github/ruby - ruby

Граф коммитов

Автор	SHA1	Сообщение	Дата
David Rodriguez	e0c20485db	[ruby/rubygems] Prefer `require_relative` for internal requires https://github.com/rubygems/rubygems/commit/51796f257a	2021-10-11 01:12:50 +09:00
David Rodríguez	6c39a272af	[ruby/rubygems] We no longer need to check realpaths Since symlinks and absolute paths are already checked. https://github.com/rubygems/rubygems/commit/de19bc4c7e	2021-10-10 23:12:57 +09:00
David Rodríguez	bbcf8f87ac	[ruby/rubygems] Check safety of packaged symlinks If we explicitly disallow the creation of symlinks that point to files outside of the destination directory, we can avoid any other safety checks while creating directories, because we can be sure they will always fall under the destination directory as well. https://github.com/rubygems/rubygems/commit/555692b8de	2021-10-10 23:12:47 +09:00
David Rodríguez	a5289bfa71	[ruby/rubygems] Install location safety should consider casing https://github.com/rubygems/rubygems/commit/0a0ad34af3	2021-10-10 23:12:38 +09:00
David Rodríguez	6c878731c1	[ruby/rubygems] Remove redundant `File.expand_path` `File.realpath` already expands paths. https://github.com/rubygems/rubygems/commit/25524ebbeb	2021-10-10 23:12:28 +09:00
David Rodríguez	59c24f054e	[ruby/rubygems] Simplify `File.expand_path` usage https://github.com/rubygems/rubygems/commit/02e3cf44bf	2021-10-10 23:12:10 +09:00
David Rodríguez	11720818f6	[ruby/rubygems] Don't make duplicated checks on directory safety This seems to speed up `gem install` on Windows by more than 50%. https://github.com/rubygems/rubygems/commit/1970b1296d	2021-10-10 23:12:03 +09:00
Nobuyoshi Nakada	b16d876ac2	Needs time.rb for `Time#iso8601` `Gem::Request.verify_certificate_message` used this method without "time" which defines it.	2021-10-10 21:11:55 +09:00
Masataka Pocke Kuwabara	d03d122ba1	[rubygems/rubygems] Improve performance of Specification#missing_extensions? https://github.com/rubygems/rubygems/commit/90c1919f94	2021-10-09 08:04:08 +09:00
Ellen Marie Dash	fcaa918445	[rubygems/rubygems] Only disallow FIXME/TODO for first word of gemspec description 7890c98 matched the start of each line, whereas this matches the start of the entire string. https://github.com/rubygems/rubygems/commit/432de7b819	2021-09-28 17:43:42 +09:00
David Rodríguez	4e7f085cf7	[rubygems/rubygems] Revert "Fix an issue causing nested Gem::Uri instances" This reverts commit 6589f7bcc7a63a47cb73f58a290c1e1ac42bba99. https://github.com/rubygems/rubygems/commit/9d0ce31f08	2021-09-24 10:57:15 +09:00
huangduirong	b1ab1ee046	[rubygems/rubygems] Fix error message building changing password of source Do not change the password of the input parameter source during anonymization, by using the proper helper instead of changing the original uri directly. https://github.com/rubygems/rubygems/commit/eaa2dd8a97	2021-09-24 10:57:03 +09:00
Jonathan	13bb16f41e	[rubygems/rubygems] Fix bug where redacted credentials are sent to server Implement deep cloning for `Gem::Uri` class to fix a bug where redacting credentials modifies the URI string in place instead of returning a modified copy. https://github.com/rubygems/rubygems/commit/eafb5a279b	2021-09-22 10:14:48 +09:00
Jonathan	63109976be	[rubygems/rubygems] Fix an issue causing nested Gem::Uri instances https://github.com/rubygems/rubygems/commit/6589f7bcc7	2021-09-22 10:14:19 +09:00
Ellen Marie Dash	cd2e6318f6	[rubygems/rubygems] Only check if descriptions start with FIXME/TODO It doesn't make much sense to just forbid certain words in descriptions. https://github.com/rubygems/rubygems/commit/7890c98415	2021-09-22 10:13:49 +09:00
David Rodríguez	eaeb5bf0bc	[rubygems/rubygems] Avoid loading URI unnecessarily when activating gems https://github.com/rubygems/rubygems/commit/ef5f30cba7	2021-09-22 10:13:34 +09:00
Lars Kanis	576b2e64cd	MINGW-UCRT: Set CONFIG['arch'] and RUBY_PLATFORM to "x64-mingw-ucrt" This allows easy differentiation between ABI incompatible platforms like MSWIN64 and MSVCRT-based MINGW32. This also implicates a distinct rubygem platform which is also "x64-mingw-ucrt". Although the term "mingw32" is the OS-part for 64 bit systems as well, the "32" is misleading and confusing for many users. Therefore the new platform string drops the "32" from the OS part to just "mingw". This conforms to the common practice of windows platform testing per RUBY_PLATFORM=~/mswin\|mingw/ .	2021-09-20 00:15:30 +09:00
