Age | Commit message (Collapse) | Author |
|
* This reverts commit 1faa4fdc161d7aeebdb5de0c407b923beaecf898.
* It has too many problems, see https://github.com/ruby/uri/pull/22 for discussion.
https://github.com/ruby/uri/commit/b959da2dc9
|
|
https://github.com/ruby/uri/commit/1faa4fdc16
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4684
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4684
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4684
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4684
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4684
|
|
If the thread termination invokes user code after `th->status` becomes
`THREAD_KILLED`, and the user unblock function causes that `th->status` to
become something else (e.g. `THREAD_RUNNING`), threads waiting in
`thread_join_sleep` will hang forever. We move the unblock function call
to before the thread status is updated, and allow threads to join as soon
as `th->value` becomes defined.
Notes:
Merged: https://github.com/ruby/ruby/pull/4660
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4685
Merged-By: nobu <nobu@ruby-lang.org>
|
|
|
|
|
|
Consume the VM stack more, to make the target object get GCed with
more probability during suppressing the warning.
|
|
|
|
Bundler has deprecated gemfiles without a global source and this feature
is now obsolete. `Bundler::Definition#has_rubygems_remotes?` is removed
because it's not used anymore.
https://github.com/rubygems/rubygems/commit/d29dd2cb7b
|
|
improve readability
`check_rubygems_source_safety` is responsible for:
1. if there are multiple global sources
- for bundle 3.x raise an error
- for bundle 2.x print a warning
2. print a warning if there is no explicit global source
The second responsibility was added recently and now the logic could be
extracted to improve readability. Conditions are still live in the `check_rubygems_source_safety` method
since we don't want to call both functions always and that would help us achieve that.
https://github.com/rubygems/rubygems/commit/f3d7e946ee
|
|
Raise a warning when parsing a Gemfile and it doesn't have a global source. Gemfiles like this, specially now that rubygems sources are are no longer merged into a single source for security, are very confusing because they generate a different lockfile depending on the gems you have locally installed. This is because bundler always use an implicit global source that defaults to locally installed gems.
https://github.com/rubygems/rubygems/commit/b7523ad21c
|
|
This is in preparation for deprecating source-less gemfiles.
https://github.com/rubygems/rubygems/commit/d6493fa3e2
|
|
This method is created to tell whether any global source exist in the object or not and it will be used by `Bundler:Dsl` to print a warning if no global source has been defined in the Gemfile.
https://github.com/rubygems/rubygems/commit/422fec4438
|
|
This method is created to tell whether any remote exist in the object or not and it will be used by `Bundler:SourceList` to tell if a global source has been defined implicitly or not.
https://github.com/rubygems/rubygems/commit/47e3ff0e47
|
|
https://github.com/rubygems/rubygems/commit/ef6388656a
|
|
https://github.com/rubygems/rubygems/commit/fe723c0f7f
|
|
https://github.com/rubygems/rubygems/commit/8bf41f53cc
|
|
https://github.com/rubygems/rubygems/commit/e5532ef886
|
|
The is the previous intentional behaviour until
https://github.com/rubygems/bundler/commit/ca0676cb1c638e0b9747ea8c18f28adf82cc01de.
In my opinion, that previous behaviour was better and should be
restored, because we want our users to always see warnings and fix them.
And the original issue that motivated the change is fixable by other
means, namely through `BUNDLE_SILENCE_ROOT_WARNING`, or through
`BUNDLE_SILENCE_DEPRECATIONS` in general. Finally, the --quiet option is
still documented as "only print errors and warnings".
So this PR essentially reverts
https://github.com/rubygems/bundler/commit/ca0676cb1c638e0b9747ea8c18f28adf82cc01de
for the above reasons.
https://github.com/rubygems/rubygems/commit/35f2254dfc
|
|
We'll be removing the warning about no gem sources, so this spec will no
longer test that warnings are hidden by `--quiet`.
Test that in another way so that we don't lose the coverage when we
drop the specific warning about no gem server sources.
https://github.com/rubygems/rubygems/commit/cce4f86d28
|
|
Mitigate the security risk:
https://devcraft.io/2021/01/07/universal-deserialisation-gadget-for-ruby-2-x-3-x.html
https://github.com/rubygems/rubygems/commit/141c2f4388
|
|
After reading [this blog
post](https://blog.rubygems.org/2011/08/31/shaving-the-yaml-yak.html),
published almost 10 years ago already, my understanding is that this
problem could come up in two ways:
* Rubygems.org serving corrupted gemspecs". As far as I understand this
was fixed in rubygems.org a lot time ago, since
https://github.com/rubygems/rubygems.org/pull/331.
* Clients having a ten years old gemspec cache with some of these bad
gemspecs. In this case, there's no easy solution but I think ten years
is enough and rebuilding the cache should do the trick.
So, I think it's time we remove this.
https://github.com/rubygems/rubygems/commit/afcb15d556
|
|
A fresh `gem install` might not reproduce the exact `bundle install`
environment that originally caused the error. It also makes it harder
for the user to troubleshoot the error since she needs to run a separate
command.
Instead, show the original error and backtrace directly.
https://github.com/rubygems/rubygems/commit/49c2abfec6
|
|
For example, due to extension compilation issues.
https://github.com/rubygems/rubygems/commit/adbe55bb6a
|
|
To mimic built-in rubygems behaviour, only thing that should be
approximated is the lockfile version. Other alternatives like
`BUNDLER_VERSION` should be respected exactly.
https://github.com/rubygems/rubygems/commit/dbd667d4bc
|
|
relative file
Ruby 1.9.2 removed "." from LOAD_PATH for robustness and security reasons.
This code was introduced by https://github.com/rubygems/rubygems/commit/56fc830e19a573a5905eba7f4714ad1f21ed1927 commit
to helping users understand the issue and had a guard condition to include the message for `RUBY_VERSION >= "1.9"`.
However, the guard condition was removed as part of the "Ruby version leftover" cleanup by
https://github.com/rubygems/rubygems/commit/8c9cf76e419fbd8ba83144d701b24ca388813b14
Ruby 1.9 development was ended a long time ago and this message is not useful anymore.
https://github.com/rubygems/rubygems/commit/a23609b15a
|
|
The existing interrupt handling using `SharedHelpers.trap` fails when the previous
handler for a signal is not callable (for example, when it is the string "DEFAULT").
Instead, we now handle interrupts by aborting the process when worker threads are
running, and restore the previous handler after worker threads are finished.
Fixes #4764.
https://github.com/rubygems/rubygems/commit/b9f455d487
|
|
|
|
And revert 24e5f1c982966c379220b1bbb26b4e0320180fa1, pepending to
Kernel did not affect the top level methods before 3.0.
|
|
`DebugSystem#system` is prepended in vcs.rb and defaulted to
`exception: true`.
|
|
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4256
|
|
|
|
|
|
When looking for libraries to load with a feature name without
extension, `.rb` files are given priority. However, since the
feature index arrays were not in that order of priority, but in
the order in which they were loaded, a lower priority extension
library might be returned. In that case, the `.rb` file had to be
searched for again from the `$LOAD_PATH`, resulting in poor
performance.
Notes:
Merged: https://github.com/ruby/ruby/pull/4679
|
|
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4676
|
|
|
|
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4670
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4670
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4670
|
|
It can be optimized and handles Qnil properly.
Notes:
Merged: https://github.com/ruby/ruby/pull/4669
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4669
|
|
|