rubygems-update 3.2.1 → 3.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4528e626d1fed9c0dcbc5c43bd3145e3fe11ad95331342b6d73d48e7d1173e42
-  data.tar.gz: bfb5d478718b397bb6b355571bc3349db1c8e2cded98ea5889f70a3a0fe3ca32
+  metadata.gz: 89d8b149374def285695109ddc454c37bce9e4237c234c5effd43d9cf4ccc26a
+  data.tar.gz: d47581abe6eeacc1037e20a882df82001f5742fb33418d38829c788bb341f073
 SHA512:
-  metadata.gz: 5692fa6e596bcd8a9d702451d5c2f7f52b336e4c367ba9cc050f1f56feab4c7d2d5e705e286cc70eeec2b042292e06878083000d3852df18e966305c543ceb6f
-  data.tar.gz: 4493b5d9b76a7867c7dc81f8bde7d7078bc836d1bded817424024d341ff491b38cb8a46ada2047b6c1788a78e18313b66fb8a070e059275ed46dd3d7cda5c8b6
+  metadata.gz: 34fe6a294d1aaed49dc46a1a3aecdc211a2fb308a88ab352cbc732a0b9dc8ffdedc0e87302efc29275972051f77a275b8caf3c436538dcbb43e569b75ce1e429
+  data.tar.gz: 10af836317bb8539971af80345a129963d56149affab1a89498abde570c31802a374246c0cee85bf3bdfd6c37d6dcfd1db33677b4db9c5514d6cd5102741be89

data/History.txt

@@ -1,3 +1,15 @@
+=== 3.2.2 / 2020-12-17
+
+Bug fixes:
+
+* Fix issue where CLI commands making more than one request to
+  rubygems.org needing an OTP code would crash or ask for the code twice.
+  Pull request #4162 by sonalkr132
+* Fix building rake extensions that require openssl. Pull request #4165 by
+  deivid-rodriguez
+* Fix `gem update --system` displaying too many changelog entries. Pull
+  request #4145 by deivid-rodriguez
+
 === 3.2.1 / 2020-12-14
 
 Enhancements:
@@ -12,7 +24,7 @@ Bug fixes:
 * Fix Resolver::APISet to always include prereleases when necessary. Pull
   request #4113 by deivid-rodriguez
 
-=== 3.2.0 / 2020-12-7
+=== 3.2.0 / 2020-12-07
 
 Enhancements:
 
@@ -68,7 +80,7 @@ Performance:
 * Don't change ruby process CWD when building extensions. Pull request
   #3498 by deivid-rodriguez
 
-=== 3.2.0.rc.2 / 2020-10-8
+=== 3.2.0.rc.2 / 2020-10-08
 
 Enhancements:
 

data/Manifest.txt

@@ -682,3 +682,4 @@ test/rubygems/test_remote_fetch_error.rb
 test/rubygems/test_require.rb
 test/rubygems/wrong_key_cert.pem
 test/rubygems/wrong_key_cert_32.pem
+test/test_changelog_generator.rb

data/bundler/CHANGELOG.md

@@ -1,3 +1,10 @@
+# 2.2.2 (December 17, 2020)
+
+## Bug fixes:
+
+  - Fix resolver crash when a candidate has 0 matching platforms [#4163](https://github.com/rubygems/rubygems/pull/4163)
+  - Restore change to copy global with/without config locally upon `bundle install` [#4154](https://github.com/rubygems/rubygems/pull/4154)
+
 # 2.2.1 (December 14, 2020)
 
 ## Bug fixes:

data/bundler/lib/bundler/build_metadata.rb

@@ -4,8 +4,8 @@ module Bundler
   # Represents metadata from when the Bundler gem was built.
   module BuildMetadata
     # begin ivars
-    @built_at = "2020-12-14".freeze
-    @git_commit_sha = "b98d6b2035".freeze
+    @built_at = "2020-12-17".freeze
+    @git_commit_sha = "d85cd5b7c3".freeze
     @release = true
     # end ivars
 

data/bundler/lib/bundler/cli/install.rb

@@ -152,18 +152,27 @@ module Bundler
 
       check_for_group_conflicts_in_cli_options
 
+      Bundler.settings.set_command_option :with, nil if options[:with] == []
+      Bundler.settings.set_command_option :without, nil if options[:without] == []
+
       with = options.fetch(:with, [])
       with |= Bundler.settings[:with].map(&:to_s)
       with -= options[:without] if options[:without]
-      with = nil if options[:with] == []
 
       without = options.fetch(:without, [])
       without |= Bundler.settings[:without].map(&:to_s)
       without -= options[:with] if options[:with]
-      without = nil if options[:without] == []
 