David Rodríguez	1e290c31f4	[rubygems/rubygems] Merge `Gem::UriParser` and `Gem::PrintableUri` into a `Gem::Uri` class The new class is a wrapper on top of an URI. And then, when you want credentials redacted, you call `#redacted` that returns a copy of itself, but with credentials redacted. https://github.com/rubygems/rubygems/commit/9581c2740a	2021-08-31 19:06:14 +09:00
Daniel Niknam	1948ac20ce	[rubygems/rubygems] Replacing clone with dup https://github.com/rubygems/rubygems/commit/30f5b3c027	2021-08-31 19:06:14 +09:00
Daniel Niknam	4715bbf7b3	[rubygems/rubygems] Remove returning self for `Gem::PrintableUri#parse_uri` https://github.com/rubygems/rubygems/commit/25c99d7f9d	2021-08-31 19:06:14 +09:00
Daniel Niknam	aa898b4206	[rubygems/rubygems] Remove @credential_redacted instance variable https://github.com/rubygems/rubygems/commit/c3bb52eb5c	2021-08-31 19:06:14 +09:00
Daniel Niknam	7067005f23	[rubygems/rubygems] Bring back the empty line that was removed previously by mistake https://github.com/rubygems/rubygems/commit/ffb480ca7a	2021-08-31 19:06:14 +09:00
Daniel Niknam	d73dc8e937	[rubygems/rubygems] Remove unused method https://github.com/rubygems/rubygems/commit/3a8486794e	2021-08-31 19:06:14 +09:00
Daniel Niknam	6d883b33ae	[rubygems/rubygems] Remove `ruby/uri` requirement For the purpose of this class, we need to make sure the return object by `Gem::UriParser.parse_uri` method will have the following method: - user - user= - password - password= So we can remove the the `uri` dependency and just look for the methods to exist. https://github.com/rubygems/rubygems/commit/241e093597	2021-08-31 19:06:14 +09:00
Daniel Niknam	589377fbdc	[rubygems/rubygems] Refactor `Gem::RemoteFetcher::FetchError.build` back to its initialize method https://github.com/rubygems/rubygems/commit/21dcdd2dc5	2021-08-31 19:06:14 +09:00
Daniel Niknam	a508693f06	[rubygems/rubygems] Remove defensive guards https://github.com/rubygems/rubygems/commit/dba130cd80	2021-08-31 19:06:14 +09:00
Daniel Niknam	fafd9d280a	[rubygems/rubygems] Rename `Gem::PrintableUri#parsed_uri?` to `Gem::PrintableUri#valid_uri?` https://github.com/rubygems/rubygems/commit/a5177709c9	2021-08-31 19:06:14 +09:00
Daniel Niknam	e3c319ad53	[rubygems/rubygems] Remove trailing `if` https://github.com/rubygems/rubygems/commit/5b6b649bba	2021-08-31 19:06:14 +09:00
Daniel Niknam	3adc141a79	[rubygems/rubygems] Refactor `Gem::RemoteFetcher::FetchError` initializer to `build` method The `initialize` method is already doing a lot and by adding the `Gem::PrintableUri` to redact sensitive information, things are getting complicated and hard to read here. For the start, I have refactored the `initialize` method into a class method called `build`. https://github.com/rubygems/rubygems/commit/4312e8fdf5	2021-08-31 19:06:14 +09:00
Daniel Niknam	19e1d3cdce	[rubygems/rubygems] Using `Gem::PrintableUri` in `Gem::Request` class The `@uri` variable could be a source URI with a credential. Using `Gem::PrintableUri` to make sure we are redacting sensitive information from it when logging on verbose mode. https://github.com/rubygems/rubygems/commit/f566787211	2021-08-31 19:06:14 +09:00
Daniel Niknam	31c2e6c08e	[rubygems/rubygems] Using `Gem::PrintableUri` in `Gem::Commands::InstallCommand` class The `x.source.uri` could be a source URI with a credential. Using `Gem::PrintableUri` to make sure we are redacting sensitive information from it. https://github.com/rubygems/rubygems/commit/8755ee0aaa	2021-08-31 19:06:14 +09:00
Daniel Niknam	b41802421a	[rubygems/rubygems] Introduce `Gem::PrintableUri` that would redact URIs to be used on outputs We need to redact URI credential in several places and copy pasting the code into each part of it is not ideal. This class is responsible for parsing URI strings and redacting credential from it. Also, it will handle URI object in the same manner. We will be reusing this class whenever we need to print/display a URI to users. URI with the following format will be redacted: - Token: `http://my-secure-token@example.com` => `http://REDACTED@example.com` - Username & Password: `http://my-username:my-secure-password@example.com` => `http://my-username:REDACTED@example.com` - x-oauth-basic: `http://my-secure-token:x-oauth-basic@example.com` => `http://REDACTED:x-oauth-basic@example.com` https://github.com/rubygems/rubygems/commit/f1e45d3a89	2021-08-31 19:06:14 +09:00
