rubygems-update 3.3.18 → 3.3.21

data/lib/rubygems/package/tar_header.rb

@@ -53,42 +53,42 @@ class Gem::Package::TarHeader
   ##
   # Pack format for a tar header
 
-  PACK_FORMAT = 'a100' + # name
-                'a8'   + # mode
-                'a8'   + # uid
-                'a8'   + # gid
-                'a12'  + # size
-                'a12'  + # mtime
-                'a7a'  + # chksum
-                'a'    + # typeflag
-                'a100' + # linkname
-                'a6'   + # magic
-                'a2'   + # version
-                'a32'  + # uname
-                'a32'  + # gname
-                'a8'   + # devmajor
-                'a8'   + # devminor
-                'a155'   # prefix
+  PACK_FORMAT = "a100" + # name
+                "a8"   + # mode
+                "a8"   + # uid
+                "a8"   + # gid
+                "a12"  + # size
+                "a12"  + # mtime
+                "a7a"  + # chksum
+                "a"    + # typeflag
+                "a100" + # linkname
+                "a6"   + # magic
+                "a2"   + # version
+                "a32"  + # uname
+                "a32"  + # gname
+                "a8"   + # devmajor
+                "a8"   + # devminor
+                "a155"   # prefix
 
   ##
   # Unpack format for a tar header
 
-  UNPACK_FORMAT = 'A100' + # name
-                  'A8'   + # mode
-                  'A8'   + # uid
-                  'A8'   + # gid
-                  'A12'  + # size
-                  'A12'  + # mtime
-                  'A8'   + # checksum
-                  'A'    + # typeflag
-                  'A100' + # linkname
-                  'A6'   + # magic
-                  'A2'   + # version
-                  'A32'  + # uname
-                  'A32'  + # gname
-                  'A8'   + # devmajor
-                  'A8'   + # devminor
-                  'A155'   # prefix
+  UNPACK_FORMAT = "A100" + # name
+                  "A8"   + # mode
+                  "A8"   + # uid
+                  "A8"   + # gid
+                  "A12"  + # size
+                  "A12"  + # mtime
+                  "A8"   + # checksum
+                  "A"    + # typeflag
+                  "A100" + # linkname
+                  "A6"   + # magic
+                  "A2"   + # version
+                  "A32"  + # uname
+                  "A32"  + # gname
+                  "A8"   + # devmajor
+                  "A8"   + # devminor
+                  "A155"   # prefix
 
   attr_reader(*FIELDS)
 
@@ -134,7 +134,7 @@ class Gem::Package::TarHeader
     # \ff flags a negative 256-based number
     # In case we have a match, parse it as a signed binary value
     # in big-endian order, except that the high-order bit is ignored.
-    return str.unpack('N2').last if str =~ /\A[\x80\xff]/n
+    return str.unpack("N2").last if str =~ /\A[\x80\xff]/n
     strict_oct(str)
   end
 
@@ -173,23 +173,23 @@ class Gem::Package::TarHeader
   end
 
   def ==(other) # :nodoc:
-    self.class === other and
-    @checksum == other.checksum and
-    @devmajor == other.devmajor and
-    @devminor == other.devminor and
-    @gid      == other.gid      and
-    @gname    == other.gname    and
-    @linkname == other.linkname and
-    @magic    == other.magic    and
-    @mode     == other.mode     and
-    @mtime    == other.mtime    and
-    @name     == other.name     and
-    @prefix   == other.prefix   and
-    @size     == other.size     and
-    @typeflag == other.typeflag and
-    @uid      == other.uid      and
-    @uname    == other.uname    and
-    @version  == other.version
+    self.class === other &&
+      @checksum == other.checksum &&
+      @devmajor == other.devmajor &&
+      @devminor == other.devminor &&
+      @gid      == other.gid      &&
+      @gname    == other.gname    &&
+      @linkname == other.linkname &&
+      @magic    == other.magic    &&
+      @mode     == other.mode     &&
+      @mtime    == other.mtime    &&
+      @name     == other.name     &&
+      @prefix   == other.prefix   &&
+      @size     == other.size     &&
+      @typeflag == other.typeflag &&
+      @uid      == other.uid      &&
+      @uname    == other.uname    &&
+      @version  == other.version
   end
 
   def to_s # :nodoc:

data/lib/rubygems/package/tar_reader/entry.rb

@@ -68,9 +68,9 @@ class Gem::Package::TarReader::Entry
       @header.name
     end
   rescue ArgumentError => e
-    raise unless e.message == 'string contains null byte'
+    raise unless e.message == "string contains null byte"
     raise Gem::Package::TarInvalidError,
-          'tar is corrupt, name contains null byte'
+          "tar is corrupt, name contains null byte"
   end
 
