rubygems-update 2.0.0.rc.1 → 2.0.0.rc.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of rubygems-update might be problematic. Click here for more details.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +3 -0
- data.tar.gz.sig +0 -0
- data/History.txt +165 -3
- data/Manifest.txt +1 -0
- data/lib/rubygems.rb +19 -37
- data/lib/rubygems/commands/push_command.rb +18 -11
- data/lib/rubygems/compatibility.rb +5 -1
- data/lib/rubygems/config_file.rb +42 -1
- data/lib/rubygems/dependency_installer.rb +7 -8
- data/lib/rubygems/errors.rb +2 -1
- data/lib/rubygems/ext/builder.rb +13 -6
- data/lib/rubygems/gemcutter_utilities.rb +12 -4
- data/lib/rubygems/package.rb +10 -2
- data/lib/rubygems/package/old.rb +37 -6
- data/lib/rubygems/security/policy.rb +44 -10
- data/lib/rubygems/specification.rb +7 -1
- data/lib/rubygems/ssl_certs/.document +1 -0
- data/lib/rubygems/test_case.rb +19 -5
- data/test/rubygems/test_gem.rb +42 -2
- data/test/rubygems/test_gem_commands_push_command.rb +2 -1
- data/test/rubygems/test_gem_config_file.rb +98 -34
- data/test/rubygems/test_gem_dependency_installer.rb +34 -2
- data/test/rubygems/test_gem_gemcutter_utilities.rb +23 -4
- data/test/rubygems/test_gem_installer.rb +27 -0
- data/test/rubygems/test_gem_package.rb +54 -3
- data/test/rubygems/test_gem_package_old.rb +42 -0
- data/test/rubygems/test_gem_security_policy.rb +144 -32
- data/test/rubygems/test_gem_specification.rb +9 -0
- metadata +136 -165
- metadata.gz.sig +0 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 5da39433cc3801dbe2eb90b691a3922d3e0b8742
|
4
|
+
data.tar.gz: e9dd3ab0d1d3d1ffd29ce830de603dcf38e0882f
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: c457f457ce059ed8d0f42ff2099dddd9fb0f831a0029aced033821cf672606e615146932ed6768c1adb859da1dc745a9d399b93cb83f9f6db6aab347ef0166a8
|
7
|
+
data.tar.gz: 87549ea6c9fb559165892769dc8bf668c86bd242e0ea93eb49cbc57ac20869bb397d319162211ef8fafeb3f2db5264494e1d830d171692e563f3ab3757e9b487
|
checksums.yaml.gz.sig
ADDED
data.tar.gz.sig
CHANGED
Binary file
|
data/History.txt
CHANGED
@@ -1,10 +1,10 @@
|
|
1
1
|
# coding: UTF-8
|
2
2
|
|
3
|
-
=== 2.0.0.rc.
|
3
|
+
=== 2.0.0.rc.2
|
4
4
|
|
5
5
|
As a preview release, please file bugs for any problems you have with RubyGems
|
6
6
|
at https://github.com/rubygems/rubygems/issues. To update to this preview
|
7
|
-
release use gem update --system=2.0.0.
|
7
|
+
release use gem update --system=2.0.0.rc.2
|
8
8
|
|
9
9
|
RubyGems 2.0 includes several new features and many breaking changes. Some of
|
10
10
|
these changes will cause existing software to break. These changes are a
|
@@ -14,6 +14,157 @@ maintainable and improve APIs for RubyGems users.
|
|
14
14
|
If you are using bundler be sure to install version 1.3.0.pre. Older versions
|
15
15
|
of bundler will not work with RubyGems 2.0.
|
16
16
|
|
17
|
+
Changes since RubyGems 1.8.25 (including past pre-releases):
|
18
|
+
|
19
|
+
* Breaking changes:
|
20
|
+
|
21
|
+
* Deprecated Gem.unresolved_deps in favor of
|
22
|
+
Gem::Specification.unresolved_deps
|
23
|
+
* Merged Gem::Builder into Gem::Package. Use Gem::Package.build(spec)
|
24
|
+
instead of Gem::Builder.new(spec).build
|
25
|
+
* Merged Gem::Format into Gem::Package. Use Gem::Package.new instead
|
26
|
+
of Gem::Format.from_file_by_path
|
27
|
+
* Moved Gem::OldFormat to Gem::Package::Old. Gem::Package will
|
28
|
+
automatically detect old gems for you, so there is no need to refer to it.
