rubygems-update 3.4.19 → 3.4.21
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +58 -0
- data/Manifest.txt +1 -0
- data/bundler/CHANGELOG.md +62 -2
- data/bundler/lib/bundler/build_metadata.rb +3 -3
- data/bundler/lib/bundler/cli/check.rb +1 -1
- data/bundler/lib/bundler/cli/gem.rb +1 -3
- data/bundler/lib/bundler/cli/info.rb +1 -1
- data/bundler/lib/bundler/cli/install.rb +2 -2
- data/bundler/lib/bundler/cli/lock.rb +26 -23
- data/bundler/lib/bundler/cli/open.rb +5 -7
- data/bundler/lib/bundler/cli/update.rb +1 -0
- data/bundler/lib/bundler/definition.rb +42 -25
- data/bundler/lib/bundler/env.rb +2 -2
- data/bundler/lib/bundler/fetcher/base.rb +2 -2
- data/bundler/lib/bundler/fetcher/compact_index.rb +1 -5
- data/bundler/lib/bundler/fetcher/dependency.rb +1 -1
- data/bundler/lib/bundler/fetcher.rb +31 -30
- data/bundler/lib/bundler/gem_version_promoter.rb +2 -2
- data/bundler/lib/bundler/index.rb +62 -31
- data/bundler/lib/bundler/injector.rb +1 -1
- data/bundler/lib/bundler/installer/parallel_installer.rb +0 -26
- data/bundler/lib/bundler/installer/standalone.rb +15 -1
- data/bundler/lib/bundler/lockfile_parser.rb +32 -39
- data/bundler/lib/bundler/man/bundle-add.1 +1 -1
- data/bundler/lib/bundler/man/bundle-binstubs.1 +1 -1
- data/bundler/lib/bundler/man/bundle-cache.1 +1 -1
- data/bundler/lib/bundler/man/bundle-check.1 +1 -1
- data/bundler/lib/bundler/man/bundle-clean.1 +1 -1
- data/bundler/lib/bundler/man/bundle-config.1 +1 -1
- data/bundler/lib/bundler/man/bundle-console.1 +1 -1
- data/bundler/lib/bundler/man/bundle-doctor.1 +1 -1
- data/bundler/lib/bundler/man/bundle-exec.1 +2 -2
- data/bundler/lib/bundler/man/bundle-exec.1.ronn +2 -3
- data/bundler/lib/bundler/man/bundle-gem.1 +1 -1
- data/bundler/lib/bundler/man/bundle-help.1 +1 -1
- data/bundler/lib/bundler/man/bundle-info.1 +1 -1
- data/bundler/lib/bundler/man/bundle-init.1 +1 -1
- data/bundler/lib/bundler/man/bundle-inject.1 +1 -1
- data/bundler/lib/bundler/man/bundle-install.1 +1 -1
- data/bundler/lib/bundler/man/bundle-list.1 +1 -1
- data/bundler/lib/bundler/man/bundle-lock.1 +1 -1
- data/bundler/lib/bundler/man/bundle-open.1 +1 -1
- data/bundler/lib/bundler/man/bundle-outdated.1 +1 -1
- data/bundler/lib/bundler/man/bundle-platform.1 +1 -1
- data/bundler/lib/bundler/man/bundle-plugin.1 +17 -17
- data/bundler/lib/bundler/man/bundle-plugin.1.ronn +5 -5
- data/bundler/lib/bundler/man/bundle-pristine.1 +1 -1
- data/bundler/lib/bundler/man/bundle-remove.1 +1 -1
- data/bundler/lib/bundler/man/bundle-show.1 +1 -1
- data/bundler/lib/bundler/man/bundle-update.1 +1 -1
- data/bundler/lib/bundler/man/bundle-version.1 +1 -1
- data/bundler/lib/bundler/man/bundle-viz.1 +1 -1
- data/bundler/lib/bundler/man/bundle.1 +1 -1
- data/bundler/lib/bundler/man/gemfile.5 +12 -1
- data/bundler/lib/bundler/man/gemfile.5.ronn +5 -0
- data/bundler/lib/bundler/plugin.rb +1 -1
- data/bundler/lib/bundler/resolver/package.rb +5 -0
- data/bundler/lib/bundler/resolver.rb +45 -10
- data/bundler/lib/bundler/retry.rb +1 -1
- data/bundler/lib/bundler/ruby_dsl.rb +23 -2
- data/bundler/lib/bundler/ruby_version.rb +8 -1
- data/bundler/lib/bundler/self_manager.rb +2 -0
- data/bundler/lib/bundler/settings.rb +86 -25
- data/bundler/lib/bundler/shared_helpers.rb +16 -1
- data/bundler/lib/bundler/source/git/git_proxy.rb +27 -6
- data/bundler/lib/bundler/source/rubygems.rb +22 -25
- data/bundler/lib/bundler/spec_set.rb +2 -2
- data/bundler/lib/bundler/stub_specification.rb +4 -2
- data/bundler/lib/bundler/templates/newgem/Rakefile.tt +6 -2
- data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +1 -1
- data/bundler/lib/bundler/version.rb +1 -1
- data/bundler/lib/bundler/yaml_serializer.rb +6 -7
- data/lib/rubygems/available_set.rb +1 -1
- data/lib/rubygems/basic_specification.rb +3 -3
- data/lib/rubygems/command.rb +17 -20
- data/lib/rubygems/command_manager.rb +1 -1
- data/lib/rubygems/commands/cert_command.rb +3 -3
- data/lib/rubygems/commands/check_command.rb +5 -1
- data/lib/rubygems/commands/cleanup_command.rb +1 -1
- data/lib/rubygems/commands/contents_command.rb +1 -1
- data/lib/rubygems/commands/dependency_command.rb +3 -4
- data/lib/rubygems/commands/help_command.rb +2 -2
- data/lib/rubygems/commands/open_command.rb +1 -3
- data/lib/rubygems/commands/owner_command.rb +9 -11
- data/lib/rubygems/commands/setup_command.rb +8 -8
