rubygems-update 3.1.0 → 3.2.0.rc.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CODE_OF_CONDUCT.md +55 -19
- data/CONTRIBUTING.md +2 -3
- data/History.txt +195 -7
- data/Manifest.txt +11 -23
- data/POLICIES.md +2 -9
- data/README.md +5 -5
- data/Rakefile +38 -35
- data/bin/update_rubygems +2 -2
- data/bundler/CHANGELOG.md +846 -728
- data/bundler/README.md +6 -8
- data/bundler/UPGRADING.md +16 -30
- data/bundler/bundler.gemspec +3 -3
- data/bundler/exe/bundle +3 -0
- data/bundler/lib/bundler.rb +15 -4
- data/bundler/lib/bundler/build_metadata.rb +2 -2
- data/bundler/lib/bundler/cli.rb +29 -9
- data/bundler/lib/bundler/cli/console.rb +1 -1
- data/bundler/lib/bundler/cli/exec.rb +3 -12
- data/bundler/lib/bundler/cli/gem.rb +74 -10
- data/bundler/lib/bundler/cli/info.rb +6 -3
- data/bundler/lib/bundler/cli/init.rb +1 -1
- data/bundler/lib/bundler/cli/install.rb +8 -16
- data/bundler/lib/bundler/cli/issue.rb +2 -2
- data/bundler/lib/bundler/cli/outdated.rb +5 -5
- data/bundler/lib/bundler/cli/plugin.rb +10 -0
- data/bundler/lib/bundler/definition.rb +32 -32
- data/bundler/lib/bundler/dependency.rb +0 -9
- data/bundler/lib/bundler/dsl.rb +1 -5
- data/bundler/lib/bundler/environment_preserver.rb +26 -2
- data/bundler/lib/bundler/errors.rb +1 -0
- data/bundler/lib/bundler/feature_flag.rb +0 -2
- data/bundler/lib/bundler/fetcher.rb +1 -0
- data/bundler/lib/bundler/friendly_errors.rb +4 -10
- data/bundler/lib/bundler/gem_helper.rb +18 -12
- data/bundler/lib/bundler/gem_version_promoter.rb +1 -1
- data/bundler/lib/bundler/injector.rb +14 -3
- data/bundler/lib/bundler/inline.rb +2 -2
- data/bundler/lib/bundler/installer.rb +29 -28
- data/bundler/lib/bundler/installer/gem_installer.rb +2 -2
- data/bundler/lib/bundler/installer/parallel_installer.rb +9 -9
- data/bundler/lib/bundler/lazy_specification.rb +16 -3
- data/bundler/lib/bundler/plugin.rb +26 -0
- data/bundler/lib/bundler/plugin/index.rb +9 -0
- data/bundler/lib/bundler/psyched_yaml.rb +0 -15
- data/bundler/lib/bundler/remote_specification.rb +4 -1
- data/bundler/lib/bundler/resolver.rb +31 -8
- data/bundler/lib/bundler/resolver/spec_group.rb +26 -5
- data/bundler/lib/bundler/rubygems_ext.rb +7 -8
- data/bundler/lib/bundler/rubygems_gem_installer.rb +1 -7
- data/bundler/lib/bundler/rubygems_integration.rb +13 -19
- data/bundler/lib/bundler/runtime.rb +2 -12
- data/bundler/lib/bundler/settings.rb +0 -3
- data/bundler/lib/bundler/setup.rb +5 -0
- data/bundler/lib/bundler/shared_helpers.rb +1 -1
- data/bundler/lib/bundler/source/git/git_proxy.rb +53 -58
- data/bundler/lib/bundler/source/path.rb +5 -1
- data/bundler/lib/bundler/source/path/installer.rb +7 -9
- data/bundler/lib/bundler/source/rubygems.rb +11 -14
- data/bundler/lib/bundler/stub_specification.rb +16 -4
- data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +57 -47
- data/bundler/lib/bundler/templates/newgem/Gemfile.tt +7 -2
- data/bundler/lib/bundler/templates/newgem/Rakefile.tt +12 -5
- data/bundler/lib/bundler/templates/newgem/bin/console.tt +2 -0
- data/bundler/lib/bundler/templates/newgem/circleci/config.yml.tt +13 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf.rb.tt +2 -0
- data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +18 -0
- data/bundler/lib/bundler/templates/newgem/gitlab-ci.yml.tt +9 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +2 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +2 -0
- data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +5 -3
- data/bundler/lib/bundler/templates/newgem/rubocop.yml.tt +10 -0
- data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +2 -0
- data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +2 -0
- data/bundler/lib/bundler/templates/newgem/test/{newgem_test.rb.tt → minitest/newgem_test.rb.tt} +2 -0
- data/bundler/lib/bundler/templates/newgem/test/{test_helper.rb.tt → minitest/test_helper.rb.tt} +2 -0
- data/bundler/lib/bundler/templates/newgem/test/test-unit/newgem_test.rb.tt +15 -0
- data/bundler/lib/bundler/templates/newgem/test/test-unit/test_helper.rb.tt +6 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +72 -208
- data/bundler/lib/bundler/vendor/thor/lib/thor.rb +0 -7
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +2 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +9 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +1 -1
