rubygems-update 3.2.26 → 3.2.27

data/test/rubygems/test_gem_remote_fetcher.rb

@@ -241,6 +241,36 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
     assert File.exist?(a1_cache_gem)
   end
 
+  def test_download_with_token
+    a1_data = nil
+    File.open @a1_gem, 'rb' do |fp|
+      a1_data = fp.read
+    end
+
+    fetcher = util_fuck_with_fetcher a1_data
+
+    a1_cache_gem = @a1.cache_file
+    assert_equal a1_cache_gem, fetcher.download(@a1, 'http://token@gems.example.com')
+    assert_equal("http://token@gems.example.com/gems/a-1.gem",
+                 fetcher.instance_variable_get(:@test_arg).to_s)
+    assert File.exist?(a1_cache_gem)
+  end
+
+  def test_download_with_x_oauth_basic
+    a1_data = nil
+    File.open @a1_gem, 'rb' do |fp|
+      a1_data = fp.read
+    end
+
+    fetcher = util_fuck_with_fetcher a1_data
+
+    a1_cache_gem = @a1.cache_file
+    assert_equal a1_cache_gem, fetcher.download(@a1, 'http://token:x-oauth-basic@gems.example.com')
+    assert_equal("http://token:x-oauth-basic@gems.example.com/gems/a-1.gem",
+                 fetcher.instance_variable_get(:@test_arg).to_s)
+    assert File.exist?(a1_cache_gem)
+  end
+
   def test_download_with_encoded_auth
     a1_data = nil
     File.open @a1_gem, 'rb' do |fp|

data/test/rubygems/test_gem_request.rb

@@ -197,27 +197,53 @@ class TestGemRequest < Gem::TestCase
   end
 
   def test_fetch_basic_auth
+    Gem.configuration.verbose = :really
     uri = URI.parse "https://user:pass@example.rubygems/specs.#{Gem.marshal_version}"
     conn = util_stub_net_http(:body => :junk, :code => 200) do |c|
-      @request = make_request(uri, Net::HTTP::Get, nil, nil)
-      @request.fetch
+      use_ui @ui do
+        @request = make_request(uri, Net::HTTP::Get, nil, nil)
+        @request.fetch
+      end
       c
     end
 
     auth_header = conn.payload['Authorization']
     assert_equal "Basic #{Base64.encode64('user:pass')}".strip, auth_header
+    assert_includes @ui.output, "GET https://user:REDACTED@example.rubygems/specs.#{Gem.marshal_version}"
   end
 
   def test_fetch_basic_auth_encoded
+    Gem.configuration.verbose = :really
     uri = URI.parse "https://user:%7BDEScede%7Dpass@example.rubygems/specs.#{Gem.marshal_version}"
+
     conn = util_stub_net_http(:body => :junk, :code => 200) do |c|
-      @request = make_request(uri, Net::HTTP::Get, nil, nil)
-      @request.fetch
+      use_ui @ui do
+        @request = make_request(uri, Net::HTTP::Get, nil, nil)
+        @request.fetch
+      end
       c
     end
 
     auth_header = conn.payload['Authorization']
     assert_equal "Basic #{Base64.encode64('user:{DEScede}pass')}".strip, auth_header
+    assert_includes @ui.output, "GET https://user:REDACTED@example.rubygems/specs.#{Gem.marshal_version}"
+  end
+
+  def test_fetch_basic_oauth_encoded
+    Gem.configuration.verbose = :really
+    uri = URI.parse "https://%7BDEScede%7Dpass:x-oauth-basic@example.rubygems/specs.#{Gem.marshal_version}"
+
+    conn = util_stub_net_http(:body => :junk, :code => 200) do |c|
+      use_ui @ui do
+        @request = make_request(uri, Net::HTTP::Get, nil, nil)
+        @request.fetch
+      end
+      c
+    end
+
+    auth_header = conn.payload['Authorization']
+    assert_equal "Basic #{Base64.encode64('{DEScede}pass:x-oauth-basic')}".strip, auth_header
+    assert_includes @ui.output, "GET https://REDACTED:x-oauth-basic@example.rubygems/specs.#{Gem.marshal_version}"
   end
 
   def test_fetch_head

data/test/rubygems/test_gem_resolver_installer_set.rb

@@ -64,6 +64,24 @@ class TestGemResolverInstallerSet < Gem::TestCase
     assert_equal %w[a-1], set.always_install.map {|s| s.full_name }
   end
 