- data/lib/rubygems/commands/specification_command.rb +5 -1
- data/lib/rubygems/commands/stale_command.rb +1 -1
- data/lib/rubygems/commands/uninstall_command.rb +6 -7
- data/lib/rubygems/commands/unpack_command.rb +4 -6
- data/lib/rubygems/commands/update_command.rb +3 -3
- data/lib/rubygems/commands/yank_command.rb +1 -1
- data/lib/rubygems/config_file.rb +60 -13
- data/lib/rubygems/core_ext/kernel_gem.rb +2 -2
- data/lib/rubygems/core_ext/kernel_require.rb +1 -1
- data/lib/rubygems/core_ext/kernel_warn.rb +4 -5
- data/lib/rubygems/defaults.rb +6 -2
- data/lib/rubygems/dependency_installer.rb +8 -12
- data/lib/rubygems/deprecate.rb +4 -3
- data/lib/rubygems/doctor.rb +1 -1
- data/lib/rubygems/errors.rb +1 -1
- data/lib/rubygems/exceptions.rb +1 -1
- data/lib/rubygems/ext/builder.rb +5 -4
- data/lib/rubygems/ext/cargo_builder.rb +2 -2
- data/lib/rubygems/gem_runner.rb +5 -1
- data/lib/rubygems/gemcutter_utilities.rb +4 -4
- data/lib/rubygems/indexer.rb +1 -1
- data/lib/rubygems/install_update_options.rb +1 -1
- data/lib/rubygems/installer.rb +17 -19
- data/lib/rubygems/name_tuple.rb +1 -1
- data/lib/rubygems/package/old.rb +1 -1
- data/lib/rubygems/package/tar_reader/entry.rb +18 -20
- data/lib/rubygems/package/tar_reader.rb +0 -5
- data/lib/rubygems/package/tar_writer.rb +1 -1
- data/lib/rubygems/package.rb +18 -12
- data/lib/rubygems/platform.rb +6 -2
- data/lib/rubygems/query_utils.rb +5 -5
- data/lib/rubygems/remote_fetcher.rb +10 -2
- data/lib/rubygems/request_set/gem_dependency_api.rb +1 -1
- data/lib/rubygems/request_set.rb +2 -1
- data/lib/rubygems/requirement.rb +1 -1
- data/lib/rubygems/resolver/activation_request.rb +2 -4
- data/lib/rubygems/resolver/api_set.rb +2 -1
- data/lib/rubygems/resolver/api_specification.rb +1 -1
- data/lib/rubygems/resolver/installed_specification.rb +1 -1
- data/lib/rubygems/resolver/local_specification.rb +1 -1
- data/lib/rubygems/s3_uri_signer.rb +1 -1
- data/lib/rubygems/security/signer.rb +10 -2
- data/lib/rubygems/security/trust_dir.rb +8 -10
- data/lib/rubygems/security.rb +2 -2
- data/lib/rubygems/security_option.rb +1 -1
- data/lib/rubygems/source/local.rb +34 -37
- data/lib/rubygems/source.rb +7 -3
- data/lib/rubygems/source_list.rb +2 -2
- data/lib/rubygems/spec_fetcher.rb +29 -33
- data/lib/rubygems/specification.rb +43 -36
- data/lib/rubygems/specification_policy.rb +36 -35
- data/lib/rubygems/stub_specification.rb +13 -10
- data/lib/rubygems/uninstaller.rb +2 -2
- data/lib/rubygems/update_suggestion.rb +1 -1
- data/lib/rubygems/user_interaction.rb +2 -2
- data/lib/rubygems/util/licenses.rb +115 -0
- data/lib/rubygems/util.rb +5 -1
- data/lib/rubygems/validator.rb +5 -7
- data/lib/rubygems/version.rb +3 -2
- data/lib/rubygems/yaml_serializer.rb +88 -0
- data/lib/rubygems.rb +8 -10
- data/rubygems-update.gemspec +1 -1
- data/setup.rb +2 -0
- data/test/rubygems/bundler_test_gem.rb +6 -3
- data/test/rubygems/helper.rb +38 -32
- data/test/rubygems/package/tar_test_case.rb +2 -2
- data/test/rubygems/test_gem.rb +55 -30
- data/test/rubygems/test_gem_command.rb +3 -1
- data/test/rubygems/test_gem_commands_build_command.rb +2 -1
- data/test/rubygems/test_gem_commands_cert_command.rb +22 -22
- data/test/rubygems/test_gem_commands_cleanup_command.rb +2 -2
- data/test/rubygems/test_gem_commands_environment_command.rb +2 -1
- data/test/rubygems/test_gem_commands_exec_command.rb +5 -1
- data/test/rubygems/test_gem_commands_install_command.rb +3 -3
- data/test/rubygems/test_gem_commands_open_command.rb +5 -2
- data/test/rubygems/test_gem_commands_pristine_command.rb +2 -2
- data/test/rubygems/test_gem_commands_push_command.rb +7 -6
- data/test/rubygems/test_gem_commands_signin_command.rb +8 -8
- data/test/rubygems/test_gem_commands_stale_command.rb +1 -1
- data/test/rubygems/test_gem_commands_uninstall_command.rb +1 -1
- data/test/rubygems/test_gem_commands_unpack_command.rb +2 -2
- data/test/rubygems/test_gem_config_file.rb +46 -12
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock +28 -12
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.toml +1 -1
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock +16 -14
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.toml +1 -1
- data/test/rubygems/test_gem_ext_cargo_builder.rb +2 -2
- data/test/rubygems/test_gem_gemcutter_utilities.rb +8 -5
- data/test/rubygems/test_gem_indexer.rb +1 -1
