Age | Commit message (Collapse) | Author |
|
Mitigate the security risk:
https://devcraft.io/2021/01/07/universal-deserialisation-gadget-for-ruby-2-x-3-x.html
https://github.com/rubygems/rubygems/commit/141c2f4388
|
|
After reading [this blog
post](https://blog.rubygems.org/2011/08/31/shaving-the-yaml-yak.html),
published almost 10 years ago already, my understanding is that this
problem could come up in two ways:
* Rubygems.org serving corrupted gemspecs". As far as I understand this
was fixed in rubygems.org a lot time ago, since
https://github.com/rubygems/rubygems.org/pull/331.
* Clients having a ten years old gemspec cache with some of these bad
gemspecs. In this case, there's no easy solution but I think ten years
is enough and rebuilding the cache should do the trick.
So, I think it's time we remove this.
https://github.com/rubygems/rubygems/commit/afcb15d556
|
|
A fresh `gem install` might not reproduce the exact `bundle install`
environment that originally caused the error. It also makes it harder
for the user to troubleshoot the error since she needs to run a separate
command.
Instead, show the original error and backtrace directly.
https://github.com/rubygems/rubygems/commit/49c2abfec6
|
|
For example, due to extension compilation issues.
https://github.com/rubygems/rubygems/commit/adbe55bb6a
|
|
To mimic built-in rubygems behaviour, only thing that should be
approximated is the lockfile version. Other alternatives like
`BUNDLER_VERSION` should be respected exactly.
https://github.com/rubygems/rubygems/commit/dbd667d4bc
|
|
relative file
Ruby 1.9.2 removed "." from LOAD_PATH for robustness and security reasons.
This code was introduced by https://github.com/