rubygems-update 3.4.17 → 3.4.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +24 -0
- data/Manifest.txt +7 -4
- data/POLICIES.md +2 -2
- data/bundler/CHANGELOG.md +30 -0
- data/bundler/lib/bundler/build_metadata.rb +2 -2
- data/bundler/lib/bundler/cli/binstubs.rb +1 -1
- data/bundler/lib/bundler/cli/info.rb +1 -1
- data/bundler/lib/bundler/cli/install.rb +1 -1
- data/bundler/lib/bundler/cli/outdated.rb +1 -1
- data/bundler/lib/bundler/cli/platform.rb +7 -5
- data/bundler/lib/bundler/definition.rb +25 -20
- data/bundler/lib/bundler/dsl.rb +1 -1
- data/bundler/lib/bundler/env.rb +1 -1
- data/bundler/lib/bundler/fetcher/compact_index.rb +3 -3
- data/bundler/lib/bundler/fetcher/downloader.rb +2 -0
- data/bundler/lib/bundler/fetcher/index.rb +1 -2
- data/bundler/lib/bundler/fetcher.rb +11 -1
- data/bundler/lib/bundler/friendly_errors.rb +1 -1
- data/bundler/lib/bundler/gem_helper.rb +3 -4
- data/bundler/lib/bundler/installer/parallel_installer.rb +1 -1
- data/bundler/lib/bundler/man/bundle-add.1 +1 -1
- data/bundler/lib/bundler/man/bundle-binstubs.1 +1 -1
- data/bundler/lib/bundler/man/bundle-cache.1 +1 -1
- data/bundler/lib/bundler/man/bundle-check.1 +1 -1
- data/bundler/lib/bundler/man/bundle-clean.1 +1 -1
- data/bundler/lib/bundler/man/bundle-config.1 +1 -1
- data/bundler/lib/bundler/man/bundle-console.1 +1 -1
- data/bundler/lib/bundler/man/bundle-doctor.1 +1 -1
- data/bundler/lib/bundler/man/bundle-exec.1 +1 -1
- data/bundler/lib/bundler/man/bundle-gem.1 +1 -1
- data/bundler/lib/bundler/man/bundle-help.1 +1 -1
- data/bundler/lib/bundler/man/bundle-info.1 +3 -3
- data/bundler/lib/bundler/man/bundle-info.1.ronn +3 -3
- data/bundler/lib/bundler/man/bundle-init.1 +1 -1
- data/bundler/lib/bundler/man/bundle-inject.1 +1 -1
- data/bundler/lib/bundler/man/bundle-install.1 +1 -1
- data/bundler/lib/bundler/man/bundle-list.1 +1 -1
- data/bundler/lib/bundler/man/bundle-lock.1 +1 -1
- data/bundler/lib/bundler/man/bundle-open.1 +1 -1
- data/bundler/lib/bundler/man/bundle-outdated.1 +13 -9
- data/bundler/lib/bundler/man/bundle-outdated.1.ronn +12 -9
- data/bundler/lib/bundler/man/bundle-platform.1 +1 -1
- data/bundler/lib/bundler/man/bundle-plugin.1 +1 -1
- data/bundler/lib/bundler/man/bundle-pristine.1 +1 -1
- data/bundler/lib/bundler/man/bundle-remove.1 +1 -1
- data/bundler/lib/bundler/man/bundle-show.1 +1 -1
- data/bundler/lib/bundler/man/bundle-update.1 +1 -1
- data/bundler/lib/bundler/man/bundle-version.1 +1 -1
- data/bundler/lib/bundler/man/bundle-viz.1 +1 -1
- data/bundler/lib/bundler/man/bundle.1 +1 -1
- data/bundler/lib/bundler/man/gemfile.5 +14 -1
- data/bundler/lib/bundler/man/gemfile.5.ronn +5 -0
- data/bundler/lib/bundler/plugin/index.rb +1 -1
- data/bundler/lib/bundler/ruby_dsl.rb +6 -0
- data/bundler/lib/bundler/ruby_version.rb +2 -2
- data/bundler/lib/bundler/rubygems_integration.rb +1 -1
- data/bundler/lib/bundler/source/git.rb +7 -0
- data/bundler/lib/bundler/source_list.rb +0 -4
- data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +1 -1
- data/bundler/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +4 -4
- data/bundler/lib/bundler/ui/rg_proxy.rb +1 -1
- data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +1 -1
- data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +2 -2
- data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +1 -1
- data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
- data/bundler/lib/bundler/version.rb +1 -1
- data/bundler/lib/bundler.rb +1 -1
- data/{bin → exe}/gem +2 -0
- data/{bin → exe}/update_rubygems +7 -5
- data/lib/rubygems/available_set.rb +1 -0
- data/lib/rubygems/basic_specification.rb +1 -0
- data/lib/rubygems/bundler_version_finder.rb +1 -1
- data/lib/rubygems/command.rb +1 -0
- data/lib/rubygems/command_manager.rb +1 -0
- data/lib/rubygems/commands/build_command.rb +1 -0
- data/lib/rubygems/commands/cert_command.rb +1 -0
- data/lib/rubygems/commands/check_command.rb +1 -0
- data/lib/rubygems/commands/cleanup_command.rb +1 -0
