| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
* Merge RubyGems-3.5.12 and Bundler-2.5.12
* Merge RubyGems-3.5.13 and Bundler-2.5.13
* Merge RubyGems-3.5.14 and Bundler-2.5.14
* Merge RubyGems-3.5.15 and Bundler-2.5.15
* Merge RubyGems-3.5.16 and Bundler-2.5.16
|
|
Co-authored-by: Nobuyoshi Nakada <nobu@ruby-lang.org>
|
|
* Merge RubyGems-3.5.6 and Bundler-2.5.6
* Merge RubyGems-3.5.7 and Bundler-2.5.7
* Merge RubyGems-3.5.8 and Bundler-2.5.8
* Partly reverted about https://github.com/rubygems/rubygems/pull/7483
* Merge RubyGems-3.5.9 and Bundler-2.5.9
|
|
* Merge RubyGems-3.5.4 and Bundler-2.5.4
* Merge RubyGems-3.5.5 and Bundler-2.5.5
* Make tests play with upstream Ruby tests
CI broke in https://github.com/ruby/ruby/pull/9604 because if any Ruby
tests run `require 'net/http'`, they will pollute the
`$LOADED_FEATURES` for the RubyGems tests. We can fix this by renaming
the test default gem from `net-http` to `my-http`.
See https://github.com/rubygems/rubygems/pull/7379#issuecomment-1901241299
for more details.
---------
Co-authored-by: Stan Hu <stanhu@gmail.com>
|
|
I think we can safely assume these days that all RubyGems and Bundler
versions that will ever bundle a new gem created in 2023 support
prereleases.
So this non transparent requirement is not necessary.
In my opinion, it should be the gem author to explicitly add this
constraint, not RubyGems.
https://github.com/rubygems/rubygems/commit/b165e6d725
|
|
https://github.com/rubygems/rubygems/commit/bb66253f2c
|
|
https://github.com/rubygems/rubygems/commit/56ce2a6445
|
|
https://github.com/rubygems/rubygems/commit/70243b1d72
|
|
https://github.com/rubygems/rubygems/commit/10c26a483d
|
|
https://github.com/rubygems/rubygems/commit/625b8293f7
|
|
This gets the specs passing, and handles the fact that we expect
checkums to be pinned only to a particular source
This also avoids reading in .gem files during lockfile generation,
instead allowing us to query the source for each resolved gem to grab
the checksum
Finally, this opens up a route to having user-stored checksum databases,
similar to how other package managers do this!
Add checksums to dev lockfiles
Handle full name conflicts from different original_platforms when adding checksums to store from compact index
Specs passing on Bundler 3
https://github.com/rubygems/rubygems/commit/86c7084e1c
|
|
if possible
1. Use the checksum provided by the server if provided: provides security
knowing if the gem you downloaded matches the gem on the server
2. Calculate the checksum from the gem on disk: provides security knowing
if the gem has changed between installs
3. In some cases, neither is possible in which case we don't put anything
in the checksum and we maintain functionality as it is today
Add the checksums to specs in the index if we already have them
Prior to checksums, we didn't lose any information when overwriting specs
in the index with stubs. But now when we overwrite EndpointSpecifications
or RemoteSpecifications with more generic specs, we could lose checksum
info. This manually sets checksum info so we keep it in the index.
https://github.com/rubygems/rubygems/commit/de00a4f153
|
|
https://github.com/rubygems/rubygems/commit/f9cc6fed25
|
|
Specifically, this will have frozen string literals for:
- Gem platform tuple entries
- Gem::Version strings
- Gem::Specification#installed_by_version
- Dependency requirement strings
https://github.com/rubygems/rubygems/commit/6195da5bdb
|
|
safely load permitted classes/symbols
https://github.com/rubygems/rubygems/commit/7e4478fe73
|
|
Co-authored-by: David Rodríguez <deivid.rodriguez@riseup.net>
|
|
class references does not warn
Before this, you would get constant redefinition warnings on Psych::DefaultKey
Additionally, ensure the retries wont continue infinitely in the case of the ArgumentError not being caused by Marshal trying to load the undefined classes
https://github.com/rubygems/rubygems/commit/919e8c2de4
|
|
https://github.com/rubygems/rubygems/commit/31d0311258
|
|
https://github.com/rubygems/rubygems/commit/324139af8f
|
|
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/05cc97bdf8
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/9d25906e44
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/e5868e92f7
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/c1f6e4a97b
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/6dc4bc3a5b
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/021823a331
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/e8a5db50af
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/df2b192e47
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
|
|
|
|
|
|
https://github.com/rubygems/rubygems/commit/97e0af2518
|
|
https://github.com/rubygems/rubygems/commit/80b57da926
|
|
https://github.com/rubygems/rubygems/commit/ae3bdc0e85
|
|
https://github.com/rubygems/rubygems/commit/4e77a1d1d5
|
|
https://github.com/rubygems/rubygems/commit/aa95ee27a2
|
|
https://github.com/rubygems/rubygems/commit/cb554f6eb7
|
|
https://github.com/rubygems/rubygems/commit/fba6e94de9
|
|
https://github.com/rubygems/rubygems/commit/f4f45ab27e
|
|
https://github.com/rubygems/rubygems/commit/d8efd919db
|
|
https://github.com/rubygems/rubygems/commit/d4938259c4
|
|
bundler from Gem::Specification.
Gem::Specification#missing_extension? is heavily called from RubyGems.
We should reduce extra method call from this place.
https://github.com/rubygems/rubygems/commit/e24e59d44d
|
|
https://github.com/rubygems/rubygems/commit/85d60e9886
|
|
When we use this methods with local gemspec, we don't handle
build status of extension correctly. So We need to find extension
files in require_paths.
Example with ruby/erb repository:
```
$ bundle exec irb
Ignoring erb-4.0.2 because its extensions are not built. Try: gem pristine erb --version 4.0.2
>>
```
https://github.com/rubygems/rubygems/commit/f90e43cf3f
|
|
http://rubyci.s3.amazonaws.com/freebsd12/ruby-master/log/20230306T023004Z.fail.html.gz#dist
|
