rubygems-update 2.7.6 → 2.7.11

data/lib/rubygems/bundler_version_finder.rb

@@ -1,13 +1,8 @@
-module Gem::BundlerVersionFinder
-  @without_filtering = false
+# frozen_string_literal: true
 
-  def self.without_filtering
-    without_filtering, @without_filtering = true, @without_filtering
-    yield
-  ensure
-    @without_filtering = without_filtering
-  end
+require "rubygems/util"
 
+module Gem::BundlerVersionFinder
   def self.bundler_version
     version, _ = bundler_version_with_reason
 
@@ -17,8 +12,6 @@ module Gem::BundlerVersionFinder
   end
 
   def self.bundler_version_with_reason
-    return if @without_filtering
-
     if v = ENV["BUNDLER_VERSION"]
       return [v, "`$BUNDLER_VERSION`"]
     end
@@ -36,7 +29,7 @@ module Gem::BundlerVersionFinder
     return unless vr = bundler_version_with_reason
     <<-EOS
 Could not find 'bundler' (#{vr.first}) required by #{vr.last}.
-To update to the lastest version installed on your system, run `bundle update --bundler`.
+To update to the latest version installed on your system, run `bundle update --bundler`.
 To install the missing version, run `gem install bundler:#{vr.first}`
     EOS
   end
@@ -44,20 +37,14 @@ To install the missing version, run `gem install bundler:#{vr.first}`
   def self.compatible?(spec)
     return true unless spec.name == "bundler".freeze
     return true unless bundler_version = self.bundler_version
-    if bundler_version.segments.first >= 2
-      spec.version == bundler_version
-    else # 1.x
-      spec.version.segments.first < 2
-    end
+
+    spec.version.segments.first == bundler_version.segments.first
   end
 
   def self.filter!(specs)
     return unless bundler_version = self.bundler_version
-    if bundler_version.segments.first >= 2
-      specs.reject! { |spec| spec.version != bundler_version }
-    else # 1.x
-      specs.reject! { |spec| spec.version.segments.first >= 2}
-    end
+
+    specs.reject! { |spec| spec.version.segments.first != bundler_version.segments.first }
   end
 
   def self.bundle_update_bundler_version
@@ -102,7 +89,7 @@ To install the missing version, run `gem install bundler:#{vr.first}`
     lockfile = case gemfile
     when "gems.rb" then "gems.locked"
     else "#{gemfile}.lock"
-    end.untaint
+    end.dup.untaint
 
     return unless File.file?(lockfile)
 

data/lib/rubygems/command_manager.rb

@@ -7,6 +7,7 @@
 
 require 'rubygems/command'
 require 'rubygems/user_interaction'
+require 'rubygems/text'
 
 ##
 # The command manager registers and installs all the individual sub-commands
@@ -32,6 +33,7 @@ require 'rubygems/user_interaction'
 
 class Gem::CommandManager
 
+  include Gem::Text
   include Gem::UserInteraction
 
   BUILTIN_COMMANDS = [ # :nodoc:
@@ -140,12 +142,12 @@ class Gem::CommandManager
   def run(args, build_args=nil)
     process_args(args, build_args)
   rescue StandardError, Timeout::Error => ex
-    alert_error "While executing gem ... (#{ex.class})\n    #{ex}"
+    alert_error clean_text("While executing gem ... (#{ex.class})\n    #{ex}")
     ui.backtrace ex
 
     terminate_interaction(1)
   rescue Interrupt
-    alert_error "Interrupted"
+    alert_error clean_text("Interrupted")
     terminate_interaction(1)
   end
 
@@ -163,7 +165,7 @@ class Gem::CommandManager
       say Gem::VERSION
       terminate_interaction 0
     when /^-/ then
-      alert_error "Invalid option: #{args.first}. See 'gem --help'."
+      alert_error clean_text("Invalid option: #{args.first}. See 'gem --help'.")
       terminate_interaction 1
     else
       cmd_name = args.shift.downcase
@@ -212,7 +214,7 @@ class Gem::CommandManager
     rescue Exception => e
       e = load_error if load_error
 
