* lib/rubygems/package.rb: Set rubygems_version before validation.

Fixes issue with bundler. * test/rubygems/test_gem_package.rb: Test for above. * lib/rubygems/remote_fetcher.rb: Only update the cache when we have permission. [ruby-trunk - Bug #7509] * lib/rubygems/source.rb (class Gem): ditto * test/rubygems/test_gem_remote_fetcher.rb: Test for above. * lib/rubygems/test_utilities.rb: ditto * lib/rubygems/specification.rb: Derive base_dir properly for default gems. [ruby-trunk - Bug #7496] * test/rubygems/test_gem_specification.rb: Test for above. * lib/rubygems.rb: Untaint Dir.pwd when searching for gemdeps files for operation under $SAFE=1 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38229 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-12-06 05:13:08 +00:00 · 2012-12-06 05:13:08 +00:00 · afae107a4c
--- a/19
+++ b/19
@ -1,3 +1,22 @@
+Thu Dec  6 14:10:08 2012  Eric Hodel  <drbrain@segment7.net>
+
+	* lib/rubygems/package.rb:  Set rubygems_version before validation.
+	  Fixes issue with bundler.
+	* test/rubygems/test_gem_package.rb:  Test for above.
+
+	* lib/rubygems/remote_fetcher.rb:  Only update the cache when we have
+	  permission.  [ruby-trunk - Bug #7509]
+	* lib/rubygems/source.rb (class Gem):  ditto
+	* test/rubygems/test_gem_remote_fetcher.rb:  Test for above.
+	* lib/rubygems/test_utilities.rb:  ditto
+
+	* lib/rubygems/specification.rb:  Derive base_dir properly for default
+	  gems.  [ruby-trunk - Bug #7496]
+	* test/rubygems/test_gem_specification.rb:  Test for above.
+
+	* lib/rubygems.rb:  Untaint Dir.pwd when searching for gemdeps files
+	  for operation under $SAFE=1
+
 Thu Dec 06 12:07:11 2012  Koichi Sasada  <ko1@atdot.net>

 	* vm_trace.c: TracePoint#enable should not cause an error
--- a/lib/rubygems.rb
+++ b/lib/rubygems.rb
@ -187,7 +187,7 @@ module Gem
      path = path.dup.untaint

      if path == "-"
-        here = Dir.pwd
+        here = Dir.pwd.untaint
        start = here

        begin
--- a/lib/rubygems/package.rb
+++ b/lib/rubygems/package.rb
@ -220,8 +220,8 @@ class Gem::Package
    Gem.load_yaml
    require 'rubygems/security'

-    @spec.validate unless skip_validation
    @spec.mark_version
+    @spec.validate unless skip_validation

    setup_signer

--- a/lib/rubygems/remote_fetcher.rb
+++ b/lib/rubygems/remote_fetcher.rb
@ -294,7 +294,7 @@ class Gem::RemoteFetcher
  # Downloads +uri+ to +path+ if necessary. If no path is given, it just
  # passes the data.

-  def cache_update_path(uri, path = nil)
+  def cache_update_path uri, path = nil, update = true
    mtime = path && File.stat(path).mtime rescue nil

    if mtime && Net::HTTPNotModified === fetch_path(uri, mtime, true)
@ -302,7 +302,7 @@ class Gem::RemoteFetcher
    else
      data = fetch_path(uri)

-      if path
+      if update and path then
        open(path, 'wb') do |io|
          io.write data
        end
--- a/lib/rubygems/source.rb
+++ b/lib/rubygems/source.rb
@ -122,7 +122,7 @@ class Gem::Source

    FileUtils.mkdir_p cache_dir if update_cache?

