rubygems-update 3.4.22 → 3.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (540) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +105 -2
  3. data/Manifest.txt +46 -221
  4. data/README.md +1 -3
  5. data/bundler/CHANGELOG.md +63 -0
  6. data/bundler/bundler.gemspec +4 -2
  7. data/bundler/exe/bundle +1 -10
  8. data/bundler/lib/bundler/build_metadata.rb +3 -3
  9. data/bundler/lib/bundler/capistrano.rb +1 -1
  10. data/bundler/lib/bundler/checksum.rb +254 -0
  11. data/bundler/lib/bundler/ci_detector.rb +75 -0
  12. data/bundler/lib/bundler/cli/add.rb +3 -3
  13. data/bundler/lib/bundler/cli/binstubs.rb +4 -4
  14. data/bundler/lib/bundler/cli/cache.rb +1 -1
  15. data/bundler/lib/bundler/cli/check.rb +1 -1
  16. data/bundler/lib/bundler/cli/common.rb +9 -1
  17. data/bundler/lib/bundler/cli/config.rb +8 -7
  18. data/bundler/lib/bundler/cli/console.rb +3 -2
  19. data/bundler/lib/bundler/cli/doctor.rb +2 -2
  20. data/bundler/lib/bundler/cli/exec.rb +1 -1
  21. data/bundler/lib/bundler/cli/gem.rb +28 -23
  22. data/bundler/lib/bundler/cli/info.rb +2 -13
  23. data/bundler/lib/bundler/cli/install.rb +5 -4
  24. data/bundler/lib/bundler/cli/issue.rb +1 -1
  25. data/bundler/lib/bundler/cli/lock.rb +4 -4
  26. data/bundler/lib/bundler/cli/open.rb +1 -1
  27. data/bundler/lib/bundler/cli/outdated.rb +6 -6
  28. data/bundler/lib/bundler/cli/plugin.rb +7 -14
  29. data/bundler/lib/bundler/cli/pristine.rb +38 -30
  30. data/bundler/lib/bundler/cli/show.rb +2 -2
  31. data/bundler/lib/bundler/cli/update.rb +5 -5
  32. data/bundler/lib/bundler/cli.rb +215 -263
  33. data/bundler/lib/bundler/compact_index_client/cache.rb +29 -9
  34. data/bundler/lib/bundler/compact_index_client/cache_file.rb +153 -0
  35. data/bundler/lib/bundler/compact_index_client/gem_parser.rb +7 -3
  36. data/bundler/lib/bundler/compact_index_client/updater.rb +79 -81
  37. data/bundler/lib/bundler/compact_index_client.rb +14 -7
  38. data/bundler/lib/bundler/constants.rb +1 -1
  39. data/bundler/lib/bundler/current_ruby.rb +5 -21
  40. data/bundler/lib/bundler/definition.rb +42 -15
  41. data/bundler/lib/bundler/dependency.rb +16 -12
  42. data/bundler/lib/bundler/digest.rb +2 -2
  43. data/bundler/lib/bundler/dsl.rb +46 -30
  44. data/bundler/lib/bundler/endpoint_specification.rb +5 -1
  45. data/bundler/lib/bundler/env.rb +1 -3
  46. data/bundler/lib/bundler/errors.rb +43 -0
  47. data/bundler/lib/bundler/fetcher/base.rb +3 -1
  48. data/bundler/lib/bundler/fetcher/compact_index.rb +4 -4
  49. data/bundler/lib/bundler/fetcher/downloader.rb +13 -11
  50. data/bundler/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
  51. data/bundler/lib/bundler/fetcher/index.rb +1 -1
  52. data/bundler/lib/bundler/fetcher.rb +28 -25
  53. data/bundler/lib/bundler/friendly_errors.rb +5 -5
  54. data/bundler/lib/bundler/gem_helper.rb +1 -1
  55. data/bundler/lib/bundler/gem_helpers.rb +5 -2
  56. data/bundler/lib/bundler/graph.rb +9 -9
  57. data/bundler/lib/bundler/index.rb +1 -2
  58. data/bundler/lib/bundler/injector.rb +1 -1
  59. data/bundler/lib/bundler/inline.rb +3 -3
  60. data/bundler/lib/bundler/installer/gem_installer.rb +5 -5
  61. data/bundler/lib/bundler/installer/parallel_installer.rb +16 -8
  62. data/bundler/lib/bundler/installer/standalone.rb +2 -3
  63. data/bundler/lib/bundler/installer.rb +9 -9
  64. data/bundler/lib/bundler/lazy_specification.rb +24 -17
  65. data/bundler/lib/bundler/lockfile_generator.rb +9 -0
  66. data/bundler/lib/bundler/lockfile_parser.rb +81 -10
  67. data/bundler/lib/bundler/man/bundle-add.1 +3 -26
  68. data/bundler/lib/bundler/man/bundle-binstubs.1 +4 -16
  69. data/bundler/lib/bundler/man/bundle-cache.1 +3 -24
  70. data/bundler/lib/bundler/man/bundle-check.1 +3 -12
  71. data/bundler/lib/bundler/man/bundle-clean.1 +3 -10
  72. data/bundler/lib/bundler/man/bundle-config.1 +20 -211
  73. data/bundler/lib/bundler/man/bundle-config.1.ronn +6 -0
  74. data/bundler/lib/bundler/man/bundle-console.1 +4 -22
  75. data/bundler/lib/bundler/man/bundle-doctor.1 +4 -18
  76. data/bundler/lib/bundler/man/bundle-exec.1 +12 -73
  77. data/bundler/lib/bundler/man/bundle-gem.1 +13 -49
  78. data/bundler/lib/bundler/man/bundle-help.1 +3 -7
  79. data/bundler/lib/bundler/man/bundle-info.1 +3 -9
  80. data/bundler/lib/bundler/man/bundle-init.1 +3 -12
  81. data/bundler/lib/bundler/man/bundle-inject.1 +6 -19
  82. data/bundler/lib/bundler/man/bundle-install.1 +27 -125
  83. data/bundler/lib/bundler/man/bundle-install.1.ronn +1 -0
  84. data/bundler/lib/bundler/man/bundle-list.1 +4 -19
  85. data/bundler/lib/bundler/man/bundle-lock.1 +5 -29
  86. data/bundler/lib/bundler/man/bundle-open.1 +7 -27
  87. data/bundler/lib/bundler/man/bundle-outdated.1 +3 -55
  88. data/bundler/lib/bundler/man/bundle-outdated.1.ronn +1 -0
  89. data/bundler/lib/bundler/man/bundle-platform.1 +5 -27
  90. data/bundler/lib/bundler/man/bundle-plugin.1 +3 -29
  91. data/bundler/lib/bundler/man/bundle-pristine.1 +5 -16
  92. data/bundler/lib/bundler/man/bundle-remove.1 +4 -14
  93. data/bundler/lib/bundler/man/bundle-show.1 +3 -10
  94. data/bundler/lib/bundler/man/bundle-update.1 +18 -137
  95. data/bundler/lib/bundler/man/bundle-version.1 +3 -16
  96. data/bundler/lib/bundler/man/bundle-viz.1 +4 -16
  97. data/bundler/lib/bundler/man/bundle.1 +5 -44
  98. data/bundler/lib/bundler/man/gemfile.5 +24 -301
  99. data/bundler/lib/bundler/man/gemfile.5.ronn +4 -0
  100. data/bundler/lib/bundler/match_metadata.rb +4 -0
  101. data/bundler/lib/bundler/match_platform.rb +1 -1
  102. data/bundler/lib/bundler/plugin/api/source.rb +3 -2
  103. data/bundler/lib/bundler/plugin/installer.rb +1 -1
  104. data/bundler/lib/bundler/plugin.rb +3 -3
  105. data/bundler/lib/bundler/resolver/base.rb +1 -1
  106. data/bundler/lib/bundler/resolver/incompatibility.rb +1 -1
  107. data/bundler/lib/bundler/resolver/spec_group.rb +1 -4
  108. data/bundler/lib/bundler/resolver.rb +16 -16
  109. data/bundler/lib/bundler/ruby_dsl.rb +20 -12
  110. data/bundler/lib/bundler/ruby_version.rb +1 -1
  111. data/bundler/lib/bundler/rubygems_ext.rb +24 -50
  112. data/bundler/lib/bundler/rubygems_gem_installer.rb +6 -56
  113. data/bundler/lib/bundler/rubygems_integration.rb +25 -94
  114. data/bundler/lib/bundler/runtime.rb +2 -2
  115. data/bundler/lib/bundler/self_manager.rb +23 -7
