rubygems-update 3.2.26 → 3.2.30
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +60 -0
- data/Manifest.txt +12 -3
- data/bundler/CHANGELOG.md +50 -1
- data/bundler/README.md +1 -1
- data/bundler/lib/bundler/build_metadata.rb +2 -2
- data/bundler/lib/bundler/cli/check.rb +1 -1
- data/bundler/lib/bundler/cli/gem.rb +19 -2
- data/bundler/lib/bundler/cli/info.rb +11 -4
- data/bundler/lib/bundler/cli/issue.rb +4 -3
- data/bundler/lib/bundler/cli/remove.rb +1 -2
- data/bundler/lib/bundler/cli.rb +1 -0
- data/bundler/lib/bundler/compact_index_client.rb +2 -2
- data/bundler/lib/bundler/definition.rb +16 -6
- data/bundler/lib/bundler/digest.rb +71 -0
- data/bundler/lib/bundler/errors.rb +18 -2
- data/bundler/lib/bundler/fetcher.rb +2 -1
- data/bundler/lib/bundler/friendly_errors.rb +5 -30
- data/bundler/lib/bundler/gem_helper.rb +6 -17
- data/bundler/lib/bundler/installer.rb +0 -1
- data/bundler/lib/bundler/plugin/installer.rb +2 -0
- data/bundler/lib/bundler/plugin.rb +23 -6
- data/bundler/lib/bundler/rubygems_ext.rb +4 -0
- data/bundler/lib/bundler/rubygems_gem_installer.rb +20 -4
- data/bundler/lib/bundler/rubygems_integration.rb +28 -9
- data/bundler/lib/bundler/runtime.rb +1 -1
- data/bundler/lib/bundler/settings.rb +9 -1
- data/bundler/lib/bundler/source/git.rb +22 -4
- data/bundler/lib/bundler/source/rubygems.rb +43 -72
- data/bundler/lib/bundler/source.rb +2 -0
- data/bundler/lib/bundler/source_list.rb +4 -0
- data/bundler/lib/bundler/spec_set.rb +1 -1
- data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +2 -1
- data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +1 -1
- data/bundler/lib/bundler/vendor/connection_pool/LICENSE +20 -0
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +19 -21
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +57 -0
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +39 -74
- data/bundler/lib/bundler/vendor/fileutils/LICENSE.txt +22 -0
- data/bundler/lib/bundler/vendor/molinillo/LICENSE +9 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
- data/bundler/lib/bundler/vendor/thor/LICENSE.md +20 -0
- data/bundler/lib/bundler/vendor/uri/LICENSE.txt +22 -0
- data/bundler/lib/bundler/version.rb +1 -1
- data/bundler/lib/bundler/worker.rb +2 -2
- data/bundler/lib/bundler.rb +13 -18
- data/lib/rubygems/command_manager.rb +3 -3
- data/lib/rubygems/commands/build_command.rb +3 -3
- data/lib/rubygems/commands/cert_command.rb +15 -8
- data/lib/rubygems/commands/check_command.rb +4 -4
- data/lib/rubygems/commands/cleanup_command.rb +3 -3
- data/lib/rubygems/commands/contents_command.rb +2 -2
- data/lib/rubygems/commands/dependency_command.rb +3 -3
- data/lib/rubygems/commands/environment_command.rb +1 -1
- data/lib/rubygems/commands/fetch_command.rb +3 -3
- data/lib/rubygems/commands/generate_index_command.rb +2 -2
- data/lib/rubygems/commands/help_command.rb +1 -1
- data/lib/rubygems/commands/info_command.rb +2 -2
- data/lib/rubygems/commands/install_command.rb +12 -11
- data/lib/rubygems/commands/list_command.rb +2 -2
- data/lib/rubygems/commands/lock_command.rb +1 -1
- data/lib/rubygems/commands/mirror_command.rb +1 -1
- data/lib/rubygems/commands/open_command.rb +2 -2
- data/lib/rubygems/commands/outdated_command.rb +4 -4
- data/lib/rubygems/commands/owner_command.rb +4 -4
- data/lib/rubygems/commands/pristine_command.rb +5 -5
- data/lib/rubygems/commands/push_command.rb +4 -4
- data/lib/rubygems/commands/query_command.rb +3 -3
- data/lib/rubygems/commands/rdoc_command.rb +3 -3
- data/lib/rubygems/commands/search_command.rb +2 -2
- data/lib/rubygems/commands/server_command.rb +3 -3
- data/lib/rubygems/commands/setup_command.rb +6 -6
- data/lib/rubygems/commands/signin_command.rb +2 -2
- data/lib/rubygems/commands/signout_command.rb +1 -1
- data/lib/rubygems/commands/sources_command.rb +4 -4
- data/lib/rubygems/commands/specification_command.rb +4 -4
- data/lib/rubygems/commands/stale_command.rb +1 -1
- data/lib/rubygems/commands/uninstall_command.rb +3 -3
