rubygems-update 3.4.17 → 3.4.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (376) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +24 -0
  3. data/Manifest.txt +7 -4
  4. data/POLICIES.md +2 -2
  5. data/bundler/CHANGELOG.md +30 -0
  6. data/bundler/lib/bundler/build_metadata.rb +2 -2
  7. data/bundler/lib/bundler/cli/binstubs.rb +1 -1
  8. data/bundler/lib/bundler/cli/info.rb +1 -1
  9. data/bundler/lib/bundler/cli/install.rb +1 -1
  10. data/bundler/lib/bundler/cli/outdated.rb +1 -1
  11. data/bundler/lib/bundler/cli/platform.rb +7 -5
  12. data/bundler/lib/bundler/definition.rb +25 -20
  13. data/bundler/lib/bundler/dsl.rb +1 -1
  14. data/bundler/lib/bundler/env.rb +1 -1
  15. data/bundler/lib/bundler/fetcher/compact_index.rb +3 -3
  16. data/bundler/lib/bundler/fetcher/downloader.rb +2 -0
  17. data/bundler/lib/bundler/fetcher/index.rb +1 -2
  18. data/bundler/lib/bundler/fetcher.rb +11 -1
  19. data/bundler/lib/bundler/friendly_errors.rb +1 -1
  20. data/bundler/lib/bundler/gem_helper.rb +3 -4
  21. data/bundler/lib/bundler/installer/parallel_installer.rb +1 -1
  22. data/bundler/lib/bundler/man/bundle-add.1 +1 -1
  23. data/bundler/lib/bundler/man/bundle-binstubs.1 +1 -1
  24. data/bundler/lib/bundler/man/bundle-cache.1 +1 -1
  25. data/bundler/lib/bundler/man/bundle-check.1 +1 -1
  26. data/bundler/lib/bundler/man/bundle-clean.1 +1 -1
  27. data/bundler/lib/bundler/man/bundle-config.1 +1 -1
  28. data/bundler/lib/bundler/man/bundle-console.1 +1 -1
  29. data/bundler/lib/bundler/man/bundle-doctor.1 +1 -1
  30. data/bundler/lib/bundler/man/bundle-exec.1 +1 -1
  31. data/bundler/lib/bundler/man/bundle-gem.1 +1 -1
  32. data/bundler/lib/bundler/man/bundle-help.1 +1 -1
  33. data/bundler/lib/bundler/man/bundle-info.1 +3 -3
  34. data/bundler/lib/bundler/man/bundle-info.1.ronn +3 -3
  35. data/bundler/lib/bundler/man/bundle-init.1 +1 -1
  36. data/bundler/lib/bundler/man/bundle-inject.1 +1 -1
  37. data/bundler/lib/bundler/man/bundle-install.1 +1 -1
  38. data/bundler/lib/bundler/man/bundle-list.1 +1 -1
  39. data/bundler/lib/bundler/man/bundle-lock.1 +1 -1
  40. data/bundler/lib/bundler/man/bundle-open.1 +1 -1
  41. data/bundler/lib/bundler/man/bundle-outdated.1 +13 -9
  42. data/bundler/lib/bundler/man/bundle-outdated.1.ronn +12 -9
  43. data/bundler/lib/bundler/man/bundle-platform.1 +1 -1
  44. data/bundler/lib/bundler/man/bundle-plugin.1 +1 -1
  45. data/bundler/lib/bundler/man/bundle-pristine.1 +1 -1
  46. data/bundler/lib/bundler/man/bundle-remove.1 +1 -1
  47. data/bundler/lib/bundler/man/bundle-show.1 +1 -1
  48. data/bundler/lib/bundler/man/bundle-update.1 +1 -1
  49. data/bundler/lib/bundler/man/bundle-version.1 +1 -1
  50. data/bundler/lib/bundler/man/bundle-viz.1 +1 -1
  51. data/bundler/lib/bundler/man/bundle.1 +1 -1
  52. data/bundler/lib/bundler/man/gemfile.5 +14 -1
  53. data/bundler/lib/bundler/man/gemfile.5.ronn +5 -0
  54. data/bundler/lib/bundler/plugin/index.rb +1 -1
  55. data/bundler/lib/bundler/ruby_dsl.rb +6 -0
  56. data/bundler/lib/bundler/ruby_version.rb +2 -2
  57. data/bundler/lib/bundler/rubygems_integration.rb +1 -1
  58. data/bundler/lib/bundler/source/git.rb +7 -0
  59. data/bundler/lib/bundler/source_list.rb +0 -4
  60. data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +1 -1
  61. data/bundler/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +4 -4
  62. data/bundler/lib/bundler/ui/rg_proxy.rb +1 -1
  63. data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +1 -1
  64. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +2 -2
  65. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +1 -1
  66. data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
  67. data/bundler/lib/bundler/version.rb +1 -1
  68. data/bundler/lib/bundler.rb +1 -1
  69. data/{bin → exe}/gem +2 -0
  70. data/{bin → exe}/update_rubygems +7 -5
  71. data/lib/rubygems/available_set.rb +1 -0
  72. data/lib/rubygems/basic_specification.rb +1 -0
  73. data/lib/rubygems/bundler_version_finder.rb +1 -1
  74. data/lib/rubygems/command.rb +1 -0
  75. data/lib/rubygems/command_manager.rb +1 -0
  76. data/lib/rubygems/commands/build_command.rb +1 -0
  77. data/lib/rubygems/commands/cert_command.rb +1 -0
  78. data/lib/rubygems/commands/check_command.rb +1 -0