- data/bundler/lib/bundler/version.rb +1 -1
- data/bundler/man/bundle-add.1 +1 -1
- data/bundler/man/bundle-add.1.txt +15 -15
- data/bundler/man/bundle-binstubs.1 +1 -1
- data/bundler/man/bundle-binstubs.1.txt +10 -10
- data/bundler/man/bundle-cache.1 +1 -1
- data/bundler/man/bundle-cache.1.txt +15 -15
- data/bundler/man/bundle-check.1 +1 -1
- data/bundler/man/bundle-check.1.txt +8 -8
- data/bundler/man/bundle-clean.1 +1 -1
- data/bundler/man/bundle-clean.1.txt +6 -6
- data/bundler/man/bundle-config.1 +3 -9
- data/bundler/man/bundle-config.1.txt +271 -272
- data/bundler/man/bundle-config.ronn +5 -9
- data/bundler/man/bundle-doctor.1 +1 -1
- data/bundler/man/bundle-doctor.1.txt +9 -9
- data/bundler/man/bundle-exec.1 +1 -1
- data/bundler/man/bundle-exec.1.txt +84 -81
- data/bundler/man/bundle-gem.1 +25 -3
- data/bundler/man/bundle-gem.1.txt +65 -39
- data/bundler/man/bundle-gem.ronn +30 -7
- data/bundler/man/bundle-info.1 +1 -1
- data/bundler/man/bundle-info.1.txt +2 -2
- data/bundler/man/bundle-init.1 +1 -1
- data/bundler/man/bundle-init.1.txt +9 -9
- data/bundler/man/bundle-inject.1 +1 -1
- data/bundler/man/bundle-inject.1.txt +4 -4
- data/bundler/man/bundle-install.1 +1 -1
- data/bundler/man/bundle-install.1.txt +169 -169
- data/bundler/man/bundle-list.1 +1 -1
- data/bundler/man/bundle-list.1.txt +7 -7
- data/bundler/man/bundle-lock.1 +1 -1
- data/bundler/man/bundle-lock.1.txt +28 -28
- data/bundler/man/bundle-open.1 +1 -1
- data/bundler/man/bundle-open.1.txt +3 -3
- data/bundler/man/bundle-outdated.1 +1 -1
- data/bundler/man/bundle-outdated.1.txt +34 -34
- data/bundler/man/bundle-platform.1 +1 -1
- data/bundler/man/bundle-platform.1.txt +16 -16
- data/bundler/man/bundle-pristine.1 +1 -1
- data/bundler/man/bundle-pristine.1.txt +8 -8
- data/bundler/man/bundle-remove.1 +1 -1
- data/bundler/man/bundle-remove.1.txt +9 -9
- data/bundler/man/bundle-show.1 +1 -1
- data/bundler/man/bundle-show.1.txt +8 -8
- data/bundler/man/bundle-update.1 +1 -1
- data/bundler/man/bundle-update.1.txt +149 -148
- data/bundler/man/bundle-viz.1 +1 -1
- data/bundler/man/bundle-viz.1.txt +11 -11
- data/bundler/man/bundle.1 +1 -1
- data/bundler/man/bundle.1.txt +31 -31
- data/bundler/man/gemfile.5 +1 -1
- data/bundler/man/gemfile.5.txt +218 -216
- data/lib/rubygems.rb +135 -185
- data/lib/rubygems/available_set.rb +4 -4
- data/lib/rubygems/basic_specification.rb +12 -6
- data/lib/rubygems/bundler_version_finder.rb +14 -9
- data/lib/rubygems/command.rb +17 -15
- data/lib/rubygems/command_manager.rb +4 -3
- data/lib/rubygems/commands/cert_command.rb +1 -1
- data/lib/rubygems/commands/cleanup_command.rb +3 -3
- data/lib/rubygems/commands/contents_command.rb +4 -4
- data/lib/rubygems/commands/dependency_command.rb +6 -6
- data/lib/rubygems/commands/fetch_command.rb +2 -2
- data/lib/rubygems/commands/help_command.rb +2 -2
- data/lib/rubygems/commands/info_command.rb +9 -4
- data/lib/rubygems/commands/install_command.rb +3 -3
- data/lib/rubygems/commands/list_command.rb +9 -6
- data/lib/rubygems/commands/lock_command.rb +1 -1
- data/lib/rubygems/commands/open_command.rb +0 -2
- data/lib/rubygems/commands/pristine_command.rb +10 -2
- data/lib/rubygems/commands/push_command.rb +4 -42
- data/lib/rubygems/commands/query_command.rb +7 -352
- data/lib/rubygems/commands/search_command.rb +8 -6
- data/lib/rubygems/commands/setup_command.rb +156 -45
- data/lib/rubygems/commands/sources_command.rb +3 -3
- data/lib/rubygems/commands/specification_command.rb +2 -2
- data/lib/rubygems/commands/stale_command.rb +1 -1
- data/lib/rubygems/commands/uninstall_command.rb +2 -2
- data/lib/rubygems/commands/unpack_command.rb +1 -1
- data/lib/rubygems/commands/update_command.rb +40 -10
- data/lib/rubygems/config_file.rb +11 -2
- data/lib/rubygems/core_ext/kernel_require.rb +26 -36
- data/lib/rubygems/defaults.rb +99 -5
- data/lib/rubygems/dependency.rb +2 -5
- data/lib/rubygems/dependency_installer.rb +1 -73
- data/lib/rubygems/dependency_list.rb +7 -7
- data/lib/rubygems/deprecate.rb +46 -1
- data/lib/rubygems/doctor.rb +4 -2
- data/lib/rubygems/errors.rb +3 -2
- data/lib/rubygems/exceptions.rb +2 -13
- data/lib/rubygems/ext.rb +6 -6
- data/lib/rubygems/ext/build_error.rb +2 -0
- data/lib/rubygems/ext/builder.rb +4 -2
- data/lib/rubygems/ext/cmake_builder.rb +1 -1
- data/lib/rubygems/ext/ext_conf_builder.rb +6 -7
