| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Removes usage of these classes as ACE gadgets
See https://nastystereo.com/security/ruby-3.4-deserialization.html
Signed-off-by: Samuel Giddins <segiddins@segiddins.me>
https://github.com/rubygems/rubygems/commit/89ad04db86
|
|
https://github.com/rubygems/rubygems/commit/d8d68cc00e
|
|
clearing results from all sources
https://github.com/rubygems/rubygems/commit/0549ddbcc5
|
|
has extensions and `gemspec` DSL is being used
In a `bundle exec` context, the local specification will actually be
part of the known specifications, so RubyGems will assume it has already
been installed, which is not actually true.
This will cause `RequestSet` to rebuild extensions for a gem that's not
actually installed, causing errors.
The fix is to make sure detection of installed activation requests
considers not only that there's a known spec with the same full name as
the one being installed, but also that this spec is installed in the
same gem_home were pretend to install the new gem.
https://github.com/rubygems/rubygems/commit/a8ef1286a6
|
|
Every time a gem is not found in the Compact Index API, RubyGems will
fallback to the full index, which is very slow. This is unnecessary
because both indexes should be providing the same gems, so if a gem
can't be found in the Compact Index API, it won't be found in the full
index.
We _do_ want a fallback to the full index, whenever the Compact Index
API is not implemented. To detect that, we check that the API responds
to the "/versions" endpoint, just like Bundler does.
Before:
```
$ time gem install fooasdsfafs
ERROR: Could not find a valid gem 'fooasdsfafs' (>= 0) in any repository
gem 20,77s user 0,59s system 96% cpu 22,017 total
```
After:
```
$ time gem install fooasdsfafs
ERROR: Could not find a valid gem 'fooasdsfafs' (>= 0) in any repository
gem 5,02s user 0,09s system 91% cpu 5,568 total
```
https://github.com/rubygems/rubygems/commit/c0d6b9eea7
|
|
not properly compared
They were delegating their `#hash` value to a class not overriding that
method, and so were returning inconsistent results.
https://github.com/rubygems/rubygems/commit/723e4ee0fc
|
|
https://github.com/rubygems/rubygems/commit/d7c15f6fd7
|
|
|
|
|
|
reproducible
Helps ensure that unsuspecting diffs to the vendored code arent accidentally introduced
https://github.com/rubygems/rubygems/commit/7c425d49dd
|
|
This still allocates a ton (a string for each line, plus a bunch of
splits into arrays), but it helps a bit when Bundler has to go through
dependency resolution.
```
==> memprof.after.txt <==
Total allocated: 194.14 MB (2317172 objects)
Total retained: 60.81 MB (593164 objects)
==> memprof.before.txt <==
Total allocated: 211.97 MB (2404890 objects)
Total retained: 62.85 MB (640342 objects)
```
https://github.com/rubygems/rubygems/commit/c68b41b0e5
|
|
in <code> - fix rubygems.org link - fix zenspider.com link
https://github.com/rubygems/rubygems/commit/9eaac94a63
|
|
https://github.com/rubygems/rubygems/commit/ec5f04f7b1
|
|
https://github.com/rubygems/rubygems/commit/6d9e8025dc
|
|
https://github.com/rubygems/rubygems/commit/132a56569d
|
|
https://github.com/rubygems/rubygems/commit/67ece7b8b6
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/e5868e92f7
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
|
|
https://github.com/rubygems/rubygems/commit/b595d3cf0f
|
|
https://github.com/rubygems/rubygems/commit/7c1168c623
|
|
https://github.com/rubygems/rubygems/commit/add44e56eb
|
|
https://github.com/rubygems/rubygems/commit/1c3356a872
|
|
https://github.com/rubygems/rubygems/commit/5c88c77873
|
|
https://github.com/rubygems/rubygems/commit/acb0548bf6
|
|
from https://github.com/rubygems/rubygems/commit/0635c1423db5d7c461d53bf0c3329bca75de7609
Notes:
Merged: https://github.com/ruby/ruby/pull/7094
|
|
And configure tsort to be vendored as a dependency of Molinillo.
https://github.com/rubygems/rubygems/commit/8ec749f891
|
|
Gem::Resolver::InstallerSet
https://github.com/rubygems/rubygems/commit/05cb5410cb
|
|
Pick from https://github.com/rubygems/rubygems/commit/dfbb5a38114640e0d8d616861607f3de73ee0199
Notes:
Merged: https://github.com/ruby/ruby/pull/6224
|
|
https://github.com/rubygems/rubygems/commit/f087f1b590
|
|
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
|
|
Before:
```
$ gem install sfdsfdsfsdide --force
ERROR: While executing gem ... (NoMethodError)
undefined method `spec' for nil:NilClass
@always_install << newest.spec
^^^^^
```
After:
```
$ gem install sfdsfdsfsdide --force
ERROR: Could not find a valid gem 'sfdsfdsfsdide' (>= 0) in any repository
```
https://github.com/rubygems/rubygems/commit/4e2bfd1101
|
|
So that it loads a consistent version of the library and `rubygems` is
never affected by gem activation conflicts related to `tsort`.
Getting CI green required updating one `bundler` spec, because `tsort`
is no longer loaded by `bundle clean` until after `BUNDLE_PATH` has been
changed, so to ensure it is found, it needs to be installed under
`BUNDLE_PATH` as well (which will be different from the global system
path on Bundler 3, meaning installing `tsort` to the global system path
is not enough there). This spec workaround can be removed once we also
vendor `tsort` inside `bundler`.
https://github.com/rubygems/rubygems/commit/d326880999
|
|
https://github.com/rubygems/rubygems/commit/ef5f30cba7
|
|
The `Gem::Platform::RUBY ? -1 : 1` has been used multiple times in different places and could be refactored to a method (DRY).
https://github.com/rubygems/rubygems/commit/9d43ca8f0c
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/e3d150d822
Co-authored-by: David Rodríguez <deivid.rodriguez@riseup.net>
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/c74fc58695
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4367
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4143
|
|
iff means if and only if, but readers without that knowledge might
assume this to be a spelling mistake. To me, this seems like
exclusionary language that is unnecessary. Simply using "if and only if"
or "whether" should suffice.
https://github.com/rubygems/rubygems/commit/88318ebc6d
|
|
55634a8af18a52df86c4275d70fa1179118bcc20
Notes:
Merged: https://github.com/ruby/ruby/pull/4021
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3982
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3901
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3864
|
|
As far as I could see, `Gem::Resolver::APISpecification` objects are
supposed to be immutable. If my guessing is correct, then we can cache
and reuse its instances for performance.
At least, `rake` passes on my machine.
Before this change:
```
$ time ruby -I lib bin/gem install --no-doc aws-sdk
Successfully installed aws-sdk-3.0.1
1 gem installed
real 0m37.104s
user 0m36.952s
sys 0m0.333s
```
After this change:
```
$ time ruby -I lib bin/gem install --no-doc aws-sdk
Successfully installed aws-sdk-3.0.1
1 gem installed
real 0m23.905s
user 0m23.740s
sys 0m0.365s
```
https://github.com/rubygems/rubygems/commit/7e8fbba85c
Notes:
Merged: https://github.com/ruby/ruby/pull/3599
|
|
31a6eaabc165d8a222e176f2c809d90622d88ec2 is obsoleted with
https://github.com/rubygems/rubygems/pull/3820
|
|
Enable Style/EmptyLinesAroundClassBody rubocop cop.
|
|
To normalize the code style with `bundler`.
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