|
29
|
+
* Removed Gem::DocManager, replaced by Gem::RDoc and done_installing hook
|
30
|
+
* Removed Gem::Package::TarInput in favor of Gem::Package
|
31
|
+
* Removed Gem::Package::TarOutput in favor of Gem::Package
|
32
|
+
* Removed Gem::RemoteFetcher#open_uri_or_path. (steveklabnik)
|
33
|
+
* Removed Gem::SSL in favor of using OpenSSL directly
|
34
|
+
* Removed Gem.loaded_path
|
35
|
+
* Removed RSS generation from the gem indexer
|
36
|
+
* Removed benchmark option from .gemrc
|
37
|
+
* Removed broken YAML gemspec support in `gem build`
|
38
|
+
* Removed support for Ruby 1.9.1
|
39
|
+
* Removed many deprecated methods
|
40
|
+
|
41
|
+
* Major enhancements:
|
42
|
+
|
43
|
+
* Improved support for default gems shipping with ruby 2.0.0+
|
44
|
+
* A gem can have arbitrary metadata through Gem::Specification#metadata
|
45
|
+
* `gem search` now defaults to --remote and is anchored like gem list. Fixes
|
46
|
+
#166
|
47
|
+
* Added --document to replace --rdoc and --ri. Use --no-document to disable
|
48
|
+
documentation, --document=rdoc to only generate rdoc.
|
49
|
+
* Only ri-format documentation is generated by default.
|
50
|
+
* `gem server` uses RDoc::Servlet from RDoc 4.0 to generate HTML
|
51
|
+
documentation.
|
52
|
+
* Add ability to install gems directly from a compatible gemdep
|
53
|
+
file (Gemfile, Isolate, gem.deps.rb)
|
54
|
+
<code>gem install --file path</code>
|
55
|
+
* Add ability to load gem activation information from a gemdeps
|
56
|
+
file (Gemfile, Isolate, gem.deps.rb).
|
57
|
+
Set RUBYGEMS_GEMDEPS=path to have it loaded. Use - as the path
|
58
|
+
to autodetect (current and parent directories are searched).
|
59
|
+
|
60
|
+
* Minor enhancements:
|
61
|
+
* Added `gem check --doctor` to clean up after failed uninstallation. Bug
|
62
|
+
#419 by Erik Hollensbe
|
63
|
+
* RubyGems no longer defaults to uninstalling gems if a dependency would be
|
64
|
+
broken. Now you must manually say "yes". Pull Request #406 by Shannon
|
65
|
+
Skipper.
|
66
|
+
* Gem::DependencyInstaller now passes build_args down to the installer.
|
67
|
+
Pull Request #412 by Sam Rawlins.
|
68
|
+
* Added a cmake builder. Pull request #265 by Allan Espinosa.
|
69
|
+
* Removed rubyforge page from gem list output
|
70
|
+
* Added --only-executables option to `gem pristine`. Fixes #326
|
71
|
+
* Added -I flag for 'gem query' to exclude installed items
|
72
|
+
* Added Gem.install(name, version=default) for interactive sessions
|
73
|
+
* Added Gem::FilePermissionError#directory
|
74
|
+
* Added Gem::rubygems_version which is like Gem::ruby_version
|
75
|
+
* Added RUBYGEMS_HOST documentation to `gem env`
|
76
|
+
* Added a post_installs hook that runs after Gem::DependencyInstaller
|
77
|
+
finishes installing a set of gems
|
78
|
+
* Added a usage method for Gem::Commands::OwnerCommand. (ffmike)
|
79
|
+
* Added an optional type parameter to Gem::Specification#doc_dir.