  79. data/lib/rubygems/commands/cleanup_command.rb +1 -0
  80. data/lib/rubygems/commands/contents_command.rb +1 -0
  81. data/lib/rubygems/commands/dependency_command.rb +1 -0
  82. data/lib/rubygems/commands/environment_command.rb +1 -0
  83. data/lib/rubygems/commands/exec_command.rb +1 -0
  84. data/lib/rubygems/commands/fetch_command.rb +1 -0
  85. data/lib/rubygems/commands/generate_index_command.rb +1 -0
  86. data/lib/rubygems/commands/help_command.rb +1 -0
  87. data/lib/rubygems/commands/install_command.rb +1 -0
  88. data/lib/rubygems/commands/list_command.rb +1 -0
  89. data/lib/rubygems/commands/lock_command.rb +1 -0
  90. data/lib/rubygems/commands/mirror_command.rb +1 -0
  91. data/lib/rubygems/commands/open_command.rb +1 -0
  92. data/lib/rubygems/commands/outdated_command.rb +1 -0
  93. data/lib/rubygems/commands/owner_command.rb +1 -0
  94. data/lib/rubygems/commands/pristine_command.rb +1 -0
  95. data/lib/rubygems/commands/push_command.rb +1 -0
  96. data/lib/rubygems/commands/query_command.rb +1 -0
  97. data/lib/rubygems/commands/rdoc_command.rb +1 -0
  98. data/lib/rubygems/commands/search_command.rb +1 -0
  99. data/lib/rubygems/commands/server_command.rb +1 -0
  100. data/lib/rubygems/commands/setup_command.rb +2 -1
  101. data/lib/rubygems/commands/signin_command.rb +1 -0
  102. data/lib/rubygems/commands/signout_command.rb +1 -0
  103. data/lib/rubygems/commands/sources_command.rb +1 -0
  104. data/lib/rubygems/commands/specification_command.rb +1 -0
  105. data/lib/rubygems/commands/stale_command.rb +1 -0
  106. data/lib/rubygems/commands/uninstall_command.rb +1 -0
  107. data/lib/rubygems/commands/unpack_command.rb +1 -0
  108. data/lib/rubygems/commands/update_command.rb +1 -0
  109. data/lib/rubygems/commands/which_command.rb +1 -0
  110. data/lib/rubygems/commands/yank_command.rb +1 -0
  111. data/lib/rubygems/config_file.rb +1 -0
  112. data/lib/rubygems/core_ext/kernel_require.rb +1 -0
  113. data/lib/rubygems/core_ext/tcpsocket_init.rb +2 -0
  114. data/lib/rubygems/defaults.rb +1 -0
  115. data/lib/rubygems/dependency.rb +1 -0
  116. data/lib/rubygems/dependency_installer.rb +1 -0
  117. data/lib/rubygems/dependency_list.rb +1 -0
  118. data/lib/rubygems/deprecate.rb +1 -0
  119. data/lib/rubygems/doctor.rb +1 -0
  120. data/lib/rubygems/errors.rb +1 -0
  121. data/lib/rubygems/ext/build_error.rb +1 -0
  122. data/lib/rubygems/ext/builder.rb +1 -0
  123. data/lib/rubygems/ext/configure_builder.rb +1 -0
  124. data/lib/rubygems/ext/ext_conf_builder.rb +1 -0
  125. data/lib/rubygems/ext.rb +1 -0
  126. data/lib/rubygems/gem_runner.rb +1 -0
  127. data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +163 -0
  128. data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +105 -0
  129. data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +78 -0
  130. data/lib/rubygems/gemcutter_utilities.rb +30 -26
  131. data/lib/rubygems/indexer.rb +1 -0
  132. data/lib/rubygems/install_default_message.rb +1 -0
  133. data/lib/rubygems/install_message.rb +1 -0
  134. data/lib/rubygems/install_update_options.rb +1 -0
  135. data/lib/rubygems/installer.rb +1 -0
  136. data/lib/rubygems/local_remote_options.rb +1 -0
  137. data/lib/rubygems/mock_gem_ui.rb +1 -0
  138. data/lib/rubygems/name_tuple.rb +1 -0
  139. data/lib/rubygems/package/digest_io.rb +1 -0
  140. data/lib/rubygems/package/file_source.rb +1 -0
  141. data/lib/rubygems/package/io_source.rb +1 -0
  142. data/lib/rubygems/package/old.rb +1 -0
  143. data/lib/rubygems/package/source.rb +1 -0
  144. data/lib/rubygems/package/tar_header.rb +1 -0
  145. data/lib/rubygems/package/tar_reader/entry.rb +1 -0
  146. data/lib/rubygems/package/tar_reader.rb +1 -0
  147. data/lib/rubygems/package/tar_writer.rb +1 -0
  148. data/lib/rubygems/package.rb +2 -2
  149. data/lib/rubygems/package_task.rb +1 -0
  150. data/lib/rubygems/path_support.rb +1 -0
  151. data/lib/rubygems/platform.rb +1 -0
  152. data/lib/rubygems/psych_tree.rb +1 -0
  153. data/lib/rubygems/rdoc.rb +1 -0
  154. data/lib/rubygems/remote_fetcher.rb +1 -0
  155. data/lib/rubygems/request/http_pool.rb +1 -0
  156. data/lib/rubygems/request/https_pool.rb +1 -0
  157. data/lib/rubygems/request.rb +1 -0
  158. data/lib/rubygems/request_set/gem_dependency_api.rb +1 -0