-      Bundler.settings.set_command_option :without, without
-      Bundler.settings.set_command_option :with,    with
+      options[:with]    = with
+      options[:without] = without
+
+      unless Bundler.settings[:without] == options[:without] && Bundler.settings[:with] == options[:with]
+        # need to nil them out first to get around validation for backwards compatibility
+        Bundler.settings.set_command_option :without, nil
+        Bundler.settings.set_command_option :with,    nil
+        Bundler.settings.set_command_option :without, options[:without] - options[:with]
+        Bundler.settings.set_command_option :with,    options[:with]
+      end
     end
 
     def normalize_settings
@@ -190,7 +199,7 @@ module Bundler
 
       Bundler.settings.set_command_option_if_given :clean, options["clean"]
 
-      normalize_groups if options[:without] || options[:with]
+      normalize_groups
 
       options[:force] = options[:redownload]
     end

data/bundler/lib/bundler/resolver.rb

@@ -155,6 +155,8 @@ module Bundler
         search.each do |sg|
           next unless sg.for?(platform)
           sg_all_platforms = sg.copy_for(self.class.sort_platforms(@platforms).reverse)
+          next unless sg_all_platforms
+
           selected_sgs << sg_all_platforms
 
           next if sg_all_platforms.activated_platforms == [Gem::Platform::RUBY]

data/bundler/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.2.1".freeze
+  VERSION = "2.2.2".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i

data/lib/rubygems.rb

@@ -8,7 +8,7 @@
 require 'rbconfig'
 
 module Gem
-  VERSION = "3.2.1".freeze
+  VERSION = "3.2.2".freeze
 end
 
 # Must be first since it unloads the prelude from 1.9.2

data/lib/rubygems/commands/owner_command.rb

@@ -105,7 +105,6 @@ permission to.
     rubygems_api_request method, "api/v1/gems/#{name}/owners", scope: get_owner_scope(method: method) do |request|
       request.set_form_data 'email' => owner
       request.add_field "Authorization", api_key
-      request.add_field "OTP", options[:otp] if options[:otp]
     end
   end
 

data/lib/rubygems/commands/push_command.rb

@@ -91,7 +91,6 @@ The push command will use ~/.gem/credentials to authenticate to a server, but yo
       request.add_field "Content-Length", request.body.size
       request.add_field "Content-Type",   "application/octet-stream"
       request.add_field "Authorization",  api_key
-      request.add_field "OTP", options[:otp] if options[:otp]
     end
   end
 

data/lib/rubygems/commands/yank_command.rb

@@ -74,7 +74,6 @@ data you will need to change them immediately and yank your gem.
     name = get_one_gem_name
     response = rubygems_api_request(method, api, host, scope: get_yank_scope) do |request|
       request.add_field("Authorization", api_key)
-      request.add_field("OTP", options[:otp]) if options[:otp]
 
       data = {
         'gem_name' => name,

data/lib/rubygems/ext/rake_builder.rb

@@ -19,7 +19,7 @@ class Gem::Ext::RakeBuilder < Gem::Ext::Builder
       rake = rake.shellsplit
     else
       begin
-        rake = [Gem.ruby, "-I#{File.expand_path("..", __dir__)}", "-rrubygems", Gem.bin_path('rake', 'rake')]
+        rake = [Gem.ruby, "-I#{File.expand_path("../..", __dir__)}", "-rrubygems", Gem.bin_path('rake', 'rake')]
       rescue Gem::Exception
         rake = [Gem.default_exec_format % 'rake']
       end

data/lib/rubygems/gemcutter_utilities.rb

@@ -94,20 +94,16 @@ module Gem::GemcutterUtilities
     end
 
     uri = URI.parse "#{self.host}/#{path}"
-
-    request_method = Net::HTTP.const_get method.to_s.capitalize
-    response = Gem::RemoteFetcher.fetcher.request(uri, request_method, &block)
+    response = request_with_otp(method, uri, &block)
 
     if mfa_unauthorized?(response)
-      response = Gem::RemoteFetcher.fetcher.request(uri, request_method) do |req|
-        req.add_field "OTP", get_otp
-        block.call(req)
-      end
+      ask_otp
+      response = request_with_otp(method, uri, &block)
     end
 
     if api_key_forbidden?(response)
       update_scope(scope)
-      Gem::RemoteFetcher.fetcher.request(uri, request_method, &block)
+      request_with_otp(method, uri, &block)
     else
       response
     end
@@ -117,11 +113,6 @@ module Gem::GemcutterUtilities
     response.kind_of?(Net::HTTPUnauthorized) && response.body.start_with?('You have enabled multifactor authentication')
   end
 