Daniel Niknam	f212b9d4f2	[rubygems/rubygems] Refactor Ruby platform priority condition to its own method The `Gem::Platform::RUBY ? -1 : 1` has been used multiple times in different places and could be refactored to a method (DRY). https://github.com/rubygems/rubygems/commit/9d43ca8f0c	2021-08-31 19:06:14 +09:00
Daniel Niknam	c71d1a26ef	[rubygems/rubygems] Pick the last founded gems when fetching metadata https://github.com/rubygems/rubygems/commit/e3d150d822 Co-authored-by: David Rodríguez <deivid.rodriguez@riseup.net>	2021-08-31 19:06:14 +09:00
David Rodríguez	54ae3f587e	[rubygems/rubygems] Prefer `require_relative` to `require` for internal requires https://github.com/rubygems/rubygems/commit/c74fc58695	2021-08-31 19:06:14 +09:00
David Rodríguez	d01c3111c2	[rubygems/rubygems] Remove MacOS specific extra GEM_PATH They should properly configure `GEM_PATH` instead. https://github.com/rubygems/rubygems/commit/3bd9ae33ca	2021-08-31 19:06:14 +09:00
David Rodríguez	afabef5a5a	[rubygems/rubygems] Remove MacOS specific gem layout MacOS should properly configure Ruby. They should not expect us to maintain a different layout just for them. https://github.com/rubygems/rubygems/commit/ecad900925	2021-08-31 19:06:14 +09:00
David Rodríguez	553ee573d4	[rubygems/rubygems] Don't use gemdeps on bundler binstub https://github.com/rubygems/rubygems/commit/320fdc1513	2021-08-31 19:06:14 +09:00
David Rodríguez	87dfb55c16	[rubygems/rubygems] Use `Gem.use_gemdeps` only from binstubs The previous behavior was to automatically require `bundler/setup` everytime `rubygems` was required, which I think was too much. https://github.com/rubygems/rubygems/commit/b25379a295	2021-08-31 19:06:14 +09:00
David Rodríguez	350f4a0b66	[rubygems/rubygems] Rubygems doesn't need to load the `base64` library https://github.com/rubygems/rubygems/commit/fe723c0f7f	2021-07-27 09:25:56 +09:00
David Rodríguez	960023ff54	[rubygems/rubygems] Rubygems doesn't need to load the `resolv` library https://github.com/rubygems/rubygems/commit/8bf41f53cc	2021-07-27 09:25:56 +09:00
David Rodríguez	9cddc0ec94	[rubygems/rubygems] Lazily load `shellwords` library https://github.com/rubygems/rubygems/commit/e5532ef886	2021-07-27 09:25:56 +09:00
Nobuyoshi Nakada	803c60858e	[rubygems/rubygems] Check requirements classes Mitigate the security risk: https://devcraft.io/2021/01/07/universal-deserialisation-gadget-for-ruby-2-x-3-x.html https://github.com/rubygems/rubygems/commit/141c2f4388	2021-07-27 09:25:56 +09:00
David Rodríguez	88e46cf6b8	[rubygems/rubygems] Remove all `syck` traces from `rubygems` After reading [this blog post](https://blog.rubygems.org/2011/08/31/shaving-the-yaml-yak.html), published almost 10 years ago already, my understanding is that this problem could come up in two ways: * Rubygems.org serving corrupted gemspecs". As far as I understand this was fixed in rubygems.org a lot time ago, since https://github.com/rubygems/rubygems.org/pull/331. * Clients having a ten years old gemspec cache with some of these bad gemspecs. In this case, there's no easy solution but I think ten years is enough and rebuilding the cache should do the trick. So, I think it's time we remove this. https://github.com/rubygems/rubygems/commit/afcb15d556	2021-07-27 09:25:56 +09:00
Masafumi Koba	650a65c6fc	[rubygems/rubygems] Add missing `require 'fileutils'` in `Gem::ConfigFile` https://github.com/rubygems/rubygems/commit/c4004fadd9	2021-07-16 15:40:08 +09:00
Jared Beck	bbaebbf529	[rubygems/rubygems] Fix contradictory message about deletion of default gem [Fixes #4733] https://github.com/rubygems/rubygems/commit/fce7f3eb7d	2021-07-16 15:40:07 +09:00
Hiroshi SHIBATA	896bbb9fad	Merge RubyGems/Bundler master from 8459ebd6ad65ce3397233416dc64083ae7572bb9	2021-07-14 10:48:07 +09:00
Hiroshi SHIBATA	c082c6eb7c	Sync RubyGems and Bundler with upstream	2021-07-07 15:31:52 +09:00
David Rodríguez	6e2240a2f9	Sync latest bundler & rubygems development version	2021-07-07 13:30:20 +09:00
David Rodríguez	59c6820971	[rubygems/rubygems] Copy files specific to testing rubygems to `test` https://github.com/rubygems/rubygems/commit/aa390a3500	2021-05-28 11:52:57 +09:00

1 2 3 4 5 ...

757 Коммитов