  116. data/bundler/lib/bundler/settings.rb +27 -7
  117. data/bundler/lib/bundler/setup.rb +4 -1
  118. data/bundler/lib/bundler/shared_helpers.rb +35 -13
  119. data/bundler/lib/bundler/source/git/git_proxy.rb +15 -15
  120. data/bundler/lib/bundler/source/git.rb +4 -3
  121. data/bundler/lib/bundler/source/metadata.rb +15 -15
  122. data/bundler/lib/bundler/source/path.rb +7 -6
  123. data/bundler/lib/bundler/source/rubygems.rb +21 -14
  124. data/bundler/lib/bundler/source.rb +2 -0
  125. data/bundler/lib/bundler/spec_set.rb +38 -10
  126. data/bundler/lib/bundler/stub_specification.rb +1 -0
  127. data/bundler/lib/bundler/templates/Executable.bundler +1 -1
  128. data/bundler/lib/bundler/templates/newgem/README.md.tt +3 -3
  129. data/bundler/lib/bundler/templates/newgem/Rakefile.tt +2 -6
  130. data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +1 -1
  131. data/bundler/lib/bundler/templates/newgem/standard.yml.tt +1 -1
  132. data/bundler/lib/bundler/ui/shell.rb +1 -1
  133. data/bundler/lib/bundler/vendor/connection_pool/.document +1 -0
  134. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
  135. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +53 -6
  136. data/bundler/lib/bundler/vendor/fileutils/.document +1 -0
  137. data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +8 -20
  138. data/bundler/lib/bundler/vendor/net-http-persistent/.document +1 -0
  139. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +3 -3
  140. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +2 -2
  141. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +1 -1
  142. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +34 -34
  143. data/bundler/lib/bundler/vendor/pub_grub/.document +1 -0
  144. data/bundler/lib/bundler/vendor/thor/.document +1 -0
  145. data/bundler/lib/bundler/vendor/tsort/.document +1 -0
  146. data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +3 -0
  147. data/bundler/lib/bundler/vendor/uri/.document +1 -0
  148. data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +256 -132
  149. data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1 -0
  150. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +95 -31
  151. data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
  152. data/bundler/lib/bundler/vendored_net_http.rb +8 -0
  153. data/bundler/lib/bundler/vendored_persistent.rb +0 -4
  154. data/bundler/lib/bundler/vendored_timeout.rb +8 -0
  155. data/bundler/lib/bundler/version.rb +1 -1
  156. data/bundler/lib/bundler/vlad.rb +1 -1
  157. data/bundler/lib/bundler/yaml_serializer.rb +3 -3
  158. data/bundler/lib/bundler.rb +41 -32
  159. data/lib/rubygems/available_set.rb +4 -4
  160. data/lib/rubygems/basic_specification.rb +35 -37
  161. data/lib/rubygems/bundler_version_finder.rb +4 -4
  162. data/lib/rubygems/ci_detector.rb +75 -0
  163. data/lib/rubygems/command.rb +13 -15
  164. data/lib/rubygems/command_manager.rb +5 -4
  165. data/lib/rubygems/commands/build_command.rb +2 -2
  166. data/lib/rubygems/commands/cert_command.rb +1 -2
  167. data/lib/rubygems/commands/check_command.rb +4 -4
  168. data/lib/rubygems/commands/cleanup_command.rb +12 -14
  169. data/lib/rubygems/commands/contents_command.rb +4 -4
  170. data/lib/rubygems/commands/dependency_command.rb +4 -5
  171. data/lib/rubygems/commands/environment_command.rb +1 -3
  172. data/lib/rubygems/commands/exec_command.rb +1 -1
  173. data/lib/rubygems/commands/fetch_command.rb +2 -2
  174. data/lib/rubygems/commands/generate_index_command.rb +39 -74
  175. data/lib/rubygems/commands/help_command.rb +3 -3
  176. data/lib/rubygems/commands/info_command.rb +2 -2
  177. data/lib/rubygems/commands/install_command.rb +8 -16
  178. data/lib/rubygems/commands/list_command.rb +2 -2
  179. data/lib/rubygems/commands/lock_command.rb +1 -1
  180. data/lib/rubygems/commands/open_command.rb +1 -1
  181. data/lib/rubygems/commands/owner_command.rb +1 -1
  182. data/lib/rubygems/commands/pristine_command.rb +13 -15
  183. data/lib/rubygems/commands/push_command.rb +2 -2
  184. data/lib/rubygems/commands/query_command.rb +4 -5
  185. data/lib/rubygems/commands/rdoc_command.rb +2 -2
  186. data/lib/rubygems/commands/search_command.rb +2 -2
  187. data/lib/rubygems/commands/setup_command.rb +31 -34
  188. data/lib/rubygems/commands/sources_command.rb +12 -12
  189. data/lib/rubygems/commands/specification_command.rb +10 -10
  190. data/lib/rubygems/commands/stale_command.rb +1 -1
  191. data/lib/rubygems/commands/uninstall_command.rb +9 -10
  192. data/lib/rubygems/commands/unpack_command.rb +4 -4
  193. data/lib/rubygems/commands/update_command.rb +10 -12
  194. data/lib/rubygems/commands/which_command.rb +1 -1
  195. data/lib/rubygems/commands/yank_command.rb +1 -1
  196. data/lib/rubygems/compatibility.rb +5 -6
  197. data/lib/rubygems/config_file.rb +4 -4
  198. data/lib/rubygems/core_ext/kernel_gem.rb +0 -2
  199. data/lib/rubygems/core_ext/kernel_require.rb +19 -48
  200. data/lib/rubygems/core_ext/kernel_warn.rb +1 -1
  201. data/lib/rubygems/core_ext/tcpsocket_init.rb +1 -1
  202. data/lib/rubygems/defaults.rb +15 -3
  203. data/lib/rubygems/dependency.rb +12 -14
  204. data/lib/rubygems/dependency_installer.rb +29 -30
  205. data/lib/rubygems/dependency_list.rb +1 -1
  206. data/lib/rubygems/deprecate.rb +16 -15
  207. data/lib/rubygems/doctor.rb +5 -5
  208. data/lib/rubygems/errors.rb +2 -6
  209. data/lib/rubygems/exceptions.rb +2 -1
  210. data/lib/rubygems/ext/builder.rb +15 -10
  211. data/lib/rubygems/ext/cargo_builder.rb +5 -5
  212. data/lib/rubygems/ext/ext_conf_builder.rb +1 -3
  213. data/lib/rubygems/gem_runner.rb +4 -4
  214. data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +3 -3
  215. data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +3 -3
  216. data/lib/rubygems/gemcutter_utilities.rb +18 -19
  217. data/lib/rubygems/install_update_options.rb +18 -19
  218. data/lib/rubygems/installer.rb +59 -33
  219. data/lib/rubygems/installer_uninstaller_utils.rb +0 -2
  220. data/lib/rubygems/local_remote_options.rb +7 -10
  221. data/lib/rubygems/name_tuple.rb +7 -9
  222. data/lib/rubygems/net/http.rb +3 -0
  223. data/lib/rubygems/net-http/.document +1 -0
  224. data/lib/rubygems/net-http/LICENSE.txt +22 -0
  225. data/lib/rubygems/net-http/lib/net/http/backward.rb +40 -0
  226. data/lib/rubygems/net-http/lib/net/http/exceptions.rb +34 -0