   ##

data/lib/rubygems/package/tar_reader.rb

@@ -121,4 +121,4 @@ class Gem::Package::TarReader
   end
 end
 
-require_relative 'tar_reader/entry'
+require_relative "tar_reader/entry"

data/lib/rubygems/package/tar_writer.rb

@@ -166,7 +166,7 @@ class Gem::Package::TarWriter
   def add_file_signed(name, mode, signer)
     digest_algorithms = [
       signer.digest_algorithm,
-      Gem::Security.create_digest('SHA512'),
+      Gem::Security.create_digest("SHA512"),
     ].compact.uniq
 
     digests = add_file_digest name, mode, digest_algorithms do |io|
@@ -304,17 +304,17 @@ class Gem::Package::TarWriter
       raise Gem::Package::TooLongFileName.new("File \"#{name}\" has a too long path (should be 256 or less)")
     end
 
-    prefix = ''
+    prefix = ""
     if name.bytesize > 100
-      parts = name.split('/', -1) # parts are never empty here
+      parts = name.split("/", -1) # parts are never empty here
       name = parts.pop            # initially empty for names with a trailing slash ("foo/.../bar/")
-      prefix = parts.join('/')    # if empty, then it's impossible to split (parts is empty too)
+      prefix = parts.join("/")    # if empty, then it's impossible to split (parts is empty too)
       while !parts.empty? && (prefix.bytesize > 155 || name.empty?)
-        name = parts.pop + '/' + name
-        prefix = parts.join('/')
+        name = parts.pop + "/" + name
+        prefix = parts.join("/")
       end
 
-      if name.bytesize > 100 or prefix.empty?
+      if name.bytesize > 100 || prefix.empty?
         raise Gem::Package::TooLongFileName.new("File \"#{prefix}/#{name}\" has a too long name (should be 100 or less)")
       end
 

data/lib/rubygems/package.rb

@@ -5,8 +5,8 @@
 #++
 
 require_relative "../rubygems"
-require_relative 'security'
-require_relative 'user_interaction'
+require_relative "security"
+require_relative "user_interaction"
 
 ##
 # Example using a Gem::Package
@@ -68,14 +68,14 @@ class Gem::Package
   class PathError < Error
     def initialize(destination, destination_dir)
       super "installing into parent path %s of %s is not allowed" %
-              [destination, destination_dir]
+        [destination, destination_dir]
     end
   end
 
   class SymlinkError < Error
     def initialize(name, destination, destination_dir)
       super "installing symlink '%s' pointing to parent path %s of %s is not allowed" %
-              [name, destination, destination_dir]
+        [name, destination, destination_dir]
     end
   end
 
@@ -158,7 +158,7 @@ class Gem::Package
     return super unless gem.present?
 
     return super unless gem.start
-    return super unless gem.start.include? 'MD5SUM ='
+    return super unless gem.start.include? "MD5SUM ="
 
     Gem::Package::Old.new gem
   end
@@ -178,9 +178,9 @@ class Gem::Package
       tar = Gem::Package::TarReader.new io
       tar.each_entry do |entry|
         case entry.full_name
-        when 'metadata' then
+        when "metadata" then
           metadata = entry.read
-        when 'metadata.gz' then
+        when "metadata.gz" then
           metadata = Gem::Util.gunzip entry.read
         end
       end
@@ -193,7 +193,7 @@ class Gem::Package
   # Creates a new package that will read or write to the file +gem+.
 
   def initialize(gem, security_policy) # :notnew:
-    require 'zlib'
+    require "zlib"
 
     @gem = gem
 
@@ -229,7 +229,7 @@ class Gem::Package
       end
     end
 
-    tar.add_file_signed 'checksums.yaml.gz', 0444, @signer do |io|
+    tar.add_file_signed "checksums.yaml.gz", 0444, @signer do |io|
       gzip_to io do |gz_io|
         Psych.dump checksums_by_algorithm, gz_io
       end
@@ -241,7 +241,7 @@ class Gem::Package
   # and adds this file to the +tar+.
 
