-  def add_contents tar # :nodoc:
+  def add_contents(tar) # :nodoc:
     digests = tar.add_file_signed 'data.tar.gz', 0444, @signer do |io|
       gzip_to io do |gz_io|
         Gem::Package::TarWriter.new gz_io do |data_tar|
@@ -206,13 +218,18 @@ class Gem::Package
   ##
   # Adds files included the package's Gem::Specification to the +tar+ file
-  def add_files tar # :nodoc:
+  def add_files(tar) # :nodoc:
     @spec.files.each do |file|
       stat = File.lstat file
       if stat.symlink?
-        relative_dir = File.dirname(file).sub("#{Dir.pwd}/", '')
-        target_path = File.join(relative_dir, File.readlink(file))
+        target_path = File.readlink(file)
+        unless target_path.start_with? '.'
+          relative_dir = File.dirname(file).sub("#{Dir.pwd}/", '')
+          target_path = File.join(relative_dir, target_path)
+        end
         tar.add_symlink file, target_path, stat.mode
       end
@@ -229,7 +246,7 @@ class Gem::Package
   ##
   # Adds the package's Gem::Specification to the +tar+ file
-  def add_metadata tar # :nodoc:
+  def add_metadata(tar) # :nodoc:
     digests = tar.add_file_signed 'metadata.gz', 0444, @signer do |io|
       gzip_to io do |gz_io|
         gz_io.write @spec.to_yaml
@@ -242,14 +259,20 @@ class Gem::Package
   ##
   # Builds this package based on the specification set by #spec=
-  def build skip_validation = false
+  def build(skip_validation = false, strict_validation = false)
+    raise ArgumentError, "skip_validation = true and strict_validation = true are incompatible" if skip_validation && strict_validation
     Gem.load_yaml
     require 'rubygems/security'
     @spec.mark_version
-    @spec.validate unless skip_validation
+    @spec.validate true, strict_validation unless skip_validation
-    setup_signer
+    setup_signer(
+      signer_options: {
+        expiration_length_days: Gem.configuration.cert_expiration_length_days
+      }
+    )
     @gem.with_write_io do |gem_io|
       Gem::Package::TarWriter.new gem_io do |gem|
@@ -263,7 +286,7 @@ class Gem::Package
   Successfully built RubyGem
   Name: #{@spec.name}
   Version: #{@spec.version}
-  File: #{File.basename @spec.cache_file}
+  File: #{File.basename @gem.path}
 EOM
   ensure
     @signer = nil
@@ -300,8 +323,8 @@ EOM
   # Creates a digest of the TarEntry +entry+ from the digest algorithm set by
   # the security policy.
-  def digest entry # :nodoc:
-    algorithms = if @checksums then
+  def digest(entry) # :nodoc:
+    algorithms = if @checksums
                    @checksums.keys
                  else
                    [Gem::Security::DIGEST_NAME].compact
@@ -309,7 +332,7 @@ EOM
     algorithms.each do |algorithm|
       digester =
-        if defined?(OpenSSL::Digest) then
+        if defined?(OpenSSL::Digest)
           OpenSSL::Digest.new algorithm
         else
           Digest.const_get(algorithm).new
@@ -331,10 +354,10 @@ EOM
   # If +pattern+ is specified, only entries matching that glob will be
   # extracted.
-  def extract_files destination_dir, pattern = "*"
+  def extract_files(destination_dir, pattern = "*")
     verify unless @spec
-    FileUtils.mkdir_p destination_dir
+    FileUtils.mkdir_p destination_dir, :mode => dir_mode && 0755
     @gem.with_read_io do |io|
       reader = Gem::Package::TarReader.new io
@@ -360,7 +383,8 @@ EOM
   # If +pattern+ is specified, only entries matching that glob will be
   # extracted.
-  def extract_tar_gz io, destination_dir, pattern = "*" # :nodoc:
+  def extract_tar_gz(io, destination_dir, pattern = "*") # :nodoc:
+    directories = [] if dir_mode
     open_tar_gz io do |tar|
       tar.each do |entry|
         next unless File.fnmatch pattern, entry.full_name, File::FNM_DOTMATCH
@@ -370,19 +394,20 @@ EOM
         FileUtils.rm_rf destination
         mkdir_options = {}
-        mkdir_options[:mode] = entry.header.mode if entry.directory?
+        mkdir_options[:mode] = dir_mode ? 0755 : (entry.header.mode if entry.directory?)
         mkdir =
-          if entry.directory? then
+          if entry.directory?
             destination
           else
             File.dirname destination
           end
+        directories << mkdir if directories
         mkdir_p_safe mkdir, mkdir_options, destination_dir, entry.full_name
         File.open destination, 'wb' do |out|
           out.write entry.read
-          FileUtils.chmod entry.header.mode, destination
+          FileUtils.chmod file_mode(entry.header.mode), destination
         end if entry.file?
         File.symlink(entry.header.linkname, destination) if entry.symlink?
@@ -390,6 +415,15 @@ EOM
         verbose destination
       end
     end
+    if directories
+      directories.uniq!