- data/lib/rubygems/gem_runner.rb +3 -8
- data/lib/rubygems/gemcutter_utilities.rb +1 -1
- data/lib/rubygems/indexer.rb +1 -19
- data/lib/rubygems/install_update_options.rb +5 -5
- data/lib/rubygems/installer.rb +45 -42
- data/lib/rubygems/installer_test_case.rb +19 -2
- data/lib/rubygems/installer_uninstaller_utils.rb +24 -0
- data/lib/rubygems/local_remote_options.rb +1 -1
- data/lib/rubygems/name_tuple.rb +2 -4
- data/lib/rubygems/package.rb +8 -13
- data/lib/rubygems/package/old.rb +1 -1
- data/lib/rubygems/package/tar_header.rb +3 -3
- data/lib/rubygems/package/tar_reader.rb +0 -1
- data/lib/rubygems/package/tar_reader/entry.rb +0 -1
- data/lib/rubygems/package/tar_test_case.rb +1 -1
- data/lib/rubygems/package/tar_writer.rb +2 -6
- data/lib/rubygems/package_task.rb +1 -5
- data/lib/rubygems/path_support.rb +1 -1
- data/lib/rubygems/platform.rb +3 -3
- data/lib/rubygems/query_utils.rb +362 -0
- data/lib/rubygems/rdoc.rb +0 -12
- data/lib/rubygems/remote_fetcher.rb +5 -19
- data/lib/rubygems/request/connection_pools.rb +1 -1
- data/lib/rubygems/request_set.rb +5 -5
- data/lib/rubygems/request_set/gem_dependency_api.rb +2 -2
- data/lib/rubygems/request_set/lockfile.rb +8 -8
- data/lib/rubygems/request_set/lockfile/tokenizer.rb +1 -1
- data/lib/rubygems/requirement.rb +14 -15
- data/lib/rubygems/resolver.rb +7 -8
- data/lib/rubygems/resolver/api_set.rb +4 -4
- data/lib/rubygems/resolver/api_specification.rb +1 -1
- data/lib/rubygems/resolver/composed_set.rb +3 -3
- data/lib/rubygems/resolver/conflict.rb +1 -1
- data/lib/rubygems/resolver/index_set.rb +1 -1
- data/lib/rubygems/resolver/installer_set.rb +3 -3
- data/lib/rubygems/resolver/lock_set.rb +1 -1
- data/lib/rubygems/safe_yaml.rb +4 -4
- data/lib/rubygems/security.rb +25 -25
- data/lib/rubygems/security/policy.rb +3 -3
- data/lib/rubygems/security/signer.rb +4 -4
- data/lib/rubygems/security/trust_dir.rb +1 -1
- data/lib/rubygems/server.rb +9 -9
- data/lib/rubygems/source/git.rb +7 -6
- data/lib/rubygems/source/local.rb +2 -2
- data/lib/rubygems/source_list.rb +6 -5
- data/lib/rubygems/spec_fetcher.rb +18 -15
- data/lib/rubygems/specification.rb +91 -112
- data/lib/rubygems/specification_policy.rb +88 -28
- data/lib/rubygems/test_case.rb +122 -81
- data/lib/rubygems/test_utilities.rb +6 -6
- data/lib/rubygems/uninstaller.rb +35 -14
- data/lib/rubygems/user_interaction.rb +1 -10
- data/lib/rubygems/util.rb +17 -3
- data/lib/rubygems/util/licenses.rb +4 -4
- data/lib/rubygems/validator.rb +1 -1
- data/lib/rubygems/version.rb +5 -5
- data/rubygems-update.gemspec +2 -2
- data/setup.rb +2 -7
- data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -2
- data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +12 -0
- data/test/rubygems/test_bundled_ca.rb +1 -5
- data/test/rubygems/test_deprecate.rb +43 -4
- data/test/rubygems/test_gem.rb +150 -101
- data/test/rubygems/test_gem_available_set.rb +3 -3
- data/test/rubygems/test_gem_bundler_version_finder.rb +19 -1
- data/test/rubygems/test_gem_command.rb +24 -3
- data/test/rubygems/test_gem_command_manager.rb +37 -4
- data/test/rubygems/test_gem_commands_build_command.rb +25 -3
- data/test/rubygems/test_gem_commands_cert_command.rb +2 -2
- data/test/rubygems/test_gem_commands_cleanup_command.rb +1 -1
- data/test/rubygems/test_gem_commands_contents_command.rb +48 -15
- data/test/rubygems/test_gem_commands_environment_command.rb +21 -21
- data/test/rubygems/test_gem_commands_generate_index_command.rb +1 -5
- data/test/rubygems/test_gem_commands_info_command.rb +6 -6
- data/test/rubygems/test_gem_commands_install_command.rb +31 -31
- data/test/rubygems/test_gem_commands_mirror.rb +1 -1
- data/test/rubygems/test_gem_commands_open_command.rb +4 -4
- data/test/rubygems/test_gem_commands_owner_command.rb +11 -3
- data/test/rubygems/test_gem_commands_pristine_command.rb +41 -8
- data/test/rubygems/test_gem_commands_push_command.rb +7 -2
- data/test/rubygems/test_gem_commands_query_command.rb +9 -5
- data/test/rubygems/test_gem_commands_setup_command.rb +212 -114
- data/test/rubygems/test_gem_commands_signin_command.rb +6 -4
- data/test/rubygems/test_gem_commands_signout_command.rb +0 -5
- data/test/rubygems/test_gem_commands_sources_command.rb +39 -1
- data/test/rubygems/test_gem_commands_specification_command.rb +18 -18