- data/test/rubygems/test_gem_install_update_options.rb +3 -3
- data/test/rubygems/test_gem_installer.rb +15 -15
- data/test/rubygems/test_gem_package.rb +152 -36
- data/test/rubygems/test_gem_package_old.rb +1 -1
- data/test/rubygems/test_gem_package_tar_header.rb +10 -10
- data/test/rubygems/test_gem_package_tar_reader.rb +4 -4
- data/test/rubygems/test_gem_package_tar_reader_entry.rb +53 -1
- data/test/rubygems/test_gem_package_tar_writer.rb +41 -41
- data/test/rubygems/test_gem_rdoc.rb +2 -2
- data/test/rubygems/test_gem_remote_fetcher.rb +34 -34
- data/test/rubygems/test_gem_request.rb +5 -5
- data/test/rubygems/test_gem_request_connection_pools.rb +2 -1
- data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +14 -7
- data/test/rubygems/test_gem_requirement.rb +1 -1
- data/test/rubygems/test_gem_security.rb +2 -2
- data/test/rubygems/test_gem_security_signer.rb +2 -2
- data/test/rubygems/test_gem_security_trust_dir.rb +6 -6
- data/test/rubygems/test_gem_spec_fetcher.rb +2 -2
- data/test/rubygems/test_gem_specification.rb +71 -35
- data/test/rubygems/test_gem_update_suggestion.rb +23 -23
- data/test/rubygems/test_gem_util.rb +2 -2
- data/test/rubygems/test_gem_version.rb +4 -2
- data/test/rubygems/test_require.rb +4 -6
- data/test/rubygems/utilities.rb +4 -3
- metadata +4 -3
@@ -204,8 +204,8 @@ gem 'other', version
|
|
204
204
|
bin_dir = bin_dir.downcase
|
205
205
|
end
|
206
206
|
|
207
|
-
orig_PATH
|
208
|
-
|
207
|
+
orig_PATH = ENV["PATH"]
|
208
|
+
ENV["PATH"] = [ENV["PATH"], bin_dir].join(File::PATH_SEPARATOR)
|
209
209
|
|
210
210
|
use_ui @ui do
|
211
211
|
installer.check_that_user_bin_dir_is_in_path
|
@@ -229,8 +229,8 @@ gem 'other', version
|
|
229
229
|
def test_check_that_user_bin_dir_is_in_path_tilde
|
230
230
|
pend "Tilde is PATH is not supported under MS Windows" if win_platform?
|
231
231
|
|
232
|
-
orig_PATH
|
233
|
-
|
232
|
+
orig_PATH = ENV["PATH"]
|
233
|
+
ENV["PATH"] = [ENV["PATH"], "~/bin"].join(File::PATH_SEPARATOR)
|
234
234
|
|
235
235
|
installer = setup_base_installer
|
236
236
|
installer.bin_dir.replace File.join @userhome, "bin"
|
@@ -467,14 +467,14 @@ gem 'other', version
|
|
467
467
|
elsif Process.uid.zero?
|
468
468
|
pend("test_generate_bin_script_no_perms skipped in root privilege")
|
469
469
|
else
|
470
|
-
FileUtils.chmod
|
470
|
+
FileUtils.chmod 0o000, util_inst_bindir
|
471
471
|
|
472
472
|
assert_raise Gem::FilePermissionError do
|
473
473
|
installer.generate_bin
|
474
474
|
end
|
475
475
|
end
|
476
476
|
ensure
|
477
|
-
FileUtils.chmod
|
477
|
+
FileUtils.chmod 0o755, util_inst_bindir unless ($DEBUG || win_platform?)
|
478
478
|
end
|
479
479
|
|
480
480
|
def test_generate_bin_script_no_shebang
|
@@ -571,14 +571,14 @@ gem 'other', version
|
|
571
571
|
elsif Process.uid.zero?
|
572
572
|
pend("test_user_install_disabled_read_only test skipped in root privilege")
|
573
573
|
else
|
574
|
-
FileUtils.chmod
|
574
|
+
FileUtils.chmod 0o000, util_inst_bindir
|
575
575
|
|
576
576
|
assert_raise Gem::FilePermissionError do
|
577
577
|
installer.generate_bin
|
578
578
|
end
|
579
579
|
end
|
580
580
|
ensure
|
581
|
-
FileUtils.chmod
|
581
|
+
FileUtils.chmod 0o755, util_inst_bindir unless ($DEBUG || win_platform?)
|
582
582
|
end
|
583
583
|
|
584
584
|
def test_generate_bin_symlink_update_newer
|
@@ -816,7 +816,7 @@ gem 'other', version
|
|
816
816
|
|
817
817
|
util_build_gem spec
|
818
818
|
|
819
|
-
File.chmod(
|
819
|
+
File.chmod(0o555, Gem.plugindir)
|
820
820
|
system_path = File.join(Gem.plugindir, "a_plugin.rb")
|
821
821
|
user_path = File.join(Gem.plugindir(Gem.user_dir), "a_plugin.rb")
|
822
822
|
installer = util_installer spec, Gem.dir, :user
|
@@ -838,7 +838,7 @@ gem 'other', version
|
|
838
838
|
|
839
839
|
util_build_gem spec
|
840
840
|
|
841
|
-
File.chmod(
|
841
|
+
File.chmod(0o555, Gem.plugindir)
|
842
842
|
system_path = File.join(Gem.plugindir, "a_plugin.rb")
|
843
843
|
|
844
844
|
build_root = File.join(@tempdir, "build_root")
|
@@ -1032,8 +1032,8 @@ end
|
|
1032
1032
|
exe = File.join gemdir, "bin", "executable"
|
1033
1033
|
assert_path_exist exe
|
1034
1034
|
|
1035
|
-
exe_mode = File.stat(exe).mode &
|
1036
|
-
assert_equal
|
1035
|
+
exe_mode = File.stat(exe).mode & 0o111
|
1036
|
+
assert_equal 0o111, exe_mode, "0%o" % exe_mode unless win_platform?
