Update vendored securerandom to 0.3.2

5 files changed, 19 insertions, 21 deletions

diff --git a/lib/bundler/vendor/securerandom/lib/random/formatter.rb b/lib/bundler/vendor/securerandom/lib/random/formatter.rb
index e429709789..531e7219c8 100644
--- a/lib/bundler/vendor/securerandom/lib/random/formatter.rb
+++ b/lib/bundler/vendor/securerandom/lib/random/formatter.rb
@@ -165,13 +165,13 @@ module Bundler::Random::Formatter
   #
   # The result contains 122 random bits (15.25 random bytes).
   #
-  # See RFC4122[https://datatracker.ietf.org/doc/html/rfc4122] for details of UUID.
+  # See RFC9562[https://www.rfc-editor.org/rfc/rfc9562] for details of UUIDv4.
   #
   def uuid
-    ary = random_bytes(16).unpack("NnnnnN")
-    ary[2] = (ary[2] & 0x0fff) | 0x4000
-    ary[3] = (ary[3] & 0x3fff) | 0x8000
-    "%08x-%04x-%04x-%04x-%04x%08x" % ary
+    ary = random_bytes(16)
+    ary.setbyte(6, (ary.getbyte(6) & 0x0f) | 0x40)
+    ary.setbyte(8, (ary.getbyte(8) & 0x3f) | 0x80)
+    ary.unpack("H8H4H4H4H12").join(?-)
   end
 
   alias uuid_v4 uuid
@@ -201,11 +201,10 @@ module Bundler::Random::Formatter
   #
   # The result contains 74 random bits (9.25 random bytes).
   #
-  # Note that this method cannot be made reproducable because its output
+  # Note that this method cannot be made reproducible because its output
   # includes not only random bits but also timestamp.
   #
-  # See draft-ietf-uuidrev-rfc4122bis[https://datatracker.ietf.org/doc/draft-ietf-uuidrev-rfc4122bis/]
-  # for details of UUIDv7.
+  # See RFC9562[https://www.rfc-editor.org/rfc/rfc9562] for details of UUIDv7.
   #
   # ==== Monotonicity
   #
@@ -242,7 +241,7 @@ module Bundler::Random::Formatter
   #
   # Counters and other mechanisms for stronger guarantees of monotonicity are
   # not implemented.  Applications with stricter requirements should follow
-  # {Section 6.2}[https://www.ietf.org/archive/id/draft-ietf-uuidrev-rfc4122bis-07.html#monotonicity_counters]
+  # {Section 6.2}[https://www.rfc-editor.org/rfc/rfc9562.html#name-monotonicity-and-counters]
   # of the specification.
   #
   def uuid_v7(extra_timestamp_bits: 0)
diff --git a/lib/bundler/vendor/securerandom/lib/securerandom.rb b/lib/bundler/vendor/securerandom/lib/securerandom.rb
index e797054468..001c6af07c 100644
--- a/lib/bundler/vendor/securerandom/lib/securerandom.rb
+++ b/lib/bundler/vendor/securerandom/lib/securerandom.rb
@@ -41,7 +41,7 @@ require_relative 'random/formatter'
 module Bundler::SecureRandom
 
   # The version
-  VERSION = "0.3.1"
+  VERSION = "0.3.2"
 
   class << self
     # Returns a random binary string containing +size+ bytes.
diff --git a/lib/rubygems/vendor/securerandom/lib/random/formatter.rb b/lib/rubygems/vendor/securerandom/lib/random/formatter.rb
index 3544033340..591cdcaa93 100644
--- a/lib/rubygems/vendor/securerandom/lib/random/formatter.rb
+++ b/lib/rubygems/vendor/securerandom/lib/random/formatter.rb
@@ -165,13 +165,13 @@ module Gem::Random::Formatter
   #
   # The result contains 122 random bits (15.25 random bytes).
   #
-  # See RFC4122[https://datatracker.ietf.org/doc/html/rfc4122] for details of UUID.
+  # See RFC9562[https://www.rfc-editor.org/rfc/rfc9562] for details of UUIDv4.
   #
   def uuid
-    ary = random_bytes(16).unpack("NnnnnN")
-    ary[2] = (ary[2] & 0x0fff) | 0x4000
-    ary[3] = (ary[3] & 0x3fff) | 0x8000
-    "%08x-%04x-%04x-%04x-%04x%08x" % ary
+    ary = random_bytes(16)
+    ary.setbyte(6, (ary.getbyte(6) & 0x0f) | 0x40)
+    ary.setbyte(8, (ary.getbyte(8) & 0x3f) | 0x80)
+    ary.unpack("H8H4H4H4H12").join(?-)
   end
 
   alias uuid_v4 uuid
@@ -201,11 +201,10 @@ module Gem::Random::Formatter
   #
   # The result contains 74 random bits (9.25 random bytes).
   #
-  # Note that this method cannot be made reproducable because its output
+  # Note that this method cannot be made reproducible because its output
   # includes not only random bits but also timestamp.
   #
-  # See draft-ietf-uuidrev-rfc4122bis[https://datatracker.ietf.org/doc/draft-ietf-uuidrev-rfc4122bis/]
-  # for details of UUIDv7.
+  # See RFC9562[https://www.rfc-editor.org/rfc/rfc9562] for details of UUIDv7.
   #
   # ==== Monotonicity
   #
@@ -242,7 +241,7 @@ module Gem::Random::Formatter
   #
   # Counters and other mechanisms for stronger guarantees of monotonicity are
   # not implemented.  Applications with stricter requirements should follow
-  # {Section 6.2}[https://www.ietf.org/archive/id/draft-ietf-uuidrev-rfc4122bis-07.html#monotonicity_counters]
+  # {Section 6.2}[https://www.rfc-editor.org/rfc/rfc9562.html#name-monotonicity-and-counters]
   # of the specification.
   #
   def uuid_v7(extra_timestamp_bits: 0)
diff --git a/lib/rubygems/vendor/securerandom/lib/securerandom.rb b/lib/rubygems/vendor/securerandom/lib/securerandom.rb
index f83d2a74fc..2b456705a1 100644
--- a/lib/rubygems/vendor/securerandom/lib/securerandom.rb
+++ b/lib/rubygems/vendor/securerandom/lib/securerandom.rb
@@ -41,7 +41,7 @@ require_relative 'random/formatter'
 module Gem::SecureRandom
 
   # The version
-  VERSION = "0.3.1"
+  VERSION = "0.3.2"
 
   class << self
     # Returns a random binary string containing +size+ bytes.
diff --git a/tool/bundler/vendor_gems.rb b/tool/bundler/vendor_gems.rb
index 6be2456848..18b605aa74 100644
--- a/tool/bundler/vendor_gems.rb
+++ b/tool/bundler/vendor_gems.rb
@@ -10,7 +10,7 @@ gem "net-protocol", "0.2.2"
 gem "optparse", "0.6.0"
 gem "pub_grub", github: "jhawthorn/pub_grub"
 gem "resolv", "0.5.0"
-gem "securerandom", "0.3.1"
+gem "securerandom", "0.3.2"
 gem "timeout", "0.4.1"
 gem "thor", "1.3.0"
 gem "tsort", "0.2.0"