rubygems-update 3.4.21 → 3.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +132 -2
- data/Manifest.txt +39 -221
- data/README.md +1 -3
- data/bundler/CHANGELOG.md +74 -0
- data/bundler/README.md +1 -2
- data/bundler/bundler.gemspec +4 -2
- data/bundler/exe/bundle +1 -10
- data/bundler/lib/bundler/build_metadata.rb +3 -3
- data/bundler/lib/bundler/capistrano.rb +1 -1
- data/bundler/lib/bundler/checksum.rb +245 -0
- data/bundler/lib/bundler/ci_detector.rb +75 -0
- data/bundler/lib/bundler/cli/add.rb +3 -3
- data/bundler/lib/bundler/cli/binstubs.rb +4 -4
- data/bundler/lib/bundler/cli/cache.rb +1 -1
- data/bundler/lib/bundler/cli/check.rb +1 -1
- data/bundler/lib/bundler/cli/common.rb +9 -1
- data/bundler/lib/bundler/cli/config.rb +8 -7
- data/bundler/lib/bundler/cli/console.rb +3 -2
- data/bundler/lib/bundler/cli/doctor.rb +2 -2
- data/bundler/lib/bundler/cli/exec.rb +1 -1
- data/bundler/lib/bundler/cli/gem.rb +31 -23
- data/bundler/lib/bundler/cli/info.rb +2 -13
- data/bundler/lib/bundler/cli/install.rb +5 -4
- data/bundler/lib/bundler/cli/issue.rb +1 -1
- data/bundler/lib/bundler/cli/lock.rb +4 -4
- data/bundler/lib/bundler/cli/open.rb +1 -1
- data/bundler/lib/bundler/cli/outdated.rb +6 -6
- data/bundler/lib/bundler/cli/plugin.rb +7 -14
- data/bundler/lib/bundler/cli/pristine.rb +38 -30
- data/bundler/lib/bundler/cli/show.rb +2 -2
- data/bundler/lib/bundler/cli/update.rb +5 -5
- data/bundler/lib/bundler/cli.rb +215 -263
- data/bundler/lib/bundler/compact_index_client/cache.rb +29 -9
- data/bundler/lib/bundler/compact_index_client/cache_file.rb +153 -0
- data/bundler/lib/bundler/compact_index_client/gem_parser.rb +7 -3
- data/bundler/lib/bundler/compact_index_client/updater.rb +79 -81
- data/bundler/lib/bundler/compact_index_client.rb +14 -7
- data/bundler/lib/bundler/constants.rb +1 -1
- data/bundler/lib/bundler/current_ruby.rb +5 -21
- data/bundler/lib/bundler/definition.rb +43 -16
- data/bundler/lib/bundler/dependency.rb +16 -12
- data/bundler/lib/bundler/digest.rb +2 -2
- data/bundler/lib/bundler/dsl.rb +43 -25
- data/bundler/lib/bundler/endpoint_specification.rb +6 -2
- data/bundler/lib/bundler/env.rb +1 -3
- data/bundler/lib/bundler/errors.rb +58 -0
- data/bundler/lib/bundler/fetcher/base.rb +3 -1
- data/bundler/lib/bundler/fetcher/compact_index.rb +4 -4
- data/bundler/lib/bundler/fetcher/downloader.rb +13 -11
- data/bundler/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
- data/bundler/lib/bundler/fetcher/index.rb +1 -1
- data/bundler/lib/bundler/fetcher.rb +28 -25
- data/bundler/lib/bundler/friendly_errors.rb +5 -5
- data/bundler/lib/bundler/gem_helper.rb +1 -1
- data/bundler/lib/bundler/gem_helpers.rb +12 -2
- data/bundler/lib/bundler/graph.rb +9 -9
- data/bundler/lib/bundler/index.rb +1 -2
- data/bundler/lib/bundler/injector.rb +1 -1
- data/bundler/lib/bundler/inline.rb +3 -3
- data/bundler/lib/bundler/installer/gem_installer.rb +10 -10
- data/bundler/lib/bundler/installer/parallel_installer.rb +16 -8
- data/bundler/lib/bundler/installer/standalone.rb +2 -3
- data/bundler/lib/bundler/installer.rb +9 -9
- data/bundler/lib/bundler/lazy_specification.rb +28 -17
- data/bundler/lib/bundler/lockfile_generator.rb +9 -0
- data/bundler/lib/bundler/lockfile_parser.rb +81 -10
- data/bundler/lib/bundler/man/bundle-add.1 +3 -26
- data/bundler/lib/bundler/man/bundle-binstubs.1 +4 -16
- data/bundler/lib/bundler/man/bundle-cache.1 +3 -24
- data/bundler/lib/bundler/man/bundle-check.1 +3 -12
- data/bundler/lib/bundler/man/bundle-clean.1 +3 -10
- data/bundler/lib/bundler/man/bundle-config.1 +20 -211
- data/bundler/lib/bundler/man/bundle-config.1.ronn +6 -0
- data/bundler/lib/bundler/man/bundle-console.1 +4 -22
- data/bundler/lib/bundler/man/bundle-doctor.1 +4 -18
- data/bundler/lib/bundler/man/bundle-exec.1 +12 -73
- data/bundler/lib/bundler/man/bundle-gem.1 +13 -49
- data/bundler/lib/bundler/man/bundle-help.1 +3 -7
- data/bundler/lib/bundler/man/bundle-info.1 +3 -9
- data/bundler/lib/bundler/man/bundle-init.1 +3 -12
- data/bundler/lib/bundler/man/bundle-inject.1 +6 -19
- data/bundler/lib/bundler/man/bundle-install.1 +27 -125
- data/bundler/lib/bundler/man/bundle-install.1.ronn +1 -0
- data/bundler/lib/bundler/man/bundle-list.1 +4 -19
- data/bundler/lib/bundler/man/bundle-lock.1 +5 -29
- data/bundler/lib/bundler/man/bundle-open.1 +7 -27
- data/bundler/lib/bundler/man/bundle-outdated.1 +3 -55
- data/bundler/lib/bundler/man/bundle-outdated.1.ronn +1 -0
- data/bundler/lib/bundler/man/bundle-platform.1 +5 -27
- data/bundler/lib/bundler/man/bundle-plugin.1 +3 -29
- data/bundler/lib/bundler/man/bundle-pristine.1 +5 -16
- data/bundler/lib/bundler/man/bundle-remove.1 +4 -14
- data/bundler/lib/bundler/man/bundle-show.1 +3 -10
- data/bundler/lib/bundler/man/bundle-update.1 +18 -137
- data/bundler/lib/bundler/man/bundle-version.1 +3 -16
- data/bundler/lib/bundler/man/bundle-viz.1 +4 -16
- data/bundler/lib/bundler/man/bundle.1 +5 -44
- data/bundler/lib/bundler/man/gemfile.5 +24 -301
- data/bundler/lib/bundler/man/gemfile.5.ronn +4 -0
- data/bundler/lib/bundler/match_metadata.rb +4 -0
- data/bundler/lib/bundler/match_platform.rb +1 -1
- data/bundler/lib/bundler/plugin/api/source.rb +3 -2
- data/bundler/lib/bundler/plugin/index.rb +8 -0
- data/bundler/lib/bundler/plugin/installer.rb +1 -1
- data/bundler/lib/bundler/plugin.rb +12 -5
- data/bundler/lib/bundler/resolver/base.rb +1 -1
- data/bundler/lib/bundler/resolver/incompatibility.rb +1 -1
- data/bundler/lib/bundler/resolver/spec_group.rb +1 -4
- data/bundler/lib/bundler/resolver.rb +16 -16
- data/bundler/lib/bundler/ruby_dsl.rb +20 -12
- data/bundler/lib/bundler/ruby_version.rb +1 -1
- data/bundler/lib/bundler/rubygems_ext.rb +27 -54
- data/bundler/lib/bundler/rubygems_gem_installer.rb +23 -58
- data/bundler/lib/bundler/rubygems_integration.rb +25 -94
- data/bundler/lib/bundler/runtime.rb +2 -2
- data/bundler/lib/bundler/self_manager.rb +23 -7
- data/bundler/lib/bundler/settings.rb +27 -7
- data/bundler/lib/bundler/setup.rb +4 -1
- data/bundler/lib/bundler/shared_helpers.rb +35 -13
- data/bundler/lib/bundler/source/git/git_proxy.rb +22 -14
- data/bundler/lib/bundler/source/git.rb +4 -3
- data/bundler/lib/bundler/source/metadata.rb +16 -16
- data/bundler/lib/bundler/source/path.rb +7 -6
- data/bundler/lib/bundler/source/rubygems.rb +21 -14
- data/bundler/lib/bundler/source.rb +2 -0
- data/bundler/lib/bundler/spec_set.rb +43 -12
- data/bundler/lib/bundler/stub_specification.rb +1 -0
- data/bundler/lib/bundler/templates/Executable.bundler +1 -1
- data/bundler/lib/bundler/templates/newgem/README.md.tt +3 -3