  159. data/lib/rubygems/request_set/lockfile/parser.rb +2 -1
  160. data/lib/rubygems/request_set/lockfile/tokenizer.rb +2 -0
  161. data/lib/rubygems/request_set/lockfile.rb +1 -0
  162. data/lib/rubygems/request_set.rb +1 -0
  163. data/lib/rubygems/requirement.rb +1 -0
  164. data/lib/rubygems/resolver/activation_request.rb +1 -0
  165. data/lib/rubygems/resolver/api_set.rb +1 -0
  166. data/lib/rubygems/resolver/api_specification.rb +1 -0
  167. data/lib/rubygems/resolver/best_set.rb +1 -0
  168. data/lib/rubygems/resolver/composed_set.rb +1 -0
  169. data/lib/rubygems/resolver/conflict.rb +1 -0
  170. data/lib/rubygems/resolver/current_set.rb +1 -0
  171. data/lib/rubygems/resolver/dependency_request.rb +1 -0
  172. data/lib/rubygems/resolver/git_set.rb +1 -0
  173. data/lib/rubygems/resolver/git_specification.rb +1 -0
  174. data/lib/rubygems/resolver/index_set.rb +1 -0
  175. data/lib/rubygems/resolver/index_specification.rb +1 -0
  176. data/lib/rubygems/resolver/installed_specification.rb +1 -0
  177. data/lib/rubygems/resolver/installer_set.rb +1 -0
  178. data/lib/rubygems/resolver/local_specification.rb +1 -0
  179. data/lib/rubygems/resolver/lock_set.rb +1 -0
  180. data/lib/rubygems/resolver/lock_specification.rb +1 -0
  181. data/lib/rubygems/resolver/molinillo.rb +1 -0
  182. data/lib/rubygems/resolver/requirement_list.rb +1 -0
  183. data/lib/rubygems/resolver/set.rb +1 -0
  184. data/lib/rubygems/resolver/source_set.rb +2 -0
  185. data/lib/rubygems/resolver/spec_specification.rb +1 -0
  186. data/lib/rubygems/resolver/specification.rb +1 -0
  187. data/lib/rubygems/resolver/stats.rb +1 -0
  188. data/lib/rubygems/resolver/vendor_set.rb +1 -0
  189. data/lib/rubygems/resolver/vendor_specification.rb +1 -0
  190. data/lib/rubygems/resolver.rb +1 -0
  191. data/lib/rubygems/s3_uri_signer.rb +4 -2
  192. data/lib/rubygems/safe_yaml.rb +2 -0
  193. data/lib/rubygems/security/policies.rb +1 -0
  194. data/lib/rubygems/security/policy.rb +1 -0
  195. data/lib/rubygems/security/signer.rb +1 -0
  196. data/lib/rubygems/security/trust_dir.rb +1 -0
  197. data/lib/rubygems/security.rb +1 -0
  198. data/lib/rubygems/security_option.rb +1 -0
  199. data/lib/rubygems/source/installed.rb +1 -0
  200. data/lib/rubygems/source/local.rb +1 -0
  201. data/lib/rubygems/source/lock.rb +1 -0
  202. data/lib/rubygems/source/specific_file.rb +1 -0
  203. data/lib/rubygems/source/vendor.rb +1 -0
  204. data/lib/rubygems/spec_fetcher.rb +1 -0
  205. data/lib/rubygems/specification.rb +11 -3
  206. data/lib/rubygems/specification_policy.rb +2 -0
  207. data/lib/rubygems/stub_specification.rb +1 -0
  208. data/lib/rubygems/uninstaller.rb +1 -0
  209. data/lib/rubygems/user_interaction.rb +4 -2
  210. data/lib/rubygems/util/licenses.rb +1 -0
  211. data/lib/rubygems/util/list.rb +1 -0
  212. data/lib/rubygems/util.rb +1 -0
  213. data/lib/rubygems/validator.rb +1 -0
  214. data/lib/rubygems/version_option.rb +1 -0
  215. data/lib/rubygems.rb +3 -3
  216. data/rubygems-update.gemspec +5 -4
  217. data/setup.rb +1 -0
  218. data/test/rubygems/bad_rake.rb +1 -0
  219. data/test/rubygems/bundler_test_gem.rb +3 -1
  220. data/test/rubygems/fake_certlib/openssl.rb +1 -0
  221. data/test/rubygems/good_rake.rb +1 -0
  222. data/test/rubygems/helper.rb +1 -1
  223. data/test/rubygems/installer_test_case.rb +1 -0
  224. data/test/rubygems/multifactor_auth_utilities.rb +111 -0
  225. data/test/rubygems/package/tar_test_case.rb +1 -0
  226. data/test/rubygems/plugin/exception/rubygems_plugin.rb +1 -0
  227. data/test/rubygems/plugin/load/rubygems_plugin.rb +1 -0
  228. data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +1 -0
  229. data/test/rubygems/rubygems/commands/crash_command.rb +1 -0
  230. data/test/rubygems/rubygems_plugin.rb +1 -0
  231. data/test/rubygems/simple_gem.rb +1 -0
  232. data/test/rubygems/specifications/bar-0.0.2.gemspec +2 -0
  233. data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +2 -0
  234. data/test/rubygems/test_bundled_ca.rb +1 -0
  235. data/test/rubygems/test_config.rb +1 -0
  236. data/test/rubygems/test_deprecate.rb +1 -0
  237. data/test/rubygems/test_gem.rb +1 -0
  238. data/test/rubygems/test_gem_available_set.rb +1 -0