- data/lib/rubygems/commands/unpack_command.rb +5 -5
- data/lib/rubygems/commands/update_command.rb +9 -9
- data/lib/rubygems/commands/which_command.rb +1 -1
- data/lib/rubygems/commands/yank_command.rb +4 -4
- data/lib/rubygems/config_file.rb +1 -1
- data/lib/rubygems/core_ext/tcpsocket_init.rb +2 -2
- data/lib/rubygems/defaults.rb +1 -1
- data/lib/rubygems/dependency_installer.rb +8 -8
- data/lib/rubygems/dependency_list.rb +1 -1
- data/lib/rubygems/doctor.rb +2 -2
- data/lib/rubygems/errors.rb +1 -2
- data/lib/rubygems/exceptions.rb +1 -1
- data/lib/rubygems/gem_runner.rb +3 -3
- data/lib/rubygems/gemcutter_utilities.rb +2 -2
- data/lib/rubygems/indexer.rb +2 -2
- data/lib/rubygems/install_default_message.rb +2 -2
- data/lib/rubygems/install_message.rb +2 -2
- data/lib/rubygems/install_update_options.rb +2 -2
- data/lib/rubygems/installer.rb +8 -8
- data/lib/rubygems/local_remote_options.rb +1 -1
- data/lib/rubygems/mock_gem_ui.rb +1 -1
- data/lib/rubygems/package/tar_reader.rb +1 -1
- data/lib/rubygems/package.rb +36 -46
- data/lib/rubygems/package_task.rb +2 -2
- data/lib/rubygems/platform.rb +2 -1
- data/lib/rubygems/query_utils.rb +4 -4
- data/lib/rubygems/rdoc.rb +1 -1
- data/lib/rubygems/remote_fetcher.rb +16 -22
- data/lib/rubygems/request/connection_pools.rb +1 -1
- data/lib/rubygems/request/http_pool.rb +1 -1
- data/lib/rubygems/request.rb +7 -5
- data/lib/rubygems/request_set/lockfile/tokenizer.rb +1 -1
- data/lib/rubygems/request_set/lockfile.rb +1 -1
- data/lib/rubygems/request_set.rb +5 -5
- data/lib/rubygems/requirement.rb +1 -1
- data/lib/rubygems/resolver/git_specification.rb +1 -1
- data/lib/rubygems/resolver/installer_set.rb +3 -3
- data/lib/rubygems/resolver/molinillo/LICENSE +9 -0
- data/lib/rubygems/resolver/molinillo.rb +1 -1
- data/lib/rubygems/resolver/set.rb +0 -1
- data/lib/rubygems/resolver/specification.rb +1 -1
- data/lib/rubygems/resolver.rb +31 -31
- data/lib/rubygems/s3_uri_signer.rb +4 -5
- data/lib/rubygems/security/policy.rb +6 -4
- data/lib/rubygems/security/signer.rb +4 -5
- data/lib/rubygems/security.rb +54 -20
- data/lib/rubygems/security_option.rb +2 -2
- data/lib/rubygems/server.rb +2 -2
- data/lib/rubygems/source/git.rb +2 -2
- data/lib/rubygems/source.rb +7 -7
- data/lib/rubygems/spec_fetcher.rb +5 -5
- data/lib/rubygems/specification.rb +12 -12
- data/lib/rubygems/specification_policy.rb +2 -2
- data/lib/rubygems/uninstaller.rb +6 -6
- data/lib/rubygems/uri.rb +111 -0
- data/lib/rubygems/user_interaction.rb +3 -3
- data/lib/rubygems/util/licenses.rb +1 -1
- data/lib/rubygems/util.rb +1 -1
- data/lib/rubygems/validator.rb +2 -2
- data/lib/rubygems/version_option.rb +1 -1
- data/lib/rubygems.rb +16 -16
- data/rubygems-update.gemspec +1 -1
- data/test/rubygems/helper.rb +4 -12
- data/test/rubygems/private_ec_key.pem +9 -0
- data/test/rubygems/test_gem.rb +59 -71
- data/test/rubygems/test_gem_commands_cert_command.rb +63 -4
- data/test/rubygems/test_gem_commands_install_command.rb +25 -0
- data/test/rubygems/test_gem_package.rb +27 -26
- data/test/rubygems/test_gem_platform.rb +1 -0
- data/test/rubygems/test_gem_remote_fetcher.rb +30 -0
- data/test/rubygems/test_gem_request.rb +35 -9
- data/test/rubygems/test_gem_resolver_installer_set.rb +18 -0
- data/test/rubygems/test_gem_security.rb +32 -4
- data/test/rubygems/test_gem_source_fetch_problem.rb +10 -0
- data/test/rubygems/test_gem_specification.rb +228 -232
- data/test/rubygems/test_gem_uri.rb +39 -0
- metadata +18 -9
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/monotonic_time.rb +0 -66
- data/lib/rubygems/uri_parser.rb +0 -34
- data/lib/rubygems/uri_parsing.rb +0 -23
data/lib/rubygems/resolver.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
|
3
|
-
|
4
|
-
|
2
|
+
require_relative 'dependency'
|
3
|
+
require_relative 'exceptions'
|
4
|
+
require_relative 'util/list'
|
5
5
|
|
6
6
|
##
|
7
7
|
# Given a set of Gem::Dependency objects as +needed+ and a way to query the
|
@@ -10,7 +10,7 @@ require 'rubygems/util/list'