- data/bundler/lib/bundler/templates/newgem/Rakefile.tt +2 -6
- data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +1 -1
- data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +1 -1
- data/bundler/lib/bundler/templates/newgem/standard.yml.tt +1 -1
- data/bundler/lib/bundler/ui/shell.rb +2 -2
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
- data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +53 -6
- data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +8 -20
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +4 -3
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +23 -11
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +1 -1
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +36 -36
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +3 -2
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +1 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +1 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +8 -10
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +15 -4
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +15 -15
- data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +140 -14
- data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +13 -4
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +4 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +16 -25
- data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +1 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +1 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor/nested_context.rb +2 -2
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +20 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +33 -17
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +27 -8
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +44 -6
- data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +2 -2
- data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +40 -30
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +26 -150
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +4 -46
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +3 -45
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/lcs_diff.rb +49 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +134 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +1 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +8 -7
- data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +1 -1
- data/bundler/lib/bundler/vendor/thor/lib/thor.rb +155 -8
- data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +3 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +256 -132
- data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1 -0
- data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +95 -31
- data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
- data/bundler/lib/bundler/vendored_net_http.rb +8 -0
- data/bundler/lib/bundler/vendored_persistent.rb +0 -4
- data/bundler/lib/bundler/vendored_timeout.rb +8 -0
- data/bundler/lib/bundler/version.rb +1 -1
- data/bundler/lib/bundler/vlad.rb +1 -1
- data/bundler/lib/bundler/yaml_serializer.rb +9 -4
- data/bundler/lib/bundler.rb +38 -35
- data/lib/rubygems/available_set.rb +4 -4
- data/lib/rubygems/basic_specification.rb +35 -37
- data/lib/rubygems/bundler_version_finder.rb +4 -4
- data/lib/rubygems/ci_detector.rb +75 -0
- data/lib/rubygems/command.rb +15 -17
- data/lib/rubygems/command_manager.rb +5 -4
- data/lib/rubygems/commands/build_command.rb +2 -2
- data/lib/rubygems/commands/cert_command.rb +2 -3
- data/lib/rubygems/commands/check_command.rb +4 -4
- data/lib/rubygems/commands/cleanup_command.rb +12 -14
- data/lib/rubygems/commands/contents_command.rb +5 -5
- data/lib/rubygems/commands/dependency_command.rb +4 -5
- data/lib/rubygems/commands/environment_command.rb +3 -5
- data/lib/rubygems/commands/exec_command.rb +1 -1
- data/lib/rubygems/commands/fetch_command.rb +2 -2
- data/lib/rubygems/commands/generate_index_command.rb +39 -74
- data/lib/rubygems/commands/help_command.rb +4 -4
- data/lib/rubygems/commands/info_command.rb +2 -2
- data/lib/rubygems/commands/install_command.rb +8 -16
- data/lib/rubygems/commands/list_command.rb +2 -2
- data/lib/rubygems/commands/lock_command.rb +1 -1
- data/lib/rubygems/commands/open_command.rb +1 -1
- data/lib/rubygems/commands/owner_command.rb +1 -1
- data/lib/rubygems/commands/pristine_command.rb +13 -15
- data/lib/rubygems/commands/push_command.rb +2 -2
- data/lib/rubygems/commands/query_command.rb +4 -5
- data/lib/rubygems/commands/rdoc_command.rb +2 -2
- data/lib/rubygems/commands/search_command.rb +2 -2
- data/lib/rubygems/commands/setup_command.rb +33 -36
- data/lib/rubygems/commands/sources_command.rb +12 -12
- data/lib/rubygems/commands/specification_command.rb +10 -10
- data/lib/rubygems/commands/stale_command.rb +1 -1
- data/lib/rubygems/commands/uninstall_command.rb +13 -14
- data/lib/rubygems/commands/unpack_command.rb +7 -7
- data/lib/rubygems/commands/update_command.rb +11 -13
- data/lib/rubygems/commands/which_command.rb +1 -1
- data/lib/rubygems/commands/yank_command.rb +1 -1
- data/lib/rubygems/compatibility.rb +5 -6
- data/lib/rubygems/config_file.rb +7 -7
- data/lib/rubygems/core_ext/kernel_gem.rb +0 -2
- data/lib/rubygems/core_ext/kernel_require.rb +20 -49
- data/lib/rubygems/core_ext/kernel_warn.rb +1 -1
- data/lib/rubygems/core_ext/tcpsocket_init.rb +1 -1
- data/lib/rubygems/defaults.rb +15 -3
- data/lib/rubygems/dependency.rb +12 -14
- data/lib/rubygems/dependency_installer.rb +30 -31
- data/lib/rubygems/dependency_list.rb +1 -1
- data/lib/rubygems/deprecate.rb +16 -15
- data/lib/rubygems/doctor.rb +6 -6
- data/lib/rubygems/errors.rb +2 -6
- data/lib/rubygems/exceptions.rb +2 -1
- data/lib/rubygems/ext/builder.rb +15 -10
- data/lib/rubygems/ext/cargo_builder.rb +5 -5
- data/lib/rubygems/ext/ext_conf_builder.rb +2 -4
- data/lib/rubygems/ext/rake_builder.rb +1 -1
- data/lib/rubygems/gem_runner.rb +4 -4
- data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +3 -3
- data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +3 -3
- data/lib/rubygems/gemcutter_utilities.rb +18 -19
- data/lib/rubygems/install_update_options.rb +18 -19
- data/lib/rubygems/installer.rb +66 -45
- data/lib/rubygems/installer_uninstaller_utils.rb +0 -2
- data/lib/rubygems/local_remote_options.rb +8 -11
- data/lib/rubygems/name_tuple.rb +7 -9
- data/lib/rubygems/net/http.rb +3 -0
- data/lib/rubygems/net-http/LICENSE.txt +22 -0
- data/lib/rubygems/net-http/lib/net/http/backward.rb +40 -0
- data/lib/rubygems/net-http/lib/net/http/exceptions.rb +34 -0
