ruby.git/lib/rubygems/security.rb, branch v3_2_11 The Ruby Programming Language Merge RubyGems-3.4.18 and Bundler-2.4.18 2023-08-29T14:25:18+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2023-08-18T03:10:30+00:00 1434059ab5006e32ad872a62e7f0ecca190194fb 






Merge RubyGems/Bundler master
2022-12-12T01:49:43+00:00

Hiroshi SHIBATA
hsbt@ruby-lang.org

2022-12-12T00:09:23+00:00

bbe56a643734025aef6a3cbeb07c5306505040f6

  from https://github.com/rubygems/rubygems/commit/bfb0ae69776069155d2092702bfbb5a12617d85a





  from https://github.com/rubygems/rubygems/commit/bfb0ae69776069155d2092702bfbb5a12617d85a







Resync Bundler & RubyGems
2022-09-08T02:25:03+00:00

David Rodríguez
deivid.rodriguez@riseup.net

2022-09-07T05:13:04+00:00

24fd2f73d0835eea534225a6381551d591764002












Merge rubygems/bundler HEAD.
2022-08-09T03:05:19+00:00

Hiroshi SHIBATA
hsbt@ruby-lang.org

2022-08-09T02:16:07+00:00

44264b4fee1e208e759710c39271186ff9856b40

  Pick from https://github.com/rubygems/rubygems/commit/dfbb5a38114640e0d8d616861607f3de73ee0199





  Pick from https://github.com/rubygems/rubygems/commit/dfbb5a38114640e0d8d616861607f3de73ee0199







RubyGems: Enable Style/StringLiterals cop
2022-07-22T03:07:23+00:00

Takuya Noguchi
takninnovationresearch@gmail.com

2022-07-17T08:08:51+00:00

d7ffd3fea402239b16833cc434404a7af82d44f3

Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>





Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>







Merge rubygems/rubygems HEAD.
2022-01-19T06:01:44+00:00

Hiroshi SHIBATA
hsbt@ruby-lang.org

2022-01-19T04:28:23+00:00

d22511fd7595ef1819baa42851d598d95b8f4d00

  Picked at 12aeef6ba9a3be0022be9934c1a3e4c46a03ed3a





  Picked at 12aeef6ba9a3be0022be9934c1a3e4c46a03ed3a







Merge RubyGems-3.3.1 and Bundler-2.3.1
2021-12-23T00:44:45+00:00

Hiroshi SHIBATA
hsbt@ruby-lang.org

2021-12-23T00:21:36+00:00

fb1ab27f535833f1ba1648d7cdce4cc893e36d07












[rubygems/rubygems] Provide distinguished name which will be correctly parsed.
2021-12-01T19:43:06+00:00

Vít Ondruch
vondruch@redhat.com

2021-10-27T14:28:24+00:00

94ee88b38cf0a20666e3965f5c9c4d520cf02b22

It seems that since ruby openssl 2.1.0 [[1]], the distinguished name
submitted to `OpenSSL::X509::Name.parse` is not correctly parsed if it
does not contain the first slash:

~~~
$ ruby -v
ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux]

$ gem list | grep openssl
openssl (default: 2.2.0)

$ irb -r openssl
irb(main):001:0> OpenSSL::X509::Name.parse("CN=nobody/DC=example").to_s(OpenSSL::X509::Name::ONELINE)
=> "CN = nobody/DC=example"
irb(main):002:0> OpenSSL::X509::Name.parse("/CN=nobody/DC=example").to_s(OpenSSL::X509::Name::ONELINE)
=> "CN = nobody, DC = example"
~~~

Instead, use `OpenSSL::X509::Name.new` directly as suggested by upstream
maintainer.

[1]: https://github.com/ruby/openssl/commit/19c67cd10c57f3ab7b13966c36431ebc3fdd653b

https://github.com/rubygems/rubygems/commit/09ca0c2dae

Co-authored-by: Kazuki Yamaguchi <k@rhe.jp>





It seems that since ruby openssl 2.1.0 [[1]], the distinguished name
submitted to `OpenSSL::X509::Name.parse` is not correctly parsed if it
does not contain the first slash:

~~~
$ ruby -v
ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux]

$ gem list | grep openssl
openssl (default: 2.2.0)

$ irb -r openssl
irb(main):001:0> OpenSSL::X509::Name.parse("CN=nobody/DC=example").to_s(OpenSSL::X509::Name::ONELINE)
=> "CN = nobody/DC=example"
irb(main):002:0> OpenSSL::X509::Name.parse("/CN=nobody/DC=example").to_s(OpenSSL::X509::Name::ONELINE)
=> "CN = nobody, DC = example"
~~~

Instead, use `OpenSSL::X509::Name.new` directly as suggested by upstream
maintainer.

[1]: https://github.com/ruby/openssl/commit/19c67cd10c57f3ab7b13966c36431ebc3fdd653b

https://github.com/rubygems/rubygems/commit/09ca0c2dae

Co-authored-by: Kazuki Yamaguchi <k@rhe.jp>







[rubygems/rubygems] Add support to build and sign certificates with multiple key algorithms
2021-10-25T23:01:55+00:00

Jenny Shen
jenny.shen@shopify.com

2021-10-06T21:39:23+00:00

92ec010595bed29567fc08dd4d52d4c4518f0fd4

https://github.com/rubygems/rubygems/commit/967876f15d

Co-Authored-By: Frederik Dudzik <frederik.dudzik@shopify.com>





https://github.com/rubygems/rubygems/commit/967876f15d

Co-Authored-By: Frederik Dudzik <frederik.dudzik@shopify.com>







[rubygems/rubygems] Prefer `require_relative` to `require` for internal requires
2021-08-31T10:06:14+00:00

David Rodríguez
deivid.rodriguez@riseup.net

2019-04-22T11:56:16+00:00

54ae3f587ed42f425edc7ec741702ac764429c5d

https://github.com/rubygems/rubygems/commit/c74fc58695





https://github.com/rubygems/rubygems/commit/c74fc58695