Age | Commit message (Collapse) | Author |
|
* Fixed following vulnerabilities:
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
* see also https://blog.rubygems.org/2019/03/05/3.0.3-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67182 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fixed gemspec location of bundler.
FileCollector of rbinstall.rb requires location of gemspec under
the sub-direcotry with the same name as default gems.
I forgot to fix it with r66867.
[Bug #15582][ruby-core:91374]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67180 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Ignore to add bundler lib direcotry if it is same as rubylibdir.
[Bug #15469][ruby-core:90742]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67179 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix exception namespace
* lib/fileutils.rb (remove_entry_secure): EISDIR is under the
Errno namespace. [ruby-core:91362] [Bug #15577]
From: Tietew (Toru Iwase) <tietew@tietew.net>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67177 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
update Unicode version (and Emoji version) to 12.0.0
- common.mk: set UNICODE_VERSION and UNICODE_EMOJI_VERSION to 12.0.0
- lib/unicode_normalize/tables.rb: update table data to Unicode version 12.0.0
- enc/unicode/12.0.0/casefold.h, enc/unicode/12.0.0/name2ctype.h: add generated
files for Unicode version 12.0.0
This is the main commit for #15321.
add news about Unicode version update (issue #15321) to NEWS [ci skip]
delete directory and files related to Unicode version 11.0.0
this completes and closes feature #15321
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67175 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
tmpdir.rb: permission of user given directory
* lib/tmpdir.rb (Dir.mktmpdir): check if the permission of the
parent directory only when using the default temporary
directory, and no check against user given directory. the
security is the user's responsibility in that case.
[ruby-core:91216] [Bug #15555]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@66941 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Upgrade CSV to 3.0.4
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@66926 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix mday overflow
[ruby-core:90897] [Bug #15506]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@66825 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix Net::Protocol::BufferedIO#write when sending large multi-byte string
This commit should fix Net::Protocol::BufferedIO#write when sending
large multi-byte string like following example.
```
$ ruby -rnet/http -rjson -v -e "Net::HTTP.post(URI('http://httpbin.org/post'), { text: '?'*100_000 }.to_json, 'Content-Type' => 'application/json')"
ruby 2.6.0p0 (2018-12-25 revision 66547) [x86_64-linux]
Traceback (most recent call last):
19: from -e:1:in `<main>'
18: from lib/ruby/2.6.0/net/http.rb:500:in `post'
17: from lib/ruby/2.6.0/net/http.rb:605:in `start'
16: from lib/ruby/2.6.0/net/http.rb:920:in `start'
15: from lib/ruby/2.6.0/net/http.rb:502:in `block in post'
14: from lib/ruby/2.6.0/net/http.rb:1281:in `post'
13: from lib/ruby/2.6.0/net/http.rb:1493:in `send_entity'
12: from lib/ruby/2.6.0/net/http.rb:1479:in `request'
11: from lib/ruby/2.6.0/net/http.rb:1506:in `transport_request'
10: from lib/ruby/2.6.0/net/http.rb:1506:in `catch'
9: from lib/ruby/2.6.0/net/http.rb:1507:in `block in transport_request'
8: from lib/ruby/2.6.0/net/http/generic_request.rb:123:in `exec'
7: from lib/ruby/2.6.0/net/http/generic_request.rb:189:in `send_request_with_body'
6: from lib/ruby/2.6.0/net/protocol.rb:247:in `write'
5: from lib/ruby/2.6.0/net/protocol.rb:265:in `writing'
4: from lib/ruby/2.6.0/net/protocol.rb:248:in `block in write'
3: from lib/ruby/2.6.0/net/protocol.rb:275:in `write0'
2: from lib/ruby/2.6.0/net/protocol.rb:275:in `each_with_index'
1: from lib/ruby/2.6.0/net/protocol.rb:275:in `each'
lib/ruby/2.6.0/net/protocol.rb:280:in `block in write0': undefined method `bytesize' for nil:NilClass (NoMethodError)
```
[Fix GH-2058]
From: Eito Katagiri <eitoball@gmail.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@66799 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Import REXML 3.1.9
It restores removed REXML::Parsers::BaseParser::UNQME_STR.
Because it's used by kramdown.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@66542 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66511 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
This includes performance improvement especially writing. Writing is
about 2 times faster.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66507 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It fixed the issues of RubyGems 3.0.0.
https://blog.rubygems.org/2018/12/23/3.0.1-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66499 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Patch by Shuji Kobayashi.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66496 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
See https://github.com/ruby/rexml/blob/master/NEWS.md for change summary.
