rubygems-update 3.4.21 → 3.5.0

data/lib/rubygems/package/old.rb

@@ -70,7 +70,7 @@ class Gem::Package::Old < Gem::Package
           file_data << line
         end
 
-        file_data = file_data.strip.unpack("m")[0]
+        file_data = file_data.strip.unpack1("m")
         file_data = Zlib::Inflate.inflate file_data
 
         raise Gem::Package::FormatError, "#{full_name} in #{@gem} is corrupt" if
@@ -78,7 +78,7 @@ class Gem::Package::Old < Gem::Package
 
         FileUtils.rm_rf destination
 
-        FileUtils.mkdir_p File.dirname(destination), :mode => dir_mode && 0o755
+        FileUtils.mkdir_p File.dirname(destination), mode: dir_mode && 0o755
 
         File.open destination, "wb", file_mode(entry["mode"]) do |out|
           out.write file_data

data/lib/rubygems/package/tar_header.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-#--
+# rubocop:disable Style/AsciiComments
+
 # Copyright (C) 2004 Mauricio Julio Fernández Pradier
 # See LICENSE.txt for additional licensing information.
-#++
+
+# rubocop:enable Style/AsciiComments
 
 ##
 #--
@@ -100,32 +102,33 @@ class Gem::Package::TarHeader
 
   def self.from(stream)
     header = stream.read 512
-    empty = (EMPTY_HEADER == header)
+    empty = (header == EMPTY_HEADER)
 
     fields = header.unpack UNPACK_FORMAT
 
-    new :name => fields.shift,
-        :mode => strict_oct(fields.shift),
-        :uid => oct_or_256based(fields.shift),
-        :gid => oct_or_256based(fields.shift),
-        :size => strict_oct(fields.shift),
-        :mtime => strict_oct(fields.shift),
-        :checksum => strict_oct(fields.shift),
-        :typeflag => fields.shift,
-        :linkname => fields.shift,
-        :magic => fields.shift,
-        :version => strict_oct(fields.shift),
-        :uname => fields.shift,
-        :gname => fields.shift,
-        :devmajor => strict_oct(fields.shift),
-        :devminor => strict_oct(fields.shift),
-        :prefix => fields.shift,
-
-        :empty => empty
+    new name: fields.shift,
+        mode: strict_oct(fields.shift),
+        uid: oct_or_256based(fields.shift),
+        gid: oct_or_256based(fields.shift),
+        size: strict_oct(fields.shift),
+        mtime: strict_oct(fields.shift),
+        checksum: strict_oct(fields.shift),
+        typeflag: fields.shift,
+        linkname: fields.shift,
+        magic: fields.shift,
+        version: strict_oct(fields.shift),
+        uname: fields.shift,
+        gname: fields.shift,
+        devmajor: strict_oct(fields.shift),
+        devminor: strict_oct(fields.shift),
+        prefix: fields.shift,
+
+        empty: empty
   end
 
   def self.strict_oct(str)
-    return str.strip.oct if str.strip =~ /\A[0-7]*\z/
+    str.strip!
+    return str.oct if /\A[0-7]*\z/.match?(str)
 
     raise ArgumentError, "#{str.inspect} is not an octal string"
   end
@@ -135,7 +138,8 @@ class Gem::Package::TarHeader
     # \ff flags a negative 256-based number
     # In case we have a match, parse it as a signed binary value
     # in big-endian order, except that the high-order bit is ignored.
-    return str.unpack("N2").last if str =~ /\A[\x80\xff]/n
+
+    return str.unpack1("@4N") if /\A[\x80\xff]/n.match?(str)
     strict_oct(str)
   end
 
@@ -147,21 +151,23 @@ class Gem::Package::TarHeader
       raise ArgumentError, ":name, :size, :prefix and :mode required"
     end
 
-    vals[:uid] ||= 0
-    vals[:gid] ||= 0
-    vals[:mtime] ||= 0
-    vals[:checksum] ||= ""
-    vals[:typeflag] = "0" if vals[:typeflag].nil? || vals[:typeflag].empty?
-    vals[:magic] ||= "ustar"
-    vals[:version] ||= "00"
-    vals[:uname] ||= "wheel"
-    vals[:gname] ||= "wheel"
-    vals[:devmajor] ||= 0
-    vals[:devminor] ||= 0
-
-    FIELDS.each do |name|
-      instance_variable_set "@#{name}", vals[name]
-    end
+    @checksum = vals[:checksum] || ""
+    @devmajor = vals[:devmajor] || 0
+    @devminor = vals[:devminor] || 0
+    @gid = vals[:gid] || 0
+    @gname = vals[:gname] || "wheel"
+    @linkname = vals[:linkname]
+    @magic = vals[:magic] || "ustar"
+    @mode = vals[:mode]
+    @mtime = vals[:mtime] || 0
+    @name = vals[:name]
+    @prefix = vals[:prefix]
+    @size = vals[:size]
+    @typeflag = vals[:typeflag]
+    @typeflag = "0" if @typeflag.nil? || @typeflag.empty?
+    @uid = vals[:uid] || 0
+    @uname = vals[:uname] || "wheel"
+    @version = vals[:version] || "00"
 
