rubygems-update 3.5.5 → 3.5.7

data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb

@@ -1,5 +1,5 @@
 require_relative '../../../../../vendored_net_http'
-require_relative '../../../../uri/lib/uri'
+require_relative '../../../../../vendored_uri'
 require 'cgi' # for escaping
 require_relative '../../../../connection_pool/lib/connection_pool'
 
@@ -22,7 +22,7 @@ autoload :OpenSSL, 'openssl'
 #
 #   require 'bundler/vendor/net-http-persistent/lib/net/http/persistent'
 #
-#   uri = Bundler::URI 'http://example.com/awesome/web/service'
+#   uri = Gem::URI 'http://example.com/awesome/web/service'
 #
 #   http = Gem::Net::HTTP::Persistent.new
 #
@@ -39,17 +39,17 @@ autoload :OpenSSL, 'openssl'
 #   post = Gem::Net::HTTP::Post.new post_uri.path
 #   post.set_form_data 'some' => 'cool data'
 #
-#   # perform the POST, the Bundler::URI is always required
+#   # perform the POST, the Gem::URI is always required
 #   response http.request post_uri, post
 #
 # Note that for GET, HEAD and other requests that do not have a body you want
-# to use Bundler::URI#request_uri not Bundler::URI#path.  The request_uri contains the query
+# to use Gem::URI#request_uri not Gem::URI#path.  The request_uri contains the query
 # params which are sent in the body for other requests.
 #
 # == TLS/SSL
 #
 # TLS connections are automatically created depending upon the scheme of the
-# Bundler::URI.  TLS connections are automatically verified against the default
+# Gem::URI.  TLS connections are automatically verified against the default
 # certificate store for your computer.  You can override this by changing
 # verify_mode or by specifying an alternate cert_store.
 #
@@ -72,7 +72,7 @@ autoload :OpenSSL, 'openssl'
 # == Proxies
 #
 # A proxy can be set through #proxy= or at initialization time by providing a
-# second argument to ::new.  The proxy may be the Bundler::URI of the proxy server or
+# second argument to ::new.  The proxy may be the Gem::URI of the proxy server or
 # <code>:ENV</code> which will consult environment variables.
 #
 # See #proxy= and #proxy_from_env for details.
@@ -197,7 +197,7 @@ class Gem::Net::HTTP::Persistent
   # NOTE:  This may not work on ruby > 1.9.
 
   def self.detect_idle_timeout uri, max = 10
-    uri = Bundler::URI uri unless Bundler::URI::Generic === uri
+    uri = Gem::URI uri unless Gem::URI::Generic === uri
     uri += '/'
 
     req = Gem::Net::HTTP::Head.new uri.request_uri
@@ -455,13 +455,13 @@ class Gem::Net::HTTP::Persistent
   # Set a +name+ for fun.  Your library name should be good enough, but this
   # otherwise has no purpose.
   #
-  # +proxy+ may be set to a Bundler::URI::HTTP or :ENV to pick up proxy options from
+  # +proxy+ may be set to a Gem::URI::HTTP or :ENV to pick up proxy options from
   # the environment.  See proxy_from_env for details.
   #
-  # In order to use a Bundler::URI for the proxy you may need to do some extra work
-  # beyond Bundler::URI parsing if the proxy requires a password:
+  # In order to use a Gem::URI for the proxy you may need to do some extra work
+  # beyond Gem::URI parsing if the proxy requires a password:
   #
-  #   proxy = Bundler::URI 'http://proxy.example'
+  #   proxy = Gem::URI 'http://proxy.example'
   #   proxy.user     = 'AzureDiamond'
   #   proxy.password = 'hunter2'
   #
@@ -510,7 +510,7 @@ class Gem::Net::HTTP::Persistent
     @verify_mode        = nil
     @cert_store         = nil
 
-    @generation         = 0 # incremented when proxy Bundler::URI changes
+    @generation         = 0 # incremented when proxy Gem::URI changes
 
     if HAVE_OPENSSL then
       @verify_mode        = OpenSSL::SSL::VERIFY_PEER
@@ -720,12 +720,12 @@ class Gem::Net::HTTP::Persistent
   alias key= private_key=
 