- data/lib/rubygems/commands/contents_command.rb +1 -0
- data/lib/rubygems/commands/dependency_command.rb +1 -0
- data/lib/rubygems/commands/environment_command.rb +1 -0
- data/lib/rubygems/commands/exec_command.rb +1 -0
- data/lib/rubygems/commands/fetch_command.rb +1 -0
- data/lib/rubygems/commands/generate_index_command.rb +1 -0
- data/lib/rubygems/commands/help_command.rb +1 -0
- data/lib/rubygems/commands/install_command.rb +1 -0
- data/lib/rubygems/commands/list_command.rb +1 -0
- data/lib/rubygems/commands/lock_command.rb +1 -0
- data/lib/rubygems/commands/mirror_command.rb +1 -0
- data/lib/rubygems/commands/open_command.rb +1 -0
- data/lib/rubygems/commands/outdated_command.rb +1 -0
- data/lib/rubygems/commands/owner_command.rb +1 -0
- data/lib/rubygems/commands/pristine_command.rb +1 -0
- data/lib/rubygems/commands/push_command.rb +1 -0
- data/lib/rubygems/commands/query_command.rb +1 -0
- data/lib/rubygems/commands/rdoc_command.rb +1 -0
- data/lib/rubygems/commands/search_command.rb +1 -0
- data/lib/rubygems/commands/server_command.rb +1 -0
- data/lib/rubygems/commands/setup_command.rb +2 -1
- data/lib/rubygems/commands/signin_command.rb +1 -0
- data/lib/rubygems/commands/signout_command.rb +1 -0
- data/lib/rubygems/commands/sources_command.rb +1 -0
- data/lib/rubygems/commands/specification_command.rb +1 -0
- data/lib/rubygems/commands/stale_command.rb +1 -0
- data/lib/rubygems/commands/uninstall_command.rb +1 -0
- data/lib/rubygems/commands/unpack_command.rb +1 -0
- data/lib/rubygems/commands/update_command.rb +1 -0
- data/lib/rubygems/commands/which_command.rb +1 -0
- data/lib/rubygems/commands/yank_command.rb +1 -0
- data/lib/rubygems/config_file.rb +1 -0
- data/lib/rubygems/core_ext/kernel_require.rb +1 -0
- data/lib/rubygems/core_ext/tcpsocket_init.rb +2 -0
- data/lib/rubygems/defaults.rb +1 -0
- data/lib/rubygems/dependency.rb +1 -0
- data/lib/rubygems/dependency_installer.rb +1 -0
- data/lib/rubygems/dependency_list.rb +1 -0
- data/lib/rubygems/deprecate.rb +1 -0
- data/lib/rubygems/doctor.rb +1 -0
- data/lib/rubygems/errors.rb +1 -0
- data/lib/rubygems/ext/build_error.rb +1 -0
- data/lib/rubygems/ext/builder.rb +1 -0
- data/lib/rubygems/ext/configure_builder.rb +1 -0
- data/lib/rubygems/ext/ext_conf_builder.rb +1 -0
- data/lib/rubygems/ext.rb +1 -0
- data/lib/rubygems/gem_runner.rb +1 -0
- data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +163 -0
- data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +105 -0
- data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +78 -0
- data/lib/rubygems/gemcutter_utilities.rb +30 -26
- data/lib/rubygems/indexer.rb +1 -0
- data/lib/rubygems/install_default_message.rb +1 -0
- data/lib/rubygems/install_message.rb +1 -0
- data/lib/rubygems/install_update_options.rb +1 -0
- data/lib/rubygems/installer.rb +1 -0
- data/lib/rubygems/local_remote_options.rb +1 -0
- data/lib/rubygems/mock_gem_ui.rb +1 -0
- data/lib/rubygems/name_tuple.rb +1 -0
- data/lib/rubygems/package/digest_io.rb +1 -0
- data/lib/rubygems/package/file_source.rb +1 -0
- data/lib/rubygems/package/io_source.rb +1 -0
- data/lib/rubygems/package/old.rb +1 -0
- data/lib/rubygems/package/source.rb +1 -0
- data/lib/rubygems/package/tar_header.rb +1 -0
- data/lib/rubygems/package/tar_reader/entry.rb +1 -0
- data/lib/rubygems/package/tar_reader.rb +1 -0
- data/lib/rubygems/package/tar_writer.rb +1 -0
- data/lib/rubygems/package.rb +2 -2
- data/lib/rubygems/package_task.rb +1 -0
- data/lib/rubygems/path_support.rb +1 -0
- data/lib/rubygems/platform.rb +1 -0
- data/lib/rubygems/psych_tree.rb +1 -0
- data/lib/rubygems/rdoc.rb +1 -0
- data/lib/rubygems/remote_fetcher.rb +1 -0
- data/lib/rubygems/request/http_pool.rb +1 -0
- data/lib/rubygems/request/https_pool.rb +1 -0
- data/lib/rubygems/request.rb +1 -0
- data/lib/rubygems/request_set/gem_dependency_api.rb +1 -0
- data/lib/rubygems/request_set/lockfile/parser.rb +2 -1
- data/lib/rubygems/request_set/lockfile/tokenizer.rb +2 -0