+      File.chmod(dir_mode, *directories)
+    end
+  end
+  def file_mode(mode) # :nodoc:
+    ((mode & 0111).zero? ? data_mode : prog_mode) || mode
   end
   ##
@@ -398,7 +432,7 @@ EOM
   # Also sets the gzip modification time to the package build time to ease
   # testing.
-  def gzip_to io # :yields: gz_io
+  def gzip_to(io) # :yields: gz_io
     gz_io = Zlib::GzipWriter.new io, Zlib::BEST_COMPRESSION
     gz_io.mtime = @build_time
@@ -412,15 +446,12 @@ EOM
   #
   # If +filename+ is not inside +destination_dir+ an exception is raised.
-  def install_location filename, destination_dir # :nodoc:
+  def install_location(filename, destination_dir) # :nodoc:
     raise Gem::Package::PathError.new(filename, destination_dir) if
       filename.start_with? '/'
-    destination_dir = realpath destination_dir
-    destination_dir = File.expand_path destination_dir
-    destination = File.join destination_dir, filename
-    destination = File.expand_path destination
+    destination_dir = File.expand_path(File.realpath(destination_dir))
+    destination = File.expand_path(File.join(destination_dir, filename))
     raise Gem::Package::PathError.new(destination, destination_dir) unless
       destination.start_with? destination_dir + '/'
@@ -447,11 +478,11 @@ EOM
     end
   end
-  def mkdir_p_safe mkdir, mkdir_options, destination_dir, file_name
-    destination_dir = realpath File.expand_path(destination_dir)
+  def mkdir_p_safe(mkdir, mkdir_options, destination_dir, file_name)
+    destination_dir = File.realpath(File.expand_path(destination_dir))
     parts = mkdir.split(File::SEPARATOR)
     parts.reduce do |path, basename|
-      path = realpath path  unless path == ""
+      path = File.realpath(path) unless path == ""
       path = File.expand_path(path + File::SEPARATOR + basename)
       lstat = File.lstat path rescue nil
       if !lstat || !lstat.directory?
@@ -466,15 +497,14 @@ EOM
   ##
   # Loads a Gem::Specification from the TarEntry +entry+
-  def load_spec entry # :nodoc:
+  def load_spec(entry) # :nodoc:
     case entry.full_name
     when 'metadata' then
       @spec = Gem::Specification.from_yaml entry.read
     when 'metadata.gz' then
       args = [entry]
       args << { :external_encoding => Encoding::UTF_8 } if
-        Object.const_defined?(:Encoding) &&
-          Zlib::GzipReader.method(:wrap).arity != 1
+        Zlib::GzipReader.method(:wrap).arity != 1
       Zlib::GzipReader.wrap(*args) do |gzio|
         @spec = Gem::Specification.from_yaml gzio.read
@@ -485,7 +515,7 @@ EOM
   ##
   # Opens +io+ as a gzipped tar archive
-  def open_tar_gz io # :nodoc:
+  def open_tar_gz(io) # :nodoc:
     Zlib::GzipReader.wrap io do |gzio|
       tar = Gem::Package::TarReader.new gzio
@@ -496,7 +526,7 @@ EOM
   ##
   # Reads and loads checksums.yaml.gz from the tar file +gem+
-  def read_checksums gem
+  def read_checksums(gem)
     Gem.load_yaml
     @checksums = gem.seek 'checksums.yaml.gz' do |entry|
@@ -510,10 +540,17 @@ EOM
   # Prepares the gem for signing and checksum generation.  If a signing
   # certificate and key are not present only checksum generation is set up.
-  def setup_signer
+  def setup_signer(signer_options: {})
     passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
-    if @spec.signing_key then
-      @signer = Gem::Security::Signer.new @spec.signing_key, @spec.cert_chain, passphrase
+    if @spec.signing_key
+      @signer =
+        Gem::Security::Signer.new(
+          @spec.signing_key,
+          @spec.cert_chain,
+          passphrase,
+          signer_options
+        )
       @spec.signing_key = nil
       @spec.cert_chain = @signer.cert_chain.map { |cert| cert.to_s }
     else
@@ -578,14 +615,14 @@ EOM
   # Verifies the +checksums+ against the +digests+.  This check is not
   # cryptographically secure.  Missing checksums are ignored.
-  def verify_checksums digests, checksums # :nodoc:
+  def verify_checksums(digests, checksums) # :nodoc:
     return unless checksums
     checksums.sort.each do |algorithm, gem_digests|
       gem_digests.sort.each do |file_name, gem_hexdigest|
         computed_digest = digests[algorithm][file_name]
-        unless computed_digest.hexdigest == gem_hexdigest then
+        unless computed_digest.hexdigest == gem_hexdigest
           raise Gem::Package::FormatError.new \
             "#{algorithm} checksum mismatch for #{file_name}", @gem
         end
@@ -596,7 +633,7 @@ EOM
   ##
   # Verifies +entry+ in a .gem file.
-  def verify_entry entry
+  def verify_entry(entry)
     file_name = entry.full_name
     @files << file_name
@@ -623,16 +660,16 @@ EOM
   ##
   # Verifies the files of the +gem+
-  def verify_files gem
+  def verify_files(gem)
     gem.each do |entry|
       verify_entry entry
     end
-    unless @spec then
+    unless @spec
       raise Gem::Package::FormatError.new 'package metadata is missing', @gem
     end
-    unless @files.include? 'data.tar.gz' then
+    unless @files.include? 'data.tar.gz'
       raise Gem::Package::FormatError.new \
               'package content (data.tar.gz) is missing', @gem
     end
@@ -645,7 +682,7 @@ EOM
   ##
   # Verifies that +entry+ is a valid gzipped file.
-  def verify_gz entry # :nodoc:
+  def verify_gz(entry) # :nodoc:
     Zlib::GzipReader.wrap entry do |gzio|
       gzio.read 16384 until gzio.eof? # gzip checksum verification
     end
@@ -653,16 +690,6 @@ EOM
     raise Gem::Package::FormatError.new(e.message, entry.full_name)
   end
-  if File.respond_to? :realpath
-    def realpath file
-      File.realpath file
-    end
-  else
-    def realpath file
-      file
-    end
-  end
 end
 require 'rubygems/package/digest_io'

data/lib/rubygems/package_task.rb CHANGED Viewed

@@ -126,4 +126,3 @@ class Gem::PackageTask < Rake::PackageTask
   end
 end