RubyGems - rubygems-update - Versions diffs - 3.4.17 → 3.4.19 - Mend

rubygems-update 3.4.17 → 3.4.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (376) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +24 -0
data/Manifest.txt +7 -4
data/POLICIES.md +2 -2
data/bundler/CHANGELOG.md +30 -0
data/bundler/lib/bundler/build_metadata.rb +2 -2
data/bundler/lib/bundler/cli/binstubs.rb +1 -1
data/bundler/lib/bundler/cli/info.rb +1 -1
data/bundler/lib/bundler/cli/install.rb +1 -1
data/bundler/lib/bundler/cli/outdated.rb +1 -1
data/bundler/lib/bundler/cli/platform.rb +7 -5
data/bundler/lib/bundler/definition.rb +25 -20
data/bundler/lib/bundler/dsl.rb +1 -1
data/bundler/lib/bundler/env.rb +1 -1
data/bundler/lib/bundler/fetcher/compact_index.rb +3 -3
data/bundler/lib/bundler/fetcher/downloader.rb +2 -0
data/bundler/lib/bundler/fetcher/index.rb +1 -2
data/bundler/lib/bundler/fetcher.rb +11 -1
data/bundler/lib/bundler/friendly_errors.rb +1 -1
data/bundler/lib/bundler/gem_helper.rb +3 -4
data/bundler/lib/bundler/installer/parallel_installer.rb +1 -1
data/bundler/lib/bundler/man/bundle-add.1 +1 -1
data/bundler/lib/bundler/man/bundle-binstubs.1 +1 -1
data/bundler/lib/bundler/man/bundle-cache.1 +1 -1
data/bundler/lib/bundler/man/bundle-check.1 +1 -1
data/bundler/lib/bundler/man/bundle-clean.1 +1 -1
data/bundler/lib/bundler/man/bundle-config.1 +1 -1
data/bundler/lib/bundler/man/bundle-console.1 +1 -1
data/bundler/lib/bundler/man/bundle-doctor.1 +1 -1
data/bundler/lib/bundler/man/bundle-exec.1 +1 -1
data/bundler/lib/bundler/man/bundle-gem.1 +1 -1
data/bundler/lib/bundler/man/bundle-help.1 +1 -1
data/bundler/lib/bundler/man/bundle-info.1 +3 -3
data/bundler/lib/bundler/man/bundle-info.1.ronn +3 -3
data/bundler/lib/bundler/man/bundle-init.1 +1 -1
data/bundler/lib/bundler/man/bundle-inject.1 +1 -1
data/bundler/lib/bundler/man/bundle-install.1 +1 -1
data/bundler/lib/bundler/man/bundle-list.1 +1 -1
data/bundler/lib/bundler/man/bundle-lock.1 +1 -1
data/bundler/lib/bundler/man/bundle-open.1 +1 -1
data/bundler/lib/bundler/man/bundle-outdated.1 +13 -9
data/bundler/lib/bundler/man/bundle-outdated.1.ronn +12 -9
data/bundler/lib/bundler/man/bundle-platform.1 +1 -1
data/bundler/lib/bundler/man/bundle-plugin.1 +1 -1
data/bundler/lib/bundler/man/bundle-pristine.1 +1 -1
data/bundler/lib/bundler/man/bundle-remove.1 +1 -1
data/bundler/lib/bundler/man/bundle-show.1 +1 -1
data/bundler/lib/bundler/man/bundle-update.1 +1 -1
data/bundler/lib/bundler/man/bundle-version.1 +1 -1
data/bundler/lib/bundler/man/bundle-viz.1 +1 -1
data/bundler/lib/bundler/man/bundle.1 +1 -1
data/bundler/lib/bundler/man/gemfile.5 +14 -1
data/bundler/lib/bundler/man/gemfile.5.ronn +5 -0
data/bundler/lib/bundler/plugin/index.rb +1 -1
data/bundler/lib/bundler/ruby_dsl.rb +6 -0
data/bundler/lib/bundler/ruby_version.rb +2 -2
data/bundler/lib/bundler/rubygems_integration.rb +1 -1
data/bundler/lib/bundler/source/git.rb +7 -0
data/bundler/lib/bundler/source_list.rb +0 -4
data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +1 -1
data/bundler/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +4 -4
data/bundler/lib/bundler/ui/rg_proxy.rb +1 -1
data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +1 -1
data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +2 -2
data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +1 -1
data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
data/bundler/lib/bundler/version.rb +1 -1
data/bundler/lib/bundler.rb +1 -1
data/{bin → exe}/gem +2 -0
data/{bin → exe}/update_rubygems +7 -5
data/lib/rubygems/available_set.rb +1 -0
data/lib/rubygems/basic_specification.rb +1 -0
data/lib/rubygems/bundler_version_finder.rb +1 -1
data/lib/rubygems/command.rb +1 -0
data/lib/rubygems/command_manager.rb +1 -0
data/lib/rubygems/commands/build_command.rb +1 -0
data/lib/rubygems/commands/cert_command.rb +1 -0
data/lib/rubygems/commands/check_command.rb +1 -0
data/lib/rubygems/commands/cleanup_command.rb +1 -0
data/lib/rubygems/commands/contents_command.rb +1 -0