  227. data/lib/rubygems/net-http/lib/net/http/generic_request.rb +414 -0
  228. data/lib/rubygems/net-http/lib/net/http/header.rb +981 -0
  229. data/lib/rubygems/net-http/lib/net/http/proxy_delta.rb +17 -0
  230. data/lib/rubygems/net-http/lib/net/http/request.rb +88 -0
  231. data/lib/rubygems/net-http/lib/net/http/requests.rb +425 -0
  232. data/lib/rubygems/net-http/lib/net/http/response.rb +738 -0
  233. data/lib/rubygems/net-http/lib/net/http/responses.rb +1174 -0
  234. data/lib/rubygems/net-http/lib/net/http/status.rb +84 -0
  235. data/lib/rubygems/net-http/lib/net/http.rb +2496 -0
  236. data/lib/rubygems/net-http/lib/net/https.rb +23 -0
  237. data/lib/rubygems/net-protocol/.document +1 -0
  238. data/lib/rubygems/net-protocol/LICENSE.txt +22 -0
  239. data/lib/rubygems/net-protocol/lib/net/protocol.rb +544 -0
  240. data/lib/rubygems/optparse/lib/optparse.rb +39 -17
  241. data/lib/rubygems/package/old.rb +2 -2
  242. data/lib/rubygems/package/tar_header.rb +45 -39
  243. data/lib/rubygems/package/tar_reader/entry.rb +5 -4
  244. data/lib/rubygems/package/tar_reader.rb +5 -3
  245. data/lib/rubygems/package/tar_writer.rb +19 -17
  246. data/lib/rubygems/package.rb +27 -26
  247. data/lib/rubygems/package_task.rb +2 -2
  248. data/lib/rubygems/path_support.rb +9 -10
  249. data/lib/rubygems/platform.rb +60 -45
  250. data/lib/rubygems/query_utils.rb +7 -9
  251. data/lib/rubygems/remote_fetcher.rb +15 -15
  252. data/lib/rubygems/request/connection_pools.rb +3 -3
  253. data/lib/rubygems/request.rb +20 -17
  254. data/lib/rubygems/request_set/gem_dependency_api.rb +119 -122
  255. data/lib/rubygems/request_set/lockfile/parser.rb +9 -9
  256. data/lib/rubygems/request_set/lockfile/tokenizer.rb +20 -12
  257. data/lib/rubygems/request_set/lockfile.rb +6 -11
  258. data/lib/rubygems/request_set.rb +5 -5
  259. data/lib/rubygems/requirement.rb +7 -7
  260. data/lib/rubygems/resolv/.document +1 -0
  261. data/lib/rubygems/resolv/LICENSE.txt +22 -0
  262. data/lib/rubygems/resolv/lib/resolv.rb +3387 -0
  263. data/lib/rubygems/resolver/activation_request.rb +1 -3
  264. data/lib/rubygems/resolver/api_set/gem_parser.rb +7 -3
  265. data/lib/rubygems/resolver/best_set.rb +1 -1
  266. data/lib/rubygems/resolver/composed_set.rb +1 -1
  267. data/lib/rubygems/resolver/conflict.rb +4 -12
  268. data/lib/rubygems/resolver/index_set.rb +4 -4
  269. data/lib/rubygems/resolver/index_specification.rb +2 -2
  270. data/lib/rubygems/resolver/installer_set.rb +5 -6
  271. data/lib/rubygems/resolver/lock_set.rb +1 -1
  272. data/lib/rubygems/resolver/molinillo/.document +1 -0
  273. data/lib/rubygems/resolver.rb +3 -10
  274. data/lib/rubygems/s3_uri_signer.rb +6 -6
  275. data/lib/rubygems/safe_marshal/elements.rb +138 -0
  276. data/lib/rubygems/safe_marshal/reader.rb +306 -0
  277. data/lib/rubygems/safe_marshal/visitors/stream_printer.rb +31 -0
  278. data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +385 -0
  279. data/lib/rubygems/safe_marshal/visitors/visitor.rb +74 -0
  280. data/lib/rubygems/safe_marshal.rb +74 -0
  281. data/lib/rubygems/safe_yaml.rb +5 -28
  282. data/lib/rubygems/security/policies.rb +36 -38
  283. data/lib/rubygems/security/policy.rb +7 -11
  284. data/lib/rubygems/security/signer.rb +1 -1
  285. data/lib/rubygems/security/trust_dir.rb +3 -3
  286. data/lib/rubygems/security.rb +8 -22
  287. data/lib/rubygems/source/git.rb +1 -3
  288. data/lib/rubygems/source/installed.rb +0 -2
  289. data/lib/rubygems/source/local.rb +5 -8
  290. data/lib/rubygems/source/lock.rb +1 -3
  291. data/lib/rubygems/source/specific_file.rb +0 -1
  292. data/lib/rubygems/source/vendor.rb +0 -2
  293. data/lib/rubygems/source.rb +12 -12
  294. data/lib/rubygems/source_list.rb +4 -4
  295. data/lib/rubygems/spec_fetcher.rb +29 -29
  296. data/lib/rubygems/specification.rb +125 -138
  297. data/lib/rubygems/specification_policy.rb +55 -25
  298. data/lib/rubygems/stub_specification.rb +4 -5
  299. data/lib/rubygems/text.rb +1 -2
  300. data/lib/rubygems/timeout/.document +1 -0
  301. data/lib/rubygems/timeout/LICENSE.txt +22 -0
  302. data/lib/rubygems/timeout/lib/timeout.rb +199 -0
  303. data/lib/rubygems/timeout.rb +3 -0
  304. data/lib/rubygems/tsort/lib/tsort.rb +3 -0
  305. data/lib/rubygems/uninstaller.rb +7 -9
  306. data/lib/rubygems/update_suggestion.rb +5 -18
  307. data/lib/rubygems/uri_formatter.rb +1 -1
  308. data/lib/rubygems/user_interaction.rb +15 -21
  309. data/lib/rubygems/util/licenses.rb +65 -35
  310. data/lib/rubygems/util/list.rb +3 -1
  311. data/lib/rubygems/util.rb +2 -4
  312. data/lib/rubygems/validator.rb +5 -3
  313. data/lib/rubygems/version.rb +34 -28
  314. data/lib/rubygems/version_option.rb +2 -5
  315. data/lib/rubygems/yaml_serializer.rb +3 -3
  316. data/lib/rubygems.rb +37 -37
  317. data/rubygems-update.gemspec +4 -4
  318. data/setup.rb +2 -2
  319. metadata +50 -225
  320. data/lib/rubygems/indexer.rb +0 -428
  321. data/lib/rubygems/mock_gem_ui.rb +0 -86
  322. data/test/rubygems/alternate_cert.pem +0 -19
  323. data/test/rubygems/alternate_cert_32.pem +0 -19
  324. data/test/rubygems/alternate_key.pem +0 -27
  325. data/test/rubygems/bad_rake.rb +0 -3
  326. data/test/rubygems/bundler_test_gem.rb +0 -424
  327. data/test/rubygems/ca_cert.pem +0 -77
  328. data/test/rubygems/child_cert.pem +0 -19
  329. data/test/rubygems/child_cert_32.pem +0 -19
  330. data/test/rubygems/child_key.pem +0 -27
  331. data/test/rubygems/client.pem +0 -107
  332. data/test/rubygems/data/excon-0.7.7.gemspec.rz +0 -0
  333. data/test/rubygems/data/gem-private_key.pem +0 -27
  334. data/test/rubygems/data/gem-public_cert.pem +0 -20
  335. data/test/rubygems/data/null-required-ruby-version.gemspec.rz +0 -0
  336. data/test/rubygems/data/null-required-rubygems-version.gemspec.rz +0 -0
  337. data/test/rubygems/data/pry-0.4.7.gemspec.rz +0 -0
  338. data/test/rubygems/encrypted_private_key.pem +0 -30
  339. data/test/rubygems/expired_cert.pem +0 -19
  340. data/test/rubygems/fake_certlib/openssl.rb +0 -9
  341. data/test/rubygems/foo/discover.rb +0 -1
  342. data/test/rubygems/future_cert.pem +0 -19
  343. data/test/rubygems/future_cert_32.pem +0 -19
  344. data/test/rubygems/good_rake.rb +0 -3
  345. data/test/rubygems/grandchild_cert.pem +0 -19
  346. data/test/rubygems/grandchild_cert_32.pem +0 -19
