rubygems-update 3.3.26 → 3.4.18

data/lib/rubygems/resolver/conflict.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # Used internally to indicate that a dependency conflicted
 # with a spec that would be activated.

data/lib/rubygems/resolver/current_set.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A set which represents the installed gems. Respects
 # all the normal settings that control where to look

data/lib/rubygems/resolver/dependency_request.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # Used Internally. Wraps a Dependency object to also track which spec
 # contained the Dependency.

data/lib/rubygems/resolver/git_set.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A GitSet represents gems that are sourced from git repositories.
 #

data/lib/rubygems/resolver/git_specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A GitSpecification represents a gem that is sourced from a git repository
 # and is being loaded through a gem dependencies file through the +git:+

data/lib/rubygems/resolver/index_set.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # The global rubygems pool represented via the traditional
 # source index.

data/lib/rubygems/resolver/index_specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # Represents a possible Specification object returned from IndexSet.  Used to
 # delay needed to download full Specification objects when only the +name+

data/lib/rubygems/resolver/installed_specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # An InstalledSpecification represents a gem that is already installed
 # locally.

data/lib/rubygems/resolver/installer_set.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A set of gems for installation sourced from remote sources and local .gem
 # files
@@ -66,7 +67,7 @@ class Gem::Resolver::InstallerSet < Gem::Resolver::Set
 
     found = found.select do |s|
       Gem::Source::SpecificFile === s.source ||
-        Gem::Platform.match(s.platform)
+        Gem::Platform.match_spec?(s)
     end
 
     found = found.sort_by do |s|
@@ -147,6 +148,8 @@ class Gem::Resolver::InstallerSet < Gem::Resolver::Set
       res << Gem::Resolver::InstalledSpecification.new(self, gemspec)
     end unless @ignore_installed
 
+    matching_local = []
+
     if consider_local?
       matching_local = @local.values.select do |spec, _|
         req.match? spec
@@ -167,7 +170,7 @@ class Gem::Resolver::InstallerSet < Gem::Resolver::Set
       end
     end
 
-    res.concat @remote_set.find_all req if consider_remote?
+    res.concat @remote_set.find_all req if consider_remote? && matching_local.empty?
 
     res
   end

data/lib/rubygems/resolver/local_specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A LocalSpecification comes from a .gem file on the local filesystem.
 

data/lib/rubygems/resolver/lock_set.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A set of gems from a gem dependencies lockfile.
 

data/lib/rubygems/resolver/lock_specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # The LockSpecification comes from a lockfile (Gem::RequestSet::Lockfile).
 #

data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb

@@ -32,7 +32,7 @@ module Gem::Resolver::Molinillo
     #   all belong to the same graph.
     # @return [Array<Vertex>] The sorted vertices.
     def self.tsort(vertices)
-      TSort.tsort(
+      Gem::TSort.tsort(
         lambda { |b| vertices.each(&b) },
         lambda { |v, &b| (v.successors & vertices).each(&b) }
       )