  239. data/test/rubygems/test_gem_bundler_version_finder.rb +1 -0
  240. data/test/rubygems/test_gem_command.rb +1 -0
  241. data/test/rubygems/test_gem_command_manager.rb +1 -0
  242. data/test/rubygems/test_gem_commands_build_command.rb +1 -0
  243. data/test/rubygems/test_gem_commands_cert_command.rb +1 -0
  244. data/test/rubygems/test_gem_commands_check_command.rb +1 -0
  245. data/test/rubygems/test_gem_commands_cleanup_command.rb +1 -0
  246. data/test/rubygems/test_gem_commands_contents_command.rb +1 -0
  247. data/test/rubygems/test_gem_commands_dependency_command.rb +1 -0
  248. data/test/rubygems/test_gem_commands_environment_command.rb +1 -0
  249. data/test/rubygems/test_gem_commands_exec_command.rb +2 -0
  250. data/test/rubygems/test_gem_commands_fetch_command.rb +1 -0
  251. data/test/rubygems/test_gem_commands_generate_index_command.rb +1 -0
  252. data/test/rubygems/test_gem_commands_help_command.rb +1 -0
  253. data/test/rubygems/test_gem_commands_info_command.rb +1 -0
  254. data/test/rubygems/test_gem_commands_install_command.rb +1 -0
  255. data/test/rubygems/test_gem_commands_list_command.rb +1 -0
  256. data/test/rubygems/test_gem_commands_lock_command.rb +1 -0
  257. data/test/rubygems/test_gem_commands_mirror.rb +1 -0
  258. data/test/rubygems/test_gem_commands_open_command.rb +1 -0
  259. data/test/rubygems/test_gem_commands_outdated_command.rb +1 -0
  260. data/test/rubygems/test_gem_commands_owner_command.rb +68 -39
  261. data/test/rubygems/test_gem_commands_pristine_command.rb +1 -0
  262. data/test/rubygems/test_gem_commands_push_command.rb +68 -37
  263. data/test/rubygems/test_gem_commands_query_command.rb +1 -0
  264. data/test/rubygems/test_gem_commands_search_command.rb +1 -0
  265. data/test/rubygems/test_gem_commands_server_command.rb +1 -0
  266. data/test/rubygems/test_gem_commands_setup_command.rb +1 -1
  267. data/test/rubygems/test_gem_commands_signin_command.rb +1 -0
  268. data/test/rubygems/test_gem_commands_sources_command.rb +1 -0
  269. data/test/rubygems/test_gem_commands_specification_command.rb +1 -0
  270. data/test/rubygems/test_gem_commands_stale_command.rb +1 -0
  271. data/test/rubygems/test_gem_commands_uninstall_command.rb +1 -0
  272. data/test/rubygems/test_gem_commands_unpack_command.rb +1 -0
  273. data/test/rubygems/test_gem_commands_update_command.rb +1 -0
  274. data/test/rubygems/test_gem_commands_which_command.rb +1 -0
  275. data/test/rubygems/test_gem_commands_yank_command.rb +76 -41
  276. data/test/rubygems/test_gem_config_file.rb +1 -0
  277. data/test/rubygems/test_gem_dependency.rb +1 -0
  278. data/test/rubygems/test_gem_dependency_installer.rb +1 -0
  279. data/test/rubygems/test_gem_dependency_list.rb +1 -0
  280. data/test/rubygems/test_gem_dependency_resolution_error.rb +1 -0
  281. data/test/rubygems/test_gem_doctor.rb +1 -0
  282. data/test/rubygems/test_gem_ext_builder.rb +4 -3
  283. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +2 -0
  284. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +2 -0
  285. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +2 -0
  286. data/test/rubygems/test_gem_ext_cargo_builder.rb +2 -2
  287. data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +1 -0
  288. data/test/rubygems/test_gem_ext_cmake_builder.rb +1 -0
  289. data/test/rubygems/test_gem_ext_configure_builder.rb +1 -0
  290. data/test/rubygems/test_gem_ext_rake_builder.rb +1 -0
  291. data/test/rubygems/test_gem_gem_runner.rb +1 -0
  292. data/test/rubygems/test_gem_gemcutter_utilities.rb +106 -92
  293. data/test/rubygems/test_gem_impossible_dependencies_error.rb +1 -0
  294. data/test/rubygems/test_gem_indexer.rb +1 -0
  295. data/test/rubygems/test_gem_install_update_options.rb +1 -0
  296. data/test/rubygems/test_gem_installer.rb +2 -1
  297. data/test/rubygems/test_gem_local_remote_options.rb +1 -0
  298. data/test/rubygems/test_gem_name_tuple.rb +1 -0
  299. data/test/rubygems/test_gem_package_old.rb +1 -0
  300. data/test/rubygems/test_gem_package_tar_header.rb +1 -0
  301. data/test/rubygems/test_gem_package_tar_reader.rb +1 -0
  302. data/test/rubygems/test_gem_package_tar_reader_entry.rb +1 -0
  303. data/test/rubygems/test_gem_package_tar_writer.rb +1 -0
  304. data/test/rubygems/test_gem_package_task.rb +1 -0