  347. data/test/rubygems/grandchild_key.pem +0 -27
  348. data/test/rubygems/helper.rb +0 -1649
  349. data/test/rubygems/installer_test_case.rb +0 -248
  350. data/test/rubygems/invalid_client.pem +0 -49
  351. data/test/rubygems/invalid_issuer_cert.pem +0 -20
  352. data/test/rubygems/invalid_issuer_cert_32.pem +0 -20
  353. data/test/rubygems/invalid_key.pem +0 -27
  354. data/test/rubygems/invalid_signer_cert.pem +0 -19
  355. data/test/rubygems/invalid_signer_cert_32.pem +0 -19
  356. data/test/rubygems/invalidchild_cert.pem +0 -19
  357. data/test/rubygems/invalidchild_cert_32.pem +0 -19
  358. data/test/rubygems/invalidchild_key.pem +0 -27
  359. data/test/rubygems/multifactor_auth_utilities.rb +0 -111
  360. data/test/rubygems/package/tar_test_case.rb +0 -175
  361. data/test/rubygems/packages/Bluebie-legs-0.6.2.gem +0 -0
  362. data/test/rubygems/packages/ascii_binder-0.1.10.1.gem +0 -0
  363. data/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem +0 -0
  364. data/test/rubygems/plugin/exception/rubygems_plugin.rb +0 -4
  365. data/test/rubygems/plugin/load/rubygems_plugin.rb +0 -5
  366. data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +0 -4
  367. data/test/rubygems/private3072_key.pem +0 -40
  368. data/test/rubygems/private_ec_key.pem +0 -9
  369. data/test/rubygems/private_key.pem +0 -27
  370. data/test/rubygems/public3072_cert.pem +0 -25
  371. data/test/rubygems/public_cert.pem +0 -20
  372. data/test/rubygems/public_cert_32.pem +0 -19
  373. data/test/rubygems/public_key.pem +0 -9
  374. data/test/rubygems/rubygems/commands/crash_command.rb +0 -5
  375. data/test/rubygems/rubygems_plugin.rb +0 -24
  376. data/test/rubygems/sff/discover.rb +0 -1
  377. data/test/rubygems/simple_gem.rb +0 -68
  378. data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -9
  379. data/test/rubygems/specifications/foo-0.0.1-x86-mswin32.gemspec +0 -0
  380. data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +0 -14
  381. data/test/rubygems/ssl_cert.pem +0 -80
  382. data/test/rubygems/ssl_key.pem +0 -27
  383. data/test/rubygems/test_bundled_ca.rb +0 -61
  384. data/test/rubygems/test_config.rb +0 -28
  385. data/test/rubygems/test_deprecate.rb +0 -158
  386. data/test/rubygems/test_exit.rb +0 -17
  387. data/test/rubygems/test_gem.rb +0 -1799
  388. data/test/rubygems/test_gem_available_set.rb +0 -130
  389. data/test/rubygems/test_gem_bundler_version_finder.rb +0 -127
  390. data/test/rubygems/test_gem_command.rb +0 -403
  391. data/test/rubygems/test_gem_command_manager.rb +0 -400
  392. data/test/rubygems/test_gem_commands_build_command.rb +0 -739
  393. data/test/rubygems/test_gem_commands_cert_command.rb +0 -866
  394. data/test/rubygems/test_gem_commands_check_command.rb +0 -68
  395. data/test/rubygems/test_gem_commands_cleanup_command.rb +0 -292
  396. data/test/rubygems/test_gem_commands_contents_command.rb +0 -271
  397. data/test/rubygems/test_gem_commands_dependency_command.rb +0 -228
  398. data/test/rubygems/test_gem_commands_environment_command.rb +0 -169
  399. data/test/rubygems/test_gem_commands_exec_command.rb +0 -857
  400. data/test/rubygems/test_gem_commands_fetch_command.rb +0 -258
  401. data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -81
  402. data/test/rubygems/test_gem_commands_help_command.rb +0 -94
  403. data/test/rubygems/test_gem_commands_info_command.rb +0 -70
  404. data/test/rubygems/test_gem_commands_install_command.rb +0 -1573
  405. data/test/rubygems/test_gem_commands_list_command.rb +0 -33
  406. data/test/rubygems/test_gem_commands_lock_command.rb +0 -67
  407. data/test/rubygems/test_gem_commands_mirror.rb +0 -20
  408. data/test/rubygems/test_gem_commands_open_command.rb +0 -101
  409. data/test/rubygems/test_gem_commands_outdated_command.rb +0 -50
  410. data/test/rubygems/test_gem_commands_owner_command.rb +0 -503
  411. data/test/rubygems/test_gem_commands_pristine_command.rb +0 -708
  412. data/test/rubygems/test_gem_commands_push_command.rb +0 -603
  413. data/test/rubygems/test_gem_commands_query_command.rb +0 -858
  414. data/test/rubygems/test_gem_commands_search_command.rb +0 -16
  415. data/test/rubygems/test_gem_commands_server_command.rb +0 -20
  416. data/test/rubygems/test_gem_commands_setup_command.rb +0 -474
  417. data/test/rubygems/test_gem_commands_signin_command.rb +0 -259
  418. data/test/rubygems/test_gem_commands_signout_command.rb +0 -30
  419. data/test/rubygems/test_gem_commands_sources_command.rb +0 -534
  420. data/test/rubygems/test_gem_commands_specification_command.rb +0 -277
  421. data/test/rubygems/test_gem_commands_stale_command.rb +0 -43
  422. data/test/rubygems/test_gem_commands_uninstall_command.rb +0 -542
  423. data/test/rubygems/test_gem_commands_unpack_command.rb +0 -224
  424. data/test/rubygems/test_gem_commands_update_command.rb +0 -836
  425. data/test/rubygems/test_gem_commands_which_command.rb +0 -85
  426. data/test/rubygems/test_gem_commands_yank_command.rb +0 -299
  427. data/test/rubygems/test_gem_config_file.rb +0 -551
  428. data/test/rubygems/test_gem_dependency.rb +0 -398
  429. data/test/rubygems/test_gem_dependency_installer.rb +0 -1190
  430. data/test/rubygems/test_gem_dependency_list.rb +0 -265
  431. data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -27
  432. data/test/rubygems/test_gem_doctor.rb +0 -195
  433. data/test/rubygems/test_gem_ext_builder.rb +0 -337
  434. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/.gitignore +0 -1
  435. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +0 -10
  436. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock +0 -249
  437. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.toml +0 -10
  438. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/src/lib.rs +0 -27
  439. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +0 -3
  440. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/.gitignore +0 -1
  441. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock +0 -249
  442. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.toml +0 -10
  443. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +0 -10
  444. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/src/lib.rs +0 -51
  445. data/test/rubygems/test_gem_ext_cargo_builder.rb +0 -167
  446. data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +0 -34