|
|
10
10
|
# all the requirements.
|
11
11
|
|
12
12
|
class Gem::Resolver
|
13
|
-
|
13
|
+
require_relative 'resolver/molinillo'
|
14
14
|
|
15
15
|
##
|
16
16
|
# If the DEBUG_RESOLVER environment variable is set then debugging mode is
|
@@ -318,30 +318,30 @@ class Gem::Resolver
|
|
318
318
|
private :amount_constrained
|
319
319
|
end
|
320
320
|
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
|
338
|
-
|
339
|
-
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
|
344
|
-
|
345
|
-
|
346
|
-
|
347
|
-
|
321
|
+
require_relative 'resolver/activation_request'
|
322
|
+
require_relative 'resolver/conflict'
|
323
|
+
require_relative 'resolver/dependency_request'
|
324
|
+
require_relative 'resolver/requirement_list'
|
325
|
+
require_relative 'resolver/stats'
|
326
|
+
|
327
|
+
require_relative 'resolver/set'
|
328
|
+
require_relative 'resolver/api_set'
|
329
|
+
require_relative 'resolver/composed_set'
|
330
|
+
require_relative 'resolver/best_set'
|
331
|
+
require_relative 'resolver/current_set'
|
332
|
+
require_relative 'resolver/git_set'
|
333
|
+
require_relative 'resolver/index_set'
|
334
|
+
require_relative 'resolver/installer_set'
|
335
|
+
require_relative 'resolver/lock_set'
|
336
|
+
require_relative 'resolver/vendor_set'
|
337
|
+
require_relative 'resolver/source_set'
|
338
|
+
|
339
|
+
require_relative 'resolver/specification'
|
340
|
+
require_relative 'resolver/spec_specification'
|
341
|
+
require_relative 'resolver/api_specification'
|
342
|
+
require_relative 'resolver/git_specification'
|
343
|
+
require_relative 'resolver/index_specification'
|
344
|
+
require_relative 'resolver/installed_specification'
|
345
|
+
require_relative 'resolver/local_specification'
|
346
|
+
require_relative 'resolver/lock_specification'
|
347
|
+
require_relative 'resolver/vendor_specification'
|
@@ -1,5 +1,4 @@
|
|
1
|
-
|
2
|
-
require 'rubygems/openssl'
|
1
|
+
require_relative 'openssl'
|
3
2
|
|
4
3
|
##
|
5
4
|
# S3URISigner implements AWS SigV4 for S3 Source to avoid a dependency on the aws-sdk-* gems
|
@@ -87,7 +86,7 @@ class Gem::S3URISigner
|
|
87
86
|
"AWS4-HMAC-SHA256",
|
88
87
|
date_time,
|
89
88
|
credential_info,
|
90
|
-
Digest::SHA256.hexdigest(canonical_request),
|
89
|
+
OpenSSL::Digest::SHA256.hexdigest(canonical_request),
|
91
90
|
].join("\n")
|
92
91
|
end
|
93
92
|
|
@@ -140,8 +139,8 @@ class Gem::S3URISigner
|
|
140
139
|
|
141
140
|
def ec2_metadata_credentials_json
|
142
141
|
require 'net/http'
|
143
|
-
|
144
|
-
|
142
|
+
require_relative 'request'
|
143
|
+
require_relative 'request/connection_pools'
|
145
144
|
require 'json'
|
146
145
|
|
147
146
|
iam_info = ec2_metadata_request(EC2_IAM_INFO)
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
|
2
|
+
require_relative '../user_interaction'
|
3
3
|
|
4
4
|
##
|
5
5
|
# A Gem::Security::Policy object encapsulates the settings for verifying
|
@@ -115,9 +115,11 @@ class Gem::Security::Policy
|
|
115
115
|
raise Gem::Security::Exception, 'missing key or signature'
|
116
116
|
end
|
117
117
|
|
118
|
+
public_key = Gem::Security.get_public_key(key)
|
119
|
+
|
118
120
|
raise Gem::Security::Exception,
|
119
121
|
"certificate #{signer.subject} does not match the signing key" unless
|
120
|
-
signer.public_key.to_pem ==
|
122
|
+
signer.public_key.to_pem == public_key.to_pem
|
121
123
|
|
122
124
|
true
|
123
125
|
end
|
@@ -164,9 +166,9 @@ class Gem::Security::Policy
|
|
164
166
|
end
|
165
167
|
|
166
168
|
save_cert = OpenSSL::X509::Certificate.new File.read path
|
167
|
-
save_dgst = digester.digest save_cert.public_key.