  305. data/test/rubygems/test_gem_path_support.rb +1 -0
  306. data/test/rubygems/test_gem_platform.rb +1 -0
  307. data/test/rubygems/test_gem_rdoc.rb +1 -0
  308. data/test/rubygems/test_gem_remote_fetcher.rb +1 -0
  309. data/test/rubygems/test_gem_request.rb +1 -0
  310. data/test/rubygems/test_gem_request_connection_pools.rb +1 -0
  311. data/test/rubygems/test_gem_request_set.rb +1 -0
  312. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +1 -0
  313. data/test/rubygems/test_gem_request_set_lockfile.rb +1 -0
  314. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +1 -0
  315. data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -0
  316. data/test/rubygems/test_gem_requirement.rb +1 -0
  317. data/test/rubygems/test_gem_resolver.rb +1 -0
  318. data/test/rubygems/test_gem_resolver_activation_request.rb +1 -0
  319. data/test/rubygems/test_gem_resolver_api_set.rb +1 -0
  320. data/test/rubygems/test_gem_resolver_api_specification.rb +1 -0
  321. data/test/rubygems/test_gem_resolver_best_set.rb +1 -0
  322. data/test/rubygems/test_gem_resolver_composed_set.rb +1 -0
  323. data/test/rubygems/test_gem_resolver_conflict.rb +1 -0
  324. data/test/rubygems/test_gem_resolver_dependency_request.rb +1 -0
  325. data/test/rubygems/test_gem_resolver_git_set.rb +1 -0
  326. data/test/rubygems/test_gem_resolver_git_specification.rb +2 -1
  327. data/test/rubygems/test_gem_resolver_index_set.rb +1 -0
  328. data/test/rubygems/test_gem_resolver_index_specification.rb +1 -0
  329. data/test/rubygems/test_gem_resolver_installed_specification.rb +1 -0
  330. data/test/rubygems/test_gem_resolver_installer_set.rb +1 -0
  331. data/test/rubygems/test_gem_resolver_local_specification.rb +1 -0
  332. data/test/rubygems/test_gem_resolver_lock_set.rb +1 -0
  333. data/test/rubygems/test_gem_resolver_lock_specification.rb +1 -0
  334. data/test/rubygems/test_gem_resolver_requirement_list.rb +1 -0
  335. data/test/rubygems/test_gem_resolver_specification.rb +1 -0
  336. data/test/rubygems/test_gem_resolver_vendor_set.rb +1 -0
  337. data/test/rubygems/test_gem_resolver_vendor_specification.rb +1 -0
  338. data/test/rubygems/test_gem_security.rb +1 -0
  339. data/test/rubygems/test_gem_security_signer.rb +1 -0
  340. data/test/rubygems/test_gem_security_trust_dir.rb +1 -0
  341. data/test/rubygems/test_gem_silent_ui.rb +1 -0
  342. data/test/rubygems/test_gem_source.rb +1 -0
  343. data/test/rubygems/test_gem_source_fetch_problem.rb +1 -0
  344. data/test/rubygems/test_gem_source_git.rb +1 -0
  345. data/test/rubygems/test_gem_source_installed.rb +1 -0
  346. data/test/rubygems/test_gem_source_list.rb +1 -0
  347. data/test/rubygems/test_gem_source_local.rb +1 -0
  348. data/test/rubygems/test_gem_source_lock.rb +1 -0
  349. data/test/rubygems/test_gem_source_specific_file.rb +1 -0
  350. data/test/rubygems/test_gem_source_subpath_problem.rb +1 -0
  351. data/test/rubygems/test_gem_source_vendor.rb +1 -0
  352. data/test/rubygems/test_gem_spec_fetcher.rb +1 -0
  353. data/test/rubygems/test_gem_specification.rb +9 -0
  354. data/test/rubygems/test_gem_stream_ui.rb +34 -3
  355. data/test/rubygems/test_gem_stub_specification.rb +1 -0
  356. data/test/rubygems/test_gem_text.rb +1 -0
  357. data/test/rubygems/test_gem_uninstaller.rb +1 -0
  358. data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +1 -0
  359. data/test/rubygems/test_gem_update_suggestion.rb +1 -0
  360. data/test/rubygems/test_gem_uri.rb +2 -0
  361. data/test/rubygems/test_gem_uri_formatter.rb +1 -0
  362. data/test/rubygems/test_gem_util.rb +1 -0
  363. data/test/rubygems/test_gem_version.rb +1 -0
  364. data/test/rubygems/test_gem_version_option.rb +1 -0
  365. data/test/rubygems/test_kernel.rb +1 -0
  366. data/test/rubygems/test_remote_fetch_error.rb +1 -0
  367. data/test/rubygems/test_require.rb +1 -0
  368. data/test/rubygems/test_rubygems.rb +2 -0
  369. data/test/rubygems/test_webauthn_listener.rb +29 -6
  370. data/test/rubygems/test_webauthn_listener_response.rb +8 -8
  371. data/test/rubygems/test_webauthn_poller.rb +124 -0
  372. data/test/rubygems/utilities.rb +1 -0
  373. data/test/test_changelog_generator.rb +1 -1
  374. metadata +39 -10
  375. data/lib/rubygems/webauthn_listener/response.rb +0 -161
