ruby.git/lib/bundler/stub_specification.rb, branch v4.0.2 The Ruby Programming Language [rubygems/rubygems] Define a few `inspect` methods to help debugging 2024-11-19T16:50:04+00:00 David Rodríguez deivid.rodriguez@riseup.net 2024-11-14T09:54:15+00:00 b56aacba78c95c1d7151c8cb66165fb69510bac3 https://github.com/rubygems/rubygems/commit/ad26ccde38 
https://github.com/rubygems/rubygems/commit/ad26ccde38
[rubygems/rubygems] Warn on insecure materialization 2024-11-08T12:06:32+00:00 David Rodríguez deivid.rodriguez@riseup.net 2024-09-12T11:40:59+00:00 10d694a1ffdcdaae67a693bb68c4bd658ec2d157 https://github.com/rubygems/rubygems/commit/bc2537de71 
https://github.com/rubygems/rubygems/commit/bc2537de71
[rubygems/rubygems] Fix specs with missing extensions getting activated 2024-10-10T14:51:32+00:00 David Rodríguez deivid.rodriguez@riseup.net 2024-10-04T16:21:41+00:00 3fdf0e7e6deee8a275869c1ced389f6e4d9975ea https://github.com/rubygems/rubygems/commit/c80998a22a 
https://github.com/rubygems/rubygems/commit/c80998a22a
[rubygems/rubygems] Fix `stub.activated?` sometimes returning false after activation under bundler 2024-09-30T05:08:48+00:00 Earlopain 14981592+Earlopain@users.noreply.github.com 2024-09-26T15:24:00+00:00 7d318c2cb267fcf7e1f475e37dff473f5e74f1a8 Closes https://github.com/rubygems/rubygems/pull/8068 This issue only occurs if the underlying stub is a gem stub: https://github.com/Earlopain/rubygems/blob/f56098d8a193dcb94584d721e82b8cff397e5265/bundler/lib/bundler/stub_specification.rb#L109-L112 https://github.com/rubygems/rubygems/commit/9b0152b3d5 
Closes https://github.com/rubygems/rubygems/pull/8068

This issue only occurs if the underlying stub is a gem stub:
https://github.com/Earlopain/rubygems/blob/f56098d8a193dcb94584d721e82b8cff397e5265/bundler/lib/bundler/stub_specification.rb#L109-L112

https://github.com/rubygems/rubygems/commit/9b0152b3d5
[rubygems/rubygems] Fix incorrect standalone script when default gems with extensions are used 2024-07-18T18:07:09+00:00 David Rodríguez deivid.rodriguez@riseup.net 2024-07-18T11:02:48+00:00 c9d2343f5c331792bcf46484c8203589a13cfb3c https://github.com/rubygems/rubygems/commit/55649cd09b 
https://github.com/rubygems/rubygems/commit/55649cd09b
[rubygems/rubygems] Refactor to checksums stored via source 2023-10-23T04:59:01+00:00 Samuel Giddins segiddins@segiddins.me 2023-08-09T20:45:56+00:00 c5fd94073ff2e22b6eea29c242c7e4a12ed7c865 This gets the specs passing, and handles the fact that we expect checkums to be pinned only to a particular source This also avoids reading in .gem files during lockfile generation, instead allowing us to query the source for each resolved gem to grab the checksum Finally, this opens up a route to having user-stored checksum databases, similar to how other package managers do this! Add checksums to dev lockfiles Handle full name conflicts from different original_platforms when adding checksums to store from compact index Specs passing on Bundler 3 https://github.com/rubygems/rubygems/commit/86c7084e1c 
This gets the specs passing, and handles the fact that we expect
checkums to be pinned only to a particular source

This also avoids reading in .gem files during lockfile generation,
instead allowing us to query the source for each resolved gem to grab
the checksum

Finally, this opens up a route to having user-stored checksum databases,
similar to how other package managers do this!