data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb

@@ -107,36 +107,42 @@ module Gem::Resolver::Molinillo
         end
       end
 
-      conflicts.sort.reduce(''.dup) do |o, (name, conflict)|
-        o << "\n" << incompatible_version_message_for_conflict.call(name, conflict) << "\n"
-        if conflict.locked_requirement
-          o << %(  In snapshot (#{name_for_locking_dependency_source}):\n)
-          o << %(    #{printable_requirement.call(conflict.locked_requirement)}\n)
-          o << %(\n)
-        end
-        o << %(  In #{name_for_explicit_dependency_source}:\n)
-        trees = reduce_trees.call(conflict.requirement_trees)
-
-        o << trees.map do |tree|
-          t = ''.dup
-          depth = 2
-          tree.each do |req|
-            t << '  ' * depth << printable_requirement.call(req)
-            unless tree.last == req
-              if spec = conflict.activated_by_name[name_for(req)]
-                t << %( was resolved to #{version_for_spec.call(spec)}, which)
+      full_message_for_conflict = opts.delete(:full_message_for_conflict) do
+        proc do |name, conflict|
+          o = "\n".dup << incompatible_version_message_for_conflict.call(name, conflict) << "\n"
+          if conflict.locked_requirement
+            o << %(  In snapshot (#{name_for_locking_dependency_source}):\n)
+            o << %(    #{printable_requirement.call(conflict.locked_requirement)}\n)
+            o << %(\n)
+          end
+          o << %(  In #{name_for_explicit_dependency_source}:\n)
+          trees = reduce_trees.call(conflict.requirement_trees)
+
+          o << trees.map do |tree|
+            t = ''.dup
+            depth = 2
+            tree.each do |req|
+              t << '  ' * depth << printable_requirement.call(req)
+              unless tree.last == req
+                if spec = conflict.activated_by_name[name_for(req)]
+                  t << %( was resolved to #{version_for_spec.call(spec)}, which)
+                end
+                t << %( depends on)
               end
-              t << %( depends on)
+              t << %(\n)
+              depth += 1
             end
-            t << %(\n)
-            depth += 1
-          end
-          t
-        end.join("\n")
+            t
+          end.join("\n")
 
-        additional_message_for_conflict.call(o, name, conflict)
+          additional_message_for_conflict.call(o, name, conflict)
 
-        o
+          o
+        end
+      end
+
+      conflicts.sort.reduce(''.dup) do |o, (name, conflict)|
+        o << full_message_for_conflict.call(name, conflict)
       end.strip
     end
   end

data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb

@@ -2,5 +2,5 @@
 
 module Gem::Resolver::Molinillo
   # The version of Gem::Resolver::Molinillo.
-  VERSION = '0.7.0'.freeze
+  VERSION = '0.8.0'.freeze
 end

data/lib/rubygems/resolver/molinillo.rb

@@ -1,2 +1,3 @@
 # frozen_string_literal: true
+
 require_relative "molinillo/lib/molinillo"

data/lib/rubygems/resolver/requirement_list.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # The RequirementList is used to hold the requirements being considered
 # while resolving a set of gems.

data/lib/rubygems/resolver/set.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # Resolver sets are used to look up specifications (and their
 # dependencies) used in resolution.  This set is abstract.

data/lib/rubygems/resolver/source_set.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 ##
 # The SourceSet chooses the best available method to query a remote index.
 #

data/lib/rubygems/resolver/spec_specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # The Resolver::SpecSpecification contains common functionality for
 # Resolver specifications that are backed by a Gem::Specification.

data/lib/rubygems/resolver/specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A Resolver::Specification contains a subset of the information
 # contained in a Gem::Specification.  Only the information necessary for

data/lib/rubygems/resolver/stats.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 class Gem::Resolver::Stats
   def initialize
     @max_depth = 0
@@ -32,7 +33,7 @@ class Gem::Resolver::Stats
     @iterations += 1
   end
 
-  PATTERN = "%20s: %d\n".freeze
+  PATTERN = "%20s: %d\n"
 
   def display
     $stdout.puts "=== Resolver Statistics ==="

data/lib/rubygems/resolver/vendor_set.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A VendorSet represents gems that have been unpacked into a specific
 # directory that contains a gemspec.

data/lib/rubygems/resolver/vendor_specification.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A VendorSpecification represents a gem that has been unpacked into a project
 # and is being loaded through a gem dependencies file through the +path:+

data/lib/rubygems/resolver.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 require_relative "dependency"
 require_relative "exceptions"
 require_relative "util/list"

data/lib/rubygems/s3_uri_signer.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative "openssl"
 
 ##
@@ -170,6 +172,6 @@ class Gem::S3URISigner
   end
 
   BASE64_URI_TRANSLATE = { "+" => "%2B", "/" => "%2F", "=" => "%3D", "\n" => "" }.freeze
-  EC2_IAM_INFO = "http://169.254.169.254/latest/meta-data/iam/info".freeze
-  EC2_IAM_SECURITY_CREDENTIALS = "http://169.254.169.254/latest/meta-data/iam/security-credentials/".freeze
+  EC2_IAM_INFO = "http://169.254.169.254/latest/meta-data/iam/info"
+  EC2_IAM_SECURITY_CREDENTIALS = "http://169.254.169.254/latest/meta-data/iam/security-credentials/"
 end

data/lib/rubygems/safe_yaml.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Gem
 