- data/test/rubygems/test_gem_commands_uninstall_command.rb +2 -1
- data/test/rubygems/test_gem_commands_update_command.rb +68 -5
- data/test/rubygems/test_gem_commands_which_command.rb +3 -3
- data/test/rubygems/test_gem_commands_yank_command.rb +14 -6
- data/test/rubygems/test_gem_config_file.rb +7 -10
- data/test/rubygems/test_gem_dependency_installer.rb +52 -189
- data/test/rubygems/test_gem_dependency_list.rb +8 -8
- data/test/rubygems/test_gem_dependency_resolution_error.rb +1 -1
- data/test/rubygems/test_gem_doctor.rb +28 -0
- data/test/rubygems/test_gem_ext_builder.rb +14 -25
- data/test/rubygems/test_gem_ext_cmake_builder.rb +13 -12
- data/test/rubygems/test_gem_ext_configure_builder.rb +1 -9
- data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -1
- data/test/rubygems/test_gem_ext_rake_builder.rb +9 -9
- data/test/rubygems/test_gem_gem_runner.rb +42 -0
- data/test/rubygems/test_gem_gemcutter_utilities.rb +5 -0
- data/test/rubygems/test_gem_indexer.rb +9 -13
- data/test/rubygems/test_gem_installer.rb +158 -67
- data/test/rubygems/test_gem_package.rb +16 -20
- data/test/rubygems/test_gem_package_tar_header.rb +19 -0
- data/test/rubygems/test_gem_package_tar_writer.rb +8 -3
- data/test/rubygems/test_gem_package_task.rb +46 -11
- data/test/rubygems/test_gem_remote_fetcher.rb +152 -190
- data/test/rubygems/test_gem_request.rb +11 -11
- data/test/rubygems/test_gem_request_set.rb +72 -20
- data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +3 -3
- data/test/rubygems/test_gem_request_set_lockfile_parser.rb +9 -9
- data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +118 -118
- data/test/rubygems/test_gem_requirement.rb +2 -2
- data/test/rubygems/test_gem_resolver.rb +6 -6
- data/test/rubygems/test_gem_resolver_api_set.rb +3 -3
- data/test/rubygems/test_gem_resolver_best_set.rb +2 -2
- data/test/rubygems/test_gem_resolver_index_set.rb +2 -2
- data/test/rubygems/test_gem_resolver_installer_set.rb +7 -7
- data/test/rubygems/test_gem_resolver_lock_set.rb +3 -3
- data/test/rubygems/test_gem_security.rb +20 -20
- data/test/rubygems/test_gem_security_policy.rb +5 -8
- data/test/rubygems/test_gem_security_signer.rb +8 -8
- data/test/rubygems/test_gem_security_trust_dir.rb +2 -2
- data/test/rubygems/test_gem_server.rb +10 -10
- data/test/rubygems/test_gem_source.rb +12 -14
- data/test/rubygems/test_gem_source_git.rb +12 -11
- data/test/rubygems/test_gem_source_installed.rb +7 -7
- data/test/rubygems/test_gem_source_local.rb +8 -8
- data/test/rubygems/test_gem_source_lock.rb +10 -10
- data/test/rubygems/test_gem_source_specific_file.rb +7 -7
- data/test/rubygems/test_gem_source_vendor.rb +7 -7
- data/test/rubygems/test_gem_spec_fetcher.rb +11 -2
- data/test/rubygems/test_gem_specification.rb +169 -119
- data/test/rubygems/test_gem_stream_ui.rb +3 -1
- data/test/rubygems/test_gem_stub_specification.rb +0 -1
- data/test/rubygems/test_gem_text.rb +1 -1
- data/test/rubygems/test_gem_uninstaller.rb +134 -10
- data/test/rubygems/test_gem_util.rb +7 -5
- data/test/rubygems/test_gem_version.rb +1 -1
- data/test/rubygems/test_kernel.rb +25 -8
- data/test/rubygems/test_project_sanity.rb +8 -1
- data/test/rubygems/test_require.rb +242 -40
- metadata +33 -46
- data/.bundle/config +0 -2
- data/.rubocop.yml +0 -91
- data/Gemfile +0 -8
- data/Gemfile.lock +0 -43
- data/bundler/CODE_OF_CONDUCT.md +0 -136
- data/lib/rubygems/source_local.rb +0 -7
- data/lib/rubygems/source_specific_file.rb +0 -6
- data/lib/ubygems.rb +0 -14
- data/tmp/.keep +0 -0
- data/util/CL2notes +0 -55
- data/util/bisect +0 -10
- data/util/ci.sh +0 -62
- data/util/cops/deprecations.rb +0 -52
- data/util/create_certs.rb +0 -171
- data/util/create_certs.sh +0 -27
- data/util/create_encrypted_key.rb +0 -16
- data/util/generate_spdx_license_list.rb +0 -63
- data/util/patch_with_prs.rb +0 -77
- data/util/rubocop +0 -8
- data/util/update_bundled_ca_certificates.rb +0 -139
- data/util/update_changelog.rb +0 -67
@@ -118,12 +118,12 @@ class Gem::Resolver::InstallerSet < Gem::Resolver::Set
|
|
118
118
|
dep = req.dependency
|
119
119
|
|
120
120
|
return res if @ignore_dependencies and
|
121
|
-
@always_install.none? {
|
121
|
+
@always_install.none? {|spec| dep.match? spec }
|
122
122
|
|
123
123
|
name = dep.name
|
124
124
|
|
125
125
|
dep.matching_specs.each do |gemspec|
|
126
|
-
next if @always_install.any? {
|
126
|
+
