diff options
| author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2026-04-02 12:33:55 +0900 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2026-04-24 00:44:26 +0000 |
| commit | f408ae9960252d08a25a7a48e51a915dd6c8fd94 (patch) | |
| tree | f4dbed11ab6b19013443fd3a2095ce7c93424e1f /test | |
| parent | 16ad249a2ea57952e2283382c7e055b261d43c57 (diff) | |
[ruby/rubygems] Add --[no-]build-extension and --[no-]install-plugin options to gem install
These options allow users to opt out of building native extensions and
installing plugins during gem installation, providing an equivalent to
npm's --ignore-scripts for mitigating arbitrary code execution vectors.
Both options default to true to maintain backward compatibility. Users
can disable them per-command or globally via gemrc configuration.
https://github.com/ruby/rubygems/commit/54221ab5b2
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Diffstat (limited to 'test')
| -rw-r--r-- | test/rubygems/test_gem_installer.rb | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/test/rubygems/test_gem_installer.rb b/test/rubygems/test_gem_installer.rb index f20771c5f0..ca0a82a94e 100644 --- a/test/rubygems/test_gem_installer.rb +++ b/test/rubygems/test_gem_installer.rb @@ -2442,6 +2442,58 @@ class TestGemInstaller < Gem::InstallerTestCase assert_kind_of(String, installer.gem) end + def test_install_no_build_extension + installer = util_setup_installer + + gemdir = File.join @gemhome, "gems", @spec.full_name + + installer.options[:build_extension] = false + + use_ui @ui do + installer.install + end + + assert_path_exist gemdir + assert_path_not_exist File.join(@spec.extension_dir, "gem.build_complete") + assert_match "contains native extensions that were not built", @ui.error + end + + def test_install_no_build_extension_without_extensions + spec = quick_gem "b", 2 + + util_build_gem spec + + installer = util_installer spec, @gemhome + installer.options[:build_extension] = false + + use_ui @ui do + installer.install + end + + refute_match "contains native extensions", @ui.error + end + + def test_install_no_install_plugin + installer = util_setup_installer do |spec| + write_file File.join(@tempdir, "lib", "rubygems_plugin.rb") do |io| + io.write "# do nothing" + end + + spec.files += %w[lib/rubygems_plugin.rb] + end + + installer.options[:install_plugin] = false + + build_rake_in do + use_ui @ui do + installer.install + end + end + + plugin_path = File.join Gem.plugindir, "a_plugin.rb" + refute File.exist?(plugin_path), "plugin must not be written when --no-install-plugin" + end + private def util_execless |