     @empty = vals[:empty]
   end
@@ -239,6 +245,6 @@ class Gem::Package::TarHeader
   end
 
   def oct(num, len)
-    "%0#{len}o" % num
+    format("%0#{len}o", num)
   end
 end

data/lib/rubygems/package/tar_reader/entry.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-#++
+# rubocop:disable Style/AsciiComments
+
 # Copyright (C) 2004 Mauricio Julio Fernández Pradier
 # See LICENSE.txt for additional licensing information.
-#--
+
+# rubocop:enable Style/AsciiComments
 
 ##
 # Class for reading entries out of a tar file
@@ -143,14 +145,13 @@ class Gem::Package::TarReader::Entry
 
   def pos=(new_pos)
     seek(new_pos, IO::SEEK_SET)
-    new_pos
   end
 
   def size
     @header.size
   end
 
-  alias length size
+  alias_method :length, :size
 
   ##
   # Reads +maxlen+ bytes from the tar file entry, or the rest of the entry if nil

data/lib/rubygems/package/tar_reader.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-#--
+# rubocop:disable Style/AsciiComments
+
 # Copyright (C) 2004 Mauricio Julio Fernández Pradier
 # See LICENSE.txt for additional licensing information.
-#++
+
+# rubocop:enable Style/AsciiComments
 
 ##
 # TarReader reads tar files and allows iteration over their items
@@ -50,7 +52,14 @@ class Gem::Package::TarReader
     return enum_for __method__ unless block_given?
 
     until @io.eof? do
-      header = Gem::Package::TarHeader.from @io
+      begin
+        header = Gem::Package::TarHeader.from @io
+      rescue ArgumentError => e
+        # Specialize only exceptions from Gem::Package::TarHeader.strict_oct
+        raise e unless e.message.match?(/ is not an octal string$/)
+        raise Gem::Package::TarInvalidError, e.message
+      end
+
       return if header.empty?
       entry = Gem::Package::TarReader::Entry.new header, @io
       yield entry
@@ -58,7 +67,7 @@ class Gem::Package::TarReader
     end
   end
 
-  alias each_entry each
+  alias_method :each_entry, :each
 
   ##
   # NOTE: Do not call #rewind during #each
@@ -83,7 +92,7 @@ class Gem::Package::TarReader
 
     return unless found
 
-    return yield found
+    yield found
   ensure
     rewind
   end

data/lib/rubygems/package/tar_writer.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-#--
+# rubocop:disable Style/AsciiComments
+
 # Copyright (C) 2004 Mauricio Julio Fernández Pradier
 # See LICENSE.txt for additional licensing information.
-#++
+
+# rubocop:enable Style/AsciiComments
 
 ##
 # Allows writing of tar files
@@ -114,9 +116,9 @@ class Gem::Package::TarWriter
     final_pos = @io.pos
     @io.pos = init_pos
 
-    header = Gem::Package::TarHeader.new :name => name, :mode => mode,
-                                         :size => size, :prefix => prefix,
-                                         :mtime => Gem.source_date_epoch
+    header = Gem::Package::TarHeader.new name: name, mode: mode,
+                                         size: size, prefix: prefix,
+                                         mtime: Gem.source_date_epoch
 
     @io.write header
     @io.pos = final_pos
@@ -207,9 +209,9 @@ class Gem::Package::TarWriter
 
     name, prefix = split_name name
 
-    header = Gem::Package::TarHeader.new(:name => name, :mode => mode,
-                                         :size => size, :prefix => prefix,
-                                         :mtime => Gem.source_date_epoch).to_s
+    header = Gem::Package::TarHeader.new(name: name, mode: mode,
+                                         size: size, prefix: prefix,
+                                         mtime: Gem.source_date_epoch).to_s
 