- data/lib/rubygems/net-http/lib/net/http/generic_request.rb +414 -0
- data/lib/rubygems/net-http/lib/net/http/header.rb +981 -0
- data/lib/rubygems/net-http/lib/net/http/proxy_delta.rb +17 -0
- data/lib/rubygems/net-http/lib/net/http/request.rb +88 -0
- data/lib/rubygems/net-http/lib/net/http/requests.rb +425 -0
- data/lib/rubygems/net-http/lib/net/http/response.rb +738 -0
- data/lib/rubygems/net-http/lib/net/http/responses.rb +1174 -0
- data/lib/rubygems/net-http/lib/net/http/status.rb +84 -0
- data/lib/rubygems/net-http/lib/net/http.rb +2496 -0
- data/lib/rubygems/net-http/lib/net/https.rb +23 -0
- data/lib/rubygems/net-protocol/LICENSE.txt +22 -0
- data/lib/rubygems/net-protocol/lib/net/protocol.rb +544 -0
- data/lib/rubygems/optparse/lib/optparse.rb +39 -17
- data/lib/rubygems/package/digest_io.rb +1 -1
- data/lib/rubygems/package/old.rb +2 -2
- data/lib/rubygems/package/tar_header.rb +45 -39
- data/lib/rubygems/package/tar_reader/entry.rb +5 -4
- data/lib/rubygems/package/tar_reader.rb +14 -5
- data/lib/rubygems/package/tar_writer.rb +20 -18
- data/lib/rubygems/package.rb +28 -27
- data/lib/rubygems/package_task.rb +2 -2
- data/lib/rubygems/path_support.rb +10 -11
- data/lib/rubygems/platform.rb +65 -48
- data/lib/rubygems/query_utils.rb +7 -9
- data/lib/rubygems/remote_fetcher.rb +17 -17
- data/lib/rubygems/request/connection_pools.rb +3 -3
- data/lib/rubygems/request.rb +20 -17
- data/lib/rubygems/request_set/gem_dependency_api.rb +120 -123
- data/lib/rubygems/request_set/lockfile/parser.rb +9 -9
- data/lib/rubygems/request_set/lockfile/tokenizer.rb +20 -12
- data/lib/rubygems/request_set/lockfile.rb +6 -11
- data/lib/rubygems/request_set.rb +5 -5
- data/lib/rubygems/requirement.rb +7 -7
- data/lib/rubygems/resolv/LICENSE.txt +22 -0
- data/lib/rubygems/resolv/lib/resolv.rb +3387 -0
- data/lib/rubygems/resolver/activation_request.rb +1 -3
- data/lib/rubygems/resolver/api_set/gem_parser.rb +7 -3
- data/lib/rubygems/resolver/best_set.rb +1 -1
- data/lib/rubygems/resolver/composed_set.rb +1 -1
- data/lib/rubygems/resolver/conflict.rb +4 -12
- data/lib/rubygems/resolver/index_set.rb +4 -4
- data/lib/rubygems/resolver/index_specification.rb +2 -2
- data/lib/rubygems/resolver/installer_set.rb +5 -6
- data/lib/rubygems/resolver/lock_set.rb +1 -1
- data/lib/rubygems/resolver.rb +6 -13
- data/lib/rubygems/s3_uri_signer.rb +6 -6
- data/lib/rubygems/safe_marshal/elements.rb +138 -0
- data/lib/rubygems/safe_marshal/reader.rb +306 -0
- data/lib/rubygems/safe_marshal/visitors/stream_printer.rb +31 -0
- data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +385 -0
- data/lib/rubygems/safe_marshal/visitors/visitor.rb +74 -0
- data/lib/rubygems/safe_marshal.rb +74 -0
- data/lib/rubygems/safe_yaml.rb +5 -28
- data/lib/rubygems/security/policies.rb +36 -38
- data/lib/rubygems/security/policy.rb +7 -11
- data/lib/rubygems/security/signer.rb +1 -1
- data/lib/rubygems/security/trust_dir.rb +4 -4
- data/lib/rubygems/security.rb +8 -22
- data/lib/rubygems/source/git.rb +1 -3
- data/lib/rubygems/source/installed.rb +0 -2
- data/lib/rubygems/source/local.rb +7 -9
- data/lib/rubygems/source/lock.rb +1 -3
- data/lib/rubygems/source/specific_file.rb +0 -1
- data/lib/rubygems/source/vendor.rb +0 -2
- data/lib/rubygems/source.rb +12 -12
- data/lib/rubygems/source_list.rb +5 -5
- data/lib/rubygems/spec_fetcher.rb +31 -31
- data/lib/rubygems/specification.rb +145 -150
- data/lib/rubygems/specification_policy.rb +61 -31
- data/lib/rubygems/stub_specification.rb +4 -5
- data/lib/rubygems/text.rb +1 -2
- data/lib/rubygems/timeout/LICENSE.txt +22 -0
- data/lib/rubygems/timeout/lib/timeout.rb +199 -0
- data/lib/rubygems/timeout.rb +3 -0
- data/lib/rubygems/tsort/lib/tsort.rb +3 -0
- data/lib/rubygems/uninstaller.rb +9 -11
- data/lib/rubygems/update_suggestion.rb +5 -18
- data/lib/rubygems/uri_formatter.rb +1 -1
- data/lib/rubygems/user_interaction.rb +17 -23
- data/lib/rubygems/util/licenses.rb +113 -35
- data/lib/rubygems/util/list.rb +3 -1
- data/lib/rubygems/util.rb +2 -4
- data/lib/rubygems/validator.rb +6 -4
- data/lib/rubygems/version.rb +35 -29
- data/lib/rubygems/version_option.rb +2 -5
- data/lib/rubygems/yaml_serializer.rb +9 -4
- data/lib/rubygems.rb +42 -42
- data/rubygems-update.gemspec +4 -4
- data/setup.rb +2 -2
- metadata +43 -225
- data/lib/rubygems/indexer.rb +0 -428
- data/lib/rubygems/mock_gem_ui.rb +0 -86
- data/test/rubygems/alternate_cert.pem +0 -19
- data/test/rubygems/alternate_cert_32.pem +0 -19
- data/test/rubygems/alternate_key.pem +0 -27
- data/test/rubygems/bad_rake.rb +0 -3
- data/test/rubygems/bundler_test_gem.rb +0 -424
- data/test/rubygems/ca_cert.pem +0 -77
- data/test/rubygems/child_cert.pem +0 -19
- data/test/rubygems/child_cert_32.pem +0 -19
- data/test/rubygems/child_key.pem +0 -27
- data/test/rubygems/client.pem +0 -107
- data/test/rubygems/data/excon-0.7.7.gemspec.rz +0 -0
- data/test/rubygems/data/gem-private_key.pem +0 -27
- data/test/rubygems/data/gem-public_cert.pem +0 -20
- data/test/rubygems/data/null-required-ruby-version.gemspec.rz +0 -0
- data/test/rubygems/data/null-required-rubygems-version.gemspec.rz +0 -0
- data/test/rubygems/data/pry-0.4.7.gemspec.rz +0 -0
- data/test/rubygems/encrypted_private_key.pem +0 -30
- data/test/rubygems/expired_cert.pem +0 -19
- data/test/rubygems/fake_certlib/openssl.rb +0 -9
- data/test/rubygems/foo/discover.rb +0 -1
- data/test/rubygems/future_cert.pem +0 -19
- data/test/rubygems/future_cert_32.pem +0 -19
- data/test/rubygems/good_rake.rb +0 -3
- data/test/rubygems/grandchild_cert.pem +0 -19
- data/test/rubygems/grandchild_cert_32.pem +0 -19
- data/test/rubygems/grandchild_key.pem +0 -27
- data/test/rubygems/helper.rb +0 -1649
- data/test/rubygems/installer_test_case.rb +0 -248
- data/test/rubygems/invalid_client.pem +0 -49
- data/test/rubygems/invalid_issuer_cert.pem +0 -20
- data/test/rubygems/invalid_issuer_cert_32.pem +0 -20
- data/test/rubygems/invalid_key.pem +0 -27
- data/test/rubygems/invalid_signer_cert.pem +0 -19
- data/test/rubygems/invalid_signer_cert_32.pem +0 -19
- data/test/rubygems/invalidchild_cert.pem +0 -19
- data/test/rubygems/invalidchild_cert_32.pem +0 -19
- data/test/rubygems/invalidchild_key.pem +0 -27
- data/test/rubygems/multifactor_auth_utilities.rb +0 -111
- data/test/rubygems/package/tar_test_case.rb +0 -175
- data/test/rubygems/packages/Bluebie-legs-0.6.2.gem +0 -0
- data/test/rubygems/packages/ascii_binder-0.1.10.1.gem +0 -0
- data/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem +0 -0