-      alert_error "Loading command: #{command_name} (#{e.class})\n\t#{e}"
+      alert_error clean_text("Loading command: #{command_name} (#{e.class})\n\t#{e}")
       ui.backtrace e
     end
   end

data/lib/rubygems/commands/install_command.rb

@@ -117,6 +117,13 @@ to write the specification by hand.  For example:
   some_extension_gem (1.0)
   $
 
+Command Alias
+==========================
+
+You can use `i` command instead of `install`.
+
+  $ gem i GEMNAME
+
     EOF
   end
 

data/lib/rubygems/commands/owner_command.rb

@@ -2,8 +2,11 @@
 require 'rubygems/command'
 require 'rubygems/local_remote_options'
 require 'rubygems/gemcutter_utilities'
+require 'rubygems/text'
 
 class Gem::Commands::OwnerCommand < Gem::Command
+
+  include Gem::Text
   include Gem::LocalRemoteOptions
   include Gem::GemcutterUtilities
 
@@ -64,7 +67,7 @@ permission to.
     end
 
     with_response response do |resp|
-      owners = Gem::SafeYAML.load resp.body
+      owners = Gem::SafeYAML.load clean_text(resp.body)
 
       say "Owners for gem: #{name}"
       owners.each do |owner|

data/lib/rubygems/commands/push_command.rb

@@ -13,7 +13,7 @@ class Gem::Commands::PushCommand < Gem::Command
 The push command uploads a gem to the push server (the default is
 https://rubygems.org) and adds it to the index.
 
-The gem can be removed from the index (but only the index) using the yank
+The gem can be removed from the index and deleted from the server using the yank
 command.  For further discussion see the help for the yank command.
     EOF
   end
@@ -29,6 +29,8 @@ command.  For further discussion see the help for the yank command.
   def initialize
     super 'push', 'Push a gem up to the gem server', :host => self.host
 
+    @user_defined_host = false
+
     add_proxy_option
     add_key_option
 
@@ -36,20 +38,41 @@ command.  For further discussion see the help for the yank command.
                'Push to another gemcutter-compatible host',
                '  (e.g. https://rubygems.org)') do |value, options|
       options[:host] = value
+      @user_defined_host = true
     end
 
     @host = nil
   end
 
   def execute
-    @host = options[:host]
+    gem_name = get_one_gem_name
+    default_gem_server, push_host = get_hosts_for(gem_name)
+
+    default_host = nil
+    user_defined_host = nil
+
+    if @user_defined_host
+      user_defined_host = options[:host]
+    else
+      default_host = options[:host]
+    end
+
+    @host = if user_defined_host
+              user_defined_host
+            elsif default_gem_server
+              default_gem_server
+            elsif push_host
+              push_host
+            else
+              default_host
+            end
 
     sign_in @host
 
-    send_gem get_one_gem_name
+    send_gem(gem_name)
   end
 
-  def send_gem name
+  def send_gem(name)
     args = [:post, "api/v1/gems"]
 
     latest_rubygems_version = Gem.latest_rubygems_version
@@ -100,5 +123,15 @@ You can upgrade or downgrade to the latest release version with:
     with_response response
   end
 
+  private
+
+  def get_hosts_for(name)
+    gem_metadata = Gem::Package.new(name).spec.metadata
+
+    [
+      gem_metadata["default_gem_server"],
+      gem_metadata["allowed_push_host"]
+    ]
+  end
 end
 

data/lib/rubygems/commands/setup_command.rb

@@ -351,7 +351,7 @@ By default, this RubyGems will install gem as:
     return unless Gem::USE_BUNDLER_FOR_GEMDEPS
 
     specs_dir = Gem::Specification.default_specifications_dir
-    File.join(options[:destdir], specs_dir) unless Gem.win_platform?
+    specs_dir = File.join(options[:destdir], specs_dir) unless Gem.win_platform?
     mkdir_p specs_dir
 
     # Workaround for non-git environment.
@@ -385,8 +385,8 @@ By default, this RubyGems will install gem as:
         each {|default_gem| rm_r File.join(bundler_spec.gems_dir, default_gem) }
     end
 
