Update to ruby/spec@3affe1e

6 files changed, 91 insertions, 116 deletions

diff --git a/spec/ruby/security/cve_2018_16396_spec.rb b/spec/ruby/security/cve_2018_16396_spec.rb
index c9624e9c63..6f8a5d2f5d 100644
--- a/spec/ruby/security/cve_2018_16396_spec.rb
+++ b/spec/ruby/security/cve_2018_16396_spec.rb
@@ -1,21 +1,7 @@
 require_relative '../spec_helper'
 
 describe "Array#pack" do
-  ruby_version_is ''...'2.7' do
-    it "resists CVE-2018-16396 by tainting output based on input" do
-      "aAZBbHhuMmPp".each_char do |f|
-        ["123456".taint].pack(f).tainted?.should be_true
-      end
-    end
-  end
 end
 
 describe "String#unpack" do
-  ruby_version_is ''...'2.7' do
-    it "resists CVE-2018-16396 by tainting output based on input" do
-      "aAZBbHhuMm".each_char do |f|
-        "123456".taint.unpack(f).first.tainted?.should be_true
-      end
-    end
-  end
 end
diff --git a/spec/ruby/security/cve_2019_8321_spec.rb b/spec/ruby/security/cve_2019_8321_spec.rb
index 84cd10ced1..a8a86e7d97 100644
--- a/spec/ruby/security/cve_2019_8321_spec.rb
+++ b/spec/ruby/security/cve_2019_8321_spec.rb
@@ -1,22 +1,20 @@
 require_relative '../spec_helper'
 
-guard_not -> { platform_is :darwin and ENV['GITHUB_ACTIONS'] } do # frequent timeout/hang on macOS in GitHub Actions
-  require 'rubygems'
-  require 'rubygems/user_interaction'
+require 'rubygems'
+require 'rubygems/user_interaction'
 
-  describe "CVE-2019-8321 is resisted by" do
-    it "sanitising verbose messages" do
-      ui = Class.new {
-        include Gem::UserInteraction
-      }.new
-      ui.should_receive(:say).with(".]2;nyan.")
-      verbose_before = Gem.configuration.verbose
-      begin
-        Gem.configuration.verbose = :really_verbose
-        ui.verbose("\e]2;nyan\a")
-      ensure
-        Gem.configuration.verbose = verbose_before
-      end
+describe "CVE-2019-8321 is resisted by" do
+  it "sanitising verbose messages" do
+    ui = Class.new {
+      include Gem::UserInteraction
+    }.new
+    ui.should_receive(:say).with(".]2;nyan.")
+    verbose_before = Gem.configuration.verbose
+    begin
+      Gem.configuration.verbose = :really_verbose
+      ui.verbose("\e]2;nyan\a")
+    ensure
+      Gem.configuration.verbose = verbose_before
     end
   end
 end
diff --git a/spec/ruby/security/cve_2019_8322_spec.rb b/spec/ruby/security/cve_2019_8322_spec.rb
index 6f996572c5..b70d78c033 100644
--- a/spec/ruby/security/cve_2019_8322_spec.rb
+++ b/spec/ruby/security/cve_2019_8322_spec.rb
@@ -1,23 +1,21 @@
 require_relative '../spec_helper'
 
-guard_not -> { platform_is :darwin and ENV['GITHUB_ACTIONS'] } do # frequent timeout/hang on macOS in GitHub Actions
-  require 'yaml'
-  require 'rubygems'
-  require 'rubygems/safe_yaml'
-  require 'rubygems/commands/owner_command'
+require 'yaml'
+require 'rubygems'
+require 'rubygems/safe_yaml'
+require 'rubygems/commands/owner_command'
 