- data/lib/rubygems/request_set/lockfile.rb +1 -0
- data/lib/rubygems/request_set.rb +1 -0
- data/lib/rubygems/requirement.rb +1 -0
- data/lib/rubygems/resolver/activation_request.rb +1 -0
- data/lib/rubygems/resolver/api_set.rb +1 -0
- data/lib/rubygems/resolver/api_specification.rb +1 -0
- data/lib/rubygems/resolver/best_set.rb +1 -0
- data/lib/rubygems/resolver/composed_set.rb +1 -0
- data/lib/rubygems/resolver/conflict.rb +1 -0
- data/lib/rubygems/resolver/current_set.rb +1 -0
- data/lib/rubygems/resolver/dependency_request.rb +1 -0
- data/lib/rubygems/resolver/git_set.rb +1 -0
- data/lib/rubygems/resolver/git_specification.rb +1 -0
- data/lib/rubygems/resolver/index_set.rb +1 -0
- data/lib/rubygems/resolver/index_specification.rb +1 -0
- data/lib/rubygems/resolver/installed_specification.rb +1 -0
- data/lib/rubygems/resolver/installer_set.rb +1 -0
- data/lib/rubygems/resolver/local_specification.rb +1 -0
- data/lib/rubygems/resolver/lock_set.rb +1 -0
- data/lib/rubygems/resolver/lock_specification.rb +1 -0
- data/lib/rubygems/resolver/molinillo.rb +1 -0
- data/lib/rubygems/resolver/requirement_list.rb +1 -0
- data/lib/rubygems/resolver/set.rb +1 -0
- data/lib/rubygems/resolver/source_set.rb +2 -0
- data/lib/rubygems/resolver/spec_specification.rb +1 -0
- data/lib/rubygems/resolver/specification.rb +1 -0
- data/lib/rubygems/resolver/stats.rb +1 -0
- data/lib/rubygems/resolver/vendor_set.rb +1 -0
- data/lib/rubygems/resolver/vendor_specification.rb +1 -0
- data/lib/rubygems/resolver.rb +1 -0
- data/lib/rubygems/s3_uri_signer.rb +4 -2
- data/lib/rubygems/safe_yaml.rb +2 -0
- data/lib/rubygems/security/policies.rb +1 -0
- data/lib/rubygems/security/policy.rb +1 -0
- data/lib/rubygems/security/signer.rb +1 -0
- data/lib/rubygems/security/trust_dir.rb +1 -0
- data/lib/rubygems/security.rb +1 -0
- data/lib/rubygems/security_option.rb +1 -0
- data/lib/rubygems/source/installed.rb +1 -0
- data/lib/rubygems/source/local.rb +1 -0
- data/lib/rubygems/source/lock.rb +1 -0
- data/lib/rubygems/source/specific_file.rb +1 -0
- data/lib/rubygems/source/vendor.rb +1 -0
- data/lib/rubygems/spec_fetcher.rb +1 -0
- data/lib/rubygems/specification.rb +11 -3
- data/lib/rubygems/specification_policy.rb +2 -0
- data/lib/rubygems/stub_specification.rb +1 -0
- data/lib/rubygems/uninstaller.rb +1 -0
- data/lib/rubygems/user_interaction.rb +4 -2
- data/lib/rubygems/util/licenses.rb +1 -0
- data/lib/rubygems/util/list.rb +1 -0
- data/lib/rubygems/util.rb +1 -0
- data/lib/rubygems/validator.rb +1 -0
- data/lib/rubygems/version_option.rb +1 -0
- data/lib/rubygems.rb +3 -3
- data/rubygems-update.gemspec +5 -4
- data/setup.rb +1 -0
- data/test/rubygems/bad_rake.rb +1 -0
- data/test/rubygems/bundler_test_gem.rb +3 -1
- data/test/rubygems/fake_certlib/openssl.rb +1 -0
- data/test/rubygems/good_rake.rb +1 -0
- data/test/rubygems/helper.rb +1 -1
- data/test/rubygems/installer_test_case.rb +1 -0
- data/test/rubygems/multifactor_auth_utilities.rb +111 -0
- data/test/rubygems/package/tar_test_case.rb +1 -0
- data/test/rubygems/plugin/exception/rubygems_plugin.rb +1 -0
- data/test/rubygems/plugin/load/rubygems_plugin.rb +1 -0
- data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +1 -0
- data/test/rubygems/rubygems/commands/crash_command.rb +1 -0
- data/test/rubygems/rubygems_plugin.rb +1 -0
- data/test/rubygems/simple_gem.rb +1 -0
- data/test/rubygems/specifications/bar-0.0.2.gemspec +2 -0
- data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +2 -0
- data/test/rubygems/test_bundled_ca.rb +1 -0
- data/test/rubygems/test_config.rb +1 -0
- data/test/rubygems/test_deprecate.rb +1 -0
- data/test/rubygems/test_gem.rb +1 -0
- data/test/rubygems/test_gem_available_set.rb +1 -0
- data/test/rubygems/test_gem_bundler_version_finder.rb +1 -0
- data/test/rubygems/test_gem_command.rb +1 -0
- data/test/rubygems/test_gem_command_manager.rb +1 -0
- data/test/rubygems/test_gem_commands_build_command.rb +1 -0