-    bundler_bin_dir = File.join(Gem.default_dir, 'gems', bundler_spec.full_name, bundler_spec.bindir)
-    File.join(options[:destdir], bundler_bin_dir) unless Gem.win_platform?
+    bundler_bin_dir = bundler_spec.bin_dir
+    bundler_bin_dir = File.join(options[:destdir], bundler_bin_dir) unless Gem.win_platform?
     mkdir_p bundler_bin_dir
     bundler_spec.executables.each do |e|
       cp File.join("bundler", bundler_spec.bindir, e), File.join(bundler_bin_dir, e)

data/lib/rubygems/commands/uninstall_command.rb

@@ -48,7 +48,7 @@ class Gem::Commands::UninstallCommand < Gem::Command
     end
 
     add_option('-n', '--bindir DIR',
-               'Directory to remove binaries from') do |value, options|
+               'Directory to remove executables from') do |value, options|
       options[:bin_dir] = File.expand_path(value)
     end
 

data/lib/rubygems/commands/unpack_command.rb

@@ -183,7 +183,7 @@ command help for an example.
         when 'metadata' then
           metadata = entry.read
         when 'metadata.gz' then
-          metadata = Gem.gunzip entry.read
+          metadata = Gem::Util.gunzip entry.read
         end
       end
     end

data/lib/rubygems/core_ext/kernel_require.rb

@@ -11,13 +11,8 @@ module Kernel
 
   RUBYGEMS_ACTIVATION_MONITOR = Monitor.new # :nodoc:
 
-  if defined?(gem_original_require) then
-    # Ruby ships with a custom_require, override its require
-    remove_method :require
-  else
-    ##
-    # The Kernel#require from before RubyGems was loaded.
-
+  # Make sure we have a reference to Ruby's original Kernel#require
+  unless defined?(gem_original_require)
     alias gem_original_require require
     private :gem_original_require
   end

data/lib/rubygems/dependency.rb

@@ -2,6 +2,7 @@
 ##
 # The Dependency class holds a Gem name and a Gem::Requirement.
 
+require "rubygems/bundler_version_finder"
 require "rubygems/requirement"
 
 class Gem::Dependency

data/lib/rubygems/dependency_installer.rb

@@ -113,7 +113,7 @@ class Gem::DependencyInstaller
 
   ##
   #--
-  # TODO remove, no longer used
+  # TODO remove at RubyGems 4, no longer used
 
   def add_found_dependencies to_do, dependency_list # :nodoc:
     seen = {}
@@ -163,6 +163,7 @@ class Gem::DependencyInstaller
 
     dependency_list.remove_specs_unsatisfied_by dependencies
   end
+  deprecate :add_found_dependencies, :none, 2018, 12
 
   ##
   # Creates an AvailableSet to install from based on +dep_or_name+ and
@@ -321,7 +322,7 @@ class Gem::DependencyInstaller
   # Gathers all dependencies necessary for the installation from local and
   # remote sources unless the ignore_dependencies was given.
   #--
-  # TODO remove at RubyGems 3
+  # TODO remove at RubyGems 4
 
   def gather_dependencies # :nodoc:
     specs = @available.all_specs
@@ -354,6 +355,7 @@ class Gem::DependencyInstaller
 
     @gems_to_install = dependency_list.dependency_order.reverse
   end
+  deprecate :gather_dependencies, :none, 2018, 12
 
   def in_background what # :nodoc:
     fork_happened = false

data/lib/rubygems/exceptions.rb

@@ -4,6 +4,8 @@
 # Each exception needs a brief description and the scenarios where it is
 # likely to be raised
 
+require 'rubygems/deprecate'
+
 ##
 # Base exception class for RubyGems.  All exception raised by RubyGems are a
 # subclass of this one.
@@ -11,10 +13,12 @@ class Gem::Exception < RuntimeError
 
   ##
   #--
-  # TODO: remove in RubyGems 3, nobody sets this
+  # TODO: remove in RubyGems 4, nobody sets this
 
   attr_accessor :source_exception # :nodoc:
 
+  extend Gem::Deprecate
+  deprecate :source_exception, :none, 2018, 12
 end
 
 class Gem::CommandLineError < Gem::Exception; end

data/lib/rubygems/gemcutter_utilities.rb

@@ -1,11 +1,14 @@
 # frozen_string_literal: true
 require 'rubygems/remote_fetcher'
+require 'rubygems/text'
 
