Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
Merge RubyGems 3.3.x and Bundler 2.3.x
|
|
Since symlinks and absolute paths are already checked.
https://github.com/rubygems/rubygems/commit/de19bc4c7e
|
|
If we explicitly disallow the creation of symlinks that point to files
outside of the destination directory, we can avoid any other safety
checks while creating directories, because we can be sure they will
always fall under the destination directory as well.
https://github.com/rubygems/rubygems/commit/555692b8de
|
|
https://github.com/rubygems/rubygems/commit/0a0ad34af3
|
|
`File.realpath` already expands paths.
https://github.com/rubygems/rubygems/commit/25524ebbeb
|
|
https://github.com/rubygems/rubygems/commit/02e3cf44bf
|
|
This seems to speed up `gem install` on Windows by more than 50%.
https://github.com/rubygems/rubygems/commit/1970b1296d
|
|
https://github.com/rubygems/rubygems/commit/c74fc58695
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4383
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3864
|
|
31a6eaabc165d8a222e176f2c809d90622d88ec2 is obsoleted with
https://github.com/rubygems/rubygems/pull/3820
|
|
Enable Style/EmptyLinesAroundClassBody rubocop cop.
|
|
If any error happens while verifying a package entry, it doesn't mean
that the package is corrupt. It could be a bug in rubygems, for example.
This in fact happened in CI and the current error doesn't make it easy
to troubleshoot the root cause, since it doesn't provide a backtrace.
See
https://github.com/rubygems/rubygems/pull/3807/checks?check_run_id=862526615.
So I propose to let the exception happens. There was something useful
about the previous message, which is the file entry where the error
happened, so I'm keeping that information in a warning message.
https://github.com/rubygems/rubygems/commit/ece87d858f
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
|
the Gem module's auto-loads will handle loading these as needed,
this started as a redundancy found in *rubygems.rb* which had:
`autoload :Specification, 'rubygems/specification'` as well as
`require 'rubygems/specification'`
https://github.com/rubygems/rubygems/commit/43ceae7ac0
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
|
To normalize the code style with `bundler`.
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
|
They are no longer needed since ruby 2.0.
Notes:
Merged: https://github.com/ruby/ruby/pull/3229
|
|
To make rubygems code style consistent with bundler.
Notes:
Merged: https://github.com/ruby/ruby/pull/3229
|
|
https://github.com/rubygems/rubygems/commit/73c199b087
Notes:
Merged: https://github.com/ruby/ruby/pull/3184
|
|
Just started to develop RubyGems 3.2.0.
|
|
* Fix gem pristine not accounting for user installed gems. Pull request
#2914 by Luis Sagastume.
* Refactor keyword argument test for Ruby 2.7. Pull request #2947 by
SHIBATA Hiroshi.
* Fix errors at frozen Gem::Version. Pull request #2949 by Nobuyoshi
Nakada.
* Remove taint usage on Ruby 2.7+. Pull request #2951 by Jeremy Evans.
* Check Manifest.txt is up to date. Pull request #2953 by David Rodríguez.
* Clarify symlink conditionals in tests. Pull request #2962 by David
Rodríguez.
* Update command line parsing to work under ps. Pull request #2966 by
David Rodríguez.
* Properly test `Gem::Specifications.stub_for`. Pull request #2970 by
David Rodríguez.
* Fix Gem::LOADED_SPECS_MUTEX handling for recursive locking. Pull request
#2985 by MSP-Greg.
Notes:
Merged: https://github.com/ruby/ruby/pull/2666
|
|
The arity of this method has been -1 since the import, so the
option has been passed always, even if Zlib::GzipReader#initialize
does not take the option. Actually it takes the option since 1.9.
https://github.com/rubygems/rubygems/commit/2fcde0f4e0
|
|
Fixes #2290.
1. `Gem::Specification.date` returns SOURCE_DATE_EPOCH when defined,
2. this commit makes RubyGems set it _persistently_ when not provided.
This combination means that you can build a gem, check the build time,
and use that value to generate a new build -- and then verify they're
the same.
https://github.com/rubygems/rubygems/commit/d830d53f59
|
|
https://github.com/rubygems/rubygems/commit/5b81f364ae
|
|
Cfuncs that use rb_scan_args with the : entry suffer similar keyword
argument separation issues that Ruby methods suffer if the cfuncs
accept optional or variable arguments.
This makes the following changes to : handling.
* Treats as **kw, prompting keyword argument separation warnings
if called with a positional hash.
* Do not look for an option hash if empty keywords are provided.
For backwards compatibility, treat an empty keyword splat as a empty
mandatory positional hash argument, but emit a a warning, as this
behavior will be removed in Ruby 3. The argument number check
needs to be moved lower so it can correctly handle an empty
positional argument being added.
* If the last argument is nil and it is necessary to treat it as an option
hash in order to make sure all arguments are processed, continue to
treat the last argument as the option hash. Emit a warning in this case,
as this behavior will be removed in Ruby 3.
* If splitting the keyword hash into two hashes, issue a warning, as we
will not be splitting hashes in Ruby 3.