next if @always_install.any? {|spec| spec.name == gemspec.name }
|
127
127
|
|
128
128
|
res << Gem::Resolver::InstalledSpecification.new(self, gemspec)
|
129
129
|
end unless @ignore_installed
|
@@ -168,7 +168,7 @@ class Gem::Resolver::InstallerSet < Gem::Resolver::Set
|
|
168
168
|
end
|
169
169
|
|
170
170
|
def inspect # :nodoc:
|
171
|
-
always_install = @always_install.map {
|
171
|
+
always_install = @always_install.map {|s| s.full_name }
|
172
172
|
|
173
173
|
'#<%s domain: %s specs: %p always install: %p>' % [
|
174
174
|
self.class, @domain, @specs.keys, always_install,
|
data/lib/rubygems/safe_yaml.rb
CHANGED
@@ -7,7 +7,7 @@ module Gem
|
|
7
7
|
# Psych.safe_load
|
8
8
|
|
9
9
|
module SafeYAML
|
10
|
-
PERMITTED_CLASSES = %w
|
10
|
+
PERMITTED_CLASSES = %w[
|
11
11
|
Symbol
|
12
12
|
Time
|
13
13
|
Date
|
@@ -19,12 +19,12 @@ module Gem
|
|
19
19
|
Gem::Version::Requirement
|
20
20
|
YAML::Syck::DefaultKey
|
21
21
|
Syck::DefaultKey
|
22
|
-
|
22
|
+
].freeze
|
23
23
|
|
24
|
-
PERMITTED_SYMBOLS = %w
|
24
|
+
PERMITTED_SYMBOLS = %w[
|
25
25
|
development
|
26
26
|
runtime
|
27
|
-
|
27
|
+
].freeze
|
28
28
|
|
29
29
|
if ::YAML.respond_to? :safe_load
|
30
30
|
def self.safe_load(input)
|
data/lib/rubygems/security.rb
CHANGED
@@ -62,11 +62,11 @@ end
|
|
62
62
|
#
|
63
63
|
# $ tar tf your-gem-1.0.gem
|
64
64
|
# metadata.gz
|
65
|
-
# metadata.gz.sum
|
66
65
|
# metadata.gz.sig # metadata signature
|
67
66
|
# data.tar.gz
|
68
|
-
# data.tar.gz.sum
|
69
67
|
# data.tar.gz.sig # data signature
|
68
|
+
# checksums.yaml.gz
|
69
|
+
# checksums.yaml.gz.sig # checksums signature
|
70
70
|
#
|
71
71
|
# === Manually signing gems
|
72
72
|
#
|
@@ -161,6 +161,8 @@ end
|
|
161
161
|
# -K, --private-key KEY Key for --sign or --build
|
162
162
|
# -s, --sign CERT Signs CERT with the key from -K
|
163
163
|
# and the certificate from -C
|
164
|
+
# -d, --days NUMBER_OF_DAYS Days before the certificate expires
|
165
|
+
# -R, --re-sign Re-signs the certificate from -C with the key from -K
|
164
166
|
#
|
165
167
|
# We've already covered the <code>--build</code> option, and the
|
166
168
|
# <code>--add</code>, <code>--list</code>, and <code>--remove</code> commands
|
@@ -265,7 +267,7 @@ end
|
|
265
267
|
# 2. Grab the public key from the gemspec
|
266
268
|
#
|
267
269
|
# gem spec some_signed_gem-1.0.gem cert_chain | \
|
268
|
-
# ruby -ryaml -e 'puts YAML.
|
270
|
+
# ruby -ryaml -e 'puts YAML.load($stdin)' > public_key.crt
|
269
271
|
#
|
270
272
|
# 3. Generate a SHA1 hash of the data.tar.gz
|
271
273
|
#
|
@@ -336,28 +338,10 @@ module Gem::Security
|
|
336
338
|
|
337
339
|
class Exception < Gem::Exception; end
|
338
340
|
|
339
|
-
##
|
340
|
-
# Digest algorithm used to sign gems
|
341
|
-
|
342
|
-
DIGEST_ALGORITHM =
|
343
|
-
if defined?(OpenSSL::Digest::SHA256)
|
344
|
-
OpenSSL::Digest::SHA256
|
345
|
-
elsif defined?(OpenSSL::Digest::SHA1)
|
346
|
-
OpenSSL::Digest::SHA1
|
347
|
-
else
|
348
|
-
require 'digest'
|
349
|
-
Digest::SHA512
|
350
|
-
end
|
351
|
-
|
352
341
|
##
|
353
342
|
# Used internally to select the signing digest from all computed digests
|
354
343
|
|
355
|
-
DIGEST_NAME = # :nodoc:
|
356
|
-
if DIGEST_ALGORITHM.method_defined? :name
|
357
|
-
DIGEST_ALGORITHM.new.name
|
358
|
-
else
|
359
|
-
DIGEST_ALGORITHM.name[/::([^:]+)\z/, 1]
|
360
|
-
end
|
344
|
+
DIGEST_NAME = 'SHA256' # :nodoc:
|
361
345
|
|
362
346
|
##
|
363
347
|
# Algorithm for creating the key pair used to sign gems
|
@@ -465,6 +449,22 @@ module Gem::Security
|
|
465
449
|
sign certificate, key, certificate, age, extensions, serial
|
466
450
|
end
|
467
451
|
|
452
|
+
##
|
453
|
+
# Creates a new digest instance using the specified +algorithm+. The default
|
454
|
+
# is SHA256.
|
455
|
+
|
456
|
+
if defined?(OpenSSL::Digest)
|
457
|
+
def self.create_digest(algorithm = DIGEST_NAME)
|
458
|
+
OpenSSL::Digest.new(algorithm)
|
459
|
+
end
|
460
|
+
else
|
461
|
+
require 'digest'
|
462
|
+
|
463
|
+
def self.create_digest(algorithm = DIGEST_NAME)
|
464
|
+
Digest.const_get(algorithm).new
|
465
|
+
end
|
466
|
+
end
|
467
|
+
|
468
468
|
##
|
469
469
|
# Creates a new key pair of the specified +length+ and +algorithm+. The
|
470
470
|
# default is a 3072 bit RSA key.
|
@@ -483,7 +483,7 @@ module Gem::Security
|
|
483
483
|
|
484
484
|
dcs = dcs.split '.'