   ##
-  # Sets the proxy server.  The +proxy+ may be the Bundler::URI of the proxy server,
+  # Sets the proxy server.  The +proxy+ may be the Gem::URI of the proxy server,
   # the symbol +:ENV+ which will read the proxy from the environment or nil to
   # disable use of a proxy.  See #proxy_from_env for details on setting the
   # proxy from the environment.
   #
-  # If the proxy Bundler::URI is set after requests have been made, the next request
+  # If the proxy Gem::URI is set after requests have been made, the next request
   # will shut-down and re-open all connections.
   #
   # The +no_proxy+ query parameter can be used to specify hosts which shouldn't
@@ -736,9 +736,9 @@ class Gem::Net::HTTP::Persistent
   def proxy= proxy
     @proxy_uri = case proxy
                  when :ENV      then proxy_from_env
-                 when Bundler::URI::HTTP then proxy
+                 when Gem::URI::HTTP then proxy
                  when nil       then # ignore
-                 else raise ArgumentError, 'proxy must be :ENV or a Bundler::URI::HTTP'
+                 else raise ArgumentError, 'proxy must be :ENV or a Gem::URI::HTTP'
                  end
 
     @no_proxy.clear
@@ -763,13 +763,13 @@ class Gem::Net::HTTP::Persistent
   end
 
   ##
-  # Creates a Bundler::URI for an HTTP proxy server from ENV variables.
+  # Creates a Gem::URI for an HTTP proxy server from ENV variables.
   #
   # If +HTTP_PROXY+ is set a proxy will be returned.
   #
-  # If +HTTP_PROXY_USER+ or +HTTP_PROXY_PASS+ are set the Bundler::URI is given the
+  # If +HTTP_PROXY_USER+ or +HTTP_PROXY_PASS+ are set the Gem::URI is given the
   # indicated user and password unless HTTP_PROXY contains either of these in
-  # the Bundler::URI.
+  # the Gem::URI.
   #
   # The +NO_PROXY+ ENV variable can be used to specify hosts which shouldn't
   # be reached via proxy; if set it should be a comma separated list of
@@ -785,7 +785,7 @@ class Gem::Net::HTTP::Persistent
 
     return nil if env_proxy.nil? or env_proxy.empty?
 
-    uri = Bundler::URI normalize_uri env_proxy
+    uri = Gem::URI normalize_uri env_proxy
 
     env_no_proxy = ENV['no_proxy'] || ENV['NO_PROXY']
 
@@ -863,7 +863,7 @@ class Gem::Net::HTTP::Persistent
   # +req+ must be a Gem::Net::HTTPGenericRequest subclass (see Gem::Net::HTTP for a list).
 
   def request uri, req = nil, &block
-    uri      = Bundler::URI uri
+    uri      = Gem::URI uri
     req      = request_setup req || uri
     response = nil
 
@@ -896,7 +896,7 @@ class Gem::Net::HTTP::Persistent
   end
 
   ##
-  # Creates a GET request if +req_or_uri+ is a Bundler::URI and adds headers to the
+  # Creates a GET request if +req_or_uri+ is a Gem::URI and adds headers to the
   # request.
   #
   # Returns the request.

data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb

@@ -1,4 +1,5 @@
 require_relative 'package'
+require_relative 'rubygems'
 require_relative 'version_constraint'
 require_relative 'incompatibility'
 require_relative 'basic_package_source'

data/bundler/lib/bundler/vendored_net_http.rb

@@ -1,8 +1,12 @@
 # frozen_string_literal: true
 
 begin
-  require "rubygems/net/http"
+  require "rubygems/vendored_net_http"
 rescue LoadError
-  require "net/http"
-  Gem::Net = Net
+  begin
+    require "rubygems/net/http"
+  rescue LoadError
+    require "net/http"
+    Gem::Net = Net
+  end
 end

data/bundler/lib/bundler/vendored_timeout.rb

@@ -1,8 +1,12 @@
 # frozen_string_literal: true
 
 begin
-  require "rubygems/timeout"
+  require "rubygems/vendored_timeout"
 rescue LoadError
-  require "timeout"
-  Gem::Timeout = Timeout
+  begin
+    require "rubygems/timeout"
+  rescue LoadError
+    require "timeout"
+    Gem::Timeout = Timeout
+  end
 end