  447. data/test/rubygems/test_gem_ext_cargo_builder_unit.rb +0 -60
  448. data/test/rubygems/test_gem_ext_cmake_builder.rb +0 -84
  449. data/test/rubygems/test_gem_ext_configure_builder.rb +0 -80
  450. data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -229
  451. data/test/rubygems/test_gem_ext_rake_builder.rb +0 -113
  452. data/test/rubygems/test_gem_gem_runner.rb +0 -119
  453. data/test/rubygems/test_gem_gemcutter_utilities.rb +0 -361
  454. data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -60
  455. data/test/rubygems/test_gem_indexer.rb +0 -381
  456. data/test/rubygems/test_gem_install_update_options.rb +0 -208
  457. data/test/rubygems/test_gem_installer.rb +0 -2512
  458. data/test/rubygems/test_gem_local_remote_options.rb +0 -133
  459. data/test/rubygems/test_gem_name_tuple.rb +0 -43
  460. data/test/rubygems/test_gem_package.rb +0 -1306
  461. data/test/rubygems/test_gem_package_old.rb +0 -91
  462. data/test/rubygems/test_gem_package_tar_header.rb +0 -226
  463. data/test/rubygems/test_gem_package_tar_reader.rb +0 -150
  464. data/test/rubygems/test_gem_package_tar_reader_entry.rb +0 -350
  465. data/test/rubygems/test_gem_package_tar_writer.rb +0 -331
  466. data/test/rubygems/test_gem_package_task.rb +0 -118
  467. data/test/rubygems/test_gem_path_support.rb +0 -139
  468. data/test/rubygems/test_gem_platform.rb +0 -497
  469. data/test/rubygems/test_gem_rdoc.rb +0 -137
  470. data/test/rubygems/test_gem_remote_fetcher.rb +0 -1227
  471. data/test/rubygems/test_gem_request.rb +0 -547
  472. data/test/rubygems/test_gem_request_connection_pools.rb +0 -152
  473. data/test/rubygems/test_gem_request_set.rb +0 -672
  474. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +0 -853
  475. data/test/rubygems/test_gem_request_set_lockfile.rb +0 -469
  476. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +0 -544
  477. data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +0 -307
  478. data/test/rubygems/test_gem_requirement.rb +0 -505
  479. data/test/rubygems/test_gem_resolver.rb +0 -859
  480. data/test/rubygems/test_gem_resolver_activation_request.rb +0 -43
  481. data/test/rubygems/test_gem_resolver_api_set.rb +0 -210
  482. data/test/rubygems/test_gem_resolver_api_specification.rb +0 -167
  483. data/test/rubygems/test_gem_resolver_best_set.rb +0 -159
  484. data/test/rubygems/test_gem_resolver_composed_set.rb +0 -44
  485. data/test/rubygems/test_gem_resolver_conflict.rb +0 -82
  486. data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -83
  487. data/test/rubygems/test_gem_resolver_git_set.rb +0 -188
  488. data/test/rubygems/test_gem_resolver_git_specification.rb +0 -114
  489. data/test/rubygems/test_gem_resolver_index_set.rb +0 -88
  490. data/test/rubygems/test_gem_resolver_index_specification.rb +0 -93
  491. data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -47
  492. data/test/rubygems/test_gem_resolver_installer_set.rb +0 -320
  493. data/test/rubygems/test_gem_resolver_local_specification.rb +0 -44
  494. data/test/rubygems/test_gem_resolver_lock_set.rb +0 -62
  495. data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -98
  496. data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -19
  497. data/test/rubygems/test_gem_resolver_specification.rb +0 -63
  498. data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -82
  499. data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -82
  500. data/test/rubygems/test_gem_security.rb +0 -341
  501. data/test/rubygems/test_gem_security_policy.rb +0 -535
  502. data/test/rubygems/test_gem_security_signer.rb +0 -218
  503. data/test/rubygems/test_gem_security_trust_dir.rb +0 -99
  504. data/test/rubygems/test_gem_silent_ui.rb +0 -123
  505. data/test/rubygems/test_gem_source.rb +0 -254
  506. data/test/rubygems/test_gem_source_fetch_problem.rb +0 -37
  507. data/test/rubygems/test_gem_source_git.rb +0 -310
  508. data/test/rubygems/test_gem_source_installed.rb +0 -35
  509. data/test/rubygems/test_gem_source_list.rb +0 -119
  510. data/test/rubygems/test_gem_source_local.rb +0 -107
  511. data/test/rubygems/test_gem_source_lock.rb +0 -113
  512. data/test/rubygems/test_gem_source_specific_file.rb +0 -76
  513. data/test/rubygems/test_gem_source_subpath_problem.rb +0 -50
  514. data/test/rubygems/test_gem_source_vendor.rb +0 -30
  515. data/test/rubygems/test_gem_spec_fetcher.rb +0 -338
  516. data/test/rubygems/test_gem_specification.rb +0 -3856
  517. data/test/rubygems/test_gem_stream_ui.rb +0 -255
  518. data/test/rubygems/test_gem_stub_specification.rb +0 -278
  519. data/test/rubygems/test_gem_text.rb +0 -103
  520. data/test/rubygems/test_gem_uninstaller.rb +0 -675
  521. data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -31
  522. data/test/rubygems/test_gem_update_suggestion.rb +0 -209
  523. data/test/rubygems/test_gem_uri.rb +0 -41
  524. data/test/rubygems/test_gem_uri_formatter.rb +0 -27
  525. data/test/rubygems/test_gem_util.rb +0 -91
  526. data/test/rubygems/test_gem_validator.rb +0 -42
  527. data/test/rubygems/test_gem_version.rb +0 -305
  528. data/test/rubygems/test_gem_version_option.rb +0 -165
  529. data/test/rubygems/test_kernel.rb +0 -124
  530. data/test/rubygems/test_project_sanity.rb +0 -49
  531. data/test/rubygems/test_remote_fetch_error.rb +0 -20
  532. data/test/rubygems/test_require.rb +0 -732
  533. data/test/rubygems/test_rubygems.rb +0 -76
  534. data/test/rubygems/test_webauthn_listener.rb +0 -143
  535. data/test/rubygems/test_webauthn_listener_response.rb +0 -93
  536. data/test/rubygems/test_webauthn_poller.rb +0 -124
  537. data/test/rubygems/utilities.rb +0 -436
  538. data/test/rubygems/wrong_key_cert.pem +0 -19
  539. data/test/rubygems/wrong_key_cert_32.pem +0 -19
  540. data/test/test_changelog_generator.rb +0 -17
@@ -0,0 +1,306 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "elements"
4
+
5
+ module Gem
6
+ module SafeMarshal
7
+ class Reader
8
+ class Error < StandardError
9
+ end
10
+
11
+ class UnsupportedVersionError < Error
12
+ end
13
+
14
+ class UnconsumedBytesError < Error
15
+ end
16
+
17
+ class NotImplementedError < Error
18
+ end
19
+
20
+ class EOFError < Error
21
+ end
22
+
23
+ def initialize(io)
24
+ @io = io
25
+ end
26
+
27
+ def read!
28
+ read_header
29
+ root = read_element
30
+ raise UnconsumedBytesError unless @io.eof?