- data/test/rubygems/plugin/exception/rubygems_plugin.rb +0 -4
- data/test/rubygems/plugin/load/rubygems_plugin.rb +0 -5
- data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +0 -4
- data/test/rubygems/private3072_key.pem +0 -40
- data/test/rubygems/private_ec_key.pem +0 -9
- data/test/rubygems/private_key.pem +0 -27
- data/test/rubygems/public3072_cert.pem +0 -25
- data/test/rubygems/public_cert.pem +0 -20
- data/test/rubygems/public_cert_32.pem +0 -19
- data/test/rubygems/public_key.pem +0 -9
- data/test/rubygems/rubygems/commands/crash_command.rb +0 -5
- data/test/rubygems/rubygems_plugin.rb +0 -24
- data/test/rubygems/sff/discover.rb +0 -1
- data/test/rubygems/simple_gem.rb +0 -68
- data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -9
- data/test/rubygems/specifications/foo-0.0.1-x86-mswin32.gemspec +0 -0
- data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +0 -14
- data/test/rubygems/ssl_cert.pem +0 -80
- data/test/rubygems/ssl_key.pem +0 -27
- data/test/rubygems/test_bundled_ca.rb +0 -61
- data/test/rubygems/test_config.rb +0 -28
- data/test/rubygems/test_deprecate.rb +0 -158
- data/test/rubygems/test_exit.rb +0 -17
- data/test/rubygems/test_gem.rb +0 -1799
- data/test/rubygems/test_gem_available_set.rb +0 -130
- data/test/rubygems/test_gem_bundler_version_finder.rb +0 -127
- data/test/rubygems/test_gem_command.rb +0 -403
- data/test/rubygems/test_gem_command_manager.rb +0 -400
- data/test/rubygems/test_gem_commands_build_command.rb +0 -739
- data/test/rubygems/test_gem_commands_cert_command.rb +0 -866
- data/test/rubygems/test_gem_commands_check_command.rb +0 -68
- data/test/rubygems/test_gem_commands_cleanup_command.rb +0 -292
- data/test/rubygems/test_gem_commands_contents_command.rb +0 -271
- data/test/rubygems/test_gem_commands_dependency_command.rb +0 -228
- data/test/rubygems/test_gem_commands_environment_command.rb +0 -169
- data/test/rubygems/test_gem_commands_exec_command.rb +0 -857
- data/test/rubygems/test_gem_commands_fetch_command.rb +0 -258
- data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -81
- data/test/rubygems/test_gem_commands_help_command.rb +0 -94
- data/test/rubygems/test_gem_commands_info_command.rb +0 -70
- data/test/rubygems/test_gem_commands_install_command.rb +0 -1573
- data/test/rubygems/test_gem_commands_list_command.rb +0 -33
- data/test/rubygems/test_gem_commands_lock_command.rb +0 -67
- data/test/rubygems/test_gem_commands_mirror.rb +0 -20
- data/test/rubygems/test_gem_commands_open_command.rb +0 -101
- data/test/rubygems/test_gem_commands_outdated_command.rb +0 -50
- data/test/rubygems/test_gem_commands_owner_command.rb +0 -503
- data/test/rubygems/test_gem_commands_pristine_command.rb +0 -708
- data/test/rubygems/test_gem_commands_push_command.rb +0 -603
- data/test/rubygems/test_gem_commands_query_command.rb +0 -858
- data/test/rubygems/test_gem_commands_search_command.rb +0 -16
- data/test/rubygems/test_gem_commands_server_command.rb +0 -20
- data/test/rubygems/test_gem_commands_setup_command.rb +0 -474
- data/test/rubygems/test_gem_commands_signin_command.rb +0 -259
- data/test/rubygems/test_gem_commands_signout_command.rb +0 -30
- data/test/rubygems/test_gem_commands_sources_command.rb +0 -534
- data/test/rubygems/test_gem_commands_specification_command.rb +0 -277
- data/test/rubygems/test_gem_commands_stale_command.rb +0 -43
- data/test/rubygems/test_gem_commands_uninstall_command.rb +0 -522
- data/test/rubygems/test_gem_commands_unpack_command.rb +0 -224
- data/test/rubygems/test_gem_commands_update_command.rb +0 -836
- data/test/rubygems/test_gem_commands_which_command.rb +0 -85
- data/test/rubygems/test_gem_commands_yank_command.rb +0 -299
- data/test/rubygems/test_gem_config_file.rb +0 -551
- data/test/rubygems/test_gem_dependency.rb +0 -398
- data/test/rubygems/test_gem_dependency_installer.rb +0 -1190
- data/test/rubygems/test_gem_dependency_list.rb +0 -265
- data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -27
- data/test/rubygems/test_gem_doctor.rb +0 -195
- data/test/rubygems/test_gem_ext_builder.rb +0 -337
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/.gitignore +0 -1
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +0 -10
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock +0 -249
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.toml +0 -10
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/src/lib.rs +0 -27
- data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +0 -3
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/.gitignore +0 -1
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock +0 -249
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.toml +0 -10
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +0 -10
- data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/src/lib.rs +0 -51
- data/test/rubygems/test_gem_ext_cargo_builder.rb +0 -167
- data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +0 -34
- data/test/rubygems/test_gem_ext_cargo_builder_unit.rb +0 -60
- data/test/rubygems/test_gem_ext_cmake_builder.rb +0 -84
- data/test/rubygems/test_gem_ext_configure_builder.rb +0 -80
- data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -229
- data/test/rubygems/test_gem_ext_rake_builder.rb +0 -113
- data/test/rubygems/test_gem_gem_runner.rb +0 -119
- data/test/rubygems/test_gem_gemcutter_utilities.rb +0 -361
- data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -60
- data/test/rubygems/test_gem_indexer.rb +0 -381
- data/test/rubygems/test_gem_install_update_options.rb +0 -208
- data/test/rubygems/test_gem_installer.rb +0 -2512
- data/test/rubygems/test_gem_local_remote_options.rb +0 -133
- data/test/rubygems/test_gem_name_tuple.rb +0 -43
- data/test/rubygems/test_gem_package.rb +0 -1306
- data/test/rubygems/test_gem_package_old.rb +0 -91
- data/test/rubygems/test_gem_package_tar_header.rb +0 -226
- data/test/rubygems/test_gem_package_tar_reader.rb +0 -135
- data/test/rubygems/test_gem_package_tar_reader_entry.rb +0 -350
- data/test/rubygems/test_gem_package_tar_writer.rb +0 -331
- data/test/rubygems/test_gem_package_task.rb +0 -118
- data/test/rubygems/test_gem_path_support.rb +0 -139
- data/test/rubygems/test_gem_platform.rb +0 -497
- data/test/rubygems/test_gem_rdoc.rb +0 -137
- data/test/rubygems/test_gem_remote_fetcher.rb +0 -1227
- data/test/rubygems/test_gem_request.rb +0 -547
- data/test/rubygems/test_gem_request_connection_pools.rb +0 -152
- data/test/rubygems/test_gem_request_set.rb +0 -672
- data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +0 -853