data/bundler/lib/bundler/vendored_uri.rb

@@ -1,4 +1,21 @@
 # frozen_string_literal: true
 
 module Bundler; end
-require_relative "vendor/uri/lib/uri"
+
+# Use RubyGems vendored copy when available. Otherwise fallback to Bundler
+# vendored copy. The vendored copy in Bundler can be removed once support for
+# RubyGems 3.5 is dropped.
+
+begin
+  require "rubygems/vendor/uri/lib/uri"
+rescue LoadError
+  require_relative "vendor/uri/lib/uri"
+  Gem::URI = Bundler::URI
+
+  module Gem
+    def URI(uri) # rubocop:disable Naming/MethodName
+      Bundler::URI(uri)
+    end
+    module_function :URI
+  end
+end

data/bundler/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.5.5".freeze
+  VERSION = "2.5.7".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i

data/bundler/lib/bundler/yaml_serializer.rb

@@ -58,6 +58,8 @@ module Bundler
       str.split(/\r?\n/) do |line|
         if match = HASH_REGEX.match(line)
           indent, key, quote, val = match.captures
+          val = strip_comment(val)
+
           convert_to_backward_compatible_key!(key)
           depth = indent.size / 2
           if quote.empty? && val.empty?
@@ -72,6 +74,8 @@ module Bundler
           end
         elsif match = ARRAY_REGEX.match(line)
           _, val = match.captures
+          val = strip_comment(val)
+
           last_hash[last_empty_key] = [] unless last_hash[last_empty_key].is_a?(Array)
 
           last_hash[last_empty_key].push(val)
@@ -80,6 +84,14 @@ module Bundler
       res
     end
 
+    def strip_comment(val)
+      if val.include?("#") && !val.start_with?("#")
+        val.split("#", 2).first.strip
+      else
+        val
+      end
+    end
+
     # for settings' keys
     def convert_to_backward_compatible_key!(key)
       key << "/" if /https?:/i.match?(key) && !%r{/\Z}.match?(key)

data/bundler/lib/bundler.rb

@@ -200,12 +200,13 @@ module Bundler
     #
     # @param unlock [Hash, Boolean, nil] Gems that have been requested
     #   to be updated or true if all gems should be updated
+    # @param lockfile [Pathname] Path to Gemfile.lock
     # @return [Bundler::Definition]
-    def definition(unlock = nil)
+    def definition(unlock = nil, lockfile = default_lockfile)
       @definition = nil if unlock
       @definition ||= begin
         configure
-        Definition.build(default_gemfile, default_lockfile, unlock)
+        Definition.build(default_gemfile, lockfile, unlock)
       end
     end
 

data/lib/rubygems/command.rb

@@ -6,7 +6,7 @@
 # See LICENSE.txt for permissions.
 #++
 
-require_relative "optparse"
+require_relative "vendored_optparse"
 require_relative "requirement"
 require_relative "user_interaction"
 

data/lib/rubygems/command_manager.rb

@@ -106,7 +106,7 @@ class Gem::CommandManager
   # Register all the subcommands supported by the gem command.
 
   def initialize
-    require_relative "timeout"
+    require_relative "vendored_timeout"
     @commands = {}
 
     BUILTIN_COMMANDS.each do |name|

data/lib/rubygems/commands/help_command.rb

@@ -59,7 +59,7 @@ multiple environments.  The RubyGems implementation is designed to be
 compatible with Bundler's Gemfile format.  You can see additional
 documentation on the format at:
 
-  http://bundler.io
+  https://bundler.io
 
 RubyGems automatically looks for these gem dependencies files:
 
@@ -172,7 +172,7 @@ and #platforms methods:
 See the bundler Gemfile manual page for a list of platforms supported in a gem
 dependencies file.:
 
-  http://bundler.io/v1.6/man/gemfile.5.html
+  https://bundler.io/v2.5/man/gemfile.5.html
 
 Ruby Version and Engine Dependency
 ==================================

data/lib/rubygems/commands/rdoc_command.rb

@@ -84,14 +84,7 @@ Use --overwrite to force rebuilding of documentation.
         FileUtils.rm_rf File.join(spec.doc_dir, "rdoc")
       end
 
-      begin
-        doc.generate
-      rescue Errno::ENOENT => e
-        match = / - /.match(e.message)
-        alert_error "Unable to document #{spec.full_name}, " \
-                    " #{match.post_match} is missing, skipping"
-        terminate_interaction 1 if specs.length == 1
-      end
+      doc.generate
     end
   end
 end

data/lib/rubygems/commands/sources_command.rb

@@ -59,7 +59,7 @@ class Gem::Commands::SourcesCommand < Gem::Command
 
         say "#{source_uri} added to sources"
       end
-    rescue URI::Error, ArgumentError
+    rescue Gem::URI::Error, ArgumentError
       say "#{source_uri} is not a URI"
       terminate_interaction 1
     rescue Gem::RemoteFetcher::FetchError => e
@@ -81,7 +81,7 @@ Do you want to add this source?
   end
 
   def check_rubygems_https(source_uri) # :nodoc:
-    uri = URI source_uri
+    uri = Gem::URI source_uri
 
     if uri.scheme && uri.scheme.casecmp("http").zero? &&
        uri.host.casecmp("rubygems.org").zero?