|
80
|
+
* Added announcements url and clarified how to file tickets
|
81
|
+
* Added guidance for how to use rdoc and ri in setup command. (jjb)
|
82
|
+
* Attempting to install multiple gems with --version is now an error. You
|
83
|
+
can specify per-gem versions like <code>rake:0.9.5</code>
|
84
|
+
* Clarified Gem::CommandManager example code to avoid multi load problems.
|
85
|
+
(baroquebobcat)
|
86
|
+
* Corrupt or bad cached specs are now re-downloaded. (cookrn)
|
87
|
+
* Extension build arguments are saved from install and reused for pristine
|
88
|
+
* If the OS allows it, documentation is built in a forked background
|
89
|
+
process. (alexch)
|
90
|
+
* Imported gem yank from the gemcutter gem. Fixes #177, #343
|
91
|
+
* Packaged gems now contain and verify SHA1 checksums
|
92
|
+
* Removed commas from gem update summary so you can paste it back to
|
93
|
+
cleanup. (amatsuda)
|
94
|
+
* RubyGems will now warn when building gems with prerelease dependencies.
|
95
|
+
Fixes #255
|
96
|
+
* The RUBYGEMS_HOST environment variable is used to determine appropriate
|
97
|
+
API key for pushing or yanking gems
|
98
|
+
* Uninstall is now performed in reverse topological order.
|
99
|
+
* Users are told what to type when they try to uninstall a gem outside
|
100
|
+
GEM_HOME
|
101
|
+
* When building gems with non-world-readable files a warning is shown.
|
102
|
+
|
103
|
+
* Bug fixes:
|
104
|
+
* Gem.refresh now maintains the active gem list. Clearing the list would
|
105
|
+
cause double-loads which would cause other bugs. Pull Request #427 by
|
106
|
+
Jeremy Evans
|
107
|
+
* RubyGems now refuses to read the gem push credentials file if it has
|
108
|
+
insecure permissions. Pull Request #438 by Shannon Skipper
|
109
|
+
* RubyGems now requires a local gem name to end in '.gem'. Issue #407 by
|
110
|
+
Santiago Pastorino.
|
111
|
+
* Do not allow old-format gems to be installed with a security policy that
|
112
|
+
verifies data.
|
113
|
+
* Gem installation will fail if RubyGems cannot load the specification from
|
114
|
+
the gem. Bug #419 by Erik Hollensbe
|
115
|
+
* RubyGems tests now run in FIPS mode. Issue #365 by Vít Ondruch
|
116
|
+
* Only update the spec cache when we have permission. Ruby Bug #7509
|
117
|
+
* gem install now ignores directories and non .gem files that match the gem
|
118
|
+
to install. Bug #407 by Santiago Pastorino.
|
119
|
+
* Added PID to setup bin_file while installing RubyGems to protect against
|
120
|
+
errors. Fixes #328 by ConradIrwin
|
121
|
+
* Added missing require in Gem::Uninstaller when format_executable is set.
|
122
|
+
(sakuro)
|
123
|
+
* Exact gem command name matches are now chosen even if a longer command
|
124
|
+
overlaps the exact name
|
125
|
+
* Fixed Gem.loaded_path? with a Pathname instance. (mattetti)
|
126
|
+
* Fixed Gem::Dependency.new mismatch with rubygems.org checks
|
127
|
+
* Fixed SecurityError in Gem::Specification.load when $SAFE=1. (ged)
|
128
|
+
* Fixed SystemStackError with "gem list -r -a" on 1.9 (cldwalker)
|
129
|
+
* Fixed `gem owners` command so that exceptions don't stop the rest of the
|
130
|
+
command from completing
|
131
|
+
* Fixed `gem unpack uninstalled_gem` default version picker.
|
132
|
+
* Fixed defunct rubyforge urls in gem command line help
|
133
|
+
* Fixed documentation for the various hooks collections
|
134
|
+
* Fixed documentation generation on setup when the gem directory does not
|
135
|
+
exist. Fixes #253
|
136
|
+
* Fixed documentation to reflect where defaults overrides are loaded from.
|
137
|
+
(ferrous26)
|
138
|
+
* Fixed editing of a Makefile with 8-bit characters. Fixes #181
|
139
|
+
* Fixed gem loading issue caused by dependencies not resolving.