|
1037
1037
|
|
1038
1038
|
assert_path_exist File.join gemdir, "lib", "code.rb"
|
1039
1039
|
|
@@ -1617,7 +1617,7 @@ end
|
|
1617
1617
|
installer.install
|
1618
1618
|
end
|
1619
1619
|
assert_path_exist so
|
1620
|
-
rescue
|
1620
|
+
rescue StandardError
|
1621
1621
|
puts "-" * 78
|
1622
1622
|
puts File.read File.join(@gemhome, "gems", "a-2", "Makefile")
|
1623
1623
|
puts "-" * 78
|
@@ -2021,7 +2021,7 @@ end
|
|
2021
2021
|
|
2022
2022
|
bin_env = get_bin_env
|
2023
2023
|
|
2024
|
-
assert_equal("#!#{bin_env} #{RbConfig::CONFIG[
|
2024
|
+
assert_equal("#!#{bin_env} #{RbConfig::CONFIG["ruby_install_name"]}",
|
2025
2025
|
shebang)
|
2026
2026
|
end
|
2027
2027
|
|
@@ -2498,7 +2498,7 @@ end
|
|
2498
2498
|
end
|
2499
2499
|
|
2500
2500
|
def mask
|
2501
|
-
|
2501
|
+
0o100755
|
2502
2502
|
end
|
2503
2503
|
|
2504
2504
|
def load_relative(value)
|
@@ -205,7 +205,8 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
205
205
|
|
206
206
|
tar.rewind
|
207
207
|
|
208
|
-
files
|
208
|
+
files = []
|
209
|
+
symlinks = []
|
209
210
|
|
210
211
|
Gem::Package::TarReader.new tar do |tar_io|
|
211
212
|
tar_io.each_entry do |entry|
|
@@ -441,11 +442,11 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
441
442
|
data_tgz = util_tar_gz {}
|
442
443
|
|
443
444
|
gem = util_tar do |tar|
|
444
|
-
tar.add_file "data.tar.gz",
|
445
|
+
tar.add_file "data.tar.gz", 0o644 do |io|
|
445
446
|
io.write data_tgz.string
|
446
447
|
end
|
447
448
|
|
448
|
-
tar.add_file "metadata.gz",
|
449
|
+
tar.add_file "metadata.gz", 0o644 do |io|
|
449
450
|
Zlib::GzipWriter.wrap io do |gzio|
|
450
451
|
gzio.write @spec.to_yaml
|
451
452
|
end
|
@@ -478,7 +479,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
478
479
|
extracted = File.join @destination, "lib/code.rb"
|
479
480
|
assert_path_exist extracted
|
480
481
|
|
481
|
-
mask =
|
482
|
+
mask = 0o100666 & (~File.umask)
|
482
483
|
|
483
484
|
assert_equal mask.to_s(8), File.stat(extracted).mode.to_s(8) unless
|
484
485
|
win_platform?
|
@@ -488,11 +489,11 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
488
489
|
data_tgz = util_tar_gz {}
|
489
490
|
|
490
491
|
gem = util_tar do |tar|
|
491
|
-
tar.add_file "data.tar.gz",
|
492
|
+
tar.add_file "data.tar.gz", 0o644 do |io|
|
492
493
|
io.write data_tgz.string
|
493
494
|
end
|
494
495
|
|
495
|
-
tar.add_file "metadata.gz",
|
496
|
+
tar.add_file "metadata.gz", 0o644 do |io|
|
496
497
|
Zlib::GzipWriter.wrap io do |gzio|
|
497
498
|
gzio.write @spec.to_yaml
|
498
499
|
end
|
@@ -522,14 +523,14 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
522
523
|
filepath = File.join @destination, "README.rdoc"
|
523
524
|
assert_path_exist filepath
|
524
525
|
|
525
|
-
assert_equal
|
526
|
+
assert_equal 0o104444, File.stat(filepath).mode
|
526
527
|
end
|
527
528
|
|
528
529
|
def test_extract_tar_gz_absolute
|
529
530
|
package = Gem::Package.new @gem
|
530
531
|
|
531
532
|
tgz_io = util_tar_gz do |tar|
|
532
|
-
tar.add_file "/absolute.rb",
|
533
|
+
tar.add_file "/absolute.rb", 0o644 do |io|
|
533
534
|
io.write "hi"
|
534
535
|
end
|
535
536
|
end
|
@@ -547,12 +548,12 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
547
548
|
package.verify
|
548
549
|
|
549
550
|
tgz_io = util_tar_gz do |tar|
|
550
|
-
tar.add_file "relative.rb",
|
551
|
+
tar.add_file "relative.rb", 0o644 do |io|
|
551
552
|
io.write "hi"
|
552
553
|
end
|
553
554
|
|
554
|
-
tar.mkdir "lib",
|
555
|
-
tar.add_symlink "lib/foo.rb", "../relative.rb",
|
555
|
+
tar.mkdir "lib", 0o755
|
556
|
+
tar.add_symlink "lib/foo.rb", "../relative.rb", 0o644
|
556
557
|
end
|
557
558
|
|
558
559
|
begin
|
@@ -573,13 +574,39 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
573
574
|
File.read(extracted)
|
574
575
|
end
|
575
576
|
|
577
|
+
def test_extract_symlink_into_symlink_dir
|
578
|
+
package = Gem::Package.new @gem
|
579
|
+
tgz_io = util_tar_gz do |tar|
|
580
|
+
tar.mkdir "lib", 0o755
|
581
|
+
tar.add_symlink "lib/link", "./inside.rb", 0o644
|
582
|
+
tar.add_file "lib/inside.rb", 0o644 do |io|
|
583
|
+
io.write "hi"
|
584