-  describe "CVE-2019-8322 is resisted by" do
-    it "sanitising owner names" do
-      command = Gem::Commands::OwnerCommand.new
-      def command.rubygems_api_request(*args)
-        Struct.new(:body).new("---\n- email: \"\e]2;nyan\a\"\n  handle: handle\n  id: id\n")
-      end
-      def command.with_response(response)
-        yield response
-      end
-      command.should_receive(:say).with("Owners for gem: name")
-      command.should_receive(:say).with("- .]2;nyan.")
-      command.show_owners "name"
+describe "CVE-2019-8322 is resisted by" do
+  it "sanitising owner names" do
+    command = Gem::Commands::OwnerCommand.new
+    def command.rubygems_api_request(*args)
+      Struct.new(:body).new("---\n- email: \"\e]2;nyan\a\"\n  handle: handle\n  id: id\n")
     end
+    def command.with_response(response)
+      yield response
+    end
+    command.should_receive(:say).with("Owners for gem: name")
+    command.should_receive(:say).with("- .]2;nyan.")
+    command.show_owners "name"
   end
 end
diff --git a/spec/ruby/security/cve_2019_8323_spec.rb b/spec/ruby/security/cve_2019_8323_spec.rb
index c98aae9021..d4606de054 100644
--- a/spec/ruby/security/cve_2019_8323_spec.rb
+++ b/spec/ruby/security/cve_2019_8323_spec.rb
@@ -1,38 +1,36 @@
 require_relative '../spec_helper'
 
-guard_not -> { platform_is :darwin and ENV['GITHUB_ACTIONS'] } do # frequent timeout/hang on macOS in GitHub Actions
-  require 'optparse'
+require 'optparse'
 
-  require 'rubygems'
-  require 'rubygems/gemcutter_utilities'
+require 'rubygems'
+require 'rubygems/gemcutter_utilities'
 
-  describe "CVE-2019-8323 is resisted by" do
-    describe "sanitising the body" do
-      it "for success codes" do
-        cutter = Class.new {
-          include Gem::GemcutterUtilities
-        }.new
-        response = Net::HTTPSuccess.new(nil, nil, nil)
-        def response.body
-          "\e]2;nyan\a"
-        end
-        cutter.should_receive(:say).with(".]2;nyan.")
-        cutter.with_response response
+describe "CVE-2019-8323 is resisted by" do
+  describe "sanitising the body" do
+    it "for success codes" do
+      cutter = Class.new {
+        include Gem::GemcutterUtilities
+      }.new
+      response = Net::HTTPSuccess.new(nil, nil, nil)
+      def response.body
+        "\e]2;nyan\a"
       end
+      cutter.should_receive(:say).with(".]2;nyan.")
+      cutter.with_response response
+    end
 
-      it "for error codes" do
-        cutter = Class.new {
-          include Gem::GemcutterUtilities
-        }.new
-        def cutter.terminate_interaction(n)
-        end
-        response = Net::HTTPNotFound.new(nil, nil, nil)
-        def response.body
-          "\e]2;nyan\a"
-        end
-        cutter.should_receive(:say).with(".]2;nyan.")
-        cutter.with_response response
+    it "for error codes" do
+      cutter = Class.new {
+        include Gem::GemcutterUtilities
+      }.new
+      def cutter.terminate_interaction(n)
+      end
+      response = Net::HTTPNotFound.new(nil, nil, nil)
+      def response.body
+        "\e]2;nyan\a"
       end
+      cutter.should_receive(:say).with(".]2;nyan.")
+      cutter.with_response response
     end
   end
 end
diff --git a/spec/ruby/security/cve_2019_8325_spec.rb b/spec/ruby/security/cve_2019_8325_spec.rb
index c8978e00e5..04692e01fe 100644
--- a/spec/ruby/security/cve_2019_8325_spec.rb
+++ b/spec/ruby/security/cve_2019_8325_spec.rb
@@ -1,38 +1,36 @@
 require_relative '../spec_helper'
 
-guard_not -> { platform_is :darwin and ENV['GITHUB_ACTIONS'] } do # frequent timeout/hang on macOS in GitHub Actions
-  require 'rubygems'
-  require 'rubygems/command_manager'
+require 'rubygems'
+require 'rubygems/command_manager'
 