|
140
|
+
* Fixed independent testing of test_gem_package_tar_output. Ruby Bug #4686
|
141
|
+
by Shota Fukumori
|
142
|
+
* Fixed typo in uninstall message. (sandal)
|
143
|
+
* Gem::Requirement#<=> returns nil on non-requirement arg.
|
144
|
+
* Gem::Requirement.satisfied_by? raises ArgumentError if given a non-version
|
145
|
+
argument
|
146
|
+
* Gem::Version#initialize no longer modifies its parameter. (miaout17)
|
147
|
+
* Group-writable permissions are now allowed for gem repositories. (ctcherry)
|
148
|
+
* Memoized values in Gem::Specification are now reset the version or
|
149
|
+
platform changes. Fixes #78
|
150
|
+
* More specific errors are raised for bad requirements. (arsduo)
|
151
|
+
* Removed reference to 'sources' gem in documentation
|
152
|
+
* Removed unused block arguments to avoid creating Proc objects. (k-tsj)
|
153
|
+
* RubyGems now asks before overwriting executable wrappers. Ruby Bug #1800
|
154
|
+
* The bindir is now created with mkdir_p during install. (voxik)
|
155
|
+
* URI scheme matching is no longer case-sensitive. Fixes #322
|
156
|
+
* ext/builder now checks $MAKE as well as $make (okkez)
|
157
|
+
|
158
|
+
Changes since RubyGems 2.0.0.rc.1:
|
159
|
+
|
160
|
+
* Bug fixes:
|
161
|
+
* Fixed signature verification of gems which was broken only on master.
|
162
|
+
Thanks to Brian Buchanan.
|
163
|
+
* Proper exceptions are raised when verifying an unsigned gem. Thanks to
|
164
|
+
André Arko.
|
165
|
+
|
166
|
+
=== 2.0.0.rc.1 / 2013-01-08
|
167
|
+
|
17
168
|
* Minor enhancements:
|
18
169
|
* This release of RubyGems can push gems to rubygems.org. Ordinarily
|
19
170
|
prerelease versions of RubyGems cannot push gems.
|
@@ -52,7 +203,7 @@ of bundler will not work with RubyGems 2.0.
|
|
52
203
|
* Restored order of version marking. Fixes an issue with bundler. Thanks
|
53
204
|
to Aaron Patterson and Terence Lee.
|
54
205
|
* Gem cleanup now skips default gems. Pull Request #409 by Kouhei Sutou
|
55
|
-
* gem list, search and query can
|
206
|
+
* gem list, search and query can show remote gems again. Bug #410 by
|
56
207
|
Henry Maddocks
|
57
208
|
* gem install now ignores directories that match the gem to install. Bug
|
58
209
|
#407 by Santiago Pastorino.
|
@@ -180,6 +331,17 @@ $SAFE=1. There is no functional difference compared to Ruby 2.0.0.preview2
|
|
180
331
|
* URI scheme matching is no longer case-sensitive. Fixes #322
|
181
332
|
* ext/builder now checks $MAKE as well as $make (okkez)
|
182
333
|
|
334
|
+
=== 1.8.25 / 2013-01-24
|
335
|
+
|
336
|
+
* Bug fixes:
|
337
|
+
* Added 11627 to setup bin_file location to protect against errors. Fixes
|
338
|
+
#328 by ConradIrwin
|
339
|
+
* Specification#ruby_code didn't handle Requirement with multiple
|
340
|
+
* Fix error on creating a Version object with a frozen string.
|
341
|
+
* Fix incremental index updates
|
342
|
+
* Fix missing load_yaml in YAML-related requirement.rb code.