- data/test/rubygems/test_gem_commands_cert_command.rb +1 -0
- data/test/rubygems/test_gem_commands_check_command.rb +1 -0
- data/test/rubygems/test_gem_commands_cleanup_command.rb +1 -0
- data/test/rubygems/test_gem_commands_contents_command.rb +1 -0
- data/test/rubygems/test_gem_commands_dependency_command.rb +1 -0
- data/test/rubygems/test_gem_commands_environment_command.rb +1 -0
- data/test/rubygems/test_gem_commands_exec_command.rb +2 -0
- data/test/rubygems/test_gem_commands_fetch_command.rb +1 -0
- data/test/rubygems/test_gem_commands_generate_index_command.rb +1 -0
- data/test/rubygems/test_gem_commands_help_command.rb +1 -0
- data/test/rubygems/test_gem_commands_info_command.rb +1 -0
- data/test/rubygems/test_gem_commands_install_command.rb +1 -0
- data/test/rubygems/test_gem_commands_list_command.rb +1 -0
- data/test/rubygems/test_gem_commands_lock_command.rb +1 -0
- data/test/rubygems/test_gem_commands_mirror.rb +1 -0
- data/test/rubygems/test_gem_commands_open_command.rb +1 -0
- data/test/rubygems/test_gem_commands_outdated_command.rb +1 -0
- data/test/rubygems/test_gem_commands_owner_command.rb +68 -39
- data/test/rubygems/test_gem_commands_pristine_command.rb +1 -0
- data/test/rubygems/test_gem_commands_push_command.rb +68 -37
- data/test/rubygems/test_gem_commands_query_command.rb +1 -0
- data/test/rubygems/test_gem_commands_search_command.rb +1 -0
- data/test/rubygems/test_gem_commands_server_command.rb +1 -0
- data/test/rubygems/test_gem_commands_setup_command.rb +1 -1
- data/test/rubygems/test_gem_commands_signin_command.rb +1 -0
- data/test/rubygems/test_gem_commands_sources_command.rb +1 -0
- data/test/rubygems/test_gem_commands_specification_command.rb +1 -0
- data/test/rubygems/test_gem_commands_stale_command.rb +1 -0
- data/test/rubygems/test_gem_commands_uninstall_command.rb +1 -0
- data/test/rubygems/test_gem_commands_unpack_command.rb +1 -0
- data/test/rubygems/test_gem_commands_update_command.rb +1 -0
- data/test/rubygems/test_gem_commands_which_command.rb +1 -0
- data/test/rubygems/test_gem_commands_yank_command.rb +76 -41
- data/test/rubygems/test_gem_config_file.rb +1 -0
- data/test/rubygems/test_gem_dependency.rb +1 -0
- data/test/rubygems/test_gem_dependency_installer.rb +1 -0
- data/test/rubygems/test_gem_dependency_list.rb +1 -0
- data/test/rubygems/test_gem_dependency_resolution_error.rb +1 -0
- data/test/rubygems/test_gem_doctor.rb +1 -0
- data/test/rubygems/test_gem_ext_builder.rb +4 -3
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +2 -0
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +2 -0
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +2 -0
- data/test/rubygems/test_gem_ext_cargo_builder.rb +2 -2
- data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +1 -0
- data/test/rubygems/test_gem_ext_cmake_builder.rb +1 -0
- data/test/rubygems/test_gem_ext_configure_builder.rb +1 -0
- data/test/rubygems/test_gem_ext_rake_builder.rb +1 -0
- data/test/rubygems/test_gem_gem_runner.rb +1 -0
- data/test/rubygems/test_gem_gemcutter_utilities.rb +106 -92
- data/test/rubygems/test_gem_impossible_dependencies_error.rb +1 -0
- data/test/rubygems/test_gem_indexer.rb +1 -0
- data/test/rubygems/test_gem_install_update_options.rb +1 -0
- data/test/rubygems/test_gem_installer.rb +2 -1
- data/test/rubygems/test_gem_local_remote_options.rb +1 -0
- data/test/rubygems/test_gem_name_tuple.rb +1 -0
- data/test/rubygems/test_gem_package_old.rb +1 -0
- data/test/rubygems/test_gem_package_tar_header.rb +1 -0
- data/test/rubygems/test_gem_package_tar_reader.rb +1 -0
- data/test/rubygems/test_gem_package_tar_reader_entry.rb +1 -0
- data/test/rubygems/test_gem_package_tar_writer.rb +1 -0
- data/test/rubygems/test_gem_package_task.rb +1 -0
- data/test/rubygems/test_gem_path_support.rb +1 -0
- data/test/rubygems/test_gem_platform.rb +1 -0
- data/test/rubygems/test_gem_rdoc.rb +1 -0
- data/test/rubygems/test_gem_remote_fetcher.rb +1 -0
- data/test/rubygems/test_gem_request.rb +1 -0