data/lib/rubygems/commands/dependency_command.rb +1 -0
data/lib/rubygems/commands/environment_command.rb +1 -0
data/lib/rubygems/commands/exec_command.rb +1 -0
data/lib/rubygems/commands/fetch_command.rb +1 -0
data/lib/rubygems/commands/generate_index_command.rb +1 -0
data/lib/rubygems/commands/help_command.rb +1 -0
data/lib/rubygems/commands/install_command.rb +1 -0
data/lib/rubygems/commands/list_command.rb +1 -0
data/lib/rubygems/commands/lock_command.rb +1 -0
data/lib/rubygems/commands/mirror_command.rb +1 -0
data/lib/rubygems/commands/open_command.rb +1 -0
data/lib/rubygems/commands/outdated_command.rb +1 -0
data/lib/rubygems/commands/owner_command.rb +1 -0
data/lib/rubygems/commands/pristine_command.rb +1 -0
data/lib/rubygems/commands/push_command.rb +1 -0
data/lib/rubygems/commands/query_command.rb +1 -0
data/lib/rubygems/commands/rdoc_command.rb +1 -0
data/lib/rubygems/commands/search_command.rb +1 -0
data/lib/rubygems/commands/server_command.rb +1 -0
data/lib/rubygems/commands/setup_command.rb +2 -1
data/lib/rubygems/commands/signin_command.rb +1 -0
data/lib/rubygems/commands/signout_command.rb +1 -0
data/lib/rubygems/commands/sources_command.rb +1 -0
data/lib/rubygems/commands/specification_command.rb +1 -0
data/lib/rubygems/commands/stale_command.rb +1 -0
data/lib/rubygems/commands/uninstall_command.rb +1 -0
data/lib/rubygems/commands/unpack_command.rb +1 -0
data/lib/rubygems/commands/update_command.rb +1 -0
data/lib/rubygems/commands/which_command.rb +1 -0
data/lib/rubygems/commands/yank_command.rb +1 -0
data/lib/rubygems/config_file.rb +1 -0
data/lib/rubygems/core_ext/kernel_require.rb +1 -0
data/lib/rubygems/core_ext/tcpsocket_init.rb +2 -0
data/lib/rubygems/defaults.rb +1 -0
data/lib/rubygems/dependency.rb +1 -0
data/lib/rubygems/dependency_installer.rb +1 -0
data/lib/rubygems/dependency_list.rb +1 -0
data/lib/rubygems/deprecate.rb +1 -0
data/lib/rubygems/doctor.rb +1 -0
data/lib/rubygems/errors.rb +1 -0
data/lib/rubygems/ext/build_error.rb +1 -0
data/lib/rubygems/ext/builder.rb +1 -0
data/lib/rubygems/ext/configure_builder.rb +1 -0
data/lib/rubygems/ext/ext_conf_builder.rb +1 -0
data/lib/rubygems/ext.rb +1 -0
data/lib/rubygems/gem_runner.rb +1 -0
data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +163 -0
data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +105 -0
data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +78 -0
data/lib/rubygems/gemcutter_utilities.rb +30 -26
data/lib/rubygems/indexer.rb +1 -0
data/lib/rubygems/install_default_message.rb +1 -0
data/lib/rubygems/install_message.rb +1 -0
data/lib/rubygems/install_update_options.rb +1 -0
data/lib/rubygems/installer.rb +1 -0
data/lib/rubygems/local_remote_options.rb +1 -0
data/lib/rubygems/mock_gem_ui.rb +1 -0
data/lib/rubygems/name_tuple.rb +1 -0
data/lib/rubygems/package/digest_io.rb +1 -0
data/lib/rubygems/package/file_source.rb +1 -0
data/lib/rubygems/package/io_source.rb +1 -0
data/lib/rubygems/package/old.rb +1 -0
data/lib/rubygems/package/source.rb +1 -0
data/lib/rubygems/package/tar_header.rb +1 -0
data/lib/rubygems/package/tar_reader/entry.rb +1 -0
data/lib/rubygems/package/tar_reader.rb +1 -0
data/lib/rubygems/package/tar_writer.rb +1 -0
data/lib/rubygems/package.rb +2 -2
data/lib/rubygems/package_task.rb +1 -0
data/lib/rubygems/path_support.rb +1 -0
data/lib/rubygems/platform.rb +1 -0
data/lib/rubygems/psych_tree.rb +1 -0
data/lib/rubygems/rdoc.rb +1 -0
data/lib/rubygems/remote_fetcher.rb +1 -0
data/lib/rubygems/request/http_pool.rb +1 -0
data/lib/rubygems/request/https_pool.rb +1 -0
data/lib/rubygems/request.rb +1 -0
data/lib/rubygems/request_set/gem_dependency_api.rb +1 -0
data/lib/rubygems/request_set/lockfile/parser.rb +2 -1
data/lib/rubygems/request_set/lockfile/tokenizer.rb +2 -0
data/lib/rubygems/request_set/lockfile.rb +1 -0
data/lib/rubygems/request_set.rb +1 -0
data/lib/rubygems/requirement.rb +1 -0
data/lib/rubygems/resolver/activation_request.rb +1 -0
data/lib/rubygems/resolver/api_set.rb +1 -0
data/lib/rubygems/resolver/api_specification.rb +1 -0