data/lib/rubygems/defaults.rb

@@ -112,7 +112,7 @@ module Gem
   # The path to standard location of the user's configuration directory.
 
   def self.config_home
-    @config_home ||= (ENV["XDG_CONFIG_HOME"] || File.join(Gem.user_home, ".config"))
+    @config_home ||= ENV["XDG_CONFIG_HOME"] || File.join(Gem.user_home, ".config")
   end
 
   ##
@@ -145,21 +145,21 @@ module Gem
   # The path to standard location of the user's cache directory.
 
   def self.cache_home
-    @cache_home ||= (ENV["XDG_CACHE_HOME"] || File.join(Gem.user_home, ".cache"))
+    @cache_home ||= ENV["XDG_CACHE_HOME"] || File.join(Gem.user_home, ".cache")
   end
 
   ##
   # The path to standard location of the user's data directory.
 
   def self.data_home
-    @data_home ||= (ENV["XDG_DATA_HOME"] || File.join(Gem.user_home, ".local", "share"))
+    @data_home ||= ENV["XDG_DATA_HOME"] || File.join(Gem.user_home, ".local", "share")
   end
 
   ##
   # The path to standard location of the user's state directory.
 
   def self.state_home
-    @state_home ||= (ENV["XDG_STATE_HOME"] || File.join(Gem.user_home, ".local", "state"))
+    @state_home ||= ENV["XDG_STATE_HOME"] || File.join(Gem.user_home, ".local", "state")
   end
 
   ##

data/lib/rubygems/dependency.rb

@@ -328,9 +328,9 @@ class Gem::Dependency
     return active if active
 
     unless prerelease?
-      # Move prereleases to the end of the list for >= 0 requirements
+      # Consider prereleases only as a fallback
       pre, matches = matches.partition {|spec| spec.version.prerelease? }
-      matches += pre if requirement == Gem::Requirement.default
+      matches = pre if matches.empty?
     end
 
     matches.first

data/lib/rubygems/dependency_list.rb

@@ -6,7 +6,7 @@
 # See LICENSE.txt for permissions.
 #++
 
-require_relative "tsort"
+require_relative "vendored_tsort"
 require_relative "deprecate"
 
 ##

data/lib/rubygems/ext/cargo_builder.rb

@@ -293,7 +293,7 @@ EOF
 
     case var_name
     # On windows, it is assumed that mkmf has setup an exports file for the
-    # extension, so we have to to create one ourselves.
+    # extension, so we have to create one ourselves.
     when "DEFFILE"
       write_deffile(dest_dir, crate_name)
     else

data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb

@@ -51,7 +51,7 @@ module Gem::GemcutterUtilities
         request_line = socket.gets
 
         method, req_uri, _protocol = request_line.split(" ")
-        req_uri = URI.parse(req_uri)
+        req_uri = Gem::URI.parse(req_uri)
 
         responder = SocketResponder.new(socket)
 

data/lib/rubygems/gemcutter_utilities.rb

@@ -10,7 +10,8 @@ require_relative "gemcutter_utilities/webauthn_poller"
 
 module Gem::GemcutterUtilities
   ERROR_CODE = 1
-  API_SCOPES = [:index_rubygems, :push_rubygem, :yank_rubygem, :add_owner, :remove_owner, :access_webhooks, :show_dashboard].freeze
+  API_SCOPES = [:index_rubygems, :push_rubygem, :yank_rubygem, :add_owner, :remove_owner, :access_webhooks].freeze
+  EXCLUSIVELY_API_SCOPES = [:show_dashboard].freeze
 
   include Gem::Text
 
@@ -84,7 +85,7 @@ module Gem::GemcutterUtilities
   # If +allowed_push_host+ metadata is present, then it will only allow that host.
 