   ###

data/lib/rubygems/security/policies.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 module Gem::Security
 
   ##
@@ -6,12 +7,12 @@ module Gem::Security
 
   NoSecurity = Policy.new(
     "No Security",
-    :verify_data      => false,
-    :verify_signer    => false,
-    :verify_chain     => false,
-    :verify_root      => false,
-    :only_trusted     => false,
-    :only_signed      => false
+    :verify_data => false,
+    :verify_signer => false,
+    :verify_chain => false,
+    :verify_root => false,
+    :only_trusted => false,
+    :only_signed => false
   )
 
   ##
@@ -24,12 +25,12 @@ module Gem::Security
 
   AlmostNoSecurity = Policy.new(
     "Almost No Security",
-    :verify_data      => true,
-    :verify_signer    => false,
-    :verify_chain     => false,
-    :verify_root      => false,
-    :only_trusted     => false,
-    :only_signed      => false
+    :verify_data => true,
+    :verify_signer => false,
+    :verify_chain => false,
+    :verify_root => false,
+    :only_trusted => false,
+    :only_signed => false
   )
 
   ##
@@ -41,12 +42,12 @@ module Gem::Security
 
   LowSecurity = Policy.new(
     "Low Security",
-    :verify_data      => true,
-    :verify_signer    => true,
-    :verify_chain     => false,
-    :verify_root      => false,
-    :only_trusted     => false,
-    :only_signed      => false
+    :verify_data => true,
+    :verify_signer => true,
+    :verify_chain => false,
+    :verify_root => false,
+    :only_trusted => false,
+    :only_signed => false
   )
 
   ##
@@ -60,12 +61,12 @@ module Gem::Security
 
   MediumSecurity = Policy.new(
     "Medium Security",
-    :verify_data      => true,
-    :verify_signer    => true,
-    :verify_chain     => true,
-    :verify_root      => true,
-    :only_trusted     => true,
-    :only_signed      => false
+    :verify_data => true,
+    :verify_signer => true,
+    :verify_chain => true,
+    :verify_root => true,
+    :only_trusted => true,
+    :only_signed => false
   )
 
   ##
@@ -79,12 +80,12 @@ module Gem::Security
 
   HighSecurity = Policy.new(
     "High Security",
-    :verify_data      => true,
-    :verify_signer    => true,
-    :verify_chain     => true,
-    :verify_root      => true,
-    :only_trusted     => true,
-    :only_signed      => true
+    :verify_data => true,
+    :verify_signer => true,
+    :verify_chain => true,
+    :verify_root => true,
+    :only_trusted => true,
+    :only_signed => true
   )
 
   ##
@@ -92,23 +93,23 @@ module Gem::Security
 
   SigningPolicy = Policy.new(
     "Signing Policy",
-    :verify_data      => false,
-    :verify_signer    => true,
-    :verify_chain     => true,
-    :verify_root      => true,
-    :only_trusted     => false,
-    :only_signed      => false
+    :verify_data => false,
+    :verify_signer => true,
+    :verify_chain => true,
+    :verify_root => true,
+    :only_trusted => false,
+    :only_signed => false
   )
 
   ##
   # Hash of configured security policies
 
   Policies = {
-    "NoSecurity"       => NoSecurity,
+    "NoSecurity" => NoSecurity,
     "AlmostNoSecurity" => AlmostNoSecurity,
-    "LowSecurity"      => LowSecurity,
-    "MediumSecurity"   => MediumSecurity,
-    "HighSecurity"     => HighSecurity,
+    "LowSecurity" => LowSecurity,
+    "MediumSecurity" => MediumSecurity,
+    "HighSecurity" => HighSecurity,
     # SigningPolicy is not intended for use by `gem -P` so do not list it
   }.freeze
 

data/lib/rubygems/security/policy.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 require_relative "../user_interaction"
 