  376. data/lib/rubygems/webauthn_listener.rb +0 -92
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../version_option"
4
5
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../local_remote_options"
4
5
  require_relative "../spec_fetcher"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../local_remote_options"
4
5
  require_relative "../gemcutter_utilities"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../package"
4
5
  require_relative "../installer"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../local_remote_options"
4
5
  require_relative "../gemcutter_utilities"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../query_utils"
4
5
  require_relative "../deprecate"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../version_option"
4
5
  require_relative "../rdoc"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../query_utils"
4
5
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
 
4
5
  unless defined? Gem::Commands::ServerCommand
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
 
4
5
  ##
@@ -244,7 +245,7 @@ By default, this RubyGems will install gem as:
244
245
  def install_executables(bin_dir)
245
246
  prog_mode = options[:prog_mode] || 0755
246
247
 
247
- executables = { "gem" => "bin" }
248
+ executables = { "gem" => "exe" }
248
249
  executables.each do |tool, path|
249
250
  say "Installing #{tool} executable" if @verbose
250
251
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../gemcutter_utilities"
4
5
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
 
4
5
  class Gem::Commands::SignoutCommand < Gem::Command
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../remote_fetcher"
4
5
  require_relative "../spec_fetcher"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../local_remote_options"
4
5
  require_relative "../version_option"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
 
4
5
  class Gem::Commands::StaleCommand < Gem::Command
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../version_option"
4
5
  require_relative "../uninstaller"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../version_option"
4
5
  require_relative "../security_option"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../command_manager"
4
5
  require_relative "../dependency_installer"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
 
4
5
  class Gem::Commands::WhichCommand < Gem::Command
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../command"
3
4
  require_relative "../local_remote_options"
4
5
  require_relative "../version_option"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "socket"
2
4
 
3
5
  module CoreExtensions
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  module Gem
3
4
  DEFAULT_HOST = "https://rubygems.org"
4
5
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  ##
3
4
  # The Dependency class holds a Gem name and a Gem::Requirement.
4
5
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../rubygems"
3
4
  require_relative "dependency_list"
4
5
  require_relative "package"
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  ##
3
4
  # Provides 3 methods for declaring when something is going away.
4
5
  #
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require_relative "../rubygems"
3
4
  require_relative "user_interaction"
4
5
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # This file contains all the various exceptions and other errors that are used
4
5
  # inside of RubyGems.
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  ##
3
4
  # Raised when there is an error while building extensions.
4
5
 
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
data/lib/rubygems/ext.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  #--
3
4
  # Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
4
5
  # All rights reserved.
@@ -0,0 +1,163 @@
1
+ # frozen_string_literal: true
2
+
3
+ ##
4
+ # The WebauthnListener Response class is used by the WebauthnListener to create
5
+ # responses to be sent to the Gem host. It creates a Net::HTTPResponse instance
6
+ # when initialized and can be converted to the appropriate format to be sent by a socket using `to_s`.
7
+ # Net::HTTPResponse instances cannot be directly sent over a socket.