|
485
485
|
|
486
|
-
name = "CN=#{cn}/#{dcs.map {
|
486
|
+
name = "CN=#{cn}/#{dcs.map {|dc| "DC=#{dc}" }.join '/'}"
|
487
487
|
|
488
488
|
OpenSSL::X509::Name.parse name
|
489
489
|
end
|
@@ -526,7 +526,7 @@ module Gem::Security
|
|
526
526
|
|
527
527
|
##
|
528
528
|
# Sign the public key from +certificate+ with the +signing_key+ and
|
529
|
-
# +signing_cert+, using the Gem::Security::
|
529
|
+
# +signing_cert+, using the Gem::Security::DIGEST_NAME. Uses the
|
530
530
|
# default certificate validity range and extensions.
|
531
531
|
#
|
532
532
|
# Returns the newly signed certificate.
|
@@ -553,7 +553,7 @@ module Gem::Security
|
|
553
553
|
signed = create_cert signee_subject, signee_key, age, extensions, serial
|
554
554
|
signed.issuer = signing_cert.subject
|
555
555
|
|
556
|
-
signed.sign signing_key, Gem::Security::
|
556
|
+
signed.sign signing_key, Gem::Security::DIGEST_NAME
|
557
557
|
end
|
558
558
|
|
559
559
|
##
|
@@ -76,7 +76,7 @@ class Gem::Security::Policy
|
|
76
76
|
|
77
77
|
def check_data(public_key, digest, signature, data)
|
78
78
|
raise Gem::Security::Exception, "invalid signature" unless
|
79
|
-
public_key.verify digest
|
79
|
+
public_key.verify digest, signature, data.digest
|
80
80
|
|
81
81
|
true
|
82
82
|
end
|
@@ -139,7 +139,7 @@ class Gem::Security::Policy
|
|
139
139
|
raise Gem::Security::Exception,
|
140
140
|
"root certificate #{root.subject} is not self-signed " +
|
141
141
|
"(issuer #{root.issuer})" if
|
142
|
-
root.issuer
|
142
|
+
root.issuer != root.subject
|
143
143
|
|
144
144
|
check_cert root, root, time
|
145
145
|
end
|
@@ -224,7 +224,7 @@ class Gem::Security::Policy
|
|
224
224
|
end
|
225
225
|
|
226
226
|
opt = @opt
|
227
|
-
digester = Gem::Security
|
227
|
+
digester = Gem::Security.create_digest
|
228
228
|
trust_dir = opt[:trust_dir]
|
229
229
|
time = Time.now
|
230
230
|
|
@@ -39,7 +39,7 @@ class Gem::Security::Signer
|
|
39
39
|
}.freeze
|
40
40
|
|
41
41
|
##
|
42
|
-
#
|
42
|
+
# Attempts to re-sign an expired cert with a given private key
|
43
43
|
def self.re_sign_cert(expired_cert, expired_cert_path, private_key)
|
44
44
|
return unless expired_cert.not_after < Time.now
|
45
45
|
|
@@ -81,8 +81,8 @@ class Gem::Security::Signer
|
|
81
81
|
@cert_chain = [default_cert] if File.exist? default_cert
|
82
82
|
end
|
83
83
|
|
84
|
-
@digest_algorithm = Gem::Security::DIGEST_ALGORITHM
|
85
84
|
@digest_name = Gem::Security::DIGEST_NAME
|
85
|
+
@digest_algorithm = Gem::Security.create_digest(@digest_name)
|
86
86
|
|
87
87
|
if @key && !@key.is_a?(OpenSSL::PKey::RSA)
|
88
88
|
@key = OpenSSL::PKey::RSA.new(File.read(@key), @passphrase)
|
@@ -106,10 +106,10 @@ class Gem::Security::Signer
|
|
106
106
|
# this value is preferred, otherwise the subject is used.
|
107
107
|
|
108
108
|
def extract_name(cert) # :nodoc:
|
109
|
-
subject_alt_name = cert.extensions.find {
|
109
|
+
subject_alt_name = cert.extensions.find {|e| 'subjectAltName' == e.oid }
|
110
110
|
|
111
111
|
if subject_alt_name
|
112
|
-
/\Aemail:/ =~ subject_alt_name.value
|
112
|
+
/\Aemail:/ =~ subject_alt_name.value # rubocop:disable Performance/StartWith
|
113
113
|
|
114
114
|
$' || subject_alt_name.value
|
115
115
|
else
|
data/lib/rubygems/server.rb
CHANGED
@@ -442,8 +442,8 @@ div.method-source-code pre { color: #ffdead; overflow: hidden; }
|
|
442
442
|
logger = WEBrick::Log.new nil, WEBrick::BasicLog::FATAL
|
443
443
|
@server = WEBrick::HTTPServer.new :DoNotListen => true, :Logger => logger
|
444
444
|
|
445
|
-
@spec_dirs = @gem_dirs.map {
|
446
|
-
@spec_dirs.reject! {
|
445
|
+
@spec_dirs = @gem_dirs.map {|gem_dir| File.join gem_dir, 'specifications' }
|
446
|
+
@spec_dirs.reject! {|spec_dir| !File.directory? spec_dir }
|
447
447
|
|
448
448
|
reset_gems
|
449
449
|
|
@@ -458,7 +458,7 @@ div.method-source-code pre { color: #ffdead; overflow: hidden; }
|
|
458
458
|
|
459
459
|
def uri_encode(str)
|
460
460
|
str.gsub(URI::UNSAFE) do |match|
|
461
|
-
match.each_byte.map {
|
461
|
+
match.each_byte.map {|c| sprintf('%%%02X', c.ord) }.join
|
462
462
|
end
|
463
463
|
end
|
464
464
|
|
@@ -573,7 +573,7 @@ div.method-source-code pre { color: #ffdead; overflow: hidden; }
|
|
573
573
|
add_date res
|
574
574
|
|
575
575
|
case req.request_uri.path
|
576
|
-
when %r
|
576
|
+
when %r{^/quick/(Marshal.#{Regexp.escape Gem.marshal_version}/)?(.*?)\.gemspec\.rz$} then
|
577
577
|
marshal_format, full_name = $1, $2
|
578
578
|
specs = Gem::Specification.find_all_by_full_name(full_name)
|
579
579
|
|
@@ -615,11 +615,11 @@ div.method-source-code pre { color: #ffdead; overflow: hidden; }
|
|
615
615
|
}
|
616
616
|
end
|
617
617
|
|
618
|
-
deps = deps.sort_by {
|
618
|
+
deps = deps.sort_by {|dep| [dep["name"].downcase, dep["version"]] }
|
619
619
|
deps.last["is_last"] = true unless deps.empty?