|
169
|
+
save_dgst = digester.digest save_cert.public_key.to_pem
|
168
170
|
|
169
|
-
pkey_str = root.public_key.
|
171
|
+
pkey_str = root.public_key.to_pem
|
170
172
|
cert_dgst = digester.digest pkey_str
|
171
173
|
|
172
174
|
raise Gem::Security::Exception,
|
@@ -2,7 +2,7 @@
|
|
2
2
|
##
|
3
3
|
# Basic OpenSSL-based package signing class.
|
4
4
|
|
5
|
-
|
5
|
+
require_relative "../user_interaction"
|
6
6
|
|
7
7
|
class Gem::Security::Signer
|
8
8
|
include Gem::UserInteraction
|
@@ -83,8 +83,8 @@ class Gem::Security::Signer
|
|
83
83
|
@digest_name = Gem::Security::DIGEST_NAME
|
84
84
|
@digest_algorithm = Gem::Security.create_digest(@digest_name)
|
85
85
|
|
86
|
-
if @key && !@key.is_a?(OpenSSL::PKey::
|
87
|
-
@key = OpenSSL::PKey
|
86
|
+
if @key && !@key.is_a?(OpenSSL::PKey::PKey)
|
87
|
+
@key = OpenSSL::PKey.read(File.read(@key), @passphrase)
|
88
88
|
end
|
89
89
|
|
90
90
|
if @cert_chain
|
@@ -177,8 +177,7 @@ class Gem::Security::Signer
|
|
177
177
|
disk_cert = File.read(disk_cert_path) rescue nil
|
178
178
|
|
179
179
|
disk_key_path = File.join(Gem.default_key_path)
|
180
|
-
disk_key =
|
181
|
-
OpenSSL::PKey::RSA.new(File.read(disk_key_path), @passphrase) rescue nil
|
180
|
+
disk_key = OpenSSL::PKey.read(File.read(disk_key_path), @passphrase) rescue nil
|
182
181
|
|
183
182
|
return unless disk_key
|
184
183
|
|
data/lib/rubygems/security.rb
CHANGED
@@ -5,7 +5,7 @@
|
|
5
5
|
# See LICENSE.txt for permissions.
|
6
6
|
#++
|
7
7
|
|
8
|
-
|
8
|
+
require_relative 'exceptions'
|
9
9
|
require_relative 'openssl'
|
10
10
|
|
11
11
|
##
|
@@ -152,6 +152,7 @@ require_relative 'openssl'
|
|
152
152
|
# certificate for EMAIL_ADDR
|
153
153
|
# -C, --certificate CERT Signing certificate for --sign
|
154
154
|
# -K, --private-key KEY Key for --sign or --build
|
155
|
+
# -A, --key-algorithm ALGORITHM Select key algorithm for --build from RSA, DSA, or EC. Defaults to RSA.
|
155
156
|
# -s, --sign CERT Signs CERT with the key from -K
|
156
157
|
# and the certificate from -C
|
157
158
|
# -d, --days NUMBER_OF_DAYS Days before the certificate expires
|
@@ -317,7 +318,6 @@ require_relative 'openssl'