-  def get_otp
-    say 'You have enabled multi-factor authentication. Please enter OTP code.'
-    ask 'Code: '
-  end
-
   def update_scope(scope)
     sign_in_host        = self.host
     pretty_host         = pretty_host(sign_in_host)
@@ -135,7 +126,7 @@ module Gem::GemcutterUtilities
     response = rubygems_api_request(:put, "api/v1/api_key",
                                     sign_in_host, scope: scope) do |request|
       request.basic_auth email, password
-      request.add_field "OTP", options[:otp] if options[:otp]
+      request["OTP"] = options[:otp] if options[:otp]
       request.body = URI.encode_www_form({:api_key => api_key }.merge(update_scope_params))
     end
 
@@ -168,7 +159,7 @@ module Gem::GemcutterUtilities
     response = rubygems_api_request(:post, "api/v1/api_key",
                                     sign_in_host, scope: scope) do |request|
       request.basic_auth email, password
-      request.add_field "OTP", options[:otp] if options[:otp]
+      request["OTP"] = options[:otp] if options[:otp]
       request.body = URI.encode_www_form({ name: key_name }.merge(scope_params))
     end
 
@@ -229,6 +220,20 @@ module Gem::GemcutterUtilities
 
   private
 
+  def request_with_otp(method, uri, &block)
+    request_method = Net::HTTP.const_get method.to_s.capitalize
+
+    Gem::RemoteFetcher.fetcher.request(uri, request_method) do |req|
+      req["OTP"] = options[:otp] if options[:otp]
+      block.call(req)
+    end
+  end
+
+  def ask_otp
+    say 'You have enabled multi-factor authentication. Please enter OTP code.'
+    options[:otp] = ask 'Code: '
+  end
+
   def pretty_host(host)
     if Gem::DEFAULT_HOST == host
       'RubyGems.org'

data/lib/rubygems/test_utilities.rb

@@ -38,7 +38,7 @@ class Gem::FakeFetcher
     @paths = []
   end
 
-  def find_data(path, nargs = 3)
+  def find_data(path)
     return Gem.read_binary path.path if URI === path and 'file' == path.scheme
 
     if URI === path and "URI::#{path.scheme.upcase}" != path.class.name
@@ -54,10 +54,11 @@ class Gem::FakeFetcher
       raise Gem::RemoteFetcher::FetchError.new("no data for #{path}", path)
     end
 
-    data = @data[path]
-
-    data.flatten! and return data.shift(nargs) if data.respond_to?(:flatten!)
-    data
+    if @data[path].kind_of?(Array) && @data[path].first.kind_of?(Array)
+      @data[path].shift
+    else
+      @data[path]
+    end
   end
 
   def fetch_path(path, mtime = nil, head = false)

data/rubygems-update.gemspec

@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |s|
   s.name = "rubygems-update"
-  s.version = "3.2.1"
+  s.version = "3.2.2"
   s.authors = ["Jim Weirich", "Chad Fowler", "Eric Hodel", "Luis Lavena", "Aaron Patterson", "Samuel Giddins", "André Arko", "Evan Phoenix", "Hiroshi SHIBATA"]
   s.email = ["", "", "drbrain@segment7.net", "luislavena@gmail.com", "aaron@tenderlovemaking.com", "segiddins@segiddins.me", "andre@arko.net", "evan@phx.io", "hsbt@ruby-lang.org"]
 

data/test/rubygems/test_gem_commands_push_command.rb

@@ -404,11 +404,13 @@ class TestGemCommandsPushCommand < Gem::TestCase
     assert_equal '111111', @fetcher.last_request['OTP']
   end
 
-  def test_sending_gem_unathorized_api_key
+  def test_sending_gem_unathorized_api_key_with_mfa_enabled
+    response_mfa_enabled = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
     response_forbidden = "The API key doesn't have access"
     response_success   = 'Successfully registered gem: freewill (1.0.0)'
 
     @fetcher.data["#{@host}/api/v1/gems"] = [
+      [response_mfa_enabled, 401, 'Unauthorized'],
       [response_forbidden, 403, 'Forbidden'],
       [response_success, 200, "OK"],
     ]
@@ -417,17 +419,54 @@ class TestGemCommandsPushCommand < Gem::TestCase
     @cmd.instance_variable_set :@host, @host
     @cmd.instance_variable_set :@scope, :push_rubygem
 