8
+ #
9
+ # Types of response classes:
10
+ # - OkResponse
11
+ # - NoContentResponse
12
+ # - BadRequestResponse
13
+ # - NotFoundResponse
14
+ # - MethodNotAllowedResponse
15
+ #
16
+ # Example usage:
17
+ #
18
+ # server = TCPServer.new(0)
19
+ # socket = server.accept
20
+ #
21
+ # response = OkResponse.for("https://rubygems.example")
22
+ # socket.print response.to_s
23
+ # socket.close
24
+ #
25
+
26
+ module Gem::GemcutterUtilities
27
+ class WebauthnListener
28
+ class Response
29
+ attr_reader :http_response
30
+
31
+ def self.for(host)
32
+ new(host)
33
+ end
34
+
35
+ def initialize(host)
36
+ @host = host
37
+
38
+ build_http_response
39
+ end
40
+
41
+ def to_s
42
+ status_line = "HTTP/#{@http_response.http_version} #{@http_response.code} #{@http_response.message}\r\n"
43
+ headers = @http_response.to_hash.map {|header, value| "#{header}: #{value.join(", ")}\r\n" }.join + "\r\n"
44
+ body = @http_response.body ? "#{@http_response.body}\n" : ""
45
+
46
+ status_line + headers + body
47
+ end
48
+
49
+ private
50
+
51
+ # Must be implemented in subclasses
52
+ def code
53
+ raise NotImplementedError
54
+ end
55
+
56
+ def reason_phrase
57
+ raise NotImplementedError
58
+ end
59
+
60
+ def body; end
61
+
62
+ def build_http_response
63
+ response_class = Net::HTTPResponse::CODE_TO_OBJ[code.to_s]
64
+ @http_response = response_class.new("1.1", code, reason_phrase)
65
+ @http_response.instance_variable_set(:@read, true)
66
+
67
+ add_connection_header
68
+ add_access_control_headers
69
+ add_body
70
+ end
71
+
72
+ def add_connection_header
73
+ @http_response["connection"] = "close"
74
+ end
75
+
76
+ def add_access_control_headers
77
+ @http_response["access-control-allow-origin"] = @host
78
+ @http_response["access-control-allow-methods"] = "POST"
79
+ @http_response["access-control-allow-headers"] = %w[Content-Type Authorization x-csrf-token]
80
+ end
81
+
82
+ def add_body
83
+ return unless body
84
+ @http_response["content-type"] = "text/plain; charset=utf-8"
85
+ @http_response["content-length"] = body.bytesize
86
+ @http_response.instance_variable_set(:@body, body)
87
+ end
88
+ end
89
+
90
+ class OkResponse < Response
91
+ private
92
+
93
+ def code
94
+ 200
95
+ end
96
+
97
+ def reason_phrase
98
+ "OK"
99
+ end
100
+
101
+ def body
102
+ "success"
103
+ end
104
+ end
105
+
106
+ class NoContentResponse < Response
107
+ private
108
+
109
+ def code
110
+ 204
111
+ end
112
+
113
+ def reason_phrase
114
+ "No Content"
115
+ end
116
+ end
117
+
118
+ class BadRequestResponse < Response
119
+ private
120
+
121
+ def code
122
+ 400
123
+ end
124
+
125
+ def reason_phrase
126
+ "Bad Request"
127
+ end
128
+
129
+ def body
130
+ "missing code parameter"
131
+ end
132
+ end
133
+
134
+ class NotFoundResponse < Response
135
+ private
136
+
137
+ def code
138
+ 404
139
+ end
140
+
141
+ def reason_phrase
142
+ "Not Found"
143
+ end
144
+ end
145
+
146
+ class MethodNotAllowedResponse < Response
147
+ private
148
+
149
+ def code
150
+ 405
151
+ end
152
+
153
+ def reason_phrase
154
+ "Method Not Allowed"
155
+ end
156
+
157
+ def add_access_control_headers
158
+ super
159
+ @http_response["allow"] = %w[GET OPTIONS]
160
+ end
161
+ end
162
+ end
163
+ end
@@ -0,0 +1,105 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "webauthn_listener/response"
4
+
5
+ ##
6
+ # The WebauthnListener class retrieves an OTP after a user successfully WebAuthns with the Gem host.
7
+ # An instance opens a socket using the TCPServer instance given and listens for a request from the Gem host.
8
+ # The request should be a GET request to the root path and contains the OTP code in the form
9
+ # of a query parameter `code`. The listener will return the code which will be used as the OTP for
10
+ # API requests.
11
+ #
12
+ # Types of responses sent by the listener after receiving a request:
13
+ # - 200 OK: OTP code was successfully retrieved
14
+ # - 204 No Content: If the request was an OPTIONS request
15
+ # - 400 Bad Request: If the request did not contain a query parameter `code`
16
+ # - 404 Not Found: The request was not to the root path
17
+ # - 405 Method Not Allowed: OTP code was not retrieved because the request was not a GET/OPTIONS request
18
+ #
19
+ # Example usage:
20
+ #
21
+ # thread = Gem::WebauthnListener.listener_thread("https://rubygems.example", server)
22
+ # thread.join
23
+ # otp = thread[:otp]
24
+ # error = thread[:error]
25
+ #
26
+
27
+ module Gem::GemcutterUtilities
28
+ class WebauthnListener
29
+ attr_reader :host
30
+
31
+ def initialize(host)
32
+ @host = host
33
+ end
34
+
35
+ def self.listener_thread(host, server)
36
+ Thread.new do
37
+ thread = Thread.current
38
+ thread.abort_on_exception = true
39
+ thread.report_on_exception = false
40
+ thread[:otp] = new(host).wait_for_otp_code(server)
41
+ rescue Gem::WebauthnVerificationError => e
42
+ thread[:error] = e
43
+ ensure
44
+ server.close
45
+ end
46
+ end
47
+
48
+ def wait_for_otp_code(server)
49
+ loop do
50
+ socket = server.accept
51
+ request_line = socket.gets
52
+
53
+ method, req_uri, _protocol = request_line.split(" ")
54
+ req_uri = URI.parse(req_uri)
55
+
56
+ responder = SocketResponder.new(socket)
57
+
58
+ unless root_path?(req_uri)
59
+ responder.send(NotFoundResponse.for(host))
60
+ raise Gem::WebauthnVerificationError, "Page at #{req_uri.path} not found."