|
+
end
|
585
|
+
end
|
586
|
+
|
587
|
+
destination_subdir = File.join @destination, "subdir"
|
588
|
+
FileUtils.mkdir_p destination_subdir
|
589
|
+
|
590
|
+
destination_linkdir = File.join @destination, "linkdir"
|
591
|
+
File.symlink(destination_subdir, destination_linkdir)
|
592
|
+
|
593
|
+
package.extract_tar_gz tgz_io, destination_linkdir
|
594
|
+
|
595
|
+
extracted = File.join destination_subdir, "lib/link"
|
596
|
+
assert_path_exist extracted
|
597
|
+
assert_equal "./inside.rb",
|
598
|
+
File.readlink(extracted)
|
599
|
+
assert_equal "hi",
|
600
|
+
File.read(extracted)
|
601
|
+
end
|
602
|
+
|
576
603
|
def test_extract_tar_gz_symlink_broken_relative_path
|
577
604
|
package = Gem::Package.new @gem
|
578
605
|
package.verify
|
579
606
|
|
580
607
|
tgz_io = util_tar_gz do |tar|
|
581
|
-
tar.mkdir "lib",
|
582
|
-
tar.add_symlink "lib/foo.rb", "../broken.rb",
|
608
|
+
tar.mkdir "lib", 0o755
|
609
|
+
tar.add_symlink "lib/foo.rb", "../broken.rb", 0o644
|
583
610
|
end
|
584
611
|
|
585
612
|
ui = Gem::MockGemUi.new
|
@@ -598,9 +625,9 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
598
625
|
package = Gem::Package.new @gem
|
599
626
|
|
600
627
|
tgz_io = util_tar_gz do |tar|
|
601
|
-
tar.mkdir "lib",
|
602
|
-
tar.add_symlink "lib/link", "../..",
|
603
|
-
tar.add_file "lib/link/outside.txt",
|
628
|
+
tar.mkdir "lib", 0o755
|
629
|
+
tar.add_symlink "lib/link", "../..", 0o644
|
630
|
+
tar.add_file "lib/link/outside.txt", 0o644 do |io|
|
604
631
|
io.write "hi"
|
605
632
|
end
|
606
633
|
end
|
@@ -642,8 +669,8 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
642
669
|
pend "TMPDIR seems too long to add it as symlink into tar" if destination_user_dir.size > 90
|
643
670
|
|
644
671
|
tgz_io = util_tar_gz do |tar|
|
645
|
-
tar.add_symlink "link", destination_user_dir,
|
646
|
-
tar.add_symlink "link/dir", ".",
|
672
|
+
tar.add_symlink "link", destination_user_dir, 16_877
|
673
|
+
tar.add_symlink "link/dir", ".", 16_877
|
647
674
|
end
|
648
675
|
|
649
676
|
expected_exceptions = win_platform? ? [Gem::Package::SymlinkError, Errno::EACCES] : [Gem::Package::SymlinkError]
|
@@ -666,11 +693,11 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
666
693
|
package = Gem::Package.new @gem
|
667
694
|
|
668
695
|
tgz_io = util_tar_gz do |tar|
|
669
|
-
tar.mkdir "lib",
|
670
|
-
tar.add_file "lib/foo.rb",
|
696
|
+
tar.mkdir "lib", 0o755
|
697
|
+
tar.add_file "lib/foo.rb", 0o644 do |io|
|
671
698
|
io.write "hi"
|
672
699
|
end
|
673
|
-
tar.mkdir "lib/foo",
|
700
|
+
tar.mkdir "lib/foo", 0o755
|
674
701
|
end
|
675
702
|
|
676
703
|
package.extract_tar_gz tgz_io, @destination
|
@@ -686,7 +713,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
686
713
|
package = Gem::Package.new @gem
|
687
714
|
|
688
715
|
tgz_io = util_tar_gz do |tar|
|
689
|
-
tar.add_file "./dot_slash.rb",
|
716
|
+
tar.add_file "./dot_slash.rb", 0o644 do |io|
|
690
717
|
io.write "hi"
|
691
718
|
end
|
692
719
|
end
|
@@ -701,7 +728,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
701
728
|
package = Gem::Package.new @gem
|
702
729
|
|
703
730
|
tgz_io = util_tar_gz do |tar|
|
704
|
-
tar.add_file ".dot_file.rb",
|
731
|
+
tar.add_file ".dot_file.rb", 0o644 do |io|
|
705
732
|
io.write "hi"
|
706
733
|
end
|
707
734
|
end
|
@@ -717,7 +744,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
717
744
|
package = Gem::Package.new @gem
|
718
745
|
|
719
746
|
tgz_io = util_tar_gz do |tar|
|
720
|
-
tar.add_file "foo/file.rb",
|
747
|
+
tar.add_file "foo/file.rb", 0o644 do |io|
|
721
748
|
io.write "hi"
|
722
749
|
end
|
723
750
|
end
|
@@ -831,7 +858,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
831
858
|
|
832
859
|
def test_verify_checksum_bad
|
833
860
|
data_tgz = util_tar_gz do |tar|
|
834
|
-
tar.add_file "lib/code.rb",
|
861
|
+
tar.add_file "lib/code.rb", 0o444 do |io|
|
835
862
|
io.write "# lib/code.rb"
|
836
863
|
end
|
837
864
|
end
|
@@ -841,11 +868,11 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
841
868
|
gem = util_tar do |tar|
|
842
869
|