-    @ui = Gem::MockGemUi.new "some@mail.com\npass\n"
+    @ui = Gem::MockGemUi.new "11111\nsome@mail.com\npass\n"
     use_ui @ui do
       @cmd.send_gem(@path)
     end
 
+    mfa_notice = "You have enabled multi-factor authentication. Please enter OTP code."
     access_notice = "The existing key doesn't have access of push_rubygem on https://rubygems.example. Please sign in to update access."
+    assert_match mfa_notice, @ui.output
     assert_match access_notice, @ui.output
     assert_match "Email:", @ui.output
     assert_match "Password:", @ui.output
     assert_match "Added push_rubygem scope to the existing API key", @ui.output
     assert_match response_success, @ui.output
+    assert_equal '11111', @fetcher.last_request['OTP']
+  end
+
+  def test_sending_gem_with_no_local_creds
+    Gem.configuration.rubygems_api_key = nil
+
+    response_mfa_enabled = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
+    response_success     = 'Successfully registered gem: freewill (1.0.0)'
+
+    @fetcher.data["#{@host}/api/v1/gems"] = [
+      [response_success, 200, "OK"],
+    ]
+
+    @fetcher.data["#{@host}/api/v1/api_key"] = [
+      [response_mfa_enabled, 401, 'Unauthorized'],
+      ["", 200, "OK"],
+    ]
+
+    @cmd.instance_variable_set :@scope, :push_rubygem
+    @cmd.options[:args] = [@path]
+    @cmd.options[:host] = @host
+
+    @ui = Gem::MockGemUi.new "some@mail.com\npass\n11111\n"
+    use_ui @ui do
+      @cmd.execute
+    end
+
+    mfa_notice = "You have enabled multi-factor authentication. Please enter OTP code."
+    assert_match mfa_notice, @ui.output
+    assert_match "Enter your https://rubygems.example credentials.", @ui.output
+    assert_match "Email:", @ui.output
+    assert_match "Password:", @ui.output
+    assert_match "Signed in with API key:", @ui.output
+    assert_match response_success, @ui.output
+    assert_equal '11111', @fetcher.last_request['OTP']
   end
 
   private

data/test/rubygems/test_gem_ext_rake_builder.rb

@@ -47,6 +47,31 @@ class TestGemExtRakeBuilder < Gem::TestCase
     end
   end
 
+  def test_class_no_openssl_override
+    create_temp_mkrf_file('task :default')
+
+    rake = util_spec 'rake' do |s|
+      s.executables = %w[rake]
+      s.files = %w[bin/rake]
+    end
+
+    output = []
+
+    write_file File.join(@tempdir, 'bin', 'rake') do |fp|
+      fp.puts "#!/usr/bin/ruby"
+      fp.puts "require 'openssl'; puts OpenSSL"
+    end
+
+    install_gem rake
+
+    Gem::Ext::RakeBuilder.build 'mkrf_conf.rb', @dest_path, output, [''], nil, @ext
+
+    output = output.join "\n"
+
+    assert_match "OpenSSL", output
+    assert_match %r{^#{Regexp.escape Gem.ruby} mkrf_conf\.rb}, output
+  end
+
   def test_class_build_no_mkrf_passes_args
     output = []
 

data/test/test_changelog_generator.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require "minitest/autorun"
+require_relative "../util/changelog"
+require "rubygems/commands/setup_command"
+
+class ChangelogTest < Minitest::Test
+  def setup
+    @changelog = Changelog.for_rubygems(Gem::VERSION)
+  end
+
+  def test_format_header
+    Time.stub :now, Time.new(2020, 1, 1) do
+      assert_match Gem::Commands::SetupCommand::HISTORY_HEADER, @changelog.send(:format_header)
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubygems-update
 version: !ruby/object:Gem::Version
-  version: 3.2.1
+  version: 3.2.2
 platform: ruby
 authors:
 - Jim Weirich
@@ -16,7 +16,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-14 00:00:00.000000000 Z
+date: 2020-12-17 00:00:00.000000000 Z
 dependencies: []
 description: |-
   A package (also known as a library) contains a set of functionality
@@ -762,6 +762,7 @@ files:
 - test/rubygems/test_require.rb
 - test/rubygems/wrong_key_cert.pem
 - test/rubygems/wrong_key_cert_32.pem
+- test/test_changelog_generator.rb
 homepage: https://rubygems.org
 licenses:
 - Ruby
@@ -785,7 +786,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.0
+rubygems_version: 3.2.1
 signing_key: 
 specification_version: 4
 summary: RubyGems is a package management framework for Ruby.