- data/test/rubygems/test_gem_request_set_lockfile.rb +0 -469
- data/test/rubygems/test_gem_request_set_lockfile_parser.rb +0 -544
- data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +0 -307
- data/test/rubygems/test_gem_requirement.rb +0 -505
- data/test/rubygems/test_gem_resolver.rb +0 -859
- data/test/rubygems/test_gem_resolver_activation_request.rb +0 -43
- data/test/rubygems/test_gem_resolver_api_set.rb +0 -210
- data/test/rubygems/test_gem_resolver_api_specification.rb +0 -167
- data/test/rubygems/test_gem_resolver_best_set.rb +0 -159
- data/test/rubygems/test_gem_resolver_composed_set.rb +0 -44
- data/test/rubygems/test_gem_resolver_conflict.rb +0 -82
- data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -83
- data/test/rubygems/test_gem_resolver_git_set.rb +0 -188
- data/test/rubygems/test_gem_resolver_git_specification.rb +0 -114
- data/test/rubygems/test_gem_resolver_index_set.rb +0 -88
- data/test/rubygems/test_gem_resolver_index_specification.rb +0 -93
- data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -47
- data/test/rubygems/test_gem_resolver_installer_set.rb +0 -320
- data/test/rubygems/test_gem_resolver_local_specification.rb +0 -44
- data/test/rubygems/test_gem_resolver_lock_set.rb +0 -62
- data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -98
- data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -19
- data/test/rubygems/test_gem_resolver_specification.rb +0 -63
- data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -82
- data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -82
- data/test/rubygems/test_gem_security.rb +0 -341
- data/test/rubygems/test_gem_security_policy.rb +0 -535
- data/test/rubygems/test_gem_security_signer.rb +0 -218
- data/test/rubygems/test_gem_security_trust_dir.rb +0 -99
- data/test/rubygems/test_gem_silent_ui.rb +0 -123
- data/test/rubygems/test_gem_source.rb +0 -254
- data/test/rubygems/test_gem_source_fetch_problem.rb +0 -37
- data/test/rubygems/test_gem_source_git.rb +0 -310
- data/test/rubygems/test_gem_source_installed.rb +0 -35
- data/test/rubygems/test_gem_source_list.rb +0 -119
- data/test/rubygems/test_gem_source_local.rb +0 -107
- data/test/rubygems/test_gem_source_lock.rb +0 -113
- data/test/rubygems/test_gem_source_specific_file.rb +0 -76
- data/test/rubygems/test_gem_source_subpath_problem.rb +0 -50
- data/test/rubygems/test_gem_source_vendor.rb +0 -30
- data/test/rubygems/test_gem_spec_fetcher.rb +0 -338
- data/test/rubygems/test_gem_specification.rb +0 -3856
- data/test/rubygems/test_gem_stream_ui.rb +0 -255
- data/test/rubygems/test_gem_stub_specification.rb +0 -278
- data/test/rubygems/test_gem_text.rb +0 -103
- data/test/rubygems/test_gem_uninstaller.rb +0 -675
- data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -31
- data/test/rubygems/test_gem_update_suggestion.rb +0 -209
- data/test/rubygems/test_gem_uri.rb +0 -41
- data/test/rubygems/test_gem_uri_formatter.rb +0 -27
- data/test/rubygems/test_gem_util.rb +0 -91
- data/test/rubygems/test_gem_validator.rb +0 -42
- data/test/rubygems/test_gem_version.rb +0 -305
- data/test/rubygems/test_gem_version_option.rb +0 -165
- data/test/rubygems/test_kernel.rb +0 -124
- data/test/rubygems/test_project_sanity.rb +0 -49
- data/test/rubygems/test_remote_fetch_error.rb +0 -20
- data/test/rubygems/test_require.rb +0 -732
- data/test/rubygems/test_rubygems.rb +0 -76
- data/test/rubygems/test_webauthn_listener.rb +0 -143
- data/test/rubygems/test_webauthn_listener_response.rb +0 -93
- data/test/rubygems/test_webauthn_poller.rb +0 -124
- data/test/rubygems/utilities.rb +0 -436
- data/test/rubygems/wrong_key_cert.pem +0 -19
- data/test/rubygems/wrong_key_cert_32.pem +0 -19
- data/test/test_changelog_generator.rb +0 -17
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Gem::SafeMarshal::Visitors
|
|
4
|
+
class Visitor
|
|
5
|
+
def visit(target)
|
|
6
|
+
send DISPATCH.fetch(target.class), target
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
private
|
|
10
|
+
|
|
11
|
+
DISPATCH = Gem::SafeMarshal::Elements.constants.each_with_object({}) do |c, h|
|
|
12
|
+
next if c == :Element
|
|
13
|
+
|
|
14
|
+
klass = Gem::SafeMarshal::Elements.const_get(c)
|
|
15
|
+
h[klass] = :"visit_#{klass.name.gsub("::", "_")}"
|
|
16
|
+
h.default = :visit_unknown_element
|
|
17
|
+
end.compare_by_identity.freeze
|
|
18
|
+
private_constant :DISPATCH
|
|
19
|
+
|
|
20
|
+
def visit_unknown_element(e)
|
|
21
|
+
raise ArgumentError, "Attempting to visit unknown element #{e.inspect}"
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def visit_Gem_SafeMarshal_Elements_Array(target)
|
|
25
|
+
target.elements.each {|e| visit(e) }
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def visit_Gem_SafeMarshal_Elements_Bignum(target); end
|
|
29
|
+
def visit_Gem_SafeMarshal_Elements_False(target); end
|
|
30
|
+
def visit_Gem_SafeMarshal_Elements_Float(target); end
|
|
31
|
+
|
|
32
|
+
def visit_Gem_SafeMarshal_Elements_Hash(target)
|
|
33
|
+
target.pairs.each do |k, v|
|
|
34
|
+
visit(k)
|
|
35
|
+
visit(v)
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def visit_Gem_SafeMarshal_Elements_HashWithDefaultValue(target)
|
|
40
|
+
visit_Gem_SafeMarshal_Elements_Hash(target)
|
|
41
|
+
visit(target.default)
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def visit_Gem_SafeMarshal_Elements_Integer(target); end
|
|
45
|
+
def visit_Gem_SafeMarshal_Elements_Nil(target); end
|
|
46
|
+
|
|
47
|
+
def visit_Gem_SafeMarshal_Elements_Object(target)
|
|
48
|
+
visit(target.name)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def visit_Gem_SafeMarshal_Elements_ObjectLink(target); end
|
|
52
|
+
def visit_Gem_SafeMarshal_Elements_String(target); end
|
|
53
|
+
def visit_Gem_SafeMarshal_Elements_Symbol(target); end
|
|
54
|
+
def visit_Gem_SafeMarshal_Elements_SymbolLink(target); end
|
|
55
|
+
def visit_Gem_SafeMarshal_Elements_True(target); end
|
|
56
|
+
|
|
57
|
+
def visit_Gem_SafeMarshal_Elements_UserDefined(target)
|
|
58
|
+
visit(target.name)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def visit_Gem_SafeMarshal_Elements_UserMarshal(target)
|
|
62
|
+
visit(target.name)
|
|
63
|
+
visit(target.data)
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def visit_Gem_SafeMarshal_Elements_WithIvars(target)
|
|
67
|
+
visit(target.object)
|
|
68
|
+
target.ivars.each do |k, v|
|
|
69
|
+
visit(k)
|
|
70
|
+
visit(v)
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "stringio"
|
|
4
|
+
|
|
5
|
+
require_relative "safe_marshal/reader"
|
|
6
|
+
require_relative "safe_marshal/visitors/to_ruby"