|
343
|
+
* Manually backport encoding-aware YAML gemspec
|
344
|
+
|
183
345
|
=== 1.8.24 / 2012-04-27
|
184
346
|
|
185
347
|
* 1 bug fix:
|
data/Manifest.txt
CHANGED
@@ -104,6 +104,7 @@ lib/rubygems/source_local.rb
|
|
104
104
|
lib/rubygems/source_specific_file.rb
|
105
105
|
lib/rubygems/spec_fetcher.rb
|
106
106
|
lib/rubygems/specification.rb
|
107
|
+
lib/rubygems/ssl_certs/.document
|
107
108
|
lib/rubygems/ssl_certs/AddTrustExternalCARoot.pem
|
108
109
|
lib/rubygems/ssl_certs/Entrust_net-Secure-Server-Certification-Authority.pem
|
109
110
|
lib/rubygems/ssl_certs/VerisignClass3PublicPrimaryCertificationAuthority-G2.pem
|
data/lib/rubygems.rb
CHANGED
@@ -5,6 +5,19 @@
|
|
5
5
|
# See LICENSE.txt for permissions.
|
6
6
|
#++
|
7
7
|
|
8
|
+
require 'rbconfig'
|
9
|
+
|
10
|
+
module Gem
|
11
|
+
VERSION = '2.0.0.rc.2'
|
12
|
+
end
|
13
|
+
|
14
|
+
# Must be first since it unloads the prelude from 1.9.2
|
15
|
+
require 'rubygems/compatibility'
|
16
|
+
|
17
|
+
require 'rubygems/defaults'
|
18
|
+
require 'rubygems/deprecate'
|
19
|
+
require 'rubygems/errors'
|
20
|
+
|
8
21
|
##
|
9
22
|
# RubyGems is the Ruby standard for publishing and managing third party
|
10
23
|
# libraries.
|
@@ -91,22 +104,12 @@
|
|
91
104
|
#
|
92
105
|
# (If your name is missing, PLEASE let us know!)
|
93
106
|
#
|
107
|
+
# See {LICENSE.txt}[rdoc-ref:lib/rubygems/LICENSE.txt] for permissions.
|
108
|
+
#
|
94
109
|
# Thanks!
|
95
110
|
#
|
96
111
|
# -The RubyGems Team
|
97
112
|
|
98
|
-
require 'rbconfig'
|
99
|
-
|
100
|
-
module Gem
|
101
|
-
VERSION = '2.0.0.rc.1'
|
102
|
-
end
|
103
|
-
|
104
|
-
# Must be first since it unloads the prelude from 1.9.2
|
105
|
-
require 'rubygems/compatibility'
|
106
|
-
|
107
|
-
require 'rubygems/defaults'
|
108
|
-
require 'rubygems/deprecate'
|
109
|
-
require 'rubygems/errors'
|
110
113
|
|
111
114
|
module Gem
|
112
115
|
RUBYGEMS_DIR = File.dirname File.expand_path(__FILE__)
|
@@ -207,7 +210,7 @@ module Gem
|
|
207
210
|
|
208
211
|
begin
|
209
212
|
while true
|
210
|
-
path = GEM_DEP_FILES.find { |f| File.