   def rubygems_api_request(method, path, host = nil, allowed_push_host = nil, scope: nil, credentials: {}, &block)
-    require_relative "net/http"
+    require_relative "vendored_net_http"
 
     self.host = host if host
     unless self.host
@@ -93,8 +94,8 @@ module Gem::GemcutterUtilities
     end
 
     if allowed_push_host
-      allowed_host_uri = URI.parse(allowed_push_host)
-      host_uri         = URI.parse(self.host)
+      allowed_host_uri = Gem::URI.parse(allowed_push_host)
+      host_uri         = Gem::URI.parse(self.host)
 
       unless (host_uri.scheme == allowed_host_uri.scheme) && (host_uri.host == allowed_host_uri.host)
         alert_error "#{self.host.inspect} is not allowed by the gemspec, which only allows #{allowed_push_host.inspect}"
@@ -102,7 +103,7 @@ module Gem::GemcutterUtilities
       end
     end
 
-    uri = URI.parse "#{self.host}/#{path}"
+    uri = Gem::URI.parse "#{self.host}/#{path}"
     response = request_with_otp(method, uri, &block)
 
     if mfa_unauthorized?(response)
@@ -129,14 +130,14 @@ module Gem::GemcutterUtilities
 
     say "The existing key doesn't have access of #{scope} on #{pretty_host}. Please sign in to update access."
 
-    email    = ask "   Email: "
-    password = ask_for_password "Password: "
+    identifier = ask "Username/email: "
+    password   = ask_for_password "      Password: "
 
     response = rubygems_api_request(:put, "api/v1/api_key",
                                     sign_in_host, scope: scope) do |request|
-      request.basic_auth email, password
+      request.basic_auth identifier, password
       request["OTP"] = otp if otp
-      request.body = URI.encode_www_form({ api_key: api_key }.merge(update_scope_params))
+      request.body = Gem::URI.encode_www_form({ api_key: api_key }.merge(update_scope_params))
     end
 
     with_response response do |_resp|
@@ -158,25 +159,25 @@ module Gem::GemcutterUtilities
     say "Don't have an account yet? " \
         "Create one at #{sign_in_host}/sign_up"
 
-    email = ask "   Email: "
-    password = ask_for_password "Password: "
+    identifier = ask "Username/email: "
+    password   = ask_for_password "      Password: "
     say "\n"
 
     key_name     = get_key_name(scope)
     scope_params = get_scope_params(scope)
-    profile      = get_user_profile(email, password)
+    profile      = get_user_profile(identifier, password)
     mfa_params   = get_mfa_params(profile)
     all_params   = scope_params.merge(mfa_params)
     warning      = profile["warning"]
-    credentials  = { email: email, password: password }
+    credentials  = { identifier: identifier, password: password }
 
     say "#{warning}\n" if warning
 
     response = rubygems_api_request(:post, "api/v1/api_key",
                                     sign_in_host, credentials: credentials, scope: scope) do |request|
-      request.basic_auth email, password
+      request.basic_auth identifier, password
       request["OTP"] = otp if otp
-      request.body = URI.encode_www_form({ name: key_name }.merge(all_params))
+      request.body = Gem::URI.encode_www_form({ name: key_name }.merge(all_params))
     end
 
     with_response response do |resp|
@@ -294,7 +295,7 @@ module Gem::GemcutterUtilities
       if credentials.empty?
         request.add_field "Authorization", api_key
       else
-        request.basic_auth credentials[:email], credentials[:password]
+        request.basic_auth credentials[:identifier], credentials[:password]
       end
     end
     response.is_a?(Gem::Net::HTTPSuccess) ? response.body : nil
@@ -309,15 +310,31 @@ module Gem::GemcutterUtilities
   end
 
   def get_scope_params(scope)
-    scope_params = {}
+    scope_params = { index_rubygems: true }
 
     if scope
       scope_params = { scope => true }
     else
-      say "Please select scopes you want to enable for the API key (y/n)"
-      API_SCOPES.each do |s|
-        selected = ask_yes_no(s.to_s, false)
-        scope_params[s] = true if selected
+      say "The default access scope is:"
+      scope_params.each do |k, _v|
+        say "  #{k}: y"
+      end
+      say "\n"
+      customise = ask_yes_no("Do you want to customise scopes?", false)
+      if customise
+        EXCLUSIVELY_API_SCOPES.each do |excl_scope|
+          selected = ask_yes_no("#{excl_scope} (exclusive scope, answering yes will not prompt for other scopes)", false)
+          next unless selected
+
+          return { excl_scope => true }
+        end
+
+        scope_params = {}
+
+        API_SCOPES.each do |s|
+          selected = ask_yes_no(s.to_s, false)
+          scope_params[s] = true if selected
+        end
       end
       say "\n"
     end
@@ -329,11 +346,11 @@ module Gem::GemcutterUtilities
     host == Gem::DEFAULT_HOST
   end
 