metadata_gz = Gem::Util.gzip @spec.to_yaml
|
843
870
|
|
844
|
-
tar.add_file "metadata.gz",
|
871
|
+
tar.add_file "metadata.gz", 0o444 do |io|
|
845
872
|
io.write metadata_gz
|
846
873
|
end
|
847
874
|
|
848
|
-
tar.add_file "data.tar.gz",
|
875
|
+
tar.add_file "data.tar.gz", 0o444 do |io|
|
849
876
|
io.write data_tgz
|
850
877
|
end
|
851
878
|
|
@@ -855,7 +882,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
855
882
|
"metadata.gz" => "bogus",
|
856
883
|
},
|
857
884
|
}
|
858
|
-
tar.add_file "checksums.yaml.gz",
|
885
|
+
tar.add_file "checksums.yaml.gz", 0o444 do |io|
|
859
886
|
Zlib::GzipWriter.wrap io do |gz_io|
|
860
887
|
gz_io.write Psych.dump bogus_checksums
|
861
888
|
end
|
@@ -878,7 +905,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
878
905
|
|
879
906
|
def test_verify_checksum_missing
|
880
907
|
data_tgz = util_tar_gz do |tar|
|
881
|
-
tar.add_file "lib/code.rb",
|
908
|
+
tar.add_file "lib/code.rb", 0o444 do |io|
|
882
909
|
io.write "# lib/code.rb"
|
883
910
|
end
|
884
911
|
end
|
@@ -888,7 +915,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
888
915
|
gem = util_tar do |tar|
|
889
916
|
metadata_gz = Gem::Util.gzip @spec.to_yaml
|
890
917
|
|
891
|
-
tar.add_file "metadata.gz",
|
918
|
+
tar.add_file "metadata.gz", 0o444 do |io|
|
892
919
|
io.write metadata_gz
|
893
920
|
end
|
894
921
|
|
@@ -901,13 +928,13 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
901
928
|
},
|
902
929
|
}
|
903
930
|
|
904
|
-
tar.add_file "checksums.yaml.gz",
|
931
|
+
tar.add_file "checksums.yaml.gz", 0o444 do |io|
|
905
932
|
Zlib::GzipWriter.wrap io do |gz_io|
|
906
933
|
gz_io.write Psych.dump checksums
|
907
934
|
end
|
908
935
|
end
|
909
936
|
|
910
|
-
tar.add_file "data.tar.gz",
|
937
|
+
tar.add_file "data.tar.gz", 0o444 do |io|
|
911
938
|
io.write data_tgz
|
912
939
|
end
|
913
940
|
end
|
@@ -926,7 +953,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
926
953
|
tf = Tempfile.open "corrupt" do |io|
|
927
954
|
data = Gem::Util.gzip "a" * 10
|
928
955
|
io.write \
|
929
|
-
tar_file_header("metadata.gz", "\000x",
|
956
|
+
tar_file_header("metadata.gz", "\000x", 0o644, data.length, Time.now)
|
930
957
|
io.write data
|
931
958
|
io.rewind
|
932
959
|
|
@@ -943,6 +970,95 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
943
970
|
tf.close!
|
944
971
|
end
|
945
972
|
|
973
|
+
def test_verify_corrupt_tar_metadata_entry
|
974
|
+
gem = tar_file_header("metadata.gz", "", 0, 999, Time.now)
|
975
|
+
|
976
|
+
File.open "corrupt.gem", "wb" do |io|
|
977
|
+
io.write gem
|
978
|
+
end
|
979
|
+
|
980
|
+
package = Gem::Package.new "corrupt.gem"
|
981
|
+
|
982
|
+
e = nil
|
983
|
+
out_err = capture_output do
|
984
|
+
e = assert_raise Gem::Package::FormatError do
|
985
|
+
package.verify
|
986
|
+
end
|
987
|
+
end
|
988
|
+
|
989
|
+
assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
|
990
|
+
assert_equal(["", "Exception while verifying corrupt.gem\n"], out_err)
|
991
|
+
end
|
992
|
+
|
993
|
+
def test_verify_corrupt_tar_checksums_entry
|
994
|
+
gem = tar_file_header("checksums.yaml.gz", "", 0, 100, Time.now)
|
995
|
+
|
996
|
+
File.open "corrupt.gem", "wb" do |io|
|
997
|
+
io.write gem
|
998
|
+
end
|
999
|
+
|
1000
|
+
package = Gem::Package.new "corrupt.gem"
|
1001
|
+
|
1002
|
+
e = assert_raise Gem::Package::FormatError do
|
1003
|
+
package.verify
|
1004
|
+
end
|
1005
|
+
|
1006
|
+
assert_equal "not in gzip format in corrupt.gem", e.message
|
1007
|
+
end
|
1008
|
+
|
1009
|
+
def test_verify_corrupt_tar_data_entry
|
1010
|
+
gem = tar_file_header("data.tar.gz", "", 0, 100, Time.now)
|
1011
|
+
|
1012
|
+
File.open "corrupt.gem", "wb" do |io|
|
1013
|
+
io.write gem
|
1014
|
+
end
|
1015
|
+
|
1016
|
+
package = Gem::Package.new "corrupt.gem"
|
1017
|
+
|
1018
|
+
e = nil
|
1019
|
+
out_err = capture_output do
|
1020
|
+
e = assert_raise Gem::Package::FormatError do
|
1021
|
+
package.verify
|
1022
|
+
end
|
1023
|
+
end
|
1024
|
+
|
1025
|
+
assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
|
1026
|
+
assert_equal(["", "Exception while verifying corrupt.gem\n"], out_err)