data/lib/rubygems/resolver/best_set.rb +1 -0
data/lib/rubygems/resolver/composed_set.rb +1 -0
data/lib/rubygems/resolver/conflict.rb +1 -0
data/lib/rubygems/resolver/current_set.rb +1 -0
data/lib/rubygems/resolver/dependency_request.rb +1 -0
data/lib/rubygems/resolver/git_set.rb +1 -0
data/lib/rubygems/resolver/git_specification.rb +1 -0
data/lib/rubygems/resolver/index_set.rb +1 -0
data/lib/rubygems/resolver/index_specification.rb +1 -0
data/lib/rubygems/resolver/installed_specification.rb +1 -0
data/lib/rubygems/resolver/installer_set.rb +1 -0
data/lib/rubygems/resolver/local_specification.rb +1 -0
data/lib/rubygems/resolver/lock_set.rb +1 -0
data/lib/rubygems/resolver/lock_specification.rb +1 -0
data/lib/rubygems/resolver/molinillo.rb +1 -0
data/lib/rubygems/resolver/requirement_list.rb +1 -0
data/lib/rubygems/resolver/set.rb +1 -0
data/lib/rubygems/resolver/source_set.rb +2 -0
data/lib/rubygems/resolver/spec_specification.rb +1 -0
data/lib/rubygems/resolver/specification.rb +1 -0
data/lib/rubygems/resolver/stats.rb +1 -0
data/lib/rubygems/resolver/vendor_set.rb +1 -0
data/lib/rubygems/resolver/vendor_specification.rb +1 -0
data/lib/rubygems/resolver.rb +1 -0
data/lib/rubygems/s3_uri_signer.rb +4 -2
data/lib/rubygems/safe_yaml.rb +2 -0
data/lib/rubygems/security/policies.rb +1 -0
data/lib/rubygems/security/policy.rb +1 -0
data/lib/rubygems/security/signer.rb +1 -0
data/lib/rubygems/security/trust_dir.rb +1 -0
data/lib/rubygems/security.rb +1 -0
data/lib/rubygems/security_option.rb +1 -0
data/lib/rubygems/source/installed.rb +1 -0
data/lib/rubygems/source/local.rb +1 -0
data/lib/rubygems/source/lock.rb +1 -0
data/lib/rubygems/source/specific_file.rb +1 -0
data/lib/rubygems/source/vendor.rb +1 -0
data/lib/rubygems/spec_fetcher.rb +1 -0
data/lib/rubygems/specification.rb +11 -3
data/lib/rubygems/specification_policy.rb +2 -0
data/lib/rubygems/stub_specification.rb +1 -0
data/lib/rubygems/uninstaller.rb +1 -0
data/lib/rubygems/user_interaction.rb +4 -2
data/lib/rubygems/util/licenses.rb +1 -0
data/lib/rubygems/util/list.rb +1 -0
data/lib/rubygems/util.rb +1 -0
data/lib/rubygems/validator.rb +1 -0
data/lib/rubygems/version_option.rb +1 -0
data/lib/rubygems.rb +3 -3
data/rubygems-update.gemspec +5 -4
data/setup.rb +1 -0
data/test/rubygems/bad_rake.rb +1 -0
data/test/rubygems/bundler_test_gem.rb +3 -1
data/test/rubygems/fake_certlib/openssl.rb +1 -0
data/test/rubygems/good_rake.rb +1 -0
data/test/rubygems/helper.rb +1 -1
data/test/rubygems/installer_test_case.rb +1 -0
data/test/rubygems/multifactor_auth_utilities.rb +111 -0
data/test/rubygems/package/tar_test_case.rb +1 -0
data/test/rubygems/plugin/exception/rubygems_plugin.rb +1 -0
data/test/rubygems/plugin/load/rubygems_plugin.rb +1 -0
data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +1 -0
data/test/rubygems/rubygems/commands/crash_command.rb +1 -0
data/test/rubygems/rubygems_plugin.rb +1 -0
data/test/rubygems/simple_gem.rb +1 -0
data/test/rubygems/specifications/bar-0.0.2.gemspec +2 -0
data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +2 -0
data/test/rubygems/test_bundled_ca.rb +1 -0
data/test/rubygems/test_config.rb +1 -0
data/test/rubygems/test_deprecate.rb +1 -0
data/test/rubygems/test_gem.rb +1 -0
data/test/rubygems/test_gem_available_set.rb +1 -0
data/test/rubygems/test_gem_bundler_version_finder.rb +1 -0
data/test/rubygems/test_gem_command.rb +1 -0
data/test/rubygems/test_gem_command_manager.rb +1 -0
data/test/rubygems/test_gem_commands_build_command.rb +1 -0
data/test/rubygems/test_gem_commands_cert_command.rb +1 -0
data/test/rubygems/test_gem_commands_check_command.rb +1 -0
data/test/rubygems/test_gem_commands_cleanup_command.rb +1 -0
data/test/rubygems/test_gem_commands_contents_command.rb +1 -0
data/test/rubygems/test_gem_commands_dependency_command.rb +1 -0
data/test/rubygems/test_gem_commands_environment_command.rb +1 -0
data/test/rubygems/test_gem_commands_exec_command.rb +2 -0
data/test/rubygems/test_gem_commands_fetch_command.rb +1 -0