Changes for spec/ has been reported: https://github.com/ruby/spec/pull/639
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66458 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
So that a customized HTTPServer subclass can use it's own
Request/Response classes.
To apply the override, make a subclass of WEBrick::HTTPServer
and override the
`create_request_and_response(with_webrick_config)` method. The
method should return an Array of [request, response].
To check whether the Server supports this method (i.e. when
using older versions of WEBrick when needing this
functionality), you can ask the server if it responds to the
method
server.respond_to?(:create_request_and_response)
This is backportable.
[ruby-core:69604] [Feature #11266]
From: Julik Tarkhanov <me@julik.nl>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66452 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
https://blog.rubygems.org/2018/12/19/3.0.0-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66451 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66450 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
- Enable frozen_string_literal and do a bit of code cleanup
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66432 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-core:90525] [Bug #15411]
From: zverok (Victor Shepelev) <zverok.offline@gmail.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
So that classes which uses Net::HTTP with https can use OpenSSL
namespace for example exception classes like OpenSSL::SSL::SSLError.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66401 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
OpenSSL maybe aren't loaded in rubygems.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66400 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66395 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66358 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66357 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix and improve version string by @stomar
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66356 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66354 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
revert r43582, r49173 and r49177.
open3 arguments uses spawn-like keyword arguments.
Both symbol and integer keys are used.
```
Open3.capture2(*command, :in => IO::NULL, 3 => IO::NULL)
``
This style cannot be supported with keyword splat (**) since Ruby 2.6.
Because Ruby 2.6 prohibits symbol/non-symbol key hash separation.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66352 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66349 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* [BudlerVersionFinder] set .filter! and .compatible? to match only on major versions https://github.com/rubygems/rubygems/pull/2515
* Fix broken symlink that points to ../* https://github.com/rubygems/rubygems/pull/2516
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66347 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66338 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
We have the platform issue on heroku:
* https://gist.github.com/schneems/26452540f6e2bbbcf2ea144f45f6b305
* https://github.com/heroku/heroku-buildpack-ruby/issues/833
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Stringify after downcase, to restrict arguments.
[Bug#15394]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66321 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66320 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
to prevent send Host header twice accidentally.
From: Sangyong Sim <sangyong-sim@cookpad.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66319 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/net/protocol.rb (ReadTimeout, WriteTimeout): Net::ReadTimeout and Net::WriteTimeout should tell the cause socket
[Feature #14832] [ruby-core:87440]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66308 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66286 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
and allow to initialize again when obj.dup.
Suggested by Benoit Daloze. [ruby-core:88504] [Feature #15000]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66215 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
- common.mk: Change Unicode version to 11.0.0, and Emoji version to 11.0
- test/ruby/enc/test_emoji_breaks.rb: update hard-coded Emoji version
- enc/unicode/11.0.0, enc/unicode/11.0.0/casefold.h, enc/unicode/name2ctype.h:
Add generated files. Files for Unicode 10.0.0 will be removed once we are
sure 11.0.0 works.
- lib/unicode_normalize/tables.rb: Updated table.
- regparse.c: Almost completely reimplement grapheme cluster detection in
function node_extended_grapheme_cluster().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It's release version of Bundler 2
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66204 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66189 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* Fixed https://github.com/rubygems/rubygems/pull/2506
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66188 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* https://rubyci.org/logs/rubyci.s3.amazonaws.com/ubuntu/ruby-trunk/log/20181203T093003Z.fail.html.gz
* https://rubyci.org/logs/rubyci.s3.amazonaws.com/arch/ruby-trunk/log/20181203T090002Z.fail.html.gz
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66163 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
OpenSSL complains abour our keys being small and weak :<
Make them big and strong with 2048-bit RSA keys and SHA256 digests
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66153 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
OpenSSL complains abour our keys being small and weak :<
Make them big and strong with 2048-bit RSA keys and SHA256 digests
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[Bug #15322]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Time.strptime does not support %3N, %6N, and %9N.
close [Bug #15322]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66145 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
`pp(1..)` should print `"(1..)"` instead of `"(1..nil)"`.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66143 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ast.c (rb_ast_node_type): simplified to return a Symbol without
"NODE_" prefix.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66142 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|