31
+ root
32
+ end
33
+
34
+ private
35
+
36
+ MARSHAL_VERSION = [Marshal::MAJOR_VERSION, Marshal::MINOR_VERSION].map(&:chr).join.freeze
37
+ private_constant :MARSHAL_VERSION
38
+
39
+ def read_header
40
+ v = @io.read(2)
41
+ raise UnsupportedVersionError, "Unsupported marshal version #{v.bytes.map(&:ord).join(".")}, expected #{Marshal::MAJOR_VERSION}.#{Marshal::MINOR_VERSION}" unless v == MARSHAL_VERSION
42
+ end
43
+
44
+ def read_byte
45
+ @io.getbyte
46
+ end
47
+
48
+ def read_integer
49
+ b = read_byte
50
+
51
+ case b
52
+ when 0x00
53
+ 0
54
+ when 0x01
55
+ read_byte
56
+ when 0x02
57
+ read_byte | (read_byte << 8)
58
+ when 0x03
59
+ read_byte | (read_byte << 8) | (read_byte << 16)
60
+ when 0x04
61
+ read_byte | (read_byte << 8) | (read_byte << 16) | (read_byte << 24)
62
+ when 0xFC
63
+ read_byte | (read_byte << 8) | (read_byte << 16) | (read_byte << 24) | -0x100000000
64
+ when 0xFD
65
+ read_byte | (read_byte << 8) | (read_byte << 16) | -0x1000000
66
+ when 0xFE
67
+ read_byte | (read_byte << 8) | -0x10000
68
+ when 0xFF
69
+ read_byte | -0x100
70
+ when nil
71
+ raise EOFError, "Unexpected EOF"
72
+ else
73
+ signed = (b ^ 128) - 128
74
+ if b >= 128
75
+ signed + 5
76
+ else
77
+ signed - 5
78
+ end
79
+ end
80
+ end
81
+
82
+ def read_element
83
+ type = read_byte
84
+ case type
85
+ when 34 then read_string # ?"
86
+ when 48 then read_nil # ?0
87
+ when 58 then read_symbol # ?:
88
+ when 59 then read_symbol_link # ?;
89
+ when 64 then read_object_link # ?@
90
+ when 70 then read_false # ?F
91
+ when 73 then read_object_with_ivars # ?I
92
+ when 84 then read_true # ?T
93
+ when 85 then read_user_marshal # ?U
94
+ when 91 then read_array # ?[
95
+ when 102 then read_float # ?f
96
+ when 105 then Elements::Integer.new(read_integer) # ?i
97
+ when 108 then read_bignum # ?l
98
+ when 111 then read_object # ?o
99
+ when 117 then read_user_defined # ?u
100
+ when 123 then read_hash # ?{
101
+ when 125 then read_hash_with_default_value # ?}
102
+ when 101 then read_extended_object # ?e
103
+ when 99 then read_class # ?c
104
+ when 109 then read_module # ?m
105
+ when 77 then read_class_or_module # ?M
106
+ when 100 then read_data # ?d
107
+ when 47 then read_regexp # ?/
108
+ when 83 then read_struct # ?S
109
+ when 67 then read_user_class # ?C
110
+ when nil
111
+ raise EOFError, "Unexpected EOF"
112
+ else
113
+ raise Error, "Unknown marshal type discriminator #{type.chr.inspect} (#{type})"
114
+ end
115
+ end
116
+
117
+ STRING_E_SYMBOL = Elements::Symbol.new("E").freeze
118
+ private_constant :STRING_E_SYMBOL
119
+
120
+ def read_symbol
121
+ len = read_integer
122
+ if len == 1
123
+ byte = read_byte
124
+ if byte == 69 # ?E
125
+ STRING_E_SYMBOL
126
+ else
127
+ Elements::Symbol.new(byte.chr)
128
+ end
129
+ else
130
+ name = -@io.read(len)
131
+ Elements::Symbol.new(name)
132
+ end
133
+ end
134
+
135
+ EMPTY_STRING = Elements::String.new("".b.freeze).freeze
136
+ private_constant :EMPTY_STRING
137
+
138
+ def read_string
139
+ length = read_integer
140
+ return EMPTY_STRING if length == 0
141
+ str = @io.read(length)
142
+ Elements::String.new(str)
143
+ end
144
+
145
+ def read_true
146
+ Elements::True::TRUE
147
+ end
148
+
149
+ def read_false
150
+ Elements::False::FALSE
151
+ end
152
+
153
+ def read_user_defined
154
+ name = read_element
155
+ binary_string = @io.read(read_integer)
156
+ Elements::UserDefined.new(name, binary_string)
157
+ end
158
+
159
+ EMPTY_ARRAY = Elements::Array.new([].freeze).freeze
160
+ private_constant :EMPTY_ARRAY
161
+
162
+ def read_array
163
+ length = read_integer
164
+ return EMPTY_ARRAY if length == 0
165
+ elements = Array.new(length) do
166
+ read_element
167
+ end
168
+ Elements::Array.new(elements)
169
+ end
170
+
171
+ def read_object_with_ivars
172
+ object = read_element
173
+ ivars = Array.new(read_integer) do
174
+ [read_element, read_element]
175
+ end
176
+ Elements::WithIvars.new(object, ivars)
177
+ end
178
+
179
+ def read_symbol_link
180
+ offset = read_integer
181
+ Elements::SymbolLink.new(offset)
182
+ end
183
+
184
+ def read_user_marshal
185
+ name = read_element
186
+ data = read_element
187
+ Elements::UserMarshal.new(name, data)
188
+ end
189
+
190
+ # profiling bundle install --full-index shows that
191
+ # offset 6 is by far the most common object link,
192
+ # so we special case it to avoid allocating a new
193
+ # object a third of the time.
194
+ # the following are all the object links that
195
+ # appear more than 10000 times in my profiling
196
+
197
+ OBJECT_LINKS = {
198
+ 6 => Elements::ObjectLink.new(6).freeze,
199
+ 30 => Elements::ObjectLink.new(30).freeze,
200
+ 81 => Elements::ObjectLink.new(81).freeze,
201
+ 34 => Elements::ObjectLink.new(34).freeze,
202
+ 38 => Elements::ObjectLink.new(38).freeze,
203
+ 50 => Elements::ObjectLink.new(50).freeze,
204
+ 91 => Elements::ObjectLink.new(91).freeze,
205
+ 42 => Elements::ObjectLink.new(42).freeze,
206
+ 46 => Elements::ObjectLink.new(46).freeze,
207
+ 150 => Elements::ObjectLink.new(150).freeze,
208
+ 100 => Elements::ObjectLink.new(100).freeze,
209
+ 104 => Elements::ObjectLink.new(104).freeze,
210
+ 108 => Elements::ObjectLink.new(108).freeze,
211
+ 242 => Elements::ObjectLink.new(242).freeze,
212
+ 246 => Elements::ObjectLink.new(246).freeze,
213
+ 139 => Elements::ObjectLink.new(139).freeze,
214
+ 143 => Elements::ObjectLink.new(143).freeze,
215
+ 114 => Elements::ObjectLink.new(114).freeze,
216
+ 308 => Elements::ObjectLink.new(308).freeze,
217
+ 200 => Elements::ObjectLink.new(200).freeze,
218
+ 54 => Elements::ObjectLink.new(54).freeze,
219
+ 62 => Elements::ObjectLink.new(62).freeze,
220
+ 1_286_245 => Elements::ObjectLink.new(1_286_245).freeze,
221
+ }.freeze
222
+ private_constant :OBJECT_LINKS
223
+
224
+ def read_object_link
225
+ offset = read_integer
226
+ OBJECT_LINKS[offset] || Elements::ObjectLink.new(offset)
227
+ end
228
+
229
+ EMPTY_HASH = Elements::Hash.new([].freeze).freeze
230
+ private_constant :EMPTY_HASH
231
+
232
+ def read_hash
233
+ length = read_integer
234
+ return EMPTY_HASH if length == 0
235
+ pairs = Array.new(length) do
236
+ [read_element, read_element]
237
+ end
238
+ Elements::Hash.new(pairs)