+  def test_add_always_install_prerelease_github_problem
+    spec_fetcher do |fetcher|
+      fetcher.gem 'a', 1
+    end
+
+    # Github has an issue in which it will generate a misleading prerelease output in its RubyGems server API and
+    # returns a 0 version for the gem while it doesn't exist.
+    @fetcher.data["#{@gem_repo}prerelease_specs.#{Gem.marshal_version}.gz"] = util_gzip(Marshal.dump([
+      Gem::NameTuple.new('a', Gem::Version.new(0), 'ruby'),
+    ]))
+
+    set = Gem::Resolver::InstallerSet.new :both
+
+    set.add_always_install dep('a')
+
+    assert_equal %w[a-1], set.always_install.map {|s| s.full_name }
+  end
+
   def test_add_always_install_prerelease_only
     spec_fetcher do |fetcher|
       fetcher.gem 'a', '3.a'

data/test/rubygems/test_gem_uri.rb

@@ -0,0 +1,32 @@
+require_relative 'helper'
+require 'rubygems/uri'
+
+class TestUri < Gem::TestCase
+  def test_to_s_not_string
+    assert_equal "not_a_uri", Gem::Uri.new(:not_a_uri).to_s
+  end
+
+  def test_to_s_invalid_uri
+    assert_equal "https://www.example.com:80index", Gem::Uri.new("https://www.example.com:80index").to_s
+  end
+
+  def test_redacted_with_user_pass
+    assert_equal "https://user:REDACTED@example.com", Gem::Uri.new("https://user:pass@example.com").redacted.to_s
+  end
+
+  def test_redacted_with_token
+    assert_equal "https://REDACTED@example.com", Gem::Uri.new("https://token@example.com").redacted.to_s
+  end
+
+  def test_redacted_with_user_x_oauth_basic
+    assert_equal "https://REDACTED:x-oauth-basic@example.com", Gem::Uri.new("https://token:x-oauth-basic@example.com").redacted.to_s
+  end
+
+  def test_redacted_without_credential
+    assert_equal "https://www.example.com", Gem::Uri.new("https://www.example.com").redacted.to_s
+  end
+
+  def test_redacted_with_invalid_uri
+    assert_equal "https://www.example.com:80index", Gem::Uri.new("https://www.example.com:80index").redacted.to_s
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubygems-update
 version: !ruby/object:Gem::Version
-  version: 3.2.26
+  version: 3.2.27
 platform: ruby
 authors:
 - Jim Weirich
@@ -16,7 +16,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-17 00:00:00.000000000 Z
+date: 2021-09-03 00:00:00.000000000 Z
 dependencies: []
 description: |-
   A package (also known as a library) contains a set of functionality
@@ -541,9 +541,8 @@ files:
 - lib/rubygems/stub_specification.rb
 - lib/rubygems/text.rb
 - lib/rubygems/uninstaller.rb
+- lib/rubygems/uri.rb
 - lib/rubygems/uri_formatter.rb
-- lib/rubygems/uri_parser.rb
-- lib/rubygems/uri_parsing.rb
 - lib/rubygems/user_interaction.rb
 - lib/rubygems/util.rb
 - lib/rubygems/util/licenses.rb
@@ -734,6 +733,7 @@ files:
 - test/rubygems/test_gem_text.rb
 - test/rubygems/test_gem_uninstaller.rb
 - test/rubygems/test_gem_unsatisfiable_dependency_error.rb
+- test/rubygems/test_gem_uri.rb
 - test/rubygems/test_gem_uri_formatter.rb
 - test/rubygems/test_gem_util.rb
 - test/rubygems/test_gem_validator.rb
@@ -771,7 +771,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.26
+rubygems_version: 3.2.27
 signing_key: 
 specification_version: 4
 summary: RubyGems is a package management framework for Ruby.

data/lib/rubygems/uri_parser.rb

@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-##
-# The UriParser handles parsing URIs.
-#
-
-class Gem::UriParser
-  ##
-  # Parses the #uri, raising if it's invalid
-
-  def parse!(uri)
-    raise URI::InvalidURIError unless uri
-
-    # Always escape URI's to deal with potential spaces and such
-    # It should also be considered that source_uri may already be
-    # a valid URI with escaped characters. e.g. "{DESede}" is encoded
-    # as "%7BDESede%7D". If this is escaped again the percentage
-    # symbols will be escaped.
-    begin
-      URI.parse(uri)
-    rescue URI::InvalidURIError
-      URI.parse(URI::DEFAULT_PARSER.escape(uri))
-    end
-  end
-
-  ##
-  # Parses the #uri, returning the original uri if it's invalid
-
-  def parse(uri)
-    parse!(uri)
-  rescue URI::InvalidURIError
-    uri
-  end
-end

data/lib/rubygems/uri_parsing.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-require "rubygems/uri_parser"
-
-module Gem::UriParsing
-
-  def parse_uri(source_uri)
-    return source_uri unless source_uri.is_a?(String)
-
-    uri_parser.parse(source_uri)
-  end
-
-  private :parse_uri
-
-  def uri_parser
-    require "uri"
-
-    Gem::UriParser.new
-  end
-
-  private :uri_parser
-
-end