data/test/rubygems/test_gem_commands_generate_index_command.rb +1 -0
data/test/rubygems/test_gem_commands_help_command.rb +1 -0
data/test/rubygems/test_gem_commands_info_command.rb +1 -0
data/test/rubygems/test_gem_commands_install_command.rb +1 -0
data/test/rubygems/test_gem_commands_list_command.rb +1 -0
data/test/rubygems/test_gem_commands_lock_command.rb +1 -0
data/test/rubygems/test_gem_commands_mirror.rb +1 -0
data/test/rubygems/test_gem_commands_open_command.rb +1 -0
data/test/rubygems/test_gem_commands_outdated_command.rb +1 -0
data/test/rubygems/test_gem_commands_owner_command.rb +68 -39
data/test/rubygems/test_gem_commands_pristine_command.rb +1 -0
data/test/rubygems/test_gem_commands_push_command.rb +68 -37
data/test/rubygems/test_gem_commands_query_command.rb +1 -0
data/test/rubygems/test_gem_commands_search_command.rb +1 -0
data/test/rubygems/test_gem_commands_server_command.rb +1 -0
data/test/rubygems/test_gem_commands_setup_command.rb +1 -1
data/test/rubygems/test_gem_commands_signin_command.rb +1 -0
data/test/rubygems/test_gem_commands_sources_command.rb +1 -0
data/test/rubygems/test_gem_commands_specification_command.rb +1 -0
data/test/rubygems/test_gem_commands_stale_command.rb +1 -0
data/test/rubygems/test_gem_commands_uninstall_command.rb +1 -0
data/test/rubygems/test_gem_commands_unpack_command.rb +1 -0
data/test/rubygems/test_gem_commands_update_command.rb +1 -0
data/test/rubygems/test_gem_commands_which_command.rb +1 -0
data/test/rubygems/test_gem_commands_yank_command.rb +76 -41
data/test/rubygems/test_gem_config_file.rb +1 -0
data/test/rubygems/test_gem_dependency.rb +1 -0
data/test/rubygems/test_gem_dependency_installer.rb +1 -0
data/test/rubygems/test_gem_dependency_list.rb +1 -0
data/test/rubygems/test_gem_dependency_resolution_error.rb +1 -0
data/test/rubygems/test_gem_doctor.rb +1 -0
data/test/rubygems/test_gem_ext_builder.rb +4 -3
data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +2 -0
data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +2 -0
data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +2 -0
data/test/rubygems/test_gem_ext_cargo_builder.rb +2 -2
data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +1 -0
data/test/rubygems/test_gem_ext_cmake_builder.rb +1 -0
data/test/rubygems/test_gem_ext_configure_builder.rb +1 -0
data/test/rubygems/test_gem_ext_rake_builder.rb +1 -0
data/test/rubygems/test_gem_gem_runner.rb +1 -0
data/test/rubygems/test_gem_gemcutter_utilities.rb +106 -92
data/test/rubygems/test_gem_impossible_dependencies_error.rb +1 -0
data/test/rubygems/test_gem_indexer.rb +1 -0
data/test/rubygems/test_gem_install_update_options.rb +1 -0
data/test/rubygems/test_gem_installer.rb +2 -1
data/test/rubygems/test_gem_local_remote_options.rb +1 -0
data/test/rubygems/test_gem_name_tuple.rb +1 -0
data/test/rubygems/test_gem_package_old.rb +1 -0
data/test/rubygems/test_gem_package_tar_header.rb +1 -0
data/test/rubygems/test_gem_package_tar_reader.rb +1 -0
data/test/rubygems/test_gem_package_tar_reader_entry.rb +1 -0
data/test/rubygems/test_gem_package_tar_writer.rb +1 -0
data/test/rubygems/test_gem_package_task.rb +1 -0
data/test/rubygems/test_gem_path_support.rb +1 -0
data/test/rubygems/test_gem_platform.rb +1 -0
data/test/rubygems/test_gem_rdoc.rb +1 -0
data/test/rubygems/test_gem_remote_fetcher.rb +1 -0
data/test/rubygems/test_gem_request.rb +1 -0
data/test/rubygems/test_gem_request_connection_pools.rb +1 -0
data/test/rubygems/test_gem_request_set.rb +1 -0
data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +1 -0
data/test/rubygems/test_gem_request_set_lockfile.rb +1 -0
data/test/rubygems/test_gem_request_set_lockfile_parser.rb +1 -0
data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -0
data/test/rubygems/test_gem_requirement.rb +1 -0
data/test/rubygems/test_gem_resolver.rb +1 -0
data/test/rubygems/test_gem_resolver_activation_request.rb +1 -0
data/test/rubygems/test_gem_resolver_api_set.rb +1 -0
data/test/rubygems/test_gem_resolver_api_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_best_set.rb +1 -0