   def add_contents(tar) # :nodoc:
-    digests = tar.add_file_signed 'data.tar.gz', 0444, @signer do |io|
+    digests = tar.add_file_signed "data.tar.gz", 0444, @signer do |io|
       gzip_to io do |gz_io|
         Gem::Package::TarWriter.new gz_io do |data_tar|
           add_files data_tar
@@ -249,7 +249,7 @@ class Gem::Package
       end
     end
 
-    @checksums['data.tar.gz'] = digests
+    @checksums["data.tar.gz"] = digests
   end
 
   ##
@@ -266,7 +266,7 @@ class Gem::Package
       next unless stat.file?
 
       tar.add_file_simple file, stat.mode, stat.size do |dst_io|
-        File.open file, 'rb' do |src_io|
+        File.open file, "rb" do |src_io|
           dst_io.write src_io.read 16384 until src_io.eof?
         end
       end
@@ -277,13 +277,13 @@ class Gem::Package
   # Adds the package's Gem::Specification to the +tar+ file
 
   def add_metadata(tar) # :nodoc:
-    digests = tar.add_file_signed 'metadata.gz', 0444, @signer do |io|
+    digests = tar.add_file_signed "metadata.gz", 0444, @signer do |io|
       gzip_to io do |gz_io|
         gz_io.write @spec.to_yaml
       end
     end
 
-    @checksums['metadata.gz'] = digests
+    @checksums["metadata.gz"] = digests
   end
 
   ##
@@ -335,7 +335,7 @@ EOM
       gem_tar = Gem::Package::TarReader.new io
 
       gem_tar.each do |entry|
-        next unless entry.full_name == 'data.tar.gz'
+        next unless entry.full_name == "data.tar.gz"
 
         open_tar_gz entry do |pkg_tar|
           pkg_tar.each do |contents_entry|
@@ -387,7 +387,7 @@ EOM
       reader = Gem::Package::TarReader.new io
 
       reader.each do |entry|
-        next unless entry.full_name == 'data.tar.gz'
+        next unless entry.full_name == "data.tar.gz"
 
         extract_tar_gz entry, destination_dir, pattern
 
@@ -409,18 +409,23 @@ EOM
 
   def extract_tar_gz(io, destination_dir, pattern = "*") # :nodoc:
     directories = []
+    symlinks = []
+
     open_tar_gz io do |tar|
       tar.each do |entry|
-        next unless File.fnmatch pattern, entry.full_name, File::FNM_DOTMATCH
+        full_name = entry.full_name
+        next unless File.fnmatch pattern, full_name, File::FNM_DOTMATCH
 
-        destination = install_location entry.full_name, destination_dir
+        destination = install_location full_name, destination_dir
 
         if entry.symlink?
           link_target = entry.header.linkname
           real_destination = link_target.start_with?("/") ? link_target : File.expand_path(link_target, File.dirname(destination))
 
-          raise Gem::Package::SymlinkError.new(entry.full_name, real_destination, destination_dir) unless
-            normalize_path(real_destination).start_with? normalize_path(destination_dir + '/')
+          raise Gem::Package::SymlinkError.new(full_name, real_destination, destination_dir) unless
+            normalize_path(real_destination).start_with? normalize_path(destination_dir + "/")
+
+          symlinks << [full_name, link_target, destination, real_destination]
         end
 
         FileUtils.rm_rf destination
@@ -439,17 +444,23 @@ EOM
           directories << mkdir
         end
 
-        File.open destination, 'wb' do |out|
+        File.open destination, "wb" do |out|
           out.write entry.read
           FileUtils.chmod file_mode(entry.header.mode), destination
         end if entry.file?
 