|
|
317
318
|
# * Honor extension restrictions
|
318
319
|
# * Might be better to store the certificate chain as a PKCS#7 or PKCS#12
|
319
320
|
# file, instead of an array embedded in the metadata.
|
320
|
-
# * Flexible signature and key algorithms, not hard-coded to RSA and SHA1.
|
321
321
|
#
|
322
322
|
# == Original author
|
323
323
|
#
|
@@ -337,17 +337,19 @@ module Gem::Security
|
|
337
337
|
DIGEST_NAME = 'SHA256' # :nodoc:
|
338
338
|
|
339
339
|
##
|
340
|
-
#
|
340
|
+
# Length of keys created by RSA and DSA keys
|
341
341
|
|
342
|
-
|
343
|
-
if defined?(OpenSSL::PKey::RSA)
|
344
|
-
OpenSSL::PKey::RSA
|
345
|
-
end
|
342
|
+
RSA_DSA_KEY_LENGTH = 3072
|
346
343
|
|
347
344
|
##
|
348
|
-
#
|
345
|
+
# Default algorithm to use when building a key pair
|
349
346
|
|
350
|
-
|
347
|
+
DEFAULT_KEY_ALGORITHM = 'RSA'
|
348
|
+
|
349
|
+
##
|
350
|
+
# Named curve used for Elliptic Curve
|
351
|
+
|
352
|
+
EC_NAME = 'secp384r1'
|
351
353
|
|
352
354
|
##
|
353
355
|
# Cipher used to encrypt the key pair used to sign gems.
|
@@ -400,7 +402,7 @@ module Gem::Security
|
|
400
402
|
serial = 1)
|
401
403
|
cert = OpenSSL::X509::Certificate.new
|
402
404
|
|
403
|
-
cert.public_key = key
|
405
|
+
cert.public_key = get_public_key(key)
|
404
406
|
cert.version = 2
|
405
407
|
cert.serial = serial
|
406
408
|
|
@@ -418,6 +420,24 @@ module Gem::Security
|
|
418
420
|
cert
|
419
421
|
end
|
420
422
|
|
423
|
+
##
|
424
|
+
# Gets the right public key from a PKey instance
|
425
|
+
|
426
|
+
def self.get_public_key(key)
|
427
|
+
return key.public_key unless key.is_a?(OpenSSL::PKey::EC)
|
428
|
+
|
429
|
+
ec_key = OpenSSL::PKey::EC.new(key.group.curve_name)
|
430
|
+
ec_key.public_key = key.public_key
|
431
|
+
ec_key
|
432
|
+
end
|
433
|
+
|
434
|
+
##
|
435
|
+
# In Ruby 2.3 EC doesn't implement the private_key? but not the private? method
|
436
|
+
|
437
|
+
if defined?(OpenSSL::PKey::EC) && Gem::Version.new(String.new(RUBY_VERSION)) < Gem::Version.new("2.4.0")
|
438
|
+
OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)
|
439
|
+
end
|
440
|
+
|
421
441
|
##
|
422
442
|
# Creates a self-signed certificate with an issuer and subject from +email+,
|
423
443
|
# a subject alternative name of +email+ and the given +extensions+ for the
|
@@ -459,11 +479,25 @@ module Gem::Security
|
|
459
479
|
end
|
460
480
|
|
461
481
|
##
|
462
|
-
# Creates a new key pair of the specified +
|
463
|
-
#
|
464
|
-
|
465
|
-
def self.create_key(
|
466
|
-
|
482
|
+
# Creates a new key pair of the specified +algorithm+. RSA, DSA, and EC
|
483
|
+
# are supported.
|
484
|
+
|
485
|
+
def self.create_key(algorithm)
|
486
|
+
if defined?(OpenSSL::PKey)
|
487
|
+
case algorithm.downcase
|
488
|
+
when 'dsa'
|
489
|
+
OpenSSL::PKey::DSA.new(RSA_DSA_KEY_LENGTH)
|
490
|
+
when 'rsa'
|
491
|
+
OpenSSL::PKey::RSA.new(RSA_DSA_KEY_LENGTH)
|
492
|
+
when 'ec'
|
493
|
+
domain_key = OpenSSL::PKey::EC.new(EC_NAME)
|
494
|
+
domain_key.generate_key
|
495
|
+
domain_key
|
496
|
+
else
|
497
|
+
raise Gem::Security::Exception,
|
498
|
+
"#{algorithm} algorithm not found. RSA, DSA, and EC algorithms are supported."
|
499
|
+
end
|
500
|
+
end
|
467
501
|
end
|
468
502
|
|
469
503
|
##
|
@@ -492,7 +526,7 @@ module Gem::Security
|
|
492
526
|
raise Gem::Security::Exception,
|
493
527
|
"incorrect signing key for re-signing " +
|
494
528
|
"#{expired_certificate.subject}" unless
|
495
|
-
expired_certificate.public_key.to_pem == private_key.