|
620
620
|
|
621
621
|
# executables
|
622
|
-
executables = spec.executables.sort.collect {
|
622
|
+
executables = spec.executables.sort.collect {|exec| {"executable" => exec} }
|
623
623
|
executables = nil if executables.empty?
|
624
624
|
executables.last["is_last"] = true if executables
|
625
625
|
|
@@ -661,14 +661,14 @@ div.method-source-code pre { color: #ffdead; overflow: hidden; }
|
|
661
661
|
"only_one_executable" => true,
|
662
662
|
"full_name" => "rubygems-#{Gem::VERSION}",
|
663
663
|
"has_deps" => false,
|
664
|
-
"homepage" => "
|
664
|
+
"homepage" => "https://guides.rubygems.org/",
|
665
665
|
"name" => 'rubygems',
|
666
666
|
"ri_installed" => true,
|
667
667
|
"summary" => "RubyGems itself",
|
668
668
|
"version" => Gem::VERSION,
|
669
669
|
}
|
670
670
|
|
671
|
-
specs = specs.sort_by {
|
671
|
+
specs = specs.sort_by {|spec| [spec["name"].downcase, spec["version"]] }
|
672
672
|
specs.last["is_last"] = true
|
673
673
|
|
674
674
|
# tag all specs with first_name_entry
|
@@ -869,7 +869,7 @@ div.method-source-code pre { color: #ffdead; overflow: hidden; }
|
|
869
869
|
listeners = @server.listeners.map{|l| l.addr[2] }
|
870
870
|
|
871
871
|
# TODO: 0.0.0.0 == any, not localhost.
|
872
|
-
host = listeners.any?{|l| l == '0.0.0.0'} ? 'localhost' : listeners.first
|
872
|
+
host = listeners.any?{|l| l == '0.0.0.0' } ? 'localhost' : listeners.first
|
873
873
|
|
874
874
|
say "Launching browser to http://#{host}:#{@port}"
|
875
875
|
|
data/lib/rubygems/source/git.rb
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
require 'rubygems/util'
|
3
2
|
|
4
3
|
##
|
5
4
|
# A git gem for use in a gem dependencies file.
|
@@ -103,9 +102,11 @@ class Gem::Source::Git < Gem::Source
|
|
103
102
|
|
104
103
|
success = system @git, 'reset', '--quiet', '--hard', rev_parse
|
105
104
|
|
106
|
-
|
107
|
-
|
108
|
-
|
105
|
+
if @need_submodules
|
106
|
+
_, status = Open3.capture2e(@git, 'submodule', 'update', '--quiet', '--init', '--recursive')
|
107
|
+
|
108
|
+
success &&= status.success?
|
109
|
+
end
|
109
110
|
|
110
111
|
success
|
111
112
|
end
|
@@ -228,8 +229,8 @@ class Gem::Source::Git < Gem::Source
|
|
228
229
|
require 'digest' # required here to avoid deadlocking in Gem.activate_bin_path (because digest is a gem on 2.5+)
|
229
230
|
|
230
231
|
normalized =
|
231
|
-
if @repository =~ %r
|
232
|
-
uri = URI(@repository).normalize.to_s.sub %r
|
232
|
+
if @repository =~ %r{^\w+://(\w+@)?}
|
233
|
+
uri = URI(@repository).normalize.to_s.sub %r{/$},''
|
233
234
|
uri.sub(/\A(\w+)/) { $1.downcase }
|
234
235
|
else
|
235
236
|
@repository
|
@@ -61,7 +61,7 @@ class Gem::Source::Local < Gem::Source
|
|
61
61
|
when :latest
|
62
62
|
tup = pkg.spec.name_tuple
|
63
63
|
|
64
|
-
cur = names.find {
|
64
|
+
cur = names.find {|x| x.name == tup.name }
|
65
65
|
if !cur
|
66
66
|
names << tup
|
67
67
|
elsif cur.version < tup.version
|
@@ -98,7 +98,7 @@ class Gem::Source::Local < Gem::Source
|
|
98
98
|
end
|
99
99
|
end
|
100
100
|
|
101
|
-
found.max_by {
|
101
|
+
found.max_by {|s| s.version }
|
102
102
|
end
|
103
103
|
|
104
104
|
def fetch_spec(name) # :nodoc:
|
data/lib/rubygems/source_list.rb
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
require 'rubygems/source'