 ##
 # Utility methods for using the RubyGems API.
 
 module Gem::GemcutterUtilities
 
+  include Gem::Text
+
   # TODO: move to Gem::Command
   OptionParser.accept Symbol do |value|
     value.to_sym
@@ -145,13 +148,13 @@ module Gem::GemcutterUtilities
       if block_given? then
         yield response
       else
-        say response.body
+        say clean_text(response.body)
       end
     else
       message = response.body
       message = "#{error_prefix}: #{message}" if error_prefix
 
-      say message
+      say clean_text(message)
       terminate_interaction 1 # TODO: question this
     end
   end

data/lib/rubygems/indexer.rb

@@ -347,7 +347,7 @@ class Gem::Indexer
     data = Gem.read_binary path
     compressed_data = Gem.read_binary "#{path}.#{extension}"
 
-    unless data == Gem.inflate(compressed_data) then
+    unless data == Gem::Util.inflate(compressed_data) then
       raise "Compressed file #{compressed_path} does not match uncompressed file #{path}"
     end
   end

data/lib/rubygems/install_update_options.rb

@@ -25,7 +25,7 @@ module Gem::InstallUpdateOptions
     end
 
     add_option(:"Install/Update", '-n', '--bindir DIR',
-               'Directory where binary files are',
+               'Directory where executables are',
                'located') do |value, options|
       options[:bin_dir] = File.expand_path(value)
     end

data/lib/rubygems/installer.rb

@@ -7,6 +7,7 @@
 
 require 'rubygems/command'
 require 'rubygems/exceptions'
+require 'rubygems/deprecate'
 require 'rubygems/package'
 require 'rubygems/ext'
 require 'rubygems/user_interaction'
@@ -27,6 +28,8 @@ require 'fileutils'
 
 class Gem::Installer
 
+  extend Gem::Deprecate
+
   ##
   # Paths where env(1) might live.  Some systems are broken and have it in
   # /bin
@@ -707,9 +710,26 @@ class Gem::Installer
       unpack or File.writable?(gem_home)
   end
 
-  def verify_spec_name
-    return if spec.name =~ Gem::Specification::VALID_NAME_PATTERN
-    raise Gem::InstallError, "#{spec} has an invalid name"
+  def verify_spec
+    unless spec.name =~ Gem::Specification::VALID_NAME_PATTERN
+      raise Gem::InstallError, "#{spec} has an invalid name"
+    end
+
+    if spec.raw_require_paths.any?{|path| path =~ /\r\n|\r|\n/ }
+      raise Gem::InstallError, "#{spec} has an invalid require_paths"
+    end
+
+    if spec.extensions.any?{|ext| ext =~ /\r\n|\r|\n/ }
+      raise Gem::InstallError, "#{spec} has an invalid extensions"
+    end
+
+    unless spec.specification_version.to_s =~ /\A\d+\z/
+      raise Gem::InstallError, "#{spec} has an invalid specification_version"
+    end
+
+    if spec.dependencies.any? {|dep| dep.type =~ /\r\n|\r|\n/ || dep.name =~ /\r\n|\r|\n/ }
+      raise Gem::InstallError, "#{spec} has an invalid dependencies"
+    end
   end
 
   ##
@@ -777,13 +797,14 @@ TEXT
   ##
   # Logs the build +output+ in +build_dir+, then raises Gem::Ext::BuildError.
   #
-  # TODO:  Delete this for RubyGems 3.  It remains for API compatibility
+  # TODO:  Delete this for RubyGems 4.  It remains for API compatibility
 
   def extension_build_error(build_dir, output, backtrace = nil) # :nodoc:
     builder = Gem::Ext::Builder.new spec, @build_args
 
     builder.build_error build_dir, output, backtrace
   end
+  deprecate :extension_build_error, :none, 2018, 12
 
   ##
   # Reads the file index and extracts each file into the gem directory.
@@ -836,9 +857,11 @@ TEXT
   def pre_install_checks
     verify_gem_home options[:unpack]
 
-    ensure_loadable_spec
+    # The name and require_paths must be verified first, since it could contain
+    # ruby code that would be eval'ed in #ensure_loadable_spec
+    verify_spec
 
-    verify_spec_name
+    ensure_loadable_spec
 
     if options[:install_as_default]
       Gem.ensure_default_gem_subdirectories gem_home