|
529
|
+
expired_certificate.public_key.to_pem == get_public_key(private_key).to_pem
|
496
530
|
|
497
531
|
unless expired_certificate.subject.to_s ==
|
498
532
|
expired_certificate.issuer.to_s
|
@@ -592,9 +626,9 @@ module Gem::Security
|
|
592
626
|
end
|
593
627
|
|
594
628
|
if Gem::HAVE_OPENSSL
|
595
|
-
|
596
|
-
|
597
|
-
|
629
|
+
require_relative 'security/policy'
|
630
|
+
require_relative 'security/policies'
|
631
|
+
require_relative 'security/trust_dir'
|
598
632
|
end
|
599
633
|
|
600
|
-
|
634
|
+
require_relative 'security/signer'
|
@@ -5,7 +5,7 @@
|
|
5
5
|
# See LICENSE.txt for permissions.
|
6
6
|
#++
|
7
7
|
|
8
|
-
|
8
|
+
require_relative '../rubygems'
|
9
9
|
|
10
10
|
# forward-declare
|
11
11
|
|
@@ -20,7 +20,7 @@ end
|
|
20
20
|
module Gem::SecurityOption
|
21
21
|
def add_security_option
|
22
22
|
OptionParser.accept Gem::Security::Policy do |value|
|
23
|
-
|
23
|
+
require_relative 'security'
|
24
24
|
|
25
25
|
raise OptionParser::InvalidArgument, 'OpenSSL not installed' unless
|
26
26
|
defined?(Gem::Security::HighSecurity)
|
data/lib/rubygems/server.rb
CHANGED
data/lib/rubygems/source/git.rb
CHANGED
@@ -225,7 +225,7 @@ class Gem::Source::Git < Gem::Source
|
|
225
225
|
# A hash for the git gem based on the git repository URI.
|
226
226
|
|
227
227
|
def uri_hash # :nodoc:
|
228
|
-
|
228
|
+
require_relative '../openssl'
|
229
229
|
|
230
230
|
normalized =
|
231
231
|
if @repository =~ %r{^\w+://(\w+@)?}
|
@@ -235,6 +235,6 @@ class Gem::Source::Git < Gem::Source
|
|
235
235
|
@repository
|
236
236
|
end
|
237
237
|
|
238
|
-
Digest::SHA1.hexdigest normalized
|
238
|
+
OpenSSL::Digest::SHA1.hexdigest normalized
|
239
239
|
end
|
240
240
|
end
|
data/lib/rubygems/source.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
|
3
|
+
require_relative "text"
|
4
4
|
##
|
5
5
|
# A Source knows how to list and fetch gems from a RubyGems marshal index.
|
6
6
|
#
|
@@ -238,9 +238,9 @@ class Gem::Source
|
|
238
238
|
end
|
239
239
|
end
|
240
240
|
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
241
|
+
require_relative 'source/git'
|
242
|
+
require_relative 'source/installed'
|
243
|
+
require_relative 'source/specific_file'
|
244
|
+
require_relative 'source/local'
|
245
|
+
require_relative 'source/lock'
|
246
|
+
require_relative 'source/vendor'
|
@@ -1,9 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
2
|
+
require_relative 'remote_fetcher'
|
3
|
+
require_relative 'user_interaction'
|
4
|
+
require_relative 'errors'
|
5
|
+
require_relative 'text'
|
6
|
+
require_relative 'name_tuple'
|
7
7
|
|
8
8
|
##
|
9
9
|
# SpecFetcher handles metadata updates from remote gem repositories.
|
@@ -6,11 +6,11 @@
|
|
6
6
|
# See LICENSE.txt for permissions.
|
7
7
|
#++
|
8
8
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
9
|
+
require_relative 'deprecate'
|
10
|
+
require_relative 'basic_specification'
|
11
|
+
require_relative 'stub_specification'
|
12
|
+
require_relative 'specification_policy'
|
13
|
+
require_relative 'util/list'
|
14
14
|
|
15
15
|
##
|
16
16
|
# The Specification class contains the information for a gem. Typically
|
@@ -105,7 +105,7 @@ class Gem::Specification < Gem::BasicSpecification
|
|
105
105
|
# rubocop:disable Style/MutableConstant
|
106
106
|
LOAD_CACHE = {} # :nodoc:
|
107
107
|
# rubocop:enable Style/MutableConstant
|
108
|
-
LOAD_CACHE_MUTEX = Mutex.new
|
108
|
+
LOAD_CACHE_MUTEX = Thread::Mutex.new
|
109
109
|
|
110
110
|
private_constant :LOAD_CACHE if defined? private_constant
|
111
111
|
|
@@ -1556,8 +1556,8 @@ class Gem::Specification < Gem::BasicSpecification
|
|
1556
1556
|
# the gem.build_complete file is missing.
|
1557
1557
|
|
1558
1558
|
def build_extensions # :nodoc:
|
1559
|
-
return if default_gem?