     @io.write header
     os = BoundedStream.new @io, size
@@ -233,11 +235,11 @@ class Gem::Package::TarWriter
 
     name, prefix = split_name name
 
-    header = Gem::Package::TarHeader.new(:name => name, :mode => mode,
-                                         :size => 0, :typeflag => "2",
-                                         :linkname => target,
-                                         :prefix => prefix,
-                                         :mtime => Gem.source_date_epoch).to_s
+    header = Gem::Package::TarHeader.new(name: name, mode: mode,
+                                         size: 0, typeflag: "2",
+                                         linkname: target,
+                                         prefix: prefix,
+                                         mtime: Gem.source_date_epoch).to_s
 
     @io.write header
 
@@ -287,10 +289,10 @@ class Gem::Package::TarWriter
 
     name, prefix = split_name(name)
 
-    header = Gem::Package::TarHeader.new :name => name, :mode => mode,
-                                         :typeflag => "5", :size => 0,
-                                         :prefix => prefix,
-                                         :mtime => Gem.source_date_epoch
+    header = Gem::Package::TarHeader.new name: name, mode: mode,
+                                         typeflag: "5", size: 0,
+                                         prefix: prefix,
+                                         mtime: Gem.source_date_epoch
 
     @io.write header
 
@@ -324,6 +326,6 @@ class Gem::Package::TarWriter
       end
     end
 
-    return name, prefix
+    [name, prefix]
   end
 end

data/lib/rubygems/package.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-#--
+# rubocop:disable Style/AsciiComments
+
 # Copyright (C) 2004 Mauricio Julio Fernández Pradier
 # See LICENSE.txt for additional licensing information.
-#++
+
+# rubocop:enable Style/AsciiComments
 
 require_relative "../rubygems"
 require_relative "security"
@@ -59,7 +61,7 @@ class Gem::Package
       if source
         @path = source.path
 
-        message = message + " in #{path}" if path
+        message += " in #{path}" if path
       end
 
       super message
@@ -68,15 +70,13 @@ class Gem::Package
 
   class PathError < Error
     def initialize(destination, destination_dir)
-      super "installing into parent path %s of %s is not allowed" %
-        [destination, destination_dir]
+      super format("installing into parent path %s of %s is not allowed", destination, destination_dir)
     end
   end
 
   class SymlinkError < Error
     def initialize(name, destination, destination_dir)
-      super "installing symlink '%s' pointing to parent path %s of %s is not allowed" %
-        [name, destination, destination_dir]
+      super format("installing symlink '%s' pointing to parent path %s of %s is not allowed", name, destination, destination_dir)
     end
   end
 
@@ -155,7 +155,7 @@ class Gem::Package
       Gem::Package::FileSource.new gem
     end
 
-    return super unless Gem::Package == self
+    return super unless self == Gem::Package
     return super unless gem.present?
 
     return super unless gem.start
@@ -187,7 +187,7 @@ class Gem::Package
       end
     end
 
-    return spec, metadata
+    [spec, metadata]
   end
 
   ##
@@ -357,18 +357,21 @@ EOM
 
   def digest(entry) # :nodoc:
     algorithms = if @checksums
-      @checksums.keys
-    else
-      [Gem::Security::DIGEST_NAME].compact
+      @checksums.to_h {|algorithm, _| [algorithm, Gem::Security.create_digest(algorithm)] }
+    elsif Gem::Security::DIGEST_NAME
+      { Gem::Security::DIGEST_NAME => Gem::Security.create_digest(Gem::Security::DIGEST_NAME) }
     end
 
-    algorithms.each do |algorithm|
-      digester = Gem::Security.create_digest(algorithm)
+    return @digests if algorithms.nil? || algorithms.empty?
 
-      digester << entry.readpartial(16_384) until entry.eof?
-
-      entry.rewind
+    buf = String.new(capacity: 16_384, encoding: Encoding::BINARY)
+    until entry.eof?
+      entry.readpartial(16_384, buf)
+      algorithms.each_value {|digester| digester << buf }
+    end
+    entry.rewind
 
+    algorithms.each do |algorithm, digester|
       @digests[algorithm][entry.full_name] = digester
     end
 
@@ -384,7 +387,7 @@ EOM
   def extract_files(destination_dir, pattern = "*")
     verify unless @spec
 
-    FileUtils.mkdir_p destination_dir, :mode => dir_mode && 0o755
+    FileUtils.mkdir_p destination_dir, mode: dir_mode && 0o755
 
     @gem.with_read_io do |io|
       reader = Gem::Package::TarReader.new io
@@ -394,7 +397,7 @@ EOM
 
         extract_tar_gz entry, destination_dir, pattern
 
-        return # ignore further entries
+        break # ignore further entries
       end
     end
   rescue Zlib::GzipFile::Error, EOFError, Gem::Package::TarInvalidError => e
@@ -437,8 +440,6 @@ EOM
 