- data/test/rubygems/test_gem_request_connection_pools.rb +1 -0
- data/test/rubygems/test_gem_request_set.rb +1 -0
- data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +1 -0
- data/test/rubygems/test_gem_request_set_lockfile.rb +1 -0
- data/test/rubygems/test_gem_request_set_lockfile_parser.rb +1 -0
- data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -0
- data/test/rubygems/test_gem_requirement.rb +1 -0
- data/test/rubygems/test_gem_resolver.rb +1 -0
- data/test/rubygems/test_gem_resolver_activation_request.rb +1 -0
- data/test/rubygems/test_gem_resolver_api_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_api_specification.rb +1 -0
- data/test/rubygems/test_gem_resolver_best_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_composed_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_conflict.rb +1 -0
- data/test/rubygems/test_gem_resolver_dependency_request.rb +1 -0
- data/test/rubygems/test_gem_resolver_git_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_git_specification.rb +2 -1
- data/test/rubygems/test_gem_resolver_index_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_index_specification.rb +1 -0
- data/test/rubygems/test_gem_resolver_installed_specification.rb +1 -0
- data/test/rubygems/test_gem_resolver_installer_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_local_specification.rb +1 -0
- data/test/rubygems/test_gem_resolver_lock_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_lock_specification.rb +1 -0
- data/test/rubygems/test_gem_resolver_requirement_list.rb +1 -0
- data/test/rubygems/test_gem_resolver_specification.rb +1 -0
- data/test/rubygems/test_gem_resolver_vendor_set.rb +1 -0
- data/test/rubygems/test_gem_resolver_vendor_specification.rb +1 -0
- data/test/rubygems/test_gem_security.rb +1 -0
- data/test/rubygems/test_gem_security_signer.rb +1 -0
- data/test/rubygems/test_gem_security_trust_dir.rb +1 -0
- data/test/rubygems/test_gem_silent_ui.rb +1 -0
- data/test/rubygems/test_gem_source.rb +1 -0
- data/test/rubygems/test_gem_source_fetch_problem.rb +1 -0
- data/test/rubygems/test_gem_source_git.rb +1 -0
- data/test/rubygems/test_gem_source_installed.rb +1 -0
- data/test/rubygems/test_gem_source_list.rb +1 -0
- data/test/rubygems/test_gem_source_local.rb +1 -0
- data/test/rubygems/test_gem_source_lock.rb +1 -0
- data/test/rubygems/test_gem_source_specific_file.rb +1 -0
- data/test/rubygems/test_gem_source_subpath_problem.rb +1 -0
- data/test/rubygems/test_gem_source_vendor.rb +1 -0
- data/test/rubygems/test_gem_spec_fetcher.rb +1 -0
- data/test/rubygems/test_gem_specification.rb +9 -0
- data/test/rubygems/test_gem_stream_ui.rb +34 -3
- data/test/rubygems/test_gem_stub_specification.rb +1 -0
- data/test/rubygems/test_gem_text.rb +1 -0
- data/test/rubygems/test_gem_uninstaller.rb +1 -0
- data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +1 -0
- data/test/rubygems/test_gem_update_suggestion.rb +1 -0
- data/test/rubygems/test_gem_uri.rb +2 -0
- data/test/rubygems/test_gem_uri_formatter.rb +1 -0
- data/test/rubygems/test_gem_util.rb +1 -0
- data/test/rubygems/test_gem_version.rb +1 -0
- data/test/rubygems/test_gem_version_option.rb +1 -0
- data/test/rubygems/test_kernel.rb +1 -0
- data/test/rubygems/test_remote_fetch_error.rb +1 -0
- data/test/rubygems/test_require.rb +1 -0
- data/test/rubygems/test_rubygems.rb +2 -0
- data/test/rubygems/test_webauthn_listener.rb +29 -6
- data/test/rubygems/test_webauthn_listener_response.rb +8 -8
- data/test/rubygems/test_webauthn_poller.rb +124 -0
- data/test/rubygems/utilities.rb +1 -0
- data/test/test_changelog_generator.rb +1 -1
- metadata +39 -10
- data/lib/rubygems/webauthn_listener/response.rb +0 -161
- data/lib/rubygems/webauthn_listener.rb +0 -92
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require_relative "../command"
|
|
3
4
|
|
|
4
5
|
##
|
|
@@ -244,7 +245,7 @@ By default, this RubyGems will install gem as:
|
|
|
244
245
|
def install_executables(bin_dir)
|
|
245
246
|