|
1560
1559
|
return if extensions.empty?
|
1560
|
+
return if default_gem?
|
1561
1561
|
return if File.exist? gem_build_complete_path
|
1562
1562
|
return if !File.writable?(base_dir)
|
1563
1563
|
return if !File.exist?(File.join(base_dir, 'extensions'))
|
@@ -1568,9 +1568,9 @@ class Gem::Specification < Gem::BasicSpecification
|
|
1568
1568
|
unresolved_deps = Gem::Specification.unresolved_deps.dup
|
1569
1569
|
Gem::Specification.unresolved_deps.clear
|
1570
1570
|
|
1571
|
-
|
1572
|
-
|
1573
|
-
|
1571
|
+
require_relative 'config_file'
|
1572
|
+
require_relative 'ext'
|
1573
|
+
require_relative 'user_interaction'
|
1574
1574
|
|
1575
1575
|
ui = Gem::SilentUI.new
|
1576
1576
|
Gem::DefaultUserInteraction.use_ui ui do
|
@@ -2120,8 +2120,8 @@ class Gem::Specification < Gem::BasicSpecification
|
|
2120
2120
|
# probably want to build_extensions
|
2121
2121
|
|
2122
2122
|
def missing_extensions?
|
2123
|
-
return false if default_gem?
|
2124
2123
|
return false if extensions.empty?
|
2124
|
+
return false if default_gem?
|
2125
2125
|
return false if File.exist? gem_build_complete_path
|
2126
2126
|
|
2127
2127
|
true
|
@@ -2525,7 +2525,7 @@ class Gem::Specification < Gem::BasicSpecification
|
|
2525
2525
|
# back, we have to check again here to make sure that our
|
2526
2526
|
# psych code was properly loaded, and load it if not.
|
2527
2527
|
unless Gem.const_defined?(:NoAliasYAMLTree)
|
2528
|
-
|
2528
|
+
require_relative 'psych_tree'
|
2529
2529
|
end
|
2530
2530
|
|
2531
2531
|
builder = Gem::NoAliasYAMLTree.create
|
@@ -1,4 +1,4 @@
|
|
1
|
-
|
1
|
+
require_relative 'user_interaction'
|
2
2
|
|
3
3
|
class Gem::SpecificationPolicy
|
4
4
|
include Gem::UserInteraction
|
@@ -381,7 +381,7 @@ http://spdx.org/licenses or '#{Gem::Licenses::NONSTANDARD}' for a nonstandard li
|
|
381
381
|
end
|
382
382
|
|
383
383
|
LAZY = '"FIxxxXME" or "TOxxxDO"'.gsub(/xxx/, '')
|
384
|
-
LAZY_PATTERN =
|
384
|
+
LAZY_PATTERN = /\AFI XME|\ATO DO/x.freeze
|
385
385
|
HOMEPAGE_URI_PATTERN = /\A[a-z][a-z\d+.-]*:/i.freeze
|
386
386
|
|
387
387
|
def validate_lazy_metadata
|
data/lib/rubygems/uninstaller.rb
CHANGED
@@ -6,11 +6,11 @@
|
|
6
6
|
#++
|
7
7
|
|
8
8
|
require 'fileutils'
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
9
|
+
require_relative '../rubygems'
|
10
|
+
require_relative 'installer_uninstaller_utils'
|
11
|
+
require_relative 'dependency_list'
|
12
|
+
require_relative 'rdoc'
|
13
|
+
require_relative 'user_interaction'
|
14
14
|
|
15
15
|
##
|
16
16
|
# An Uninstaller.
|
@@ -357,7 +357,7 @@ class Gem::Uninstaller
|
|
357
357
|
# of what it did for us to find rather than trying to recreate
|
358
358
|
# it again.
|
359
359
|
if @format_executable
|
360
|
-
|
360
|
+
require_relative 'installer'
|
361
361
|
Gem::Installer.exec_format % File.basename(filename)
|
362
362
|
else
|
363
363
|
filename
|
data/lib/rubygems/uri.rb
ADDED
@@ -0,0 +1,111 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
##
|
4
|
+
# The Uri handles rubygems source URIs.
|
5
|
+
#
|
6
|
+
|
7
|
+
class Gem::Uri
|
8
|
+
def initialize(source_uri)
|
9
|
+
@parsed_uri = parse(source_uri)
|
10
|
+
end
|
11
|
+
|
12
|
+
def redacted
|
13
|
+
return self unless valid_uri?