data/test/rubygems/test_gem_resolver_composed_set.rb +1 -0
data/test/rubygems/test_gem_resolver_conflict.rb +1 -0
data/test/rubygems/test_gem_resolver_dependency_request.rb +1 -0
data/test/rubygems/test_gem_resolver_git_set.rb +1 -0
data/test/rubygems/test_gem_resolver_git_specification.rb +2 -1
data/test/rubygems/test_gem_resolver_index_set.rb +1 -0
data/test/rubygems/test_gem_resolver_index_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_installed_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_installer_set.rb +1 -0
data/test/rubygems/test_gem_resolver_local_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_lock_set.rb +1 -0
data/test/rubygems/test_gem_resolver_lock_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_requirement_list.rb +1 -0
data/test/rubygems/test_gem_resolver_specification.rb +1 -0
data/test/rubygems/test_gem_resolver_vendor_set.rb +1 -0
data/test/rubygems/test_gem_resolver_vendor_specification.rb +1 -0
data/test/rubygems/test_gem_security.rb +1 -0
data/test/rubygems/test_gem_security_signer.rb +1 -0
data/test/rubygems/test_gem_security_trust_dir.rb +1 -0
data/test/rubygems/test_gem_silent_ui.rb +1 -0
data/test/rubygems/test_gem_source.rb +1 -0
data/test/rubygems/test_gem_source_fetch_problem.rb +1 -0
data/test/rubygems/test_gem_source_git.rb +1 -0
data/test/rubygems/test_gem_source_installed.rb +1 -0
data/test/rubygems/test_gem_source_list.rb +1 -0
data/test/rubygems/test_gem_source_local.rb +1 -0
data/test/rubygems/test_gem_source_lock.rb +1 -0
data/test/rubygems/test_gem_source_specific_file.rb +1 -0
data/test/rubygems/test_gem_source_subpath_problem.rb +1 -0
data/test/rubygems/test_gem_source_vendor.rb +1 -0
data/test/rubygems/test_gem_spec_fetcher.rb +1 -0
data/test/rubygems/test_gem_specification.rb +9 -0
data/test/rubygems/test_gem_stream_ui.rb +34 -3
data/test/rubygems/test_gem_stub_specification.rb +1 -0
data/test/rubygems/test_gem_text.rb +1 -0
data/test/rubygems/test_gem_uninstaller.rb +1 -0
data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +1 -0
data/test/rubygems/test_gem_update_suggestion.rb +1 -0
data/test/rubygems/test_gem_uri.rb +2 -0
data/test/rubygems/test_gem_uri_formatter.rb +1 -0
data/test/rubygems/test_gem_util.rb +1 -0
data/test/rubygems/test_gem_version.rb +1 -0
data/test/rubygems/test_gem_version_option.rb +1 -0
data/test/rubygems/test_kernel.rb +1 -0
data/test/rubygems/test_remote_fetch_error.rb +1 -0
data/test/rubygems/test_require.rb +1 -0
data/test/rubygems/test_rubygems.rb +2 -0
data/test/rubygems/test_webauthn_listener.rb +29 -6
data/test/rubygems/test_webauthn_listener_response.rb +8 -8
data/test/rubygems/test_webauthn_poller.rb +124 -0
data/test/rubygems/utilities.rb +1 -0
data/test/test_changelog_generator.rb +1 -1
metadata +39 -10
data/lib/rubygems/webauthn_listener/response.rb +0 -161
data/lib/rubygems/webauthn_listener.rb +0 -92

data/test/rubygems/test_webauthn_poller.rb ADDED Viewed

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+require_relative "helper"
+require "rubygems/gemcutter_utilities/webauthn_poller"
+require "rubygems/gemcutter_utilities"
+class WebauthnPollerTest < Gem::TestCase
+  def setup
+    super
+    @host = Gem.host
+    @webauthn_url = "#{@host}/api/v1/webauthn_verification/odow34b93t6aPCdY"
+    @fetcher = Gem::FakeFetcher.new
+    Gem::RemoteFetcher.fetcher = @fetcher
+    @credentials = {
+      email: "email@example.com",
+      password: "password",
+    }
+  end
+  def test_poll_thread_success
+    @fetcher.data["#{@webauthn_url}/status.json"] = Gem::HTTPResponseFactory.create(
+      body: "{\"status\":\"success\",\"code\":\"Uvh6T57tkWuUnWYo\"}",
+      code: 200,
+      msg: "OK"
+    )
+    thread = Gem::GemcutterUtilities::WebauthnPoller.poll_thread({}, @host, @webauthn_url, @credentials)
+    thread.join
+    assert_equal thread[:otp], "Uvh6T57tkWuUnWYo"
+  end
+  def test_poll_thread_webauthn_verification_error
+    @fetcher.data["#{@webauthn_url}/status.json"] = Gem::HTTPResponseFactory.create(