-    spec_dump = fetcher.cache_update_path(spec_path, local_file)
+    spec_dump = fetcher.cache_update_path spec_path, local_file, update_cache?

    begin
      Gem::NameTuple.from_list Marshal.load(spec_dump)
--- a/lib/rubygems/specification.rb
+++ b/lib/rubygems/specification.rb
@ -1283,7 +1283,11 @@ class Gem::Specification

  def base_dir
    return Gem.dir unless loaded_from
-    @base_dir ||= File.dirname File.dirname loaded_from
+    @base_dir ||= if default_gem? then
+                    File.dirname File.dirname File.dirname loaded_from
+                  else
+                    File.dirname File.dirname loaded_from
+                  end
  end

  ##
@ -2486,17 +2490,17 @@ class Gem::Specification
  # Checks to see if the files to be packaged are world-readable.

  def validate_permissions
+    return if Gem.win_platform?
+
    files.each do |file|
-      next if File.stat(file).world_readable?
+      next if File.stat(file).mode & 0444 == 0444
      alert_warning "#{file} is not world-readable"
    end

-    unless Gem.win_platform?
-      executables.each do |name|
-        exec = File.join @bindir, name
-        next if File.stat(exec).executable?
-        alert_warning "#{exec} is not executable"
-      end
+    executables.each do |name|
+      exec = File.join @bindir, name
+      next if File.stat(exec).executable?
+      alert_warning "#{exec} is not executable"
    end
  end

@ -2562,7 +2566,6 @@ class Gem::Specification
  # deprecate :has_rdoc=,           :none,       2011, 10
  # deprecate :default_executable,  :none,       2011, 10
  # deprecate :default_executable=, :none,       2011, 10
-  # deprecate :spec_name,           :spec_file,  2011, 10
  # deprecate :file_name,           :cache_file, 2011, 10
  # deprecate :full_gem_path,     :cache_file, 2011, 10
 end
--- a/lib/rubygems/test_utilities.rb
+++ b/lib/rubygems/test_utilities.rb
@ -63,9 +63,9 @@ class Gem::FakeFetcher
    end
  end

-  def cache_update_path uri, path = nil
+  def cache_update_path uri, path = nil, update = true
    if data = fetch_path(uri)
-      open(path, 'wb') { |io| io.write data } if path
+      open(path, 'wb') { |io| io.write data } if path and update
      data
    else
      Gem.read_binary(path) if path
--- a/test/rubygems/test_gem_package.rb
+++ b/test/rubygems/test_gem_package.rb
@ -133,6 +133,7 @@ class TestGemPackage < Gem::Package::TarTestCase
    spec.summary = 'build'
    spec.authors = 'build'
    spec.files = ['lib/code.rb']
+    spec.rubygems_version = :junk

    FileUtils.mkdir 'lib'

--- a/test/rubygems/test_gem_remote_fetcher.rb
+++ b/test/rubygems/test_gem_remote_fetcher.rb
@ -192,6 +192,32 @@ gems:
    dns.verify
  end

+  def test_cache_update_path
+    uri = URI 'http://example/file'
+    path = File.join @tempdir, 'file'
+
+    fetcher = util_fuck_with_fetcher 'hello'
+
+    data = fetcher.cache_update_path uri, path
+
+    assert_equal 'hello', data
+
+    assert_equal 'hello', File.read(path)
+  end
+
+  def test_cache_update_path_no_update
+    uri = URI 'http://example/file'
+    path = File.join @tempdir, 'file'
+
+    fetcher = util_fuck_with_fetcher 'hello'
+
+    data = fetcher.cache_update_path uri, path, false
+
+    assert_equal 'hello', data
+
+    refute_path_exists path
+  end
+
  def util_fuck_with_fetcher data, blow = false
    fetcher = Gem::RemoteFetcher.fetcher
    fetcher.instance_variable_set :@test_data, data
--- a/test/rubygems/test_gem_specification.rb
+++ b/test/rubygems/test_gem_specification.rb
@ -879,12 +879,23 @@ dependencies: []

  def test_base_dir
    assert_equal @gemhome, @a1.base_dir
+  end

+  def test_base_dir_not_loaded
    @a1.instance_variable_set :@loaded_from, nil

    assert_equal Gem.dir, @a1.base_dir
  end

+  def test_base_dir_default
+    default_dir =
+      File.join Gem::Specification.default_specifications_dir, @a1.spec_name
+
+    @a1.instance_variable_set :@loaded_from, default_dir
+
+    assert_equal Gem.default_dir, @a1.base_dir
+  end
+
  def test_lib_files
    @a1.files = %w[lib/foo.rb Rakefile]