239
+ end
240
+
241
+ def read_hash_with_default_value
242
+ pairs = Array.new(read_integer) do
243
+ [read_element, read_element]
244
+ end
245
+ default = read_element
246
+ Elements::HashWithDefaultValue.new(pairs, default)
247
+ end
248
+
249
+ def read_object
250
+ name = read_element
251
+ object = Elements::Object.new(name)
252
+ ivars = Array.new(read_integer) do
253
+ [read_element, read_element]
254
+ end
255
+ Elements::WithIvars.new(object, ivars)
256
+ end
257
+
258
+ def read_nil
259
+ Elements::Nil::NIL
260
+ end
261
+
262
+ def read_float
263
+ string = @io.read(read_integer)
264
+ Elements::Float.new(string)
265
+ end
266
+
267
+ def read_bignum
268
+ sign = read_byte
269
+ data = @io.read(read_integer * 2)
270
+ Elements::Bignum.new(sign, data)
271
+ end
272
+
273
+ def read_extended_object
274
+ raise NotImplementedError, "Reading Marshal objects of type extended_object is not implemented"
275
+ end
276
+
277
+ def read_class
278
+ raise NotImplementedError, "Reading Marshal objects of type class is not implemented"
279
+ end
280
+
281
+ def read_module
282
+ raise NotImplementedError, "Reading Marshal objects of type module is not implemented"
283
+ end
284
+
285
+ def read_class_or_module
286
+ raise NotImplementedError, "Reading Marshal objects of type class_or_module is not implemented"
287
+ end
288
+
289
+ def read_data
290
+ raise NotImplementedError, "Reading Marshal objects of type data is not implemented"
291
+ end
292
+
293
+ def read_regexp
294
+ raise NotImplementedError, "Reading Marshal objects of type regexp is not implemented"
295
+ end
296
+
297
+ def read_struct
298
+ raise NotImplementedError, "Reading Marshal objects of type struct is not implemented"
299
+ end
300
+
301
+ def read_user_class
302
+ raise NotImplementedError, "Reading Marshal objects of type user_class is not implemented"
303
+ end
304
+ end
305
+ end
306
+ end
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "visitor"
4
+
5
+ module Gem::SafeMarshal
6
+ module Visitors
7
+ class StreamPrinter < Visitor
8
+ def initialize(io, indent: "")
9
+ @io = io
10
+ @indent = indent
11
+ @level = 0
12
+ end
13
+
14
+ def visit(target)
15
+ @io.write("#{@indent * @level}#{target.class}")
16
+ target.instance_variables.each do |ivar|
17
+ value = target.instance_variable_get(ivar)
18
+ next if Elements::Element === value || Array === value
19
+ @io.write(" #{ivar}=#{value.inspect}")
20
+ end
21
+ @io.write("\n")
22
+ begin
23
+ @level += 1
24
+ super
25
+ ensure
26
+ @level -= 1
27
+ end
28
+ end
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,385 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "visitor"
4
+
5
+ module Gem::SafeMarshal
6
+ module Visitors
7
+ class ToRuby < Visitor
8
+ def initialize(permitted_classes:, permitted_symbols:, permitted_ivars:)
9
+ @permitted_classes = permitted_classes
10
+ @permitted_symbols = ["E"].concat(permitted_symbols).concat(permitted_classes)
11
+ @permitted_ivars = permitted_ivars
12
+
13
+ @objects = []
14
+ @symbols = []
15
+ @class_cache = {}
16
+
17
+ @stack = ["root"]
18
+ @stack_idx = 1
19
+ end
20
+
21
+ def inspect # :nodoc:
22
+ format("#<%s permitted_classes: %p permitted_symbols: %p permitted_ivars: %p>",
23
+ self.class, @permitted_classes, @permitted_symbols, @permitted_ivars)
24
+ end
25
+
26
+ def visit(target)
27
+ stack_idx = @stack_idx
28
+ super
29
+ ensure
30
+ @stack_idx = stack_idx - 1
31
+ end
32
+
33
+ private
34
+
35
+ def push_stack(element)
36
+ @stack[@stack_idx] = element
37
+ @stack_idx += 1
38
+ end
39
+
40
+ def visit_Gem_SafeMarshal_Elements_Array(a)
41
+ array = register_object([])
42
+
43
+ elements = a.elements
44
+ size = elements.size
45
+ idx = 0
46
+ # not idiomatic, but there's a huge number of IMEMOs allocated here, so we avoid the block
47
+ # because this is such a hot path when doing a bundle install with the full index
48
+ until idx == size
49
+ push_stack idx
50
+ array << visit(elements[idx])
51
+ idx += 1
52
+ end
53
+
54
+ array
55
+ end
56
+
57
+ def visit_Gem_SafeMarshal_Elements_Symbol(s)
58
+ name = s.name
59
+ raise UnpermittedSymbolError.new(symbol: name, stack: formatted_stack) unless @permitted_symbols.include?(name)
60
+ visit_symbol_type(s)
61
+ end
62
+
63
+ def map_ivars(klass, ivars)
64
+ stack_idx = @stack_idx
65
+ ivars.map.with_index do |(k, v), i|
66
+ @stack_idx = stack_idx
67
+
68
+ push_stack "ivar_"
69
+ push_stack i
70
+ k = resolve_ivar(klass, k)
71
+
72
+ @stack_idx = stack_idx
73
+ push_stack k
74
+
75
+ next k, visit(v)
76
+ end
77
+ end
78
+
79
+ def visit_Gem_SafeMarshal_Elements_WithIvars(e)
80
+ object_offset = @objects.size
81
+ push_stack "object"
82
+ object = visit(e.object)
83
+ ivars = map_ivars(object.class, e.ivars)
84
+
85
+ case e.object
86
+ when Elements::UserDefined
87
+ if object.class == ::Time
88
+ internal = []
89
+
90
+ ivars.reject! do |k, v|
91
+ case k
92
+ when :offset, :zone, :nano_num, :nano_den, :submicro
93
+ internal << [k, v]
94
+ true
95
+ else
96
+ false
97
+ end
98
+ end
99
+
100
+ s = e.object.binary_string
101
+
102
+ marshal_string = "\x04\bIu:\tTime".b
103
+ marshal_string.concat(s.size + 5)
104
+ marshal_string << s
105
+ marshal_string.concat(internal.size + 5)
106
+
107
+ internal.each do |k, v|
108
+ marshal_string.concat(":")
109
+ marshal_string.concat(k.size + 5)
110
+ marshal_string.concat(k.to_s)
111
+ dumped = Marshal.dump(v)
112
+ dumped[0, 2] = ""
113
+ marshal_string.concat(dumped)
114
+ end
115
+
116
+ object = @objects[object_offset] = Marshal.load(marshal_string)
117
+ end
118
+ when Elements::String
119
+ enc = nil
120
+
121
+ ivars.reject! do |k, v|
122
+ case k
123
+ when :E
124
+ case v
125
+ when TrueClass
126
+ enc = "UTF-8"
127
+ when FalseClass
128
+ enc = "US-ASCII"
129
+ else
130
+ raise FormatError, "Unexpected value for String :E #{v.inspect}"
131
+ end
132
+ when :encoding
133
+ enc = v
134
+ else
135
+ next false
136
+ end
137
+ true
138
+ end
139
+
140
+ object.force_encoding(enc) if enc
141
+ end
142
+
143
+ ivars.each do |k, v|
144
+ object.instance_variable_set k, v
145
+ end
146
+ object
147
+ end
148
+
149
+ def visit_Gem_SafeMarshal_Elements_Hash(o)
150
+ hash = register_object({})