+      body: "HTTP Basic: Access denied.",
+      code: 401,
+      msg: "Unauthorized"
+    )
+    thread = Gem::GemcutterUtilities::WebauthnPoller.poll_thread({}, @host, @webauthn_url, @credentials)
+    thread.join
+    assert_equal thread[:error].message, "Security device verification failed: Unauthorized"
+  end
+  def test_poll_thread_timeout_error
+    raise_error = ->(*_args) { raise Timeout::Error, "execution expired" }
+    Timeout.stub(:timeout, raise_error) do
+      thread = Gem::GemcutterUtilities::WebauthnPoller.poll_thread({}, @host, @webauthn_url, @credentials)
+      thread.join
+      assert_equal thread[:error].message, "execution expired"
+    end
+  end
+  def test_poll_for_otp_success
+    @fetcher.data["#{@webauthn_url}/status.json"] = Gem::HTTPResponseFactory.create(
+      body: "{\"status\":\"success\",\"code\":\"Uvh6T57tkWuUnWYo\"}",
+      code: 200,
+      msg: "OK"
+    )
+    otp = Gem::GemcutterUtilities::WebauthnPoller.new({}, @host).poll_for_otp(@webauthn_url, @credentials)
+    assert_equal otp, "Uvh6T57tkWuUnWYo"
+  end
+  def test_poll_for_otp_pending_sleeps
+    @fetcher.data["#{@webauthn_url}/status.json"] = Gem::HTTPResponseFactory.create(
+      body: "{\"status\":\"pending\",\"message\":\"Security device authentication is still pending.\"}",
+      code: 200,
+      msg: "OK"
+    )
+    assert_raise Timeout::Error do
+      Timeout.timeout(0.1) do
+        Gem::GemcutterUtilities::WebauthnPoller.new({}, @host).poll_for_otp(@webauthn_url, @credentials)
+      end
+    end
+  end
+  def test_poll_for_otp_not_http_success
+    @fetcher.data["#{@webauthn_url}/status.json"] = Gem::HTTPResponseFactory.create(
+      body: "HTTP Basic: Access denied.",
+      code: 401,
+      msg: "Unauthorized"
+    )
+    error = assert_raise Gem::WebauthnVerificationError do
+      Gem::GemcutterUtilities::WebauthnPoller.new({}, @host).poll_for_otp(@webauthn_url, @credentials)
+    end
+    assert_equal error.message, "Security device verification failed: Unauthorized"
+  end
+  def test_poll_for_otp_invalid_format
+    @fetcher.data["#{@webauthn_url}/status.json"] = Gem::HTTPResponseFactory.create(
+      body: "{}",
+      code: 200,
+      msg: "OK"
+    )
+    error = assert_raise Gem::WebauthnVerificationError do
+      Gem::GemcutterUtilities::WebauthnPoller.new({}, @host).poll_for_otp(@webauthn_url, @credentials)
+    end
+    assert_equal error.message, "Security device verification failed: Invalid response from server"
+  end
+  def test_poll_for_otp_invalid_status
+    @fetcher.data["#{@webauthn_url}/status.json"] = Gem::HTTPResponseFactory.create(
+      body: "{\"status\":\"expired\",\"message\":\"The token in the link you used has either expired or been used already.\"}",
+      code: 200,
+      msg: "OK"
+    )
+    error = assert_raise Gem::WebauthnVerificationError do
+      Gem::GemcutterUtilities::WebauthnPoller.new({}, @host).poll_for_otp(@webauthn_url, @credentials)
+    end
+    assert_equal error.message,
+      "Security device verification failed: The token in the link you used has either expired or been used already."
+  end
+end

data/test/rubygems/utilities.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 require "tempfile"
 require "rubygems"
 require "rubygems/remote_fetcher"

data/test/test_changelog_generator.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-require_relative "../util/changelog"
+require_relative "../tool/changelog"
 require "rubygems/commands/setup_command"
 require_relative "rubygems/helper"

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubygems-update
 version: !ruby/object:Gem::Version
-  version: 3.4.17
+  version: 3.4.19
 platform: ruby
 authors:
 - Jim Weirich
@@ -14,9 +14,9 @@ authors:
 - Evan Phoenix
 - Hiroshi SHIBATA
 autorequire:
-bindir: bin
+bindir: exe
 cert_chain: []
-date: 2023-07-14 00:00:00.000000000 Z
+date: 2023-08-17 00:00:00.000000000 Z
 dependencies: []
 description: |-
   A package (also known as a library) contains a set of functionality