|
1027
|
+
end
|
1028
|
+
|
1029
|
+
def test_corrupt_data_tar_gz
|
1030
|
+
data_tgz = util_gzip tar_file_header("lib/code.rb", "", 0, 100, Time.now)
|
1031
|
+
metadata_gz = util_gzip @spec.to_yaml
|
1032
|
+
|
1033
|
+
gem = util_tar do |tar|
|
1034
|
+
tar.add_file "data.tar.gz", 0o444 do |io|
|
1035
|
+
io.write data_tgz
|
1036
|
+
end
|
1037
|
+
|
1038
|
+
tar.add_file "metadata.gz", 0o644 do |io|
|
1039
|
+
io.write metadata_gz
|
1040
|
+
end
|
1041
|
+
end
|
1042
|
+
|
1043
|
+
File.open "corrupt.gem", "wb" do |io|
|
1044
|
+
io.write gem.string
|
1045
|
+
end
|
1046
|
+
|
1047
|
+
package = Gem::Package.new "corrupt.gem"
|
1048
|
+
|
1049
|
+
e = assert_raise Gem::Package::FormatError do
|
1050
|
+
package.contents
|
1051
|
+
end
|
1052
|
+
|
1053
|
+
assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
|
1054
|
+
|
1055
|
+
e = assert_raise Gem::Package::FormatError do
|
1056
|
+
package.extract_files @destination
|
1057
|
+
end
|
1058
|
+
|
1059
|
+
assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
|
1060
|
+
end
|
1061
|
+
|
946
1062
|
def test_verify_empty
|
947
1063
|
FileUtils.touch "empty.gem"
|
948
1064
|
|
@@ -978,8 +1094,8 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
978
1094
|
build.add_metadata gem
|
979
1095
|
build.add_contents gem
|
980
1096
|
|
981
|
-
gem.add_file_simple "a.sig",
|
982
|
-
gem.add_file_simple "a.sig",
|
1097
|
+
gem.add_file_simple "a.sig", 0o444, 0
|
1098
|
+
gem.add_file_simple "a.sig", 0o444, 0
|
983
1099
|
end
|
984
1100
|
end
|
985
1101
|
|
@@ -1055,7 +1171,7 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|
1055
1171
|
def key; "key"; end
|
1056
1172
|
def sign(*); "fake_sig"; end
|
1057
1173
|
end
|
1058
|
-
gem.add_file_signed "data2.tar.gz",
|
1174
|
+
gem.add_file_signed "data2.tar.gz", 0o444, fake_signer.new do |io|
|
1059
1175
|
io.write bogus_data
|
1060
1176
|
end
|
1061
1177
|
|
@@ -39,7 +39,7 @@ unless Gem.java_platform? # jruby can't require the simple_gem file
|
|
39
39
|
extracted = File.join @destination, "lib/foo.rb"
|
40
40
|
assert_path_exist extracted
|
41
41
|
|
42
|
-
mask =
|
42
|
+
mask = 0o100644 & (~File.umask)
|
43
43
|
|
44
44
|
assert_equal mask, File.stat(extracted).mode unless win_platform?
|
45
45
|
end
|
@@ -9,11 +9,11 @@ class TestGemPackageTarHeader < Gem::Package::TarTestCase
|
|
9
9
|
|
10
10
|
header = {
|
11
11
|
:name => "x",
|
12
|
-
:mode =>
|
12
|
+
:mode => 0o644,
|
13
13
|
:uid => 1000,
|
14
|
-
:gid =>
|
14
|
+
:gid => 10_000,
|
15
15
|
:size => 100,
|
16
|
-
:mtime =>
|
16
|
+
:mtime => 12_345,
|
17
17
|
:typeflag => "0",
|
18
18
|
:linkname => "link",
|
19
19
|
:uname => "user",
|
@@ -40,12 +40,12 @@ class TestGemPackageTarHeader < Gem::Package::TarTestCase
|
|
40
40
|
assert_equal "", @tar_header.checksum, "checksum"
|
41
41
|
assert_equal 1, @tar_header.devmajor, "devmajor"
|
42
42
|
assert_equal 2, @tar_header.devminor, "devminor"
|
43
|
-
assert_equal
|
43
|
+
assert_equal 10_000, @tar_header.gid, "gid"
|
44
44
|
assert_equal "group", @tar_header.gname, "gname"
|
45
45
|
assert_equal "link", @tar_header.linkname, "linkname"
|
46
46
|
assert_equal "ustar", @tar_header.magic, "magic"
|
47
|
-
assert_equal
|
48
|
-
assert_equal
|
47
|
+
assert_equal 0o644, @tar_header.mode, "mode"
|
48
|
+
assert_equal 12_345, @tar_header.mtime, "mtime"
|
49
49
|
assert_equal "x", @tar_header.name, "name"
|
50
50
|
assert_equal "y", @tar_header.prefix, "prefix"
|
51
51
|
assert_equal 100, @tar_header.size, "size"
|
@@ -195,13 +195,13 @@ tjmather\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
|
|
195
195
|
|
196
196
|
tar_header = Gem::Package::TarHeader.from stream
|
197
197
|
|
198
|
-
assert_equal
|
199
|
-
assert_equal
|
198
|
+
assert_equal 1_991_400_094, tar_header.uid
|
199
|
+
assert_equal 1_991_400_094, tar_header.gid
|
200
200
|
|
201
201
|
assert_equal "GeoIP2-City_20190528/", tar_header.name
|
202
|
-
assert_equal
|
202
|
+
assert_equal 0o755, tar_header.mode
|
203
203
|
assert_equal 0, tar_header.size
|
204
|
-
assert_equal
|
204
|
+
assert_equal 1_559_064_640, tar_header.mtime