Add checksums to dev lockfiles

Handle full name conflicts from different original_platforms when adding checksums to store from compact index

Specs passing on Bundler 3

https://github.com/rubygems/rubygems/commit/86c7084e1c
[rubygems/rubygems] Use the server checksum, then calculate from gem on disk if possible 2023-10-23T04:59:01+00:00 Mercedes Bernard mercedesrbernard@gmail.com 2023-02-10T19:34:30+00:00 69d7e9a12eb6e3dbfa1b1021b73c2afcbf7d4a46 1. Use the checksum provided by the server if provided: provides security knowing if the gem you downloaded matches the gem on the server 2. Calculate the checksum from the gem on disk: provides security knowing if the gem has changed between installs 3. In some cases, neither is possible in which case we don't put anything in the checksum and we maintain functionality as it is today Add the checksums to specs in the index if we already have them Prior to checksums, we didn't lose any information when overwriting specs in the index with stubs. But now when we overwrite EndpointSpecifications or RemoteSpecifications with more generic specs, we could lose checksum info. This manually sets checksum info so we keep it in the index. https://github.com/rubygems/rubygems/commit/de00a4f153 
1. Use the checksum provided by the server if provided: provides security
knowing if the gem you downloaded matches the gem on the server

2. Calculate the checksum from the gem on disk: provides security knowing
if the gem has changed between installs

3. In some cases, neither is possible in which case we don't put anything
in the checksum and we maintain functionality as it is today

Add the checksums to specs in the index if we already have them

Prior to checksums, we didn't lose any information when overwriting specs
in the index with stubs. But now when we overwrite EndpointSpecifications
or RemoteSpecifications with more generic specs, we could lose checksum
info. This manually sets checksum info so we keep it in the index.

https://github.com/rubygems/rubygems/commit/de00a4f153
[rubygems/rubygems] Stop bundler eagerly loading all specs with exts 2023-09-21T18:28:54+00:00 Samuel Giddins segiddins@segiddins.me 2023-09-07T18:43:28+00:00 e9ed0b3068f54f32d5116ff9d73833d96229fde9 We were setting the wrong `extension_dir` for git specs stubs Additionally, the call to `self.extension_dir` was loading the remote spec, which was avoidable since the stub had an extension dir (and in fact its #gem_build_complete_path does exactly what we want anyway) Finally, now set the base_dir when loading the remote_spec from a stub specification, since the git source sets the base dir for stubs based on where the spec _will_ be installed to, and we want to preserve that so the base_dir for the loaded spec & the stub are the same https://github.com/rubygems/rubygems/commit/a94acb465b 
We were setting the wrong `extension_dir` for git specs stubs

Additionally, the call to `self.extension_dir` was loading the
remote spec, which was avoidable since the stub had an extension dir
(and in fact its #gem_build_complete_path does exactly what we want
anyway)

Finally, now set the base_dir when loading the remote_spec from a
stub specification, since the git source sets the base dir for stubs
based on where the spec _will_ be installed to, and we want to preserve
that so the base_dir for the loaded spec & the stub are the same

https://github.com/rubygems/rubygems/commit/a94acb465b
[rubygems/rubygems] Fix generated standalone script for default gems 2022-06-01T08:07:35+00:00 David Rodríguez deivid.rodriguez@riseup.net 2022-05-30T19:48:49+00:00 0a6b9924bd1b45bd8ad29b1eb3c8a65835f5864d The installer is actually rewriting the spec's full gem path to be the one of the newly installed gem, however the accessor was not properly working for `StubSpecification` instances, and default gems are always of this type, because they are always present locally. Fix the accessor to properly update the underlying full specification. https://github.com/rubygems/rubygems/commit/efa41babfa 
The installer is actually rewriting the spec's full gem path to be the
one of the newly installed gem, however the accessor was not properly
working for `StubSpecification` instances, and default gems are always
of this type, because they are always present locally.

Fix the accessor to properly update the underlying full specification.

https://github.com/rubygems/rubygems/commit/efa41babfa
[rubygems/rubygems] Remove code that seems unnecessary 2022-06-01T08:07:34+00:00 David Rodríguez deivid.rodriguez@riseup.net 2022-05-30T19:46:47+00:00 f5b88d93ae58dd8a956782f08a435e452f5eba12 This change was never covered with a spec, and we have recently covered the case of partially deleted gems with specs and it works fine (installation is "auto-healed"). https://github.com/rubygems/rubygems/commit/6e66ee4235 
This change was never covered with a spec, and we have recently covered
the case of partially deleted gems with specs and it works fine
(installation is "auto-healed").

https://github.com/rubygems/rubygems/commit/6e66ee4235