prog_mode = options[:prog_mode] || 0755
|
|
246
247
|
|
|
247
|
-
executables = { "gem" => "
|
|
248
|
+
executables = { "gem" => "exe" }
|
|
248
249
|
executables.each do |tool, path|
|
|
249
250
|
say "Installing #{tool} executable" if @verbose
|
|
250
251
|
|
data/lib/rubygems/config_file.rb
CHANGED
data/lib/rubygems/defaults.rb
CHANGED
data/lib/rubygems/dependency.rb
CHANGED
data/lib/rubygems/deprecate.rb
CHANGED
data/lib/rubygems/doctor.rb
CHANGED
data/lib/rubygems/errors.rb
CHANGED
data/lib/rubygems/ext/builder.rb
CHANGED
data/lib/rubygems/ext.rb
CHANGED
data/lib/rubygems/gem_runner.rb
CHANGED
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
##
|
|
4
|
+
# The WebauthnListener Response class is used by the WebauthnListener to create
|
|
5
|
+
# responses to be sent to the Gem host. It creates a Net::HTTPResponse instance
|
|
6
|
+
# when initialized and can be converted to the appropriate format to be sent by a socket using `to_s`.
|
|
7
|
+
# Net::HTTPResponse instances cannot be directly sent over a socket.
|
|
8
|
+
#
|
|
9
|
+
# Types of response classes:
|
|
10
|
+
# - OkResponse
|
|
11
|
+
# - NoContentResponse
|
|
12
|
+
# - BadRequestResponse
|
|
13
|
+
# - NotFoundResponse
|
|
14
|
+
# - MethodNotAllowedResponse
|
|
15
|
+
#
|
|
16
|
+
# Example usage:
|
|
17
|
+
#
|
|
18
|
+
# server = TCPServer.new(0)
|
|
19
|
+
# socket = server.accept
|
|
20
|
+
#
|
|
21
|
+
# response = OkResponse.for("https://rubygems.example")
|
|
22
|
+
# socket.print response.to_s
|
|
23
|
+
# socket.close
|
|
24
|
+
#
|
|
25
|
+
|
|
26
|
+
module Gem::GemcutterUtilities
|
|
27
|
+
class WebauthnListener
|
|
28
|
+
class Response
|
|
29
|
+
attr_reader :http_response
|
|
30
|
+
|
|
31
|
+
def self.for(host)
|
|
32
|
+
new(host)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def initialize(host)
|
|
36
|
+
@host = host
|
|
37
|
+
|
|
38
|
+
build_http_response
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def to_s
|
|
42
|
+
status_line = "HTTP/#{@http_response.http_version} #{@http_response.code} #{@http_response.message}\r\n"
|
|
43
|
+
headers = @http_response.to_hash.map {|header, value| "#{header}: #{value.join(", ")}\r\n" }.join + "\r\n"
|
|
44
|
+
body = @http_response.body ? "#{@http_response.body}\n" : ""
|
|
45
|
+
|
|
46
|
+
status_line + headers + body
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
private
|
|
50
|
+
|
|
51
|
+
# Must be implemented in subclasses
|
|
52
|
+
def code
|
|
53
|
+
raise NotImplementedError
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def reason_phrase
|
|
57
|
+
raise NotImplementedError
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def body; end
|
|
61
|
+
|
|
62
|
+
def build_http_response
|
|
63
|
+
response_class = Net::HTTPResponse::CODE_TO_OBJ[code.to_s]
|
|
64
|
+
@http_response = response_class.new("1.1", code, reason_phrase)
|
|
65
|
+
@http_response.instance_variable_set(:@read, true)
|
|
66
|
+
|
|
67
|
+
add_connection_header
|
|
68
|
+
add_access_control_headers
|
|
69
|
+
add_body
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
def add_connection_header
|
|
73
|
+
@http_response["connection"] = "close"
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def add_access_control_headers
|
|
77
|
+
@http_response["access-control-allow-origin"] = @host
|
|
78
|
+
@http_response["access-control-allow-methods"] = "POST"
|
|
79
|
+
@http_response["access-control-allow-headers"] = %w[Content-Type Authorization x-csrf-token]
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
def add_body
|
|
83
|
+
return unless body
|
|
84
|
+
@http_response["content-type"] = "text/plain; charset=utf-8"
|
|
85
|
+
@http_response["content-length"] = body.bytesize
|
|
86
|
+
@http_response.instance_variable_set(:@body, body)
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
class OkResponse < Response
|
|
91
|
+
private
|
|
92
|
+
|
|
93
|
+
def code
|
|
94
|
+
200
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