|
3
2
|
|
4
3
|
##
|
5
4
|
# The SourceList represents the sources rubygems has been configured to use.
|
@@ -50,6 +49,8 @@ class Gem::SourceList
|
|
50
49
|
# String.
|
51
50
|
|
52
51
|
def <<(obj)
|
52
|
+
require "uri"
|
53
|
+
|
53
54
|
src = case obj
|
54
55
|
when URI
|
55
56
|
Gem::Source.new(obj)
|
@@ -88,7 +89,7 @@ class Gem::SourceList
|
|
88
89
|
# Yields each source URI in the list.
|
89
90
|
|
90
91
|
def each
|
91
|
-
@sources.each {
|
92
|
+
@sources.each {|s| yield s.uri.to_s }
|
92
93
|
end
|
93
94
|
|
94
95
|
##
|
@@ -113,7 +114,7 @@ class Gem::SourceList
|
|
113
114
|
# Returns an Array of source URI Strings.
|
114
115
|
|
115
116
|
def to_a
|
116
|
-
@sources.map {
|
117
|
+
@sources.map {|x| x.uri.to_s }
|
117
118
|
end
|
118
119
|
|
119
120
|
alias_method :to_ary, :to_a
|
@@ -133,7 +134,7 @@ class Gem::SourceList
|
|
133
134
|
if other.kind_of? Gem::Source
|
134
135
|
@sources.include? other
|
135
136
|
else
|
136
|
-
@sources.find {
|
137
|
+
@sources.find {|x| x.uri.to_s == other.to_s }
|
137
138
|
end
|
138
139
|
end
|
139
140
|
|
@@ -144,7 +145,7 @@ class Gem::SourceList
|
|
144
145
|
if source.kind_of? Gem::Source
|
145
146
|
@sources.delete source
|
146
147
|
else
|
147
|
-
@sources.delete_if {
|
148
|
+
@sources.delete_if {|x| x.uri.to_s == source.to_s }
|
148
149
|
end
|
149
150
|
end
|
150
151
|
|
@@ -92,8 +92,8 @@ class Gem::SpecFetcher
|
|
92
92
|
|
93
93
|
list.each do |source, specs|
|
94
94
|
if dependency.name.is_a?(String) && specs.respond_to?(:bsearch)
|
95
|
-
start_index = (0 ... specs.length).bsearch{
|
96
|
-
end_index = (0 ... specs.length).bsearch{
|
95
|
+
start_index = (0 ... specs.length).bsearch{|i| specs[i].name >= dependency.name }
|
96
|
+
end_index = (0 ... specs.length).bsearch{|i| specs[i].name > dependency.name }
|
97
97
|
specs = specs[start_index ... end_index] if start_index && end_index
|
98
98
|
end
|
99
99
|
|
@@ -122,7 +122,7 @@ class Gem::SpecFetcher
|
|
122
122
|
end
|
123
123
|
end
|
124
124
|
|
125
|
-
tuples = tuples.sort_by {
|
125
|
+
tuples = tuples.sort_by {|x| x[0] }
|
126
126
|
|
127
127
|
return [tuples, errors]
|
128
128
|
end
|
@@ -171,30 +171,33 @@ class Gem::SpecFetcher
|
|
171
171
|
# Suggests gems based on the supplied +gem_name+. Returns an array of
|
172
172
|
# alternative gem names.
|
173
173
|
|
174
|
-
def suggest_gems_from_name(gem_name, type = :latest)
|
174
|
+
def suggest_gems_from_name(gem_name, type = :latest, num_results = 5)
|
175
175
|
gem_name = gem_name.downcase.tr('_-', '')
|
176
176
|
max = gem_name.size / 2
|
177
177
|
names = available_specs(type).first.values.flatten(1)
|
178
178
|
|
179
179
|
matches = names.map do |n|
|
180
180
|
next unless n.match_platform?
|
181
|
-
|
182
|
-
distance = levenshtein_distance gem_name, n.name.downcase.tr('_-', '')
|
183
|
-
|
184
|
-
next if distance >= max
|
185
|
-
|
186
|
-
return [n.name] if distance == 0
|
187
|
-
|
188
|
-
[n.name, distance]
|
181
|
+
[n.name, 0] if n.name.downcase.tr('_-', '').include?(gem_name)
|
189
182
|
end.compact
|
190
183
|
|
184
|
+
if matches.length < num_results
|
185
|
+
matches += names.map do |n|
|
186
|
+
next unless n.match_platform?
|
187
|
+
distance = levenshtein_distance gem_name, n.name.downcase.tr('_-', '')
|
188
|
+
next if distance >= max
|
189
|
+
return [n.name] if distance == 0
|
190
|
+
[n.name, distance]
|
191
|
+
end.compact
|
192
|
+
end
|
193
|
+
|
191
194
|
matches = if matches.empty? && type != :prerelease
|
192
195
|
suggest_gems_from_name gem_name, :prerelease
|
193
196
|
else
|
194
|
-
matches.uniq.sort_by {
|
197
|
+
matches.uniq.sort_by {|name, dist| dist }
|
195
198
|
end
|
196
199
|
|
197
|
-
matches.
|
200
|
+
matches.map {|name, dist| name }.uniq.first(num_results)
|
198
201
|
end
|
199
202
|
|
200
203
|
##
|
@@ -251,7 +254,7 @@ class Gem::SpecFetcher
|
|
251
254
|
|
252
255
|
def tuples_for(source, type, gracefully_ignore=false) # :nodoc:
|
253
256
|
@caches[type][source.uri] ||=
|
254
|
-
source.load_specs(type).sort_by {
|
257
|
+
source.load_specs(type).sort_by {|tup| tup.name }
|
255
258
|
rescue Gem::RemoteFetcher::FetchError
|
256
259
|
raise unless gracefully_ignore
|
257
260
|
[]
|