|
213
|
+
path = GEM_DEP_FILES.find { |f| File.file?(f) }
|
211
214
|
|
212
215
|
if path
|
213
216
|
path = File.join here, path
|
@@ -226,7 +229,9 @@ module Gem
|
|
226
229
|
end
|
227
230
|
end
|
228
231
|
|
229
|
-
|
232
|
+
path.untaint
|
233
|
+
|
234
|
+
return unless File.file? path
|
230
235
|
|
231
236
|
rs = Gem::RequestSet.new
|
232
237
|
rs.load_gemdeps path
|
@@ -369,29 +374,6 @@ module Gem
|
|
369
374
|
paths.path
|
370
375
|
end
|
371
376
|
|
372
|
-
##
|
373
|
-
# Expand each partial gem path with each of the required paths specified
|
374
|
-
# in the Gem spec. Each expanded path is yielded.
|
375
|
-
|
376
|
-
def self.each_load_path(partials)
|
377
|
-
partials.each do |gp|
|
378
|
-
base = File.basename gp
|
379
|
-
specfn = File.join(dir, "specifications", "#{base}.gemspec")
|
380
|
-
if File.exists? specfn
|
381
|
-
spec = eval(File.read(specfn))
|
382
|
-
spec.require_paths.each do |rp|
|
383
|
-
yield File.join(gp,rp)
|
384
|
-
end
|
385
|
-
else
|
386
|
-
filename = File.join(gp, 'lib')
|
387
|
-
yield(filename) if File.exists? filename
|
388
|
-
end
|
389
|
-
end
|
390
|
-
end
|
391
|
-
|
392
|
-
private_class_method :each_load_path
|
393
|
-
|
394
|
-
|
395
377
|
##
|
396
378
|
# Quietly ensure the named Gem directory contains all the proper
|
397
379
|
# subdirectories. If we can't create a directory due to a permission
|
@@ -24,16 +24,19 @@ class Gem::Commands::PushCommand < Gem::Command
|
|
24
24
|
add_proxy_option
|
25
25
|
add_key_option
|
26
26
|
|
27
|
-
add_option(
|
28
|
-
|
29
|
-
'Push to another gemcutter-compatible host'
|
30
|
-
) do |value, options|
|
27
|
+
add_option('--host HOST',
|
28
|
+
'Push to another gemcutter-compatible host') do |value, options|
|
31
29
|
options[:host] = value
|
32
30
|
end
|
31
|
+
|
32
|
+
@host = nil
|
33
33
|
end
|
34
34
|
|
35
35
|
def execute
|
36
|
-
|
36
|
+
@host = options[:host]
|
37
|
+
|
38
|
+
sign_in @host
|
39
|
+
|
37
40
|
send_gem get_one_gem_name
|
38
41
|
end
|
39
42
|
|
@@ -44,26 +47,30 @@ class Gem::Commands::PushCommand < Gem::Command
|
|
44
47
|
|
45
48
|
if latest_rubygems_version < Gem.rubygems_version and
|
46
49
|
Gem.rubygems_version.prerelease? and
|
47
|
-
Gem::Version.new('2.0.0.
|
50
|
+
Gem::Version.new('2.0.0.rc.2') != Gem.rubygems_version then
|
48
51
|
alert_error <<-ERROR
|
49
52
|
You are using a beta release of RubyGems (#{Gem::VERSION}) which is not
|
50
53
|
allowed to push gems. Please downgrade or upgrade to a release version.
|
51
54
|
|
52
55
|
The latest released RubyGems version is #{latest_rubygems_version}
|
56
|
+
|
57
|
+
You can upgrade or downgrade to the latest release version with:
|
58
|
+
|
59
|
+
gem update --system=#{latest_rubygems_version}
|
60
|
+
|
53
61
|
ERROR
|
54
62
|
terminate_interaction 1
|
55
63
|
end
|
56
64
|
|
57
|
-
host
|
58
|
-
unless host
|
65
|
+
unless @host then
|
59
66
|
if gem_data = Gem::Package.new(name) then
|
60
|
-
host = gem_data.spec.metadata['default_gem_server']
|
67
|
+
@host = gem_data.spec.metadata['default_gem_server']
|
61
68
|
end
|
62
69
|
end
|
63
70
|
|
64
|
-
args << host if host
|
71
|
+
args << @host if @host
|
65
72
|
|
66
|
-
say "Pushing gem to #{host || Gem.host}..."
|
73
|
+
say "Pushing gem to #{@host || Gem.host}..."