|
205
205
|
assert_equal 6932, tar_header.checksum
|
206
206
|
end
|
207
207
|
|
@@ -29,7 +29,7 @@ class TestGemPackageTarReader < Gem::Package::TarTestCase
|
|
29
29
|
content = ("a".."z").to_a.join(" ")
|
30
30
|
|
31
31
|
str =
|
32
|
-
tar_file_header("lib/foo", "",
|
32
|
+
tar_file_header("lib/foo", "", 0o10644, content.size, Time.now) +
|
33
33
|
content + "\0" * (512 - content.size)
|
34
34
|
str << "\0" * 1024
|
35
35
|
|
@@ -90,7 +90,7 @@ class TestGemPackageTarReader < Gem::Package::TarTestCase
|
|
90
90
|
|
91
91
|
def test_read_in_gem_data
|
92
92
|
gem_tar = util_gem_data_tar do |tar|
|
93
|
-
tar.add_file "lib/code.rb",
|
93
|
+
tar.add_file "lib/code.rb", 0o444 do |io|
|
94
94
|
io.write "# lib/code.rb"
|
95
95
|
end
|
96
96
|
end
|
@@ -112,10 +112,10 @@ class TestGemPackageTarReader < Gem::Package::TarTestCase
|
|
112
112
|
|
113
113
|
def test_seek_in_gem_data
|
114
114
|
gem_tar = util_gem_data_tar do |tar|
|
115
|
-
tar.add_file "lib/code.rb",
|
115
|
+
tar.add_file "lib/code.rb", 0o444 do |io|
|
116
116
|
io.write "# lib/code.rb"
|
117
117
|
end
|
118
|
-
tar.add_file "lib/foo.rb",
|
118
|
+
tar.add_file "lib/foo.rb", 0o444 do |io|
|
119
119
|
io.write "# lib/foo.rb"
|
120
120
|
end
|
121
121
|
end
|
@@ -177,10 +177,15 @@ class TestGemPackageTarReaderEntry < Gem::Package::TarTestCase
|
|
177
177
|
assert_equal @contents[100..-1], @entry.read
|
178
178
|
end
|
179
179
|
|
180
|
-
def
|
180
|
+
def test_readpartial
|
181
181
|
assert_equal @contents[0...100], @entry.readpartial(100)
|
182
182
|
end
|
183
183
|
|
184
|
+
def test_readpartial_to_eof
|
185
|
+
assert_equal @contents, @entry.readpartial(4096)
|
186
|
+
assert @entry.eof?
|
187
|
+
end
|
188
|
+
|
184
189
|
def test_read_partial_buffer
|
185
190
|
buffer = "".b
|
186
191
|
@entry.readpartial(100, buffer)
|
@@ -189,11 +194,42 @@ class TestGemPackageTarReaderEntry < Gem::Package::TarTestCase
|
|
189
194
|
|
190
195
|
def test_readpartial_past_eof
|
191
196
|
@entry.readpartial(@contents.size)
|
197
|
+
assert @entry.eof?
|
192
198
|
assert_raise(EOFError) do
|
193
199
|
@entry.readpartial(1)
|
194
200
|
end
|
195
201
|
end
|
196
202
|
|
203
|
+
def test_read_corrupted_tar
|
204
|
+
corrupt_tar = String.new
|
205
|
+
corrupt_tar << tar_file_header("lib/foo", "", 0, 100, Time.now)
|
206
|
+
corrupt_tar << tar_file_contents("")
|
207
|
+
corrupt_entry = util_entry corrupt_tar
|
208
|
+
|
209
|
+
assert_equal "", corrupt_entry.read(0)
|
210
|
+
assert_equal "", corrupt_entry.read, "IO.read without len should return empty string (even though it's at an unpexpected EOF)"
|
211
|
+
|
212
|
+
corrupt_entry.rewind
|
213
|
+
|
214
|
+
assert_nil corrupt_entry.read(100), "IO.read with len should return nil as per IO.read docs"
|
215
|
+
ensure
|
216
|
+
close_util_entry(corrupt_entry) if corrupt_entry
|
217
|
+
end
|
218
|
+
|
219
|
+
def test_readpartial_corrupted_tar
|
220
|
+
corrupt_tar = String.new
|
221
|
+
corrupt_tar << tar_file_header("lib/foo", "", 0, 100, Time.now)
|
222
|
+
corrupt_tar << tar_file_contents("")
|
223
|
+
|
224
|
+
corrupt_entry = util_entry corrupt_tar
|
225
|
+
|
226
|
+
assert_raise EOFError do
|
227
|
+
corrupt_entry.readpartial(100)
|
228
|
+
end
|
229
|
+
ensure
|
230
|
+
close_util_entry(corrupt_entry) if corrupt_entry
|
231
|
+
end
|
232
|
+
|
197
233
|
def test_rewind
|
198
234
|
char = @entry.getc
|
199
235
|
|
@@ -295,4 +331,20 @@ class TestGemPackageTarReaderEntry < Gem::Package::TarTestCase
|
|
295
331
|
assert_equal contents2.size, entry.pos
|
296
332
|
end
|
297
333
|
end
|
334
|
+
|
335
|
+
def test_seek_in_gzip_io_corrupted
|
336
|
+
@tar << tar_file_header("lib/bar", "", 0, 100, Time.now)
|
337
|
+
@tar << tar_file_contents("")
|
338
|
+
|
339
|
+
tgz = util_gzip(@tar)
|
340
|
+
|
341
|
+
Zlib::GzipReader.wrap StringIO.new(tgz) do |gzio|
|
342
|
+
util_entry(gzio).close # skip the first entry so io.pos is not 0
|
343
|
+
entry = util_entry(gzio)
|
344
|
+
|
345
|
+
assert_raise EOFError do
|
346
|
+
entry.seek(50)
|
347
|
+
end
|
348
|
+
end
|
349
|
+
end
|
298
350
|
end
|