|
|
7
|
+
|
|
8
|
+
module Gem
|
|
9
|
+
###
|
|
10
|
+
# This module is used for safely loading Marshal specs from a gem. The
|
|
11
|
+
# `safe_load` method defined on this module is specifically designed for
|
|
12
|
+
# loading Gem specifications.
|
|
13
|
+
|
|
14
|
+
module SafeMarshal
|
|
15
|
+
PERMITTED_CLASSES = %w[
|
|
16
|
+
Date
|
|
17
|
+
Time
|
|
18
|
+
Rational
|
|
19
|
+
|
|
20
|
+
Gem::Dependency
|
|
21
|
+
Gem::NameTuple
|
|
22
|
+
Gem::Platform
|
|
23
|
+
Gem::Requirement
|
|
24
|
+
Gem::Specification
|
|
25
|
+
Gem::Version
|
|
26
|
+
Gem::Version::Requirement
|
|
27
|
+
|
|
28
|
+
YAML::Syck::DefaultKey
|
|
29
|
+
YAML::PrivateType
|
|
30
|
+
].freeze
|
|
31
|
+
private_constant :PERMITTED_CLASSES
|
|
32
|
+
|
|
33
|
+
PERMITTED_SYMBOLS = %w[
|
|
34
|
+
development
|
|
35
|
+
runtime
|
|
36
|
+
|
|
37
|
+
name
|
|
38
|
+
number
|
|
39
|
+
platform
|
|
40
|
+
dependencies
|
|
41
|
+
].freeze
|
|
42
|
+
private_constant :PERMITTED_SYMBOLS
|
|
43
|
+
|
|
44
|
+
PERMITTED_IVARS = {
|
|
45
|
+
"String" => %w[E encoding @taguri @debug_created_info],
|
|
46
|
+
"Time" => %w[
|
|
47
|
+
offset zone nano_num nano_den submicro
|
|
48
|
+
@_zone @marshal_with_utc_coercion
|
|
49
|
+
],
|
|
50
|
+
"Gem::Dependency" => %w[
|
|
51
|
+
@name @requirement @prerelease @version_requirement @version_requirements @type
|
|
52
|
+
@force_ruby_platform
|
|
53
|
+
],
|
|
54
|
+
"Gem::NameTuple" => %w[@name @version @platform],
|
|
55
|
+
"Gem::Platform" => %w[@os @cpu @version],
|
|
56
|
+
"Psych::PrivateType" => %w[@value @type_id],
|
|
57
|
+
}.freeze
|
|
58
|
+
private_constant :PERMITTED_IVARS
|
|
59
|
+
|
|
60
|
+
def self.safe_load(input)
|
|
61
|
+
load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, permitted_ivars: PERMITTED_IVARS)
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def self.load(input, permitted_classes: [::Symbol], permitted_symbols: [], permitted_ivars: {})
|
|
65
|
+
root = Reader.new(StringIO.new(input, "r").binmode).read!
|
|
66
|
+
|
|
67
|
+
Visitors::ToRuby.new(
|
|
68
|
+
permitted_classes: permitted_classes,
|
|
69
|
+
permitted_symbols: permitted_symbols,
|
|
70
|
+
permitted_ivars: permitted_ivars,
|
|
71
|
+
).visit(root)
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
data/lib/rubygems/safe_yaml.rb
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
module Gem
|
|
4
|
-
|
|
5
4
|
###
|
|
6
5
|
# This module is used for safely loading YAML specs from a gem. The
|
|
7
6
|
# `safe_load` method defined on this module is specifically designed for
|
|
@@ -26,34 +25,12 @@ module Gem
|
|
|
26
25
|
runtime
|
|
27
26
|
].freeze
|
|
28
27
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
::Psych.safe_load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, aliases: true)
|
|
33
|
-
else
|
|
34
|
-
::Psych.safe_load(input, PERMITTED_CLASSES, PERMITTED_SYMBOLS, true)
|
|
35
|
-
end
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
def self.load(input)
|
|
39
|
-
if Gem::Version.new(Psych::VERSION) >= Gem::Version.new("3.1.0.pre1")
|
|
40
|
-
::Psych.safe_load(input, permitted_classes: [::Symbol])
|
|
41
|
-
else
|
|
42
|
-
::Psych.safe_load(input, [::Symbol])
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
else
|
|
46
|
-
unless Gem::Deprecate.skip
|
|
47
|
-
warn "Psych safe loading is not available. Please upgrade psych to a version that supports safe loading (>= 2.0)."
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
def self.safe_load(input, *args)
|
|
51
|
-
::Psych.load input
|
|
52
|
-
end
|
|
28
|
+
def self.safe_load(input)
|
|
29
|
+
::Psych.safe_load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, aliases: true)
|
|
30
|
+
end
|
|
53
31
|
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
end
|
|
32
|
+
def self.load(input)
|
|
33
|
+
::Psych.safe_load(input, permitted_classes: [::Symbol])
|
|
57
34
|
end
|
|
58
35
|
end
|
|
59
36
|
end
|
|
@@ -1,18 +1,17 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
module Gem::Security
|
|
4
|
-
|
|
5
4
|
##
|
|
6
5
|
# No security policy: all package signature checks are disabled.
|
|
7
6
|
|
|
8
7
|
NoSecurity = Policy.new(
|
|
9
8
|
"No Security",
|
|
10
|
-
:
|
|
11
|
-
:
|
|
12
|
-
:
|
|
13
|
-
:
|
|
14
|
-
:
|
|
15
|
-
:
|
|
9
|
+
verify_data: false,
|
|
10
|
+
verify_signer: false,
|
|
11
|
+
verify_chain: false,
|
|
12
|
+
verify_root: false,
|
|
13
|
+
only_trusted: false,
|
|
14
|
+
only_signed: false
|
|
16
15
|
)
|
|
17
16
|
|
|
18
17
|
##
|
|
@@ -25,12 +24,12 @@ module Gem::Security
|
|
|
25
24
|
|
|
26
25
|
AlmostNoSecurity = Policy.new(
|
|
27
26
|
"Almost No Security",
|
|
28
|
-
:
|
|
29
|
-
:
|
|
30
|
-
:
|
|
31
|
-
:
|
|
32
|
-
:
|
|
33
|
-
:
|
|
27
|
+
verify_data: true,
|
|
28
|
+
verify_signer: false,
|
|
29
|
+
verify_chain: false,
|
|
30
|
+
verify_root: false,
|
|
31
|
+
only_trusted: false,
|
|
32
|
+
only_signed: false
|
|
34
33
|
)
|
|
35
34
|
|
|
36
35
|
##
|
|
@@ -42,12 +41,12 @@ module Gem::Security
|
|
|
42
41
|
|
|
43
42
|
LowSecurity = Policy.new(
|
|
44
43
|
"Low Security",
|
|
45
|
-
:
|
|
46
|
-
:
|
|
47
|
-
:
|
|
48
|
-
:
|
|
49
|
-
:
|
|
50
|
-
:
|
|
44
|
+
verify_data: true,
|
|
45
|
+
verify_signer: true,
|
|
46
|
+
verify_chain: false,
|
|
47
|
+
verify_root: false,
|
|
48
|
+
only_trusted: false,
|
|
49
|
+
only_signed: false
|
|
51
50
|
)
|
|
52
51
|
|
|
53
52
|
##
|
|
@@ -61,12 +60,12 @@ module Gem::Security
|
|
|
61
60
|
|
|
62
61
|
MediumSecurity = Policy.new(
|
|
63
62
|
"Medium Security",
|
|
64
|
-
:
|
|
65
|
-
:
|
|
66
|
-
:
|
|
67
|
-
:
|
|
68
|
-
:
|
|
69
|
-
:
|
|
63
|
+
verify_data: true,
|
|
64
|
+
verify_signer: true,
|
|
65
|
+
verify_chain: true,
|
|
66
|
+
verify_root: true,
|
|
67
|
+
only_trusted: true,
|
|
68
|
+
only_signed: false
|
|
70
69
|
)
|
|
71
70
|