|
67
74
|
|
68
75
|
response = rubygems_api_request(*args) do |request|
|
69
76
|
request.body = Gem.read_binary name
|
@@ -1,9 +1,13 @@
|
|
1
|
+
# :stopdoc:
|
2
|
+
|
3
|
+
#--
|
1
4
|
# This file contains all sorts of little compatibility hacks that we've
|
2
5
|
# had to introduce over the years. Quarantining them into one file helps
|
3
6
|
# us know when we can get rid of them.
|
4
|
-
|
7
|
+
#
|
5
8
|
# Ruby 1.9.x has introduced some things that are awkward, and we need to
|
6
9
|
# support them, so we define some constants to use later.
|
10
|
+
#++
|
7
11
|
module Gem
|
8
12
|
# Only MRI 1.9.2 has the custom prelude.
|
9
13
|
GEM_PRELUDE_SUCKAGE = RUBY_VERSION =~ /^1\.9\.2/ and RUBY_ENGINE == "ruby"
|
data/lib/rubygems/config_file.rb
CHANGED
@@ -4,6 +4,8 @@
|
|
4
4
|
# See LICENSE.txt for permissions.
|
5
5
|
#++
|
6
6
|
|
7
|
+
require 'rubygems/user_interaction'
|
8
|
+
|
7
9
|
##
|
8
10
|
# Gem::ConfigFile RubyGems options and gem command options from gemrc.
|
9
11
|
#
|
@@ -33,6 +35,8 @@
|
|
33
35
|
|
34
36
|
class Gem::ConfigFile
|
35
37
|
|
38
|
+
include Gem::UserInteraction
|
39
|
+
|
36
40
|
DEFAULT_BACKTRACE = false
|
37
41
|
DEFAULT_BULK_THRESHOLD = 1000
|
38
42
|
DEFAULT_VERBOSITY = true
|
@@ -50,6 +54,8 @@ class Gem::ConfigFile
|
|
50
54
|
|
51
55
|
PLATFORM_DEFAULTS = {}
|
52
56
|
|
57
|
+
# :stopdoc:
|
58
|
+
|
53
59
|
system_config_path =
|
54
60
|
begin
|
55
61
|
require "etc"
|
@@ -77,6 +83,8 @@ class Gem::ConfigFile
|
|
77
83
|
end
|
78
84
|
end
|
79
85
|
|
86
|
+
# :startdoc:
|
87
|
+
|
80
88
|
SYSTEM_WIDE_CONFIG_FILE = File.join system_config_path, 'gemrc'
|
81
89
|
|
82
90
|
##
|
@@ -219,6 +227,35 @@ class Gem::ConfigFile
|
|
219
227
|
handle_arguments arg_list
|
220
228
|
end
|
221
229
|
|
230
|
+
##
|
231
|
+
# Checks the permissions of the credentials file. If they are not 0600 an
|
232
|
+
# error message is displayed and RubyGems aborts.
|
233
|
+
|
234
|
+
def check_credentials_permissions
|
235
|
+
return if Gem.win_platform? # windows doesn't write 0600 as 0600
|
236
|
+
return unless File.exist? credentials_path
|
237
|
+
|
238
|
+
existing_permissions = File.stat(credentials_path).mode & 0777
|
239
|
+
|
240
|
+
return if existing_permissions == 0600
|
241
|
+
|
242
|
+
alert_error <<-ERROR
|
243
|
+
Your gem push credentials file located at:
|
244
|
+
|
245
|
+
\t#{credentials_path}
|
246
|
+
|
247
|
+
has file permissions of 0#{existing_permissions.to_s 8} but 0600 is required.
|
248
|
+
|
249
|
+
You should reset your credentials at:
|
250
|
+
|
251
|
+
\thttps://rubygems.org/profile/edit
|
252
|
+
|
253
|
+
if you believe they were disclosed to a third party.
|
254
|
+
ERROR
|
255
|
+
|
256
|
+
terminate_interaction 1
|
257
|
+
end
|
258
|
+
|
222
259
|
##
|
223
260
|
# Location of RubyGems.org credentials
|
224
261
|
|
@@ -227,6 +264,8 @@ class Gem::ConfigFile
|
|
227
264
|
end
|
228
265
|
|
229
266
|
def load_api_keys
|
267
|
+
check_credentials_permissions
|
268
|
+
|
230
269
|
@api_keys = if File.exist? credentials_path then
|
231
270
|
load_file(credentials_path)
|
232
271
|
else
|
@@ -239,7 +278,9 @@ class Gem::ConfigFile
|
|
239
278
|
end
|
240
279
|
end
|
241
280
|
|
242
|
-
def rubygems_api_key=
|
281
|
+
def rubygems_api_key= api_key
|
282
|
+
check_credentials_permissions
|
283
|
+
|
243
284
|
config = load_file(credentials_path).merge(:rubygems_api_key => api_key)
|
244
285
|
|
245
286
|
dirname = File.dirname credentials_path
|