def reason_phrase
|
|
98
|
+
"OK"
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
def body
|
|
102
|
+
"success"
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
class NoContentResponse < Response
|
|
107
|
+
private
|
|
108
|
+
|
|
109
|
+
def code
|
|
110
|
+
204
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
def reason_phrase
|
|
114
|
+
"No Content"
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
|
|
118
|
+
class BadRequestResponse < Response
|
|
119
|
+
private
|
|
120
|
+
|
|
121
|
+
def code
|
|
122
|
+
400
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
def reason_phrase
|
|
126
|
+
"Bad Request"
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def body
|
|
130
|
+
"missing code parameter"
|
|
131
|
+
end
|
|
132
|
+
end
|
|
133
|
+
|
|
134
|
+
class NotFoundResponse < Response
|
|
135
|
+
private
|
|
136
|
+
|
|
137
|
+
def code
|
|
138
|
+
404
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
def reason_phrase
|
|
142
|
+
"Not Found"
|
|
143
|
+
end
|
|
144
|
+
end
|
|
145
|
+
|
|
146
|
+
class MethodNotAllowedResponse < Response
|
|
147
|
+
private
|
|
148
|
+
|
|
149
|
+
def code
|
|
150
|
+
405
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
def reason_phrase
|
|
154
|
+
"Method Not Allowed"
|
|
155
|
+
end
|
|
156
|
+
|
|
157
|
+
def add_access_control_headers
|
|
158
|
+
super
|
|
159
|
+
@http_response["allow"] = %w[GET OPTIONS]
|
|
160
|
+
end
|
|
161
|
+
end
|
|
162
|
+
end
|
|
163
|
+
end
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require_relative "webauthn_listener/response"
|
|
4
|
+
|
|
5
|
+
##
|
|
6
|
+
# The WebauthnListener class retrieves an OTP after a user successfully WebAuthns with the Gem host.
|
|
7
|
+
# An instance opens a socket using the TCPServer instance given and listens for a request from the Gem host.
|
|
8
|
+
# The request should be a GET request to the root path and contains the OTP code in the form
|
|
9
|
+
# of a query parameter `code`. The listener will return the code which will be used as the OTP for
|
|
10
|
+
# API requests.
|
|
11
|
+
#
|
|
12
|
+
# Types of responses sent by the listener after receiving a request:
|
|
13
|
+
# - 200 OK: OTP code was successfully retrieved
|
|
14
|
+
# - 204 No Content: If the request was an OPTIONS request
|
|
15
|
+
# - 400 Bad Request: If the request did not contain a query parameter `code`
|
|
16
|
+
# - 404 Not Found: The request was not to the root path
|
|
17
|
+
# - 405 Method Not Allowed: OTP code was not retrieved because the request was not a GET/OPTIONS request
|
|
18
|
+
#
|
|
19
|
+
# Example usage:
|
|
20
|
+
#
|
|
21
|
+
# thread = Gem::WebauthnListener.listener_thread("https://rubygems.example", server)
|
|
22
|
+
# thread.join
|
|
23
|
+
# otp = thread[:otp]
|
|
24
|
+
# error = thread[:error]
|
|
25
|
+
#
|
|
26
|
+
|
|
27
|
+
module Gem::GemcutterUtilities
|
|
28
|
+
class WebauthnListener
|
|
29
|
+
attr_reader :host
|
|
30
|
+
|
|
31
|
+
def initialize(host)
|
|
32
|
+
@host = host
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def self.listener_thread(host, server)
|
|
36
|
+
Thread.new do
|
|
37
|
+
thread = Thread.current
|
|
38
|
+
thread.abort_on_exception = true
|
|
39
|
+
thread.report_on_exception = false
|
|
40
|
+
thread[:otp] = new(host).wait_for_otp_code(server)
|
|
41
|
+
rescue Gem::WebauthnVerificationError => e
|
|
42
|
+
thread[:error] = e
|
|
43
|
+
ensure
|
|
44
|
+
server.close
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def wait_for_otp_code(server)
|
|
49
|
+
loop do
|
|
50
|
+
socket = server.accept
|
|
51
|
+
request_line = socket.gets
|
|
52
|
+
|
|
53
|
+
method, req_uri, _protocol = request_line.split(" ")
|
|
54
|
+
req_uri = URI.parse(req_uri)
|
|
55
|
+
|
|
56
|
+
responder = SocketResponder.new(socket)
|
|
57
|
+
|
|
58
|
+
unless root_path?(req_uri)
|
|
59
|
+
responder.send(NotFoundResponse.for(host))
|
|
60
|
+
raise Gem::WebauthnVerificationError, "Page at #{req_uri.path} not found."