* If the keyword argument is required to fill a mandatory positional
argument, continue to do so, but emit a warning as this behavior will
be going away in Ruby 3.
* If keyword arguments are provided and the last argument is not a hash,
that indicates something wrong. This can happen if a cfunc is calling
rb_scan_args multiple times, and providing arguments that were not
passed to it from Ruby. Callers need to switch to the new
rb_scan_args_kw function, which allows passing of whether keywords
were provided.
This commit fixes all warnings caused by the changes above.
It switches some function calls to *_kw versions with appropriate
kw_splat flags. If delegating arguments, RB_PASS_CALLED_KEYWORDS
is used. If creating new arguments, RB_PASS_KEYWORDS is used if
the last argument is a hash to be treated as keywords.
In open_key_args in io.c, use rb_scan_args_kw.
In this case, the arguments provided come from another C
function, not Ruby. The last argument may or may not be a hash,
so we can't set keyword argument mode. However, if it is a
hash, we don't want to warn when treating it as keywords.
In Ruby files, make sure to appropriately use keyword splats
or literal keywords when calling Cfuncs that now issue keyword
argument separation warnings through rb_scan_args. Also, make
sure not to pass nil in place of an option hash.
Work around Kernel#warn warnings due to problems in the Rubygems
override of the method. There is an open pull request to fix
these issues in Rubygems, but part of the Rubygems tests for
their override fail on ruby-head due to rb_scan_args not
recognizing empty keyword splats, which this commit fixes.
Implementation wise, adding rb_scan_args_kw is kind of a pain,
because rb_scan_args takes a variable number of arguments.
In order to not duplicate all the code, the function internals need
to be split into two functions taking a va_list, and to avoid passing
in a ton of arguments, a single struct argument is used to handle
the variables previously local to the function.
Notes:
Merged-By: jeremyevans <code@jeremyevans.net>
|
|
Mostly requires adding ** in either calls or method definitions.
Notes:
Merged: https://github.com/ruby/ruby/pull/2395
|
|
https://github.com/rubygems/rubygems/commit/a76f25dff0
|
|
https://github.com/rubygems/rubygems/commit/2c9cfcb666
|
|
Closes: https://github.com/ruby/ruby/pull/2154
|
|
The current master branch is
https://github.com/rubygems/rubygems/commit/97b264f0fa248c864b6ee9a23d3ff1cdd217dddb
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It fixed the multiple vulnerabilities.
https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
This version contains the some style changes by RuboCop.
* https://github.com/rubygems/rubygems/commit/9d810be0ede925fb2e3af535848582c3f8e0e72f
* https://github.com/rubygems/rubygems/commit/61ea98a727fb1b76b6fac52d74107ee4b02aaef2
* https://github.com/rubygems/rubygems/commit/795893dce3c5f8540804fc08144cc6a90f086b13
* https://github.com/rubygems/rubygems/commit/9be7858f7f17eae3058204f3c03e4b798ba18b9c
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67074 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It fixed the issues of RubyGems 3.0.0.
https://blog.rubygems.org/2018/12/23/3.0.1-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66499 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* [BudlerVersionFinder] set .filter! and .compatible? to match only on major versions https://github.com/rubygems/rubygems/pull/2515
* Fix broken symlink that points to ../* https://github.com/rubygems/rubygems/pull/2516
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66347 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* Enable Style/MethodDefParentheses in Rubocop
https://github.com/rubygems/rubygems/pull/2478
* Enable Style/MultilineIfThen in Rubocop
https://github.com/rubygems/rubygems/pull/2479
* Fix required_ruby_version with prereleases and improve error message
https://github.com/rubygems/rubygems/pull/2344
* Fix bundler rubygems binstub not properly looking for bundler
https://github.com/rubygems/rubygems/pull/2426
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65904 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65294 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* It's preparation to release RubyGems 3.0.0.beta2 and Ruby 2.6.0
preview 3.
* https://github.com/rubygems/rubygems/compare/v3.0.0.beta1...fad2eb15a282b19dfcb4b48bc95b8b39ebb4511f
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64555 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* It drop to support < Ruby 2.2
* Cleanup deprecated methods and classes.
* Mark obsoleted methods to deprecate.
* and other enhancements.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63528 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
see release details here: https://blog.rubygems.org/2018/05/18/2.7.7-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63461 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It fixed some security vulnerabilities.
http://blog.rubygems.org/2018/02/15/2.7.6-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Please see its details: http://blog.rubygems.org/2018/02/06/2.7.5-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62244 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It fixed http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
HEAD(2c6d256). It contains to update vendored Molinillo to 0.5.0.
https://github.com/rubygems/rubygems/pull/1638
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55441 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
shebang.
* lib/rubygems/package.rb, lib/rubygems/package/*: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53712 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It supports to enable frozen string literal and add `--norc` option for
disable to `.gemrc` configuration.
See 2.5.2 release notes for other fixes and enhancements.
https://github.com/rubygems/rubygems/blob/a8aa3bac723f045c52471c7b9328310a048561e0/History.txt#L3
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53707 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
When you change this to true, you may need to add more tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|