|
|
72
71
|
##
|
|
@@ -80,12 +79,12 @@ module Gem::Security
|
|
|
80
79
|
|
|
81
80
|
HighSecurity = Policy.new(
|
|
82
81
|
"High Security",
|
|
83
|
-
:
|
|
84
|
-
:
|
|
85
|
-
:
|
|
86
|
-
:
|
|
87
|
-
:
|
|
88
|
-
:
|
|
82
|
+
verify_data: true,
|
|
83
|
+
verify_signer: true,
|
|
84
|
+
verify_chain: true,
|
|
85
|
+
verify_root: true,
|
|
86
|
+
only_trusted: true,
|
|
87
|
+
only_signed: true
|
|
89
88
|
)
|
|
90
89
|
|
|
91
90
|
##
|
|
@@ -93,12 +92,12 @@ module Gem::Security
|
|
|
93
92
|
|
|
94
93
|
SigningPolicy = Policy.new(
|
|
95
94
|
"Signing Policy",
|
|
96
|
-
:
|
|
97
|
-
:
|
|
98
|
-
:
|
|
99
|
-
:
|
|
100
|
-
:
|
|
101
|
-
:
|
|
95
|
+
verify_data: false,
|
|
96
|
+
verify_signer: true,
|
|
97
|
+
verify_chain: true,
|
|
98
|
+
verify_root: true,
|
|
99
|
+
only_trusted: false,
|
|
100
|
+
only_signed: false
|
|
102
101
|
)
|
|
103
102
|
|
|
104
103
|
##
|
|
@@ -112,5 +111,4 @@ module Gem::Security
|
|
|
112
111
|
"HighSecurity" => HighSecurity,
|
|
113
112
|
# SigningPolicy is not intended for use by `gem -P` so do not list it
|
|
114
113
|
}.freeze
|
|
115
|
-
|
|
116
114
|
end
|
|
@@ -135,7 +135,7 @@ class Gem::Security::Policy
|
|
|
135
135
|
raise Gem::Security::Exception, "missing root certificate" unless root
|
|
136
136
|
|
|
137
137
|
raise Gem::Security::Exception,
|
|
138
|
-
"root certificate #{root.subject} is not self-signed "
|
|
138
|
+
"root certificate #{root.subject} is not self-signed " \
|
|
139
139
|
"(issuer #{root.issuer})" if
|
|
140
140
|
root.issuer != root.subject
|
|
141
141
|
|
|
@@ -171,7 +171,7 @@ class Gem::Security::Policy
|
|
|
171
171
|
cert_dgst = digester.digest pkey_str
|
|
172
172
|
|
|
173
173
|
raise Gem::Security::Exception,
|
|
174
|
-
"trusted root certificate #{root.subject} checksum "
|
|
174
|
+
"trusted root certificate #{root.subject} checksum " \
|
|
175
175
|
"does not match signing root certificate checksum" unless
|
|
176
176
|
save_dgst == cert_dgst
|
|
177
177
|
|
|
@@ -192,11 +192,8 @@ class Gem::Security::Policy
|
|
|
192
192
|
end
|
|
193
193
|
|
|
194
194
|
def inspect # :nodoc:
|
|
195
|
-
("[Policy: %s - data: %p signer: %p chain: %p root: %p "
|
|
196
|
-
"signed-only: %p trusted-only: %p]"
|
|
197
|
-
@name, @verify_chain, @verify_data, @verify_root, @verify_signer,
|
|
198
|
-
@only_signed, @only_trusted
|
|
199
|
-
]
|
|
195
|
+
format("[Policy: %s - data: %p signer: %p chain: %p root: %p " \
|
|
196
|
+
"signed-only: %p trusted-only: %p]", @name, @verify_chain, @verify_data, @verify_root, @verify_signer, @only_signed, @only_trusted)
|
|
200
197
|
end
|
|
201
198
|
|
|
202
199
|
##
|
|
@@ -206,8 +203,7 @@ class Gem::Security::Policy
|
|
|
206
203
|
#
|
|
207
204
|
# If +key+ is given it is used to validate the signing certificate.
|
|
208
205
|
|
|
209
|
-
def verify(chain, key = nil, digests = {}, signatures = {},
|
|
210
|
-
full_name = "(unknown)")
|
|
206
|
+
def verify(chain, key = nil, digests = {}, signatures = {}, full_name = "(unknown)")
|
|
211
207
|
if signatures.empty?
|
|
212
208
|
if @only_signed
|
|
213
209
|
raise Gem::Security::Exception,
|
|
@@ -226,7 +222,7 @@ class Gem::Security::Policy
|
|
|
226
222
|
trust_dir = opt[:trust_dir]
|
|
227
223
|
time = Time.now
|
|
228
224
|
|
|
229
|
-
_, signer_digests = digests.find do |
|
|
225
|
+
_, signer_digests = digests.find do |_algorithm, file_digests|
|
|
230
226
|
file_digests.values.first.name == Gem::Security::DIGEST_NAME
|
|
231
227
|
end
|
|
232
228
|
|
|
@@ -288,5 +284,5 @@ class Gem::Security::Policy
|
|
|
288
284
|
true
|
|
289
285
|
end
|
|
290
286
|
|
|
291
|
-
|
|
287
|
+
alias_method :to_s, :name # :nodoc:
|
|
292
288
|
end
|
|
@@ -106,7 +106,7 @@ class Gem::Security::Signer
|
|
|
106
106
|
# this value is preferred, otherwise the subject is used.
|
|
107
107
|
|
|
108
108
|
def extract_name(cert) # :nodoc:
|
|
109
|
-
subject_alt_name = cert.extensions.find {|e| "subjectAltName"
|
|
109
|
+
subject_alt_name = cert.extensions.find {|e| e.oid == "subjectAltName" }
|
|
110
110
|
|
|
111
111
|
if subject_alt_name
|
|
112
112
|
/\Aemail:/ =~ subject_alt_name.value # rubocop:disable Performance/StartWith
|
|
@@ -9,8 +9,8 @@ class Gem::Security::TrustDir
|
|
|
9
9
|
# Default permissions for the trust directory and its contents
|
|
10
10
|
|
|
11
11
|
DEFAULT_PERMISSIONS = {
|
|
12
|
-
:
|
|
13
|
-
:
|
|
12
|
+
trust_dir: 0o700,
|
|
13
|
+
trusted_cert: 0o600,
|
|
14
14
|
}.freeze
|
|
15
15
|
|
|
16
16
|
##
|
|
@@ -49,7 +49,7 @@ class Gem::Security::TrustDir
|
|
|
49
49
|
|
|
50
50
|
yield certificate, certificate_file
|
|
51
51
|
rescue OpenSSL::X509::CertificateError
|
|
52
|
-
next # HACK warn
|
|
52
|
+
next # HACK: warn
|
|
53
53
|
end
|
|
54
54
|
end
|
|
55
55
|
|
|
@@ -111,7 +111,7 @@ class Gem::Security::TrustDir
|
|
|
111
111
|
|
|
112
112
|
FileUtils.chmod 0o700, @dir
|
|
113
113
|
else
|
|
114
|
-
FileUtils.mkdir_p @dir, :
|
|
114
|
+
FileUtils.mkdir_p @dir, mode: @permissions[:trust_dir]
|
|
115
115
|
end
|
|
116
116
|
end
|
|
117
117
|
end
|
data/lib/rubygems/security.rb
CHANGED
|
@@ -326,7 +326,6 @@ require_relative "openssl"
|
|
|
326
326
|
# http://pablotron.org/
|
|
327
327
|
|
|
328
328
|
module Gem::Security
|
|
329
|
-
|
|
330
329
|
##
|
|
331
330
|
# Gem::Security default exception type
|
|
332
331
|
|
|
@@ -399,8 +398,7 @@ module Gem::Security
|
|
|
399
398
|
#
|
|
400
399
|
# The +extensions+ restrict the key to the indicated uses.
|
|
401
400
|
|
|
402
|
-
def self.create_cert(subject, key, age = ONE_YEAR, extensions = EXTENSIONS,
|
|
403
|
-
serial = 1)
|
|
401
|
+
def self.create_cert(subject, key, age = ONE_YEAR, extensions = EXTENSIONS, serial = 1)
|
|
404
402
|
cert = OpenSSL::X509::Certificate.new
|
|
405
403
|
|
|
406
404
|
cert.public_key = get_public_key(key)