61
+ end
62
+
63
+ case method.upcase
64
+ when "OPTIONS"
65
+ responder.send(NoContentResponse.for(host))
66
+ next # will be GET
67
+ when "GET"
68
+ if otp = parse_otp_from_uri(req_uri)
69
+ responder.send(OkResponse.for(host))
70
+ return otp
71
+ end
72
+ responder.send(BadRequestResponse.for(host))
73
+ raise Gem::WebauthnVerificationError, "Did not receive OTP from #{host}."
74
+ else
75
+ responder.send(MethodNotAllowedResponse.for(host))
76
+ raise Gem::WebauthnVerificationError, "Invalid HTTP method #{method.upcase} received."
77
+ end
78
+ end
79
+ end
80
+
81
+ private
82
+
83
+ def root_path?(uri)
84
+ uri.path == "/"
85
+ end
86
+
87
+ def parse_otp_from_uri(uri)
88
+ require "cgi"
89
+
90
+ return if uri.query.nil?
91
+ CGI.parse(uri.query).dig("code", 0)
92
+ end
93
+
94
+ class SocketResponder
95
+ def initialize(socket)
96
+ @socket = socket
97
+ end
98
+
99
+ def send(response)
100
+ @socket.print response.to_s
101
+ @socket.close
102
+ end
103
+ end
104
+ end
105
+ end
@@ -0,0 +1,78 @@
1
+ # frozen_string_literal: true
2
+
3
+ ##
4
+ # The WebauthnPoller class retrieves an OTP after a user successfully WebAuthns. An instance
5
+ # polls the Gem host for the OTP code. The polling request (api/v1/webauthn_verification/<webauthn_token>/status.json)
6
+ # is sent to the Gem host every 5 seconds and will timeout after 5 minutes. If the status field in the json response
7
+ # is "success", the code field will contain the OTP code.
8
+ #
9
+ # Example usage:
10
+ #
11
+ # thread = Gem::WebauthnPoller.poll_thread(
12
+ # {},
13
+ # "RubyGems.org",
14
+ # "https://rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY",
15
+ # { email: "email@example.com", password: "password" }
16
+ # )
17
+ # thread.join
18
+ # otp = thread[:otp]
19
+ # error = thread[:error]
20
+ #
21
+
22
+ module Gem::GemcutterUtilities
23
+ class WebauthnPoller
24
+ include Gem::GemcutterUtilities
25
+ TIMEOUT_IN_SECONDS = 300
26
+
27
+ attr_reader :options, :host
28
+
29
+ def initialize(options, host)
30
+ @options = options
31
+ @host = host
32
+ end
33
+
34
+ def self.poll_thread(options, host, webauthn_url, credentials)
35
+ Thread.new do
36
+ thread = Thread.current
37
+ thread.abort_on_exception = true
38
+ thread.report_on_exception = false
39
+ thread[:otp] = new(options, host).poll_for_otp(webauthn_url, credentials)
40
+ rescue Gem::WebauthnVerificationError, Timeout::Error => e
41
+ thread[:error] = e
42
+ end
43
+ end
44
+
45
+ def poll_for_otp(webauthn_url, credentials)
46
+ Timeout.timeout(TIMEOUT_IN_SECONDS) do
47
+ loop do
48
+ response = webauthn_verification_poll_response(webauthn_url, credentials)
49
+ raise Gem::WebauthnVerificationError, response.message unless response.is_a?(Net::HTTPSuccess)
50
+
51
+ require "json"
52
+ parsed_response = JSON.parse(response.body)
53
+ case parsed_response["status"]
54
+ when "pending"
55
+ sleep 5
56
+ when "success"
57
+ return parsed_response["code"]
58
+ else
59
+ raise Gem::WebauthnVerificationError, parsed_response.fetch("message", "Invalid response from server")
60
+ end
61
+ end
62
+ end
63
+ end
64
+
65
+ private
66
+
67
+ def webauthn_verification_poll_response(webauthn_url, credentials)
68
+ webauthn_token = %r{(?<=\/)[^\/]+(?=$)}.match(webauthn_url)[0]
69
+ rubygems_api_request(:get, "api/v1/webauthn_verification/#{webauthn_token}/status.json") do |request|
70
+ if credentials.empty?
71
+ request.add_field "Authorization", api_key
72
+ else
73
+ request.basic_auth credentials[:email], credentials[:password]
74
+ end
75
+ end
76
+ end
77
+ end
78
+ end