| Age | Commit message (Collapse) | Author |
|---|
|
At this point gem paths are already loaded and memoize. Changing
`GEM_HOME` has no effect.
https://github.com/rubygems/rubygems/commit/a1f62f0939
|
|
Rubygems installs a single executable. Make that explicit.
https://github.com/rubygems/rubygems/commit/2839d15521
|
|
https://github.com/rubygems/rubygems/commit/69dcc02553
|
|
mswin platform
https://github.com/rubygems/rubygems/commit/b93546c8d8
|
|
Prior to this patch, if I ran:
ruby setup.rb --destdir /foo
Then Bundler files would be written into /foo/foo, because destdir was
being prepended, even though `bundler_spec.bin_dir` already included
destdir.
https://github.com/rubygems/rubygems/commit/9e857ffb52
|
|
Driver letters were not accounted for in one place.
https://github.com/rubygems/rubygems/commit/fbe42460d7
|
|
https://github.com/rubygems/rubygems/commit/f42c2025ed
|
|
https://github.com/rubygems/rubygems/commit/8aab3d11b0
|
|
https://github.com/rubygems/rubygems/commit/b3e985799e
|
|
|
|
|
|
|
|
So that it loads a consistent version of the library and `rubygems` is
never affected by gem activation conflicts related to `tsort`.
Getting CI green required updating one `bundler` spec, because `tsort`
is no longer loaded by `bundle clean` until after `BUNDLE_PATH` has been
changed, so to ensure it is found, it needs to be installed under
`BUNDLE_PATH` as well (which will be different from the global system
path on Bundler 3, meaning installing `tsort` to the global system path
is not enough there). This spec workaround can be removed once we also
vendor `tsort` inside `bundler`.
https://github.com/rubygems/rubygems/commit/d326880999
|
|
key algorithms
https://github.com/rubygems/rubygems/commit/967876f15d
Co-Authored-By: Frederik Dudzik <frederik.dudzik@shopify.com>
|
|
OpenSSL includes what we need.
https://github.com/rubygems/rubygems/commit/955f3b72ca
|
|
We require things inline or autoload them for efficiency and to avoid as
much as possible conflicting with user's choice of gems.
But I removed the require and observed no deadlocks when activating
gems.
https://github.com/rubygems/rubygems/commit/7d6333e842
|
|
https://github.com/rubygems/rubygems/commit/51796f257a
|
|
Since symlinks and absolute paths are already checked.
https://github.com/rubygems/rubygems/commit/de19bc4c7e
|
|
If we explicitly disallow the creation of symlinks that point to files
outside of the destination directory, we can avoid any other safety
checks while creating directories, because we can be sure they will
always fall under the destination directory as well.
https://github.com/rubygems/rubygems/commit/555692b8de
|
|
https://github.com/rubygems/rubygems/commit/0a0ad34af3
|
|
`File.realpath` already expands paths.
https://github.com/rubygems/rubygems/commit/25524ebbeb
|
|
https://github.com/rubygems/rubygems/commit/02e3cf44bf
|
|
This seems to speed up `gem install` on Windows by more than 50%.
https://github.com/rubygems/rubygems/commit/1970b1296d
|
|
`Gem::Request.verify_certificate_message` used this method without
"time" which defines it.
|
|
https://github.com/rubygems/rubygems/commit/90c1919f94
|
|
description
7890c98 matched the start of each line, whereas this matches the start
of the entire string.
https://github.com/rubygems/rubygems/commit/432de7b819
|
|
This reverts commit 6589f7bcc7a63a47cb73f58a290c1e1ac42bba99.
https://github.com/rubygems/rubygems/commit/9d0ce31f08
|
|
Do not change the password of the input parameter source during
anonymization, by using the proper helper instead of changing the
original uri directly.
https://github.com/rubygems/rubygems/commit/eaa2dd8a97
|
|
Implement deep cloning for `Gem::Uri` class to fix a bug where redacting
credentials modifies the URI string in place instead of returning a
modified copy.
https://github.com/rubygems/rubygems/commit/eafb5a279b
|
|
https://github.com/rubygems/rubygems/commit/6589f7bcc7
|
|
It doesn't make much sense to just forbid certain words in descriptions.
https://github.com/rubygems/rubygems/commit/7890c98415
|
|
https://github.com/rubygems/rubygems/commit/ef5f30cba7
|
|
This allows easy differentiation between ABI incompatible platforms like MSWIN64 and MSVCRT-based MINGW32.
This also implicates a distinct rubygem platform which is also "x64-mingw-ucrt".
Although the term "mingw32" is the OS-part for 64 bit systems as well, the "32" is misleading and confusing for many users.
Therefore the new platform string drops the "32" from the OS part to just "mingw".
This conforms to the common practice of windows platform testing per RUBY_PLATFORM=~/mswin|mingw/ .
Notes:
Merged: https://github.com/ruby/ruby/pull/4599
|
|
`Gem::Uri` class
The new class is a wrapper on top of an URI. And then, when you want
credentials redacted, you call `#redacted` that returns a copy of itself,
but with credentials redacted.
https://github.com/rubygems/rubygems/commit/9581c2740a
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/30f5b3c027
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/25c99d7f9d
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/c3bb52eb5c
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
mistake
https://github.com/rubygems/rubygems/commit/ffb480ca7a
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/3a8486794e
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
For the purpose of this class, we need to make sure the return object by `Gem::UriParser.parse_uri` method will have the following method:
- user
- user=
- password
- password=
So we can remove the the `uri` dependency and just look for the methods to exist.
https://github.com/rubygems/rubygems/commit/241e093597
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
its initialize method
https://github.com/rubygems/rubygems/commit/21dcdd2dc5
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/dba130cd80
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
`Gem::PrintableUri#valid_uri?`
https://github.com/rubygems/rubygems/commit/a5177709c9
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/5b6b649bba
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
`build` method
The `initialize` method is already doing a lot and by adding the `Gem::PrintableUri` to redact sensitive information, things are getting complicated and hard to read here. For the start, I have refactored the `initialize` method into a class method called `build`.
https://github.com/rubygems/rubygems/commit/4312e8fdf5
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
The `@uri` variable could be a source URI with a credential. Using `Gem::PrintableUri` to make sure we are redacting sensitive information from it when logging on verbose mode.
https://github.com/rubygems/rubygems/commit/f566787211
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
`Gem::Commands::InstallCommand` class
The `x.source.uri` could be a source URI with a credential. Using `Gem::PrintableUri` to make sure we are redacting sensitive information from it.
https://github.com/rubygems/rubygems/commit/8755ee0aaa
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
be used on outputs
We need to redact URI credential in several places and copy pasting the code into each part of it is not ideal. This class is responsible for parsing URI strings and redacting credential from it. Also, it will handle URI object in the same manner. We will be reusing this class whenever we need to print/display a URI to users.
URI with the following format will be redacted:
- Token: `http://my-secure-token@example.com` => `http://REDACTED@example.com`
- Username & Password: `http://my-username:my-secure-password@example.com` => `http://my-username:REDACTED@example.com`
- x-oauth-basic: `http://my-secure-token:x-oauth-basic@example.com` => `http://REDACTED:x-oauth-basic@example.com`
https://github.com/rubygems/rubygems/commit/f1e45d3a89
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
The `Gem::Platform::RUBY ? -1 : 1` has been used multiple times in different places and could be refactored to a method (DRY).
https://github.com/rubygems/rubygems/commit/9d43ca8f0c
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
https://github.com/rubygems/rubygems/commit/e3d150d822
Co-authored-by: David Rodríguez <deivid.rodriguez@riseup.net>
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