|
14
|
+
|
15
|
+
if token? || oauth_basic?
|
16
|
+
with_redacted_user
|
17
|
+
elsif password?
|
18
|
+
with_redacted_password
|
19
|
+
else
|
20
|
+
self
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
def to_s
|
25
|
+
@parsed_uri.to_s
|
26
|
+
end
|
27
|
+
|
28
|
+
def redact_credentials_from(text)
|
29
|
+
return text unless valid_uri? && password?
|
30
|
+
|
31
|
+
text.sub(password, 'REDACTED')
|
32
|
+
end
|
33
|
+
|
34
|
+
def method_missing(method_name, *args, &blk)
|
35
|
+
if @parsed_uri.respond_to?(method_name)
|
36
|
+
@parsed_uri.send(method_name, *args, &blk)
|
37
|
+
else
|
38
|
+
super
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def respond_to_missing?(method_name, include_private = false)
|
43
|
+
@parsed_uri.respond_to?(method_name, include_private) || super
|
44
|
+
end
|
45
|
+
|
46
|
+
protected
|
47
|
+
|
48
|
+
# Add a protected reader for the cloned instance to access the original object's parsed uri
|
49
|
+
attr_reader :parsed_uri
|
50
|
+
|
51
|
+
private
|
52
|
+
|
53
|
+
##
|
54
|
+
# Parses the #uri, raising if it's invalid
|
55
|
+
|
56
|
+
def parse!(uri)
|
57
|
+
require "uri"
|
58
|
+
|
59
|
+
raise URI::InvalidURIError unless uri
|
60
|
+
|
61
|
+
# Always escape URI's to deal with potential spaces and such
|
62
|
+
# It should also be considered that source_uri may already be
|
63
|
+
# a valid URI with escaped characters. e.g. "{DESede}" is encoded
|
64
|
+
# as "%7BDESede%7D". If this is escaped again the percentage
|
65
|
+
# symbols will be escaped.
|
66
|
+
begin
|
67
|
+
URI.parse(uri)
|
68
|
+
rescue URI::InvalidURIError
|
69
|
+
URI.parse(URI::DEFAULT_PARSER.escape(uri))
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
##
|
74
|
+
# Parses the #uri, returning the original uri if it's invalid
|
75
|
+
|
76
|
+
def parse(uri)
|
77
|
+
return uri unless uri.is_a?(String)
|
78
|
+
|
79
|
+
parse!(uri)
|
80
|
+
rescue URI::InvalidURIError
|
81
|
+
uri
|
82
|
+
end
|
83
|
+
|
84
|
+
def with_redacted_user
|
85
|
+
clone.tap {|uri| uri.user = 'REDACTED' }
|
86
|
+
end
|
87
|
+
|
88
|
+
def with_redacted_password
|
89
|
+
clone.tap {|uri| uri.password = 'REDACTED' }
|
90
|
+
end
|
91
|
+
|
92
|
+
def valid_uri?
|
93
|
+
!@parsed_uri.is_a?(String)
|
94
|
+
end
|
95
|
+
|
96
|
+
def password?
|
97
|
+
!!password
|
98
|
+
end
|
99
|
+
|
100
|
+
def oauth_basic?
|
101
|
+
password == 'x-oauth-basic'
|
102
|
+
end
|
103
|
+
|
104
|
+
def token?
|
105
|
+
!user.nil? && password.nil?
|
106
|
+
end
|
107
|
+
|
108
|
+
def initialize_copy(original)
|
109
|
+
@parsed_uri = original.parsed_uri.clone
|
110
|
+
end
|
111
|
+
end
|
@@ -5,8 +5,8 @@
|
|
5
5
|
# See LICENSE.txt for permissions.
|
6
6
|
#++
|
7
7
|
|
8
|
-
|
9
|
-
|
8
|
+
require_relative 'deprecate'
|
9
|
+
require_relative 'text'
|
10
10
|
|
11
11
|
##
|
12
12
|
# Module that defines the default UserInteraction. Any class including this
|
@@ -543,7 +543,7 @@ class Gem::StreamUI
|
|
543
543
|
# A progress reporter that behaves nicely with threaded downloading.
|
544
544
|
|
545
545
|
class ThreadedDownloadReporter
|
546
|
-
MUTEX = Mutex.new
|
546
|
+
MUTEX = Thread::Mutex.new
|
547
547
|
|
548
548
|
##
|
549
549
|
# The current file name being displayed
|
data/lib/rubygems/util.rb
CHANGED
data/lib/rubygems/validator.rb
CHANGED