 ##

data/lib/rubygems/security/signer.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # Basic OpenSSL-based package signing class.
 

data/lib/rubygems/security/trust_dir.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # The TrustDir manages the trusted certificates for gem signature
 # verification.
@@ -8,7 +9,7 @@ class Gem::Security::TrustDir
   # Default permissions for the trust directory and its contents
 
   DEFAULT_PERMISSIONS = {
-    :trust_dir    => 0700,
+    :trust_dir => 0700,
     :trusted_cert => 0600,
   }.freeze
 

data/lib/rubygems/security.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 #--
 # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
 # All rights reserved.
@@ -376,8 +377,8 @@ module Gem::Security
   # * The certificate contains a subject key identifier
 
   EXTENSIONS = {
-    "basicConstraints"     => "CA:FALSE",
-    "keyUsage"             =>
+    "basicConstraints" => "CA:FALSE",
+    "keyUsage" =>
       "keyEncipherment,dataEncipherment,digitalSignature",
     "subjectKeyIdentifier" => "hash",
   }.freeze
@@ -433,13 +434,6 @@ module Gem::Security
     ec_key
   end
 
-  ##
-  # In Ruby 2.3 EC doesn't implement the private_key? but not the private? method
-
-  if defined?(OpenSSL::PKey::EC) && Gem::Version.new(String.new(RUBY_VERSION)) < Gem::Version.new("2.4.0")
-    OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)
-  end
-
   ##
   # Creates a self-signed certificate with an issuer and subject from +email+,
   # a subject alternative name of +email+ and the given +extensions+ for the
@@ -492,13 +486,7 @@ module Gem::Security
       when "rsa"
         OpenSSL::PKey::RSA.new(RSA_DSA_KEY_LENGTH)
       when "ec"
-        if RUBY_VERSION >= "2.4.0"
-          OpenSSL::PKey::EC.generate(EC_NAME)
-        else
-          domain_key = OpenSSL::PKey::EC.new(EC_NAME)
-          domain_key.generate_key
-          domain_key
-        end
+        OpenSSL::PKey::EC.generate(EC_NAME)
       else
         raise Gem::Security::Exception,
         "#{algorithm} algorithm not found. RSA, DSA, and EC algorithms are supported."

data/lib/rubygems/security_option.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 #--
 # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
 # All rights reserved.

data/lib/rubygems/shellwords.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+autoload :Shellwords, "shellwords"

data/lib/rubygems/source/git.rb

@@ -53,7 +53,7 @@ class Gem::Source::Git < Gem::Source
     @uri = Gem::Uri.parse(repository)
     @name            = name
     @repository      = repository
-    @reference       = reference
+    @reference       = reference || "HEAD"
     @need_submodules = submodules
 
     @remote   = true

data/lib/rubygems/source/installed.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # Represents an installed gem.  This is used for dependency resolution.
 

data/lib/rubygems/source/local.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # The local source finds gems in the current directory for fulfilling
 # dependencies.

data/lib/rubygems/source/lock.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A Lock source wraps an installed gem's source and sorts before other sources
 # during dependency resolution.  This allows RubyGems to prefer gems from

data/lib/rubygems/source/specific_file.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # A source representing a single .gem file.  This is used for installation of
 # local gems.

data/lib/rubygems/source/vendor.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 ##
 # This represents a vendored source that is similar to an installed gem.
 

data/lib/rubygems/source.rb

@@ -12,8 +12,8 @@ class Gem::Source
   include Gem::Text
 
   FILES = { # :nodoc:
-    :released   => "specs",
-    :latest     => "latest_specs",
+    :released => "specs",
+    :latest => "latest_specs",
     :prerelease => "prerelease_specs",
   }.freeze
 

data/lib/rubygems/spec_fetcher.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 require_relative "remote_fetcher"
 require_relative "user_interaction"
 require_relative "errors"