-  def get_user_profile(email, password)
+  def get_user_profile(identifier, password)
     return {} unless default_host?
 
     response = rubygems_api_request(:get, "api/v1/profile/me.yaml") do |request|
-      request.basic_auth email, password
+      request.basic_auth identifier, password
     end
 
     with_response response do |resp|

data/lib/rubygems/local_remote_options.rb

@@ -6,7 +6,7 @@
 # See LICENSE.txt for permissions.
 #++
 
-require "uri"
+require_relative "vendor/uri/lib/uri"
 require_relative "../rubygems"
 
 ##
@@ -17,10 +17,10 @@ module Gem::LocalRemoteOptions
   # Allows Gem::OptionParser to handle HTTP URIs.
 
   def accept_uri_http
-    Gem::OptionParser.accept URI::HTTP do |value|
+    Gem::OptionParser.accept Gem::URI::HTTP do |value|
       begin
-        uri = URI.parse value
-      rescue URI::InvalidURIError
+        uri = Gem::URI.parse value
+      rescue Gem::URI::InvalidURIError
         raise Gem::OptionParser::InvalidArgument, value
       end
 
@@ -88,7 +88,7 @@ module Gem::LocalRemoteOptions
   def add_proxy_option
     accept_uri_http
 
-    add_option(:"Local/Remote", "-p", "--[no-]http-proxy [URL]", URI::HTTP,
+    add_option(:"Local/Remote", "-p", "--[no-]http-proxy [URL]", Gem::URI::HTTP,
                "Use HTTP proxy for remote operations") do |value, options|
       options[:http_proxy] = value == false ? :no_proxy : value
       Gem.configuration[:http_proxy] = options[:http_proxy]
@@ -101,7 +101,7 @@ module Gem::LocalRemoteOptions
   def add_source_option
     accept_uri_http
 
-    add_option(:"Local/Remote", "-s", "--source URL", URI::HTTP,
+    add_option(:"Local/Remote", "-s", "--source URL", Gem::URI::HTTP,
                "Append URL to list of remote gem sources") do |source, options|
       source << "/" unless source.end_with?("/")
 

data/lib/rubygems/remote_fetcher.rb

@@ -74,9 +74,9 @@ class Gem::RemoteFetcher
 
   def initialize(proxy=nil, dns=nil, headers={})
     require_relative "core_ext/tcpsocket_init" if Gem.configuration.ipv4_fallback_enabled
-    require_relative "net/http"
+    require_relative "vendored_net_http"
     require "stringio"
-    require "uri"
+    require_relative "vendor/uri/lib/uri"
 
     Socket.do_not_reverse_lookup = true
 
@@ -135,7 +135,7 @@ class Gem::RemoteFetcher
 
     scheme = source_uri.scheme
 
-    # URI.parse gets confused by MS Windows paths with forward slashes.
+    # Gem::URI.parse gets confused by MS Windows paths with forward slashes.
     scheme = nil if /^[a-z]$/i.match?(scheme)
 
     # REFACTOR: split this up and dispatch on scheme (eg download_http)

data/lib/rubygems/request.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require_relative "net/http"
+require_relative "vendored_net_http"
 require_relative "user_interaction"
 
 class Gem::Request
@@ -18,11 +18,11 @@ class Gem::Request
   end
 
   def self.proxy_uri(proxy) # :nodoc:
-    require "uri"
+    require_relative "vendor/uri/lib/uri"
     case proxy
     when :no_proxy then nil
-    when URI::HTTP then proxy
-    else URI.parse(proxy)
+    when Gem::URI::HTTP then proxy
+    else Gem::URI.parse(proxy)
     end
   end
 
@@ -176,7 +176,7 @@ class Gem::Request
     end
 
     require "uri"
-    uri = URI(Gem::UriFormatter.new(env_proxy).normalize)
+    uri = Gem::URI(Gem::UriFormatter.new(env_proxy).normalize)
 
     if uri && uri.user.nil? && uri.password.nil?
       user     = ENV["#{downcase_scheme}_proxy_user"] || ENV["#{upcase_scheme}_PROXY_USER"]