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
case method.upcase
|
|
64
|
+
when "OPTIONS"
|
|
65
|
+
responder.send(NoContentResponse.for(host))
|
|
66
|
+
next # will be GET
|
|
67
|
+
when "GET"
|
|
68
|
+
if otp = parse_otp_from_uri(req_uri)
|
|
69
|
+
responder.send(OkResponse.for(host))
|
|
70
|
+
return otp
|
|
71
|
+
end
|
|
72
|
+
responder.send(BadRequestResponse.for(host))
|
|
73
|
+
raise Gem::WebauthnVerificationError, "Did not receive OTP from #{host}."
|
|
74
|
+
else
|
|
75
|
+
responder.send(MethodNotAllowedResponse.for(host))
|
|
76
|
+
raise Gem::WebauthnVerificationError, "Invalid HTTP method #{method.upcase} received."
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
private
|
|
82
|
+
|
|
83
|
+
def root_path?(uri)
|
|
84
|
+
uri.path == "/"
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def parse_otp_from_uri(uri)
|
|
88
|
+
require "cgi"
|
|
89
|
+
|
|
90
|
+
return if uri.query.nil?
|
|
91
|
+
CGI.parse(uri.query).dig("code", 0)
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
class SocketResponder
|
|
95
|
+
def initialize(socket)
|
|
96
|
+
@socket = socket
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
def send(response)
|
|
100
|
+
@socket.print response.to_s
|
|
101
|
+
@socket.close
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
end
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
##
|
|
4
|
+
# The WebauthnPoller class retrieves an OTP after a user successfully WebAuthns. An instance
|
|
5
|
+
# polls the Gem host for the OTP code. The polling request (api/v1/webauthn_verification/<webauthn_token>/status.json)
|
|
6
|
+
# is sent to the Gem host every 5 seconds and will timeout after 5 minutes. If the status field in the json response
|
|
7
|
+
# is "success", the code field will contain the OTP code.
|
|
8
|
+
#
|
|
9
|
+
# Example usage:
|
|
10
|
+
#
|
|
11
|
+
# thread = Gem::WebauthnPoller.poll_thread(
|
|
12
|
+
# {},
|
|
13
|
+
# "RubyGems.org",
|
|
14
|
+
# "https://rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY",
|
|
15
|
+
# { email: "email@example.com", password: "password" }
|
|
16
|
+
# )
|
|
17
|
+
# thread.join
|
|
18
|
+
# otp = thread[:otp]
|
|
19
|
+
# error = thread[:error]
|
|
20
|
+
#
|
|
21
|
+
|
|
22
|
+
module Gem::GemcutterUtilities
|
|
23
|
+
class WebauthnPoller
|
|
24
|
+
include Gem::GemcutterUtilities
|
|
25
|
+
TIMEOUT_IN_SECONDS = 300
|
|
26
|
+
|
|
27
|
+
attr_reader :options, :host
|
|
28
|
+
|
|
29
|
+
def initialize(options, host)
|
|
30
|
+
@options = options
|
|
31
|
+
@host = host
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def self.poll_thread(options, host, webauthn_url, credentials)
|
|
35
|
+
Thread.new do
|
|
36
|
+
thread = Thread.current
|
|
37
|
+
thread.abort_on_exception = true
|
|
38
|
+
thread.report_on_exception = false
|
|
39
|
+
thread[:otp] = new(options, host).poll_for_otp(webauthn_url, credentials)
|
|
40
|
+
rescue Gem::WebauthnVerificationError, Timeout::Error => e
|
|
41
|
+
thread[:error] = e
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def poll_for_otp(webauthn_url, credentials)
|
|
46
|
+
Timeout.timeout(TIMEOUT_IN_SECONDS) do
|
|
47
|
+
loop do
|
|
48
|
+
response = webauthn_verification_poll_response(webauthn_url, credentials)
|
|
49
|
+
raise Gem::WebauthnVerificationError, response.message unless response.is_a?(Net::HTTPSuccess)
|
|
50
|
+
|
|
51
|
+
require "json"
|
|
52
|
+
parsed_response = JSON.parse(response.body)
|
|
53
|
+
case parsed_response["status"]
|
|
54
|
+
when "pending"
|
|
55
|
+
sleep 5
|
|
56
|
+
when "success"
|
|
57
|
+
return parsed_response["code"]
|
|
58
|
+
else
|
|
59
|
+
raise Gem::WebauthnVerificationError, parsed_response.fetch("message", "Invalid response from server")
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
private
|
|
66
|
+
|
|
67
|
+
def webauthn_verification_poll_response(webauthn_url, credentials)
|
|
68
|
+
webauthn_token = %r{(?<=\/)[^\/]+(?=$)}.match(webauthn_url)[0]
|
|
69
|
+
rubygems_api_request(:get, "api/v1/webauthn_verification/#{webauthn_token}/status.json") do |request|
|
|
70
|
+
if credentials.empty?
|
|
71
|
+
request.add_field "Authorization", api_key
|
|
72
|
+
else
|
|
73
|
+
request.basic_auth credentials[:email], credentials[:password]
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
end
|