-  describe "CVE-2019-8325 is resisted by" do
-    describe "sanitising error message components" do
-      it "for the 'while executing' message" do
-        manager = Gem::CommandManager.new
-        def manager.process_args(args, build_args)
-          raise StandardError, "\e]2;nyan\a"
-        end
-        def manager.terminate_interaction(n)
-        end
-        manager.should_receive(:alert_error).with("While executing gem ... (StandardError)\n    .]2;nyan.")
-        manager.run nil, nil
+describe "CVE-2019-8325 is resisted by" do
+  describe "sanitising error message components" do
+    it "for the 'while executing' message" do
+      manager = Gem::CommandManager.new
+      def manager.process_args(args, build_args)
+        raise StandardError, "\e]2;nyan\a"
       end
+      def manager.terminate_interaction(n)
+      end
+      manager.should_receive(:alert_error).with("While executing gem ... (StandardError)\n    .]2;nyan.")
+      manager.run nil, nil
+    end
 
-      it "for the 'invalid option' message" do
-        manager = Gem::CommandManager.new
-        def manager.terminate_interaction(n)
-        end
-        manager.should_receive(:alert_error).with("Invalid option: --.]2;nyan.. See 'gem --help'.")
-        manager.process_args ["--\e]2;nyan\a"], nil
+    it "for the 'invalid option' message" do
+      manager = Gem::CommandManager.new
+      def manager.terminate_interaction(n)
       end
+      manager.should_receive(:alert_error).with("Invalid option: --.]2;nyan.. See 'gem --help'.")
+      manager.process_args ["--\e]2;nyan\a"], nil
+    end
 
-      it "for the 'loading command' message" do
-        manager = Gem::CommandManager.new
-        def manager.require(x)
-          raise 'foo'
-        end
-        manager.should_receive(:alert_error).with("Loading command: .]2;nyan. (RuntimeError)\n\tfoo")
-        manager.send :load_and_instantiate, "\e]2;nyan\a"
+    it "for the 'loading command' message" do
+      manager = Gem::CommandManager.new
+      def manager.require(x)
+        raise 'foo'
       end
+      manager.should_receive(:alert_error).with("Loading command: .]2;nyan. (RuntimeError)\n\tfoo")
+      manager.send :load_and_instantiate, "\e]2;nyan\a"
     end
   end
 end
diff --git a/spec/ruby/security/cve_2020_10663_spec.rb b/spec/ruby/security/cve_2020_10663_spec.rb
index 159fdc0cb4..cce1beb012 100644
--- a/spec/ruby/security/cve_2020_10663_spec.rb
+++ b/spec/ruby/security/cve_2020_10663_spec.rb
@@ -18,25 +18,22 @@ module JSONSpecs
 end
 
 guard -> {
-  ruby_version_is "2.6.6" or
   JSON.const_defined?(:Pure) or
   version_is(JSON::VERSION, '2.3.0')
 } do
-  guard_not -> { platform_is :darwin and ENV['GITHUB_ACTIONS'] } do # frequent timeout/hang on macOS in GitHub Actions
-    describe "CVE-2020-10663 is resisted by" do
-      it "only creating custom objects if passed create_additions: true or using JSON.load" do
-        obj = JSONSpecs::MyClass.new("bar")
-        JSONSpecs::MyClass.should.json_creatable?
-        json = JSON.dump(obj)
+  describe "CVE-2020-10663 is resisted by" do
+    it "only creating custom objects if passed create_additions: true or using JSON.load" do
+      obj = JSONSpecs::MyClass.new("bar")
+      JSONSpecs::MyClass.should.json_creatable?
+      json = JSON.dump(obj)
 
-        JSON.parse(json, create_additions: true).class.should == JSONSpecs::MyClass
-        JSON(json, create_additions: true).class.should == JSONSpecs::MyClass
-        JSON.load(json).class.should == JSONSpecs::MyClass
+      JSON.parse(json, create_additions: true).class.should == JSONSpecs::MyClass
+      JSON(json, create_additions: true).class.should == JSONSpecs::MyClass
+      JSON.load(json).class.should == JSONSpecs::MyClass
 
-        JSON.parse(json).class.should == Hash
-        JSON.parse(json, nil).class.should == Hash
-        JSON(json).class.should == Hash
-      end
+      JSON.parse(json).class.should == Hash
+      JSON.parse(json, nil).class.should == Hash
+      JSON(json).class.should == Hash
     end
   end
 end