@@ -39,7 +39,6 @@ executables:
 - update_rubygems
 extensions: []
 extra_rdoc_files:
-- CHANGELOG.md
 - LICENSE.txt
 - MAINTAINERS.txt
 - MIT.txt
@@ -49,10 +48,37 @@ extra_rdoc_files:
 - POLICIES.md
 - CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
-- bundler/CHANGELOG.md
 - bundler/LICENSE.md
 - bundler/README.md
 - hide_lib_for_update/note.txt
+- bundler/lib/bundler/man/bundle-add.1
+- bundler/lib/bundler/man/bundle-binstubs.1
+- bundler/lib/bundler/man/bundle-cache.1
+- bundler/lib/bundler/man/bundle-check.1
+- bundler/lib/bundler/man/bundle-clean.1
+- bundler/lib/bundler/man/bundle-config.1
+- bundler/lib/bundler/man/bundle-console.1
+- bundler/lib/bundler/man/bundle-doctor.1
+- bundler/lib/bundler/man/bundle-exec.1
+- bundler/lib/bundler/man/bundle-gem.1
+- bundler/lib/bundler/man/bundle-help.1
+- bundler/lib/bundler/man/bundle-info.1
+- bundler/lib/bundler/man/bundle-init.1
+- bundler/lib/bundler/man/bundle-inject.1
+- bundler/lib/bundler/man/bundle-install.1
+- bundler/lib/bundler/man/bundle-list.1
+- bundler/lib/bundler/man/bundle-lock.1
+- bundler/lib/bundler/man/bundle-open.1
+- bundler/lib/bundler/man/bundle-outdated.1
+- bundler/lib/bundler/man/bundle-platform.1
+- bundler/lib/bundler/man/bundle-plugin.1
+- bundler/lib/bundler/man/bundle-pristine.1
+- bundler/lib/bundler/man/bundle-remove.1
+- bundler/lib/bundler/man/bundle-show.1
+- bundler/lib/bundler/man/bundle-update.1
+- bundler/lib/bundler/man/bundle-version.1
+- bundler/lib/bundler/man/bundle-viz.1
+- bundler/lib/bundler/man/bundle.1
 files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
@@ -64,8 +90,6 @@ files:
 - POLICIES.md
 - README.md
 - UPGRADING.md
-- bin/gem
-- bin/update_rubygems
 - bundler/CHANGELOG.md
 - bundler/LICENSE.md
 - bundler/README.md
@@ -391,6 +415,8 @@ files:
 - bundler/lib/bundler/vlad.rb
 - bundler/lib/bundler/worker.rb
 - bundler/lib/bundler/yaml_serializer.rb
+- exe/gem
+- exe/update_rubygems
 - hide_lib_for_update/note.txt
 - lib/rubygems.rb
 - lib/rubygems/available_set.rb
@@ -459,6 +485,9 @@ files:
 - lib/rubygems/ext/rake_builder.rb
 - lib/rubygems/gem_runner.rb
 - lib/rubygems/gemcutter_utilities.rb
+- lib/rubygems/gemcutter_utilities/webauthn_listener.rb
+- lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb
+- lib/rubygems/gemcutter_utilities/webauthn_poller.rb
 - lib/rubygems/indexer.rb
 - lib/rubygems/install_default_message.rb
 - lib/rubygems/install_message.rb
@@ -598,8 +627,6 @@ files:
 - lib/rubygems/validator.rb
 - lib/rubygems/version.rb
 - lib/rubygems/version_option.rb
-- lib/rubygems/webauthn_listener.rb
-- lib/rubygems/webauthn_listener/response.rb
 - rubygems-update.gemspec
 - setup.rb
 - test/rubygems/alternate_cert.pem
@@ -639,6 +666,7 @@ files:
 - test/rubygems/invalidchild_cert.pem
 - test/rubygems/invalidchild_cert_32.pem
 - test/rubygems/invalidchild_key.pem
+- test/rubygems/multifactor_auth_utilities.rb
 - test/rubygems/package/tar_test_case.rb
 - test/rubygems/packages/Bluebie-legs-0.6.2.gem
 - test/rubygems/packages/ascii_binder-0.1.10.1.gem
@@ -815,6 +843,7 @@ files:
 - test/rubygems/test_rubygems.rb
 - test/rubygems/test_webauthn_listener.rb
 - test/rubygems/test_webauthn_listener_response.rb
+- test/rubygems/test_webauthn_poller.rb
 - test/rubygems/utilities.rb
 - test/rubygems/wrong_key_cert.pem
 - test/rubygems/wrong_key_cert_32.pem
@@ -843,7 +872,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.17
+rubygems_version: 3.4.19
 signing_key:
 specification_version: 4
 summary: RubyGems is a package management framework for Ruby. This gem is downloaded

data/lib/rubygems/webauthn_listener/response.rb DELETED Viewed

@@ -1,161 +0,0 @@
-# frozen_string_literal: true
-##
-# The WebauthnListener Response class is used by the WebauthnListener to create
-# responses to be sent to the Gem host. It creates a Net::HTTPResponse instance
-# when initialized and can be converted to the appropriate format to be sent by a socket using `to_s`.
-# Net::HTTPResponse instances cannot be directly sent over a socket.