         FileUtils.rm_rf destination
 
-        mkdir_options = {}
-        mkdir_options[:mode] = dir_mode ? 0o755 : (entry.header.mode if entry.directory?)
         mkdir =
           if entry.directory?
             destination
@@ -447,7 +448,7 @@ EOM
           end
 
         unless directories.include?(mkdir)
-          FileUtils.mkdir_p mkdir, **mkdir_options
+          FileUtils.mkdir_p mkdir, mode: dir_mode ? 0o755 : (entry.header.mode if entry.directory?)
           directories << mkdir
         end
 
@@ -512,7 +513,6 @@ EOM
     raise Gem::Package::PathError.new(destination, destination_dir) unless
       normalize_path(destination).start_with? normalize_path(destination_dir + "/")
 
-    destination.tap(&Gem::UNTAINT)
     destination
   end
 
@@ -578,10 +578,10 @@ EOM
         )
 
       @spec.signing_key = nil
-      @spec.cert_chain = @signer.cert_chain.map {|cert| cert.to_s }
+      @spec.cert_chain = @signer.cert_chain.map(&:to_s)
     else
       @signer = Gem::Security::Signer.new nil, nil, passphrase
-      @spec.cert_chain = @signer.cert_chain.map {|cert| cert.to_pem } if
+      @spec.cert_chain = @signer.cert_chain.map(&:to_pem) if
         @signer.cert_chain
     end
   end
@@ -695,10 +695,10 @@ EOM
 
     unless @files.include? "data.tar.gz"
       raise Gem::Package::FormatError.new \
-              "package content (data.tar.gz) is missing", @gem
+        "package content (data.tar.gz) is missing", @gem
     end
 
-    if (duplicates = @files.group_by {|f| f }.select {|k,v| v.size > 1 }.map(&:first)) && duplicates.any?
+    if (duplicates = @files.group_by {|f| f }.select {|_k,v| v.size > 1 }.map(&:first)) && duplicates.any?
       raise Gem::Security::Exception, "duplicate files in the package: (#{duplicates.map(&:inspect).join(", ")})"
     end
   end
@@ -708,6 +708,7 @@ EOM
 
   def verify_gz(entry) # :nodoc:
     Zlib::GzipReader.wrap entry do |gzio|
+      # TODO: read into a buffer once zlib supports it
       gzio.read 16_384 until gzio.eof? # gzip checksum verification
     end
   rescue Zlib::GzipFile::Error => e

data/lib/rubygems/package_task.rb

@@ -97,13 +97,13 @@ class Gem::PackageTask < Rake::PackageTask
     gem_path = File.join package_dir, gem_file
     gem_dir  = File.join package_dir, gem_spec.full_name
 
-    task :package => [:gem]
+    task package: [:gem]
 
     directory package_dir
     directory gem_dir
 
     desc "Build the gem file #{gem_file}"
-    task :gem => [gem_path]
+    task gem: [gem_path]
 
     trace = Rake.application.options.trace
     Gem.configuration.verbose = trace

data/lib/rubygems/path_support.rb

@@ -24,23 +24,22 @@ class Gem::PathSupport
   # hashtable, or defaults to ENV, the system environment.
   #
   def initialize(env)
-    @home = env["GEM_HOME"] || Gem.default_dir
-
-    if File::ALT_SEPARATOR
-      @home = @home.gsub(File::ALT_SEPARATOR, File::SEPARATOR)
-    end
-
-    @home = expand(@home)
-
+    @home = normalize_home_dir(env["GEM_HOME"] || Gem.default_dir)
     @path = split_gem_path env["GEM_PATH"], @home
 
     @spec_cache_dir = env["GEM_SPEC_CACHE"] || Gem.default_spec_cache_dir
-
-    @spec_cache_dir = @spec_cache_dir.dup.tap(&Gem::UNTAINT)
   end
 
   private
 
+  def normalize_home_dir(home)
+    if File::ALT_SEPARATOR
+      home = home.gsub(File::ALT_SEPARATOR, File::SEPARATOR)
+    end
+
+    expand(home)
+  end
+
   ##
   # Split the Gem search path (as reported by Gem.path).
 
@@ -53,7 +52,7 @@ class Gem::PathSupport
       gem_path = gpaths.split(Gem.path_separator)
       # Handle the path_separator being set to a regexp, which will cause
       # end_with? to error
-      if gpaths =~ /#{Gem.path_separator}\z/
+      if /#{Gem.path_separator}\z/.match?(gpaths)
         gem_path += default_path
       end