|
|
@@ -451,8 +449,7 @@ module Gem::Security
|
|
|
451
449
|
# Creates a self-signed certificate with an issuer and subject of +subject+
|
|
452
450
|
# and the given +extensions+ for the +key+.
|
|
453
451
|
|
|
454
|
-
def self.create_cert_self_signed(subject, key, age = ONE_YEAR,
|
|
455
|
-
extensions = EXTENSIONS, serial = 1)
|
|
452
|
+
def self.create_cert_self_signed(subject, key, age = ONE_YEAR, extensions = EXTENSIONS, serial = 1)
|
|
456
453
|
certificate = create_cert subject, key, age, extensions
|
|
457
454
|
|
|
458
455
|
sign certificate, key, certificate, age, extensions, serial
|
|
@@ -462,16 +459,8 @@ module Gem::Security
|
|
|
462
459
|
# Creates a new digest instance using the specified +algorithm+. The default
|
|
463
460
|
# is SHA256.
|
|
464
461
|
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
OpenSSL::Digest.new(algorithm)
|
|
468
|
-
end
|
|
469
|
-
else
|
|
470
|
-
require "digest"
|
|
471
|
-
|
|
472
|
-
def self.create_digest(algorithm = DIGEST_NAME)
|
|
473
|
-
Digest.const_get(algorithm).new
|
|
474
|
-
end
|
|
462
|
+
def self.create_digest(algorithm = DIGEST_NAME)
|
|
463
|
+
OpenSSL::Digest.new(algorithm)
|
|
475
464
|
end
|
|
476
465
|
|
|
477
466
|
##
|
|
@@ -516,11 +505,10 @@ module Gem::Security
|
|
|
516
505
|
#--
|
|
517
506
|
# TODO increment serial
|
|
518
507
|
|
|
519
|
-
def self.re_sign(expired_certificate, private_key, age = ONE_YEAR,
|
|
520
|
-
extensions = EXTENSIONS)
|
|
508
|
+
def self.re_sign(expired_certificate, private_key, age = ONE_YEAR, extensions = EXTENSIONS)
|
|
521
509
|
raise Gem::Security::Exception,
|
|
522
510
|
"incorrect signing key for re-signing " +
|
|
523
|
-
|
|
511
|
+
expired_certificate.subject.to_s unless
|
|
524
512
|
expired_certificate.check_private_key(private_key)
|
|
525
513
|
|
|
526
514
|
unless expired_certificate.subject.to_s ==
|
|
@@ -529,7 +517,7 @@ module Gem::Security
|
|
|
529
517
|
issuer = alt_name_or_x509_entry expired_certificate, :issuer
|
|
530
518
|
|
|
531
519
|
raise Gem::Security::Exception,
|
|
532
|
-
"#{subject} is not self-signed, contact #{issuer} "
|
|
520
|
+
"#{subject} is not self-signed, contact #{issuer} " \
|
|
533
521
|
"to obtain a valid certificate"
|
|
534
522
|
end
|
|
535
523
|
|
|
@@ -553,8 +541,7 @@ module Gem::Security
|
|
|
553
541
|
#
|
|
554
542
|
# Returns the newly signed certificate.
|
|
555
543
|
|
|
556
|
-
def self.sign(certificate, signing_key, signing_cert,
|
|
557
|
-
age = ONE_YEAR, extensions = EXTENSIONS, serial = 1)
|
|
544
|
+
def self.sign(certificate, signing_key, signing_cert, age = ONE_YEAR, extensions = EXTENSIONS, serial = 1)
|
|
558
545
|
signee_subject = certificate.subject
|
|
559
546
|
signee_key = certificate.public_key
|
|
560
547
|
|
|
@@ -617,7 +604,6 @@ module Gem::Security
|
|
|
617
604
|
end
|
|
618
605
|
|
|
619
606
|
reset
|
|
620
|
-
|
|
621
607
|
end
|
|
622
608
|
|
|
623
609
|
if Gem::HAVE_OPENSSL
|
data/lib/rubygems/source/git.rb
CHANGED
|
@@ -70,8 +70,6 @@ class Gem::Source::Git < Gem::Source
|
|
|
70
70
|
-1
|
|
71
71
|
when Gem::Source then
|
|
72
72
|
1
|
|
73
|
-
else
|
|
74
|
-
nil
|
|
75
73
|
end
|
|
76
74
|
end
|
|
77
75
|
|
|
@@ -229,7 +227,7 @@ class Gem::Source::Git < Gem::Source
|
|
|
229
227
|
require_relative "../openssl"
|
|
230
228
|
|
|
231
229
|
normalized =
|
|
232
|
-
if @repository
|
|
230
|
+
if @repository.match?(%r{^\w+://(\w+@)?})
|
|
233
231
|
uri = URI(@repository).normalize.to_s.sub %r{/$},""
|
|
234
232
|
uri.sub(/\A(\w+)/) { $1.downcase }
|
|
235
233
|
else
|
|
@@ -24,14 +24,12 @@ class Gem::Source::Local < Gem::Source
|
|
|
24
24
|
0
|
|
25
25
|
when Gem::Source then
|
|
26
26
|
1
|
|
27
|
-
else
|
|
28
|
-
nil
|
|
29
27
|
end
|
|
30
28
|
end
|
|
31
29
|
|
|
32
30
|
def inspect # :nodoc:
|
|
33
31
|
keys = @specs ? @specs.keys.sort : "NOT LOADED"
|
|
34
|
-
"#<%s specs: %p>"
|
|
32
|
+
format("#<%s specs: %p>", self.class, keys)
|
|
35
33
|
end
|
|
36
34
|
|
|
37
35
|
def load_specs(type) # :nodoc:
|
|
@@ -42,10 +40,11 @@ class Gem::Source::Local < Gem::Source
|
|
|
42
40
|
|
|
43
41
|
Dir["*.gem"].each do |file|
|
|
44
42
|
pkg = Gem::Package.new(file)
|
|
43
|
+
spec = pkg.spec
|
|
45
44
|
rescue SystemCallError, Gem::Package::FormatError
|
|
46
|
-
|
|
45
|
+
# ignore
|
|
47
46
|
else
|
|
48
|
-
tup =
|
|
47
|
+
tup = spec.name_tuple
|
|
49
48
|
@specs[tup] = [File.expand_path(file), pkg]
|
|
50
49
|
|
|
51
50
|
case type
|
|
@@ -76,8 +75,7 @@ class Gem::Source::Local < Gem::Source
|
|
|
76
75
|
end
|
|
77
76
|
end
|
|
78
77
|
|
|
79
|
-
def find_gem(gem_name, version = Gem::Requirement.default, # :nodoc:
|
|
80
|
-
prerelease = false)
|
|
78
|
+
def find_gem(gem_name, version = Gem::Requirement.default, prerelease = false) # :nodoc:
|
|
81
79
|
load_specs :complete
|
|
82
80
|
|
|
83
81
|
found = []
|
|
@@ -95,7 +93,7 @@ class Gem::Source::Local < Gem::Source
|
|
|
95
93
|
end
|
|
96
94
|
end
|
|
97
95
|
|
|
98
|
-
found.max_by
|
|
96
|
+
found.max_by(&:version)
|
|
99
97
|
end
|
|
100
98
|
|
|
101
99
|
def fetch_spec(name) # :nodoc:
|
|
@@ -111,7 +109,7 @@ class Gem::Source::Local < Gem::Source
|
|
|
111
109
|
def download(spec, cache_dir = nil) # :nodoc:
|
|
112
110
|
load_specs :complete
|
|
113
111
|
|
|
114
|
-
@specs.each do |
|
|
112
|
+
@specs.each do |_name, data|
|
|
115
113
|
return data[0] if data[1].spec == spec
|
|
116
114
|
end
|
|
117
115
|
|
data/lib/rubygems/source/lock.rb
CHANGED