-#
-# Types of response classes:
-#   - OkResponse
-#   - NoContentResponse
-#   - BadRequestResponse
-#   - NotFoundResponse
-#   - MethodNotAllowedResponse
-#
-# Example usage:
-#
-#   server = TCPServer.new(0)
-#   socket = server.accept
-#
-#   response = OkResponse.for("https://rubygems.example")
-#   socket.print response.to_s
-#   socket.close
-#
-class Gem::WebauthnListener
-  class Response
-    attr_reader :http_response
-    def self.for(host)
-      new(host)
-    end
-    def initialize(host)
-      @host = host
-      build_http_response
-    end
-    def to_s
-      status_line = "HTTP/#{@http_response.http_version} #{@http_response.code} #{@http_response.message}\r\n"
-      headers = @http_response.to_hash.map {|header, value| "#{header}: #{value.join(", ")}\r\n" }.join + "\r\n"
-      body = @http_response.body ? "#{@http_response.body}\n" : ""
-      status_line + headers + body
-    end
-    private
-    # Must be implemented in subclasses
-    def code
-      raise NotImplementedError
-    end
-    def reason_phrase
-      raise NotImplementedError
-    end
-    def body; end
-    def build_http_response
-      response_class = Net::HTTPResponse::CODE_TO_OBJ[code.to_s]
-      @http_response = response_class.new("1.1", code, reason_phrase)
-      @http_response.instance_variable_set(:@read, true)
-      add_connection_header
-      add_access_control_headers
-      add_body
-    end
-    def add_connection_header
-      @http_response["connection"] = "close"
-    end
-    def add_access_control_headers
-      @http_response["access-control-allow-origin"] = @host
-      @http_response["access-control-allow-methods"] = "POST"
-      @http_response["access-control-allow-headers"] = %w[Content-Type Authorization x-csrf-token]
-    end
-    def add_body
-      return unless body
-      @http_response["content-type"] = "text/plain"
-      @http_response["content-length"] = body.bytesize
-      @http_response.instance_variable_set(:@body, body)
-    end
-  end
-  class OkResponse < Response
-    private
-    def code
-      200
-    end
-    def reason_phrase
-      "OK"
-    end
-    def body
-      "success"
-    end
-  end
-  class NoContentResponse < Response
-    private
-    def code
-      204
-    end
-    def reason_phrase
-      "No Content"
-    end
-  end
-  class BadRequestResponse < Response
-    private
-    def code
-      400
-    end
-    def reason_phrase
-      "Bad Request"
-    end
-    def body
-      "missing code parameter"
-    end
-  end
-  class NotFoundResponse < Response
-    private
-    def code
-      404
-    end
-    def reason_phrase
-      "Not Found"
-    end
-  end
-  class MethodNotAllowedResponse < Response
-    private
-    def code
-      405
-    end
-    def reason_phrase
-      "Method Not Allowed"
-    end
-    def add_access_control_headers
-      super
-      @http_response["allow"] = %w[GET OPTIONS]
-    end
-  end
-end

data/lib/rubygems/webauthn_listener.rb DELETED Viewed

@@ -1,92 +0,0 @@
-# frozen_string_literal: true
-require_relative "webauthn_listener/response"
-##
-# The WebauthnListener class retrieves an OTP after a user successfully WebAuthns with the Gem host.
-# An instance opens a socket using the TCPServer instance given and listens for a request from the Gem host.
-# The request should be a GET request to the root path and contains the OTP code in the form
-# of a query parameter `code`. The listener will return the code which will be used as the OTP for
-# API requests.
-#
-# Types of responses sent by the listener after receiving a request:
-#   - 200 OK: OTP code was successfully retrieved
-#   - 204 No Content: If the request was an OPTIONS request
-#   - 400 Bad Request: If the request did not contain a query parameter `code`
-#   - 404 Not Found: The request was not to the root path
-#   - 405 Method Not Allowed: OTP code was not retrieved because the request was not a GET/OPTIONS request
-#
-# Example usage:
-#
-#   server = TCPServer.new(0)
-#   otp = Gem::WebauthnListener.wait_for_otp_code("https://rubygems.example", server)
-#
-class Gem::WebauthnListener
-  attr_reader :host
-  def initialize(host)
-    @host = host
-  end
-  def self.wait_for_otp_code(host, server)
-    new(host).fetch_otp_from_connection(server)
-  end
-  def fetch_otp_from_connection(server)
-    loop do
-      socket = server.accept
-      request_line = socket.gets
-      method, req_uri, _protocol = request_line.split(" ")
-      req_uri = URI.parse(req_uri)
-      responder = SocketResponder.new(socket)
-      unless root_path?(req_uri)
-        responder.send(NotFoundResponse.for(host))
-        raise Gem::WebauthnVerificationError, "Page at #{req_uri.path} not found."
-      end
-      case method.upcase
-      when "OPTIONS"
-        responder.send(NoContentResponse.for(host))
-        next # will be GET
-      when "GET"
-        if otp = parse_otp_from_uri(req_uri)
-          responder.send(OkResponse.for(host))
-          return otp
-        end
-        responder.send(BadRequestResponse.for(host))
-        raise Gem::WebauthnVerificationError, "Did not receive OTP from #{host}."
-      else
-        responder.send(MethodNotAllowedResponse.for(host))
-        raise Gem::WebauthnVerificationError, "Invalid HTTP method #{method.upcase} received."
-      end
-    end
-  end
-  private
-  def root_path?(uri)
-    uri.path == "/"
-  end
-  def parse_otp_from_uri(uri)
-    require "cgi"
-    return if uri.query.nil?
-    CGI.parse(uri.query).dig("code", 0)
-  end
-  class SocketResponder
-    def initialize(socket)
-      @socket = socket
-    end
-    def send(response)
-      @socket.print response.to_s
-      @socket.close
-    end
-  end
-end