151
+
152
+ o.pairs.each_with_index do |(k, v), i|
153
+ push_stack i
154
+ k = visit(k)
155
+ push_stack k
156
+ hash[k] = visit(v)
157
+ end
158
+
159
+ hash
160
+ end
161
+
162
+ def visit_Gem_SafeMarshal_Elements_HashWithDefaultValue(o)
163
+ hash = visit_Gem_SafeMarshal_Elements_Hash(o)
164
+ push_stack :default
165
+ hash.default = visit(o.default)
166
+ hash
167
+ end
168
+
169
+ def visit_Gem_SafeMarshal_Elements_Object(o)
170
+ register_object(resolve_class(o.name).allocate)
171
+ end
172
+
173
+ def visit_Gem_SafeMarshal_Elements_ObjectLink(o)
174
+ @objects[o.offset]
175
+ end
176
+
177
+ def visit_Gem_SafeMarshal_Elements_SymbolLink(o)
178
+ @symbols[o.offset]
179
+ end
180
+
181
+ def visit_Gem_SafeMarshal_Elements_UserDefined(o)
182
+ register_object(call_method(resolve_class(o.name), :_load, o.binary_string))
183
+ end
184
+
185
+ def visit_Gem_SafeMarshal_Elements_UserMarshal(o)
186
+ klass = resolve_class(o.name)
187
+ compat = COMPAT_CLASSES.fetch(klass, nil)
188
+ idx = @objects.size
189
+ object = register_object(call_method(compat || klass, :allocate))
190
+
191
+ push_stack :data
192
+ ret = call_method(object, :marshal_load, visit(o.data))
193
+
194
+ if compat
195
+ object = @objects[idx] = ret
196
+ end
197
+
198
+ object
199
+ end
200
+
201
+ def visit_Gem_SafeMarshal_Elements_Integer(i)
202
+ i.int
203
+ end
204
+
205
+ def visit_Gem_SafeMarshal_Elements_Nil(_)
206
+ nil
207
+ end
208
+
209
+ def visit_Gem_SafeMarshal_Elements_True(_)
210
+ true
211
+ end
212
+
213
+ def visit_Gem_SafeMarshal_Elements_False(_)
214
+ false
215
+ end
216
+
217
+ def visit_Gem_SafeMarshal_Elements_String(s)
218
+ register_object(+s.str)
219
+ end
220
+
221
+ def visit_Gem_SafeMarshal_Elements_Float(f)
222
+ case f.string
223
+ when "inf"
224
+ ::Float::INFINITY
225
+ when "-inf"
226
+ -::Float::INFINITY
227
+ when "nan"
228
+ ::Float::NAN
229
+ else
230
+ f.string.to_f
231
+ end
232
+ end
233
+
234
+ def visit_Gem_SafeMarshal_Elements_Bignum(b)
235
+ result = 0
236
+ b.data.each_byte.with_index do |byte, exp|
237
+ result += (byte * 2**(exp * 8))
238
+ end
239
+
240
+ case b.sign
241
+ when 43 # ?+
242
+ result
243
+ when 45 # ?-
244
+ -result
245
+ else
246
+ raise FormatError, "Unexpected sign for Bignum #{b.sign.chr.inspect} (#{b.sign})"
247
+ end
248
+ end
249
+
250
+ def resolve_class(n)
251
+ @class_cache[n] ||= begin
252
+ to_s = resolve_symbol_name(n)
253
+ raise UnpermittedClassError.new(name: to_s, stack: formatted_stack) unless @permitted_classes.include?(to_s)
254
+ visit_symbol_type(n)
255
+ begin
256
+ ::Object.const_get(to_s)
257
+ rescue NameError
258
+ raise ArgumentError, "Undefined class #{to_s.inspect}"
259
+ end
260
+ end
261
+ end
262
+
263
+ class RationalCompat
264
+ def marshal_load(s)
265
+ num, den = s
266
+ raise ArgumentError, "Expected 2 ints" unless s.size == 2 && num.is_a?(Integer) && den.is_a?(Integer)
267
+ Rational(num, den)
268
+ end
269
+ end
270
+ private_constant :RationalCompat
271
+
272
+ COMPAT_CLASSES = {}.tap do |h|
273
+ h[Rational] = RationalCompat
274
+ end.compare_by_identity.freeze
275
+ private_constant :COMPAT_CLASSES
276
+
277
+ def resolve_ivar(klass, name)
278
+ to_s = resolve_symbol_name(name)
279
+
280
+ raise UnpermittedIvarError.new(symbol: to_s, klass: klass, stack: formatted_stack) unless @permitted_ivars.fetch(klass.name, [].freeze).include?(to_s)
281
+
282
+ visit_symbol_type(name)
283
+ end
284
+
285
+ def visit_symbol_type(element)
286
+ case element
287
+ when Elements::Symbol
288
+ sym = element.name.to_sym
289
+ @symbols << sym
290
+ sym
291
+ when Elements::SymbolLink
292
+ visit_Gem_SafeMarshal_Elements_SymbolLink(element)
293
+ end
294
+ end
295
+
296
+ # This is a hot method, so avoid respond_to? checks on every invocation
297
+ if :read.respond_to?(:name)
298
+ def resolve_symbol_name(element)
299
+ case element
300
+ when Elements::Symbol
301
+ element.name
302
+ when Elements::SymbolLink
303
+ visit_Gem_SafeMarshal_Elements_SymbolLink(element).name
304
+ else
305
+ raise FormatError, "Expected symbol or symbol link, got #{element.inspect} @ #{formatted_stack.join(".")}"
306
+ end
307
+ end
308
+ else
309
+ def resolve_symbol_name(element)
310
+ case element
311
+ when Elements::Symbol
312
+ element.name
313
+ when Elements::SymbolLink
314
+ visit_Gem_SafeMarshal_Elements_SymbolLink(element).to_s
315
+ else
316
+ raise FormatError, "Expected symbol or symbol link, got #{element.inspect} @ #{formatted_stack.join(".")}"
317
+ end
318
+ end
319
+ end
320
+
321
+ def register_object(o)
322
+ @objects << o
323
+ o
324
+ end
325
+
326
+ def call_method(receiver, method, *args)
327
+ receiver.__send__(method, *args)
328
+ rescue NoMethodError => e
329
+ raise unless e.receiver == receiver
330
+
331
+ raise MethodCallError, "Unable to call #{method.inspect} on #{receiver.inspect}, perhaps it is a class using marshal compat, which is not visible in ruby? #{e}"
332
+ end
333
+
334
+ def formatted_stack
335
+ formatted = []
336
+ @stack[0, @stack_idx].each do |e|
337
+ if e.is_a?(Integer)
338
+ if formatted.last == "ivar_"
339
+ formatted[-1] = "ivar_#{e}"
340
+ else
341
+ formatted << "[#{e}]"
342
+ end
343
+ else
344
+ formatted << e
345
+ end
346
+ end
347
+ formatted
348
+ end
349
+
350
+ class Error < StandardError
351
+ end
352
+
353
+ class UnpermittedSymbolError < Error
354
+ def initialize(symbol:, stack:)
355
+ @symbol = symbol
356
+ @stack = stack
357
+ super "Attempting to load unpermitted symbol #{symbol.inspect} @ #{stack.join "."}"
358
+ end
359
+ end
360
+
361
+ class UnpermittedIvarError < Error
362
+ def initialize(symbol:, klass:, stack:)
363
+ @symbol = symbol
364
+ @klass = klass
365
+ @stack = stack
366
+ super "Attempting to set unpermitted ivar #{symbol.inspect} on object of class #{klass} @ #{stack.join "."}"
367
+ end
368
+ end
369
+
370
+ class UnpermittedClassError < Error
371
+ def initialize(name:, stack:)
372
+ @name = name
373
+ @stack = stack
374
+ super "Attempting to load unpermitted class #{name.inspect} @ #{stack.join "."}"
375
+ end
376
+ end
377
+
378
+ class FormatError < Error
379
+ end
380
+
381
+ class MethodCallError < Error
382
+ end
383
+ end
384
+ end
385
+ end