-        File.symlink(entry.header.linkname, destination) if entry.symlink?
-
         verbose destination
       end
     end
 
+    symlinks.each do |name, target, destination, real_destination|
+      if File.exist?(real_destination)
+        File.symlink(target, destination)
+      else
+        alert_warning "#{@spec.full_name} ships with a dangling symlink named #{name} pointing to missing #{target} file. Ignoring"
+      end
+    end
+
     if dir_mode
       File.chmod(dir_mode, *directories)
     end
@@ -481,13 +492,13 @@ EOM
 
   def install_location(filename, destination_dir) # :nodoc:
     raise Gem::Package::PathError.new(filename, destination_dir) if
-      filename.start_with? '/'
+      filename.start_with? "/"
 
     destination_dir = File.realpath(destination_dir)
     destination = File.expand_path(filename, destination_dir)
 
     raise Gem::Package::PathError.new(destination, destination_dir) unless
-      normalize_path(destination).start_with? normalize_path(destination_dir + '/')
+      normalize_path(destination).start_with? normalize_path(destination_dir + "/")
 
     destination.tap(&Gem::UNTAINT)
     destination
@@ -506,9 +517,9 @@ EOM
 
   def load_spec(entry) # :nodoc:
     case entry.full_name
-    when 'metadata' then
+    when "metadata" then
       @spec = Gem::Specification.from_yaml entry.read
-    when 'metadata.gz' then
+    when "metadata.gz" then
       Zlib::GzipReader.wrap(entry, external_encoding: Encoding::UTF_8) do |gzio|
         @spec = Gem::Specification.from_yaml gzio.read
       end
@@ -532,7 +543,7 @@ EOM
   def read_checksums(gem)
     Gem.load_yaml
 
-    @checksums = gem.seek 'checksums.yaml.gz' do |entry|
+    @checksums = gem.seek "checksums.yaml.gz" do |entry|
       Zlib::GzipReader.wrap entry do |gz_io|
         Gem::SafeYAML.safe_load gz_io.read
       end
@@ -544,7 +555,7 @@ EOM
   # certificate and key are not present only checksum generation is set up.
 
   def setup_signer(signer_options: {})
-    passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
+    passphrase = ENV["GEM_PRIVATE_KEY_PASSPHRASE"]
     if @spec.signing_key
       @signer =
         Gem::Security::Signer.new(
@@ -651,7 +662,7 @@ EOM
     case file_name
     when "metadata", "metadata.gz" then
       load_spec entry
-    when 'data.tar.gz' then
+    when "data.tar.gz" then
       verify_gz entry
     end
   rescue
@@ -668,15 +679,15 @@ EOM
     end
 
     unless @spec
-      raise Gem::Package::FormatError.new 'package metadata is missing', @gem
+      raise Gem::Package::FormatError.new "package metadata is missing", @gem
     end
 
-    unless @files.include? 'data.tar.gz'
+    unless @files.include? "data.tar.gz"
       raise Gem::Package::FormatError.new \
-              'package content (data.tar.gz) is missing', @gem
+              "package content (data.tar.gz) is missing", @gem
     end
 
-    if duplicates = @files.group_by {|f| f }.select {|k,v| v.size > 1 }.map(&:first) and duplicates.any?
+    if (duplicates = @files.group_by {|f| f }.select {|k,v| v.size > 1 }.map(&:first)) && duplicates.any?
       raise Gem::Security::Exception, "duplicate files in the package: (#{duplicates.map(&:inspect).join(', ')})"
     end
   end
@@ -693,12 +704,12 @@ EOM
   end
 end
 
-require_relative 'package/digest_io'
-require_relative 'package/source'
-require_relative 'package/file_source'
-require_relative 'package/io_source'
-require_relative 'package/old'
-require_relative 'package/tar_header'
-require_relative 'package/tar_reader'
-require_relative 'package/tar_reader/entry'
-require_relative 'package/tar_writer'
+require_relative "package/digest_io"
+require_relative "package/source"
+require_relative "package/file_source"
+require_relative "package/io_source"
+require_relative "package/old"
+require_relative "package/tar_header"
+require_relative "package/tar_reader"
+require_relative "package/tar_reader/entry"
+require_relative "package/tar_writer"

data/lib/rubygems/package_task.rb

@@ -20,9 +20,9 @@
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
-require_relative '../rubygems'
-require_relative 'package'
-require 'rake/packagetask'
+require_relative "../rubygems"
+require_relative "package"
+require "rake/packagetask"
 
 ##
 # Create a package based upon a Gem::Specification.  Gem packages, as well as
@@ -113,7 +113,7 @@ class Gem::PackageTask < Rake::PackageTask
           Gem::Package.build gem_spec
 
           verbose trace do
-            mv gem_file, '..'
+            mv gem_file, ".."
           end
         end
       end