diff options
author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2022-08-22 11:50:00 +0900 |
---|---|---|
committer | nagachika <nagachika@ruby-lang.org> | 2022-09-03 15:54:07 +0900 |
commit | 522b75f1b666051f86a3c8961fd4255e560c5020 (patch) | |
tree | 85315021fac815517ce3e68f1883533aa4b35747 /lib/rubygems/package.rb | |
parent | 44c926f3a94346809c68574e0277dae3917992c6 (diff) |
Merge RubyGems-3.3.20 and Bundler-2.3.20
Diffstat (limited to 'lib/rubygems/package.rb')
-rw-r--r-- | lib/rubygems/package.rb | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb index 1e87837b0e..084dc5d2d9 100644 --- a/lib/rubygems/package.rb +++ b/lib/rubygems/package.rb @@ -68,14 +68,14 @@ class Gem::Package class PathError < Error def initialize(destination, destination_dir) super "installing into parent path %s of %s is not allowed" % - [destination, destination_dir] + [destination, destination_dir] end end class SymlinkError < Error def initialize(name, destination, destination_dir) super "installing symlink '%s' pointing to parent path %s of %s is not allowed" % - [name, destination, destination_dir] + [name, destination, destination_dir] end end @@ -409,18 +409,23 @@ EOM def extract_tar_gz(io, destination_dir, pattern = "*") # :nodoc: directories = [] + symlinks = [] + open_tar_gz io do |tar| tar.each do |entry| - next unless File.fnmatch pattern, entry.full_name, File::FNM_DOTMATCH + full_name = entry.full_name + next unless File.fnmatch pattern, full_name, File::FNM_DOTMATCH - destination = install_location entry.full_name, destination_dir + destination = install_location full_name, destination_dir if entry.symlink? link_target = entry.header.linkname real_destination = link_target.start_with?("/") ? link_target : File.expand_path(link_target, File.dirname(destination)) - raise Gem::Package::SymlinkError.new(entry.full_name, real_destination, destination_dir) unless + raise Gem::Package::SymlinkError.new(full_name, real_destination, destination_dir) unless normalize_path(real_destination).start_with? normalize_path(destination_dir + "/") + + symlinks << [full_name, link_target, destination, real_destination] end FileUtils.rm_rf destination @@ -444,12 +449,18 @@ EOM FileUtils.chmod file_mode(entry.header.mode), destination end if entry.file? - File.symlink(entry.header.linkname, destination) if entry.symlink? - verbose destination end end + symlinks.each do |name, target, destination, real_destination| + if File.exist?(real_destination) + File.symlink(target, destination) + else + alert_warning "#{@spec.full_name} ships with a dangling symlink named #{name} pointing to missing #{target} file. Ignoring" + end + end + if dir_mode File.chmod(dir_mode, *directories) end @@ -676,7 +687,7 @@ EOM "package content (data.tar.gz) is missing", @gem end - if duplicates = @files.group_by {|f| f }.select {|k,v| v.size > 1 }.map(&:first) and duplicates.any? + if (duplicates = @files.group_by {|f| f }.select {|k,v| v.size > 1 }.map(&:first)) && duplicates.any? raise Gem::Security::Exception, "duplicate files in the package: (#{duplicates.map(&:inspect).join(', ')})" end end |