diff options
Diffstat (limited to 'spec')
-rw-r--r-- | spec/bundler/cache/git_spec.rb | 3 | ||||
-rw-r--r-- | spec/bundler/install/gemfile/git_spec.rb | 6 | ||||
-rw-r--r-- | spec/bundler/update/git_spec.rb | 3 | ||||
-rw-r--r-- | spec/ruby/core/time/shared/local.rb | 2 | ||||
-rw-r--r-- | spec/ruby/library/cgi/cookie/name_spec.rb | 12 | ||||
-rw-r--r-- | spec/ruby/library/cgi/cookie/parse_spec.rb | 10 |
6 files changed, 25 insertions, 11 deletions
diff --git a/spec/bundler/cache/git_spec.rb b/spec/bundler/cache/git_spec.rb index 75525d405b..8123c514b6 100644 --- a/spec/bundler/cache/git_spec.rb +++ b/spec/bundler/cache/git_spec.rb @@ -149,6 +149,9 @@ RSpec.describe "bundle cache with git" do end it "copies repository to vendor cache, including submodules" do + # CVE-2022-39253: https://lore.kernel.org/lkml/xmqq4jw1uku5.fsf@gitster.g/ + system(*%W[git config --global protocol.file.allow always]) + build_git "submodule", "1.0" git = build_git "has_submodule", "1.0" do |s| diff --git a/spec/bundler/install/gemfile/git_spec.rb b/spec/bundler/install/gemfile/git_spec.rb index 00f8e96625..c5ea2c202d 100644 --- a/spec/bundler/install/gemfile/git_spec.rb +++ b/spec/bundler/install/gemfile/git_spec.rb @@ -826,6 +826,9 @@ RSpec.describe "bundle install with git sources" do end it "ignores submodules if :submodule is not passed" do + # CVE-2022-39253: https://lore.kernel.org/lkml/xmqq4jw1uku5.fsf@gitster.g/ + system(*%W[git config --global protocol.file.allow always]) + build_git "submodule", "1.0" build_git "has_submodule", "1.0" do |s| s.add_dependency "submodule" @@ -846,6 +849,9 @@ RSpec.describe "bundle install with git sources" do end it "handles repos with submodules" do + # CVE-2022-39253: https://lore.kernel.org/lkml/xmqq4jw1uku5.fsf@gitster.g/ + system(*%W[git config --global protocol.file.allow always]) + build_git "submodule", "1.0" build_git "has_submodule", "1.0" do |s| s.add_dependency "submodule" diff --git a/spec/bundler/update/git_spec.rb b/spec/bundler/update/git_spec.rb index 752033c842..8a41ab86db 100644 --- a/spec/bundler/update/git_spec.rb +++ b/spec/bundler/update/git_spec.rb @@ -117,6 +117,9 @@ RSpec.describe "bundle update" do describe "with submodules" do before :each do + # CVE-2022-39253: https://lore.kernel.org/lkml/xmqq4jw1uku5.fsf@gitster.g/ + system(*%W[git config --global protocol.file.allow always]) + build_repo4 do build_gem "submodule" do |s| s.write "lib/submodule.rb", "puts 'GEM'" diff --git a/spec/ruby/core/time/shared/local.rb b/spec/ruby/core/time/shared/local.rb index 43f331c4c1..997b7186f1 100644 --- a/spec/ruby/core/time/shared/local.rb +++ b/spec/ruby/core/time/shared/local.rb @@ -6,6 +6,7 @@ describe :time_local, shared: true do end end +=begin platform_is_not :windows do describe "timezone changes" do it "correctly adjusts the timezone change to 'CEST' on 'Europe/Amsterdam'" do @@ -16,6 +17,7 @@ describe :time_local, shared: true do end end end +=end end describe :time_local_10_arg, shared: true do diff --git a/spec/ruby/library/cgi/cookie/name_spec.rb b/spec/ruby/library/cgi/cookie/name_spec.rb index 14226824c8..326a43ade3 100644 --- a/spec/ruby/library/cgi/cookie/name_spec.rb +++ b/spec/ruby/library/cgi/cookie/name_spec.rb @@ -6,18 +6,18 @@ describe "CGI::Cookie#name" do cookie = CGI::Cookie.new("test-cookie") cookie.name.should == "test-cookie" - cookie = CGI::Cookie.new("name" => "another cookie") - cookie.name.should == "another cookie" + cookie = CGI::Cookie.new("name" => "another-cookie") + cookie.name.should == "another-cookie" end end describe "CGI::Cookie#name=" do it "sets self's expiration date" do cookie = CGI::Cookie.new("test-cookie") - cookie.name = "another name" - cookie.name.should == "another name" + cookie.name = "another-name" + cookie.name.should == "another-name" - cookie.name = "and one more" - cookie.name.should == "and one more" + cookie.name = "and-one-more" + cookie.name.should == "and-one-more" end end diff --git a/spec/ruby/library/cgi/cookie/parse_spec.rb b/spec/ruby/library/cgi/cookie/parse_spec.rb index 90d2c3d148..d484c7bad9 100644 --- a/spec/ruby/library/cgi/cookie/parse_spec.rb +++ b/spec/ruby/library/cgi/cookie/parse_spec.rb @@ -6,16 +6,16 @@ describe "CGI::Cookie.parse" do expected = { "test-cookie" => ["one", "two", "three"] } CGI::Cookie.parse("test-cookie=one&two&three").should == expected - expected = { "second cookie" => ["three", "four"], "first cookie" => ["one", "two"] } - CGI::Cookie.parse("first cookie=one&two;second cookie=three&four").should == expected + expected = { "second-cookie" => ["three", "four"], "first-cookie" => ["one", "two"] } + CGI::Cookie.parse("first-cookie=one&two;second-cookie=three&four").should == expected end it "does not use , for cookie separators" do expected = { - "first cookie" => ["one", "two"], - "second cookie" => ["three", "four,third_cookie=five", "six"] + "first-cookie" => ["one", "two"], + "second-cookie" => ["three", "four,third_cookie=five", "six"] } - CGI::Cookie.parse("first cookie=one&two;second cookie=three&four,third_cookie=five&six").should == expected + CGI::Cookie.parse("first-cookie=one&two;second-cookie=three&four,third_cookie=five&six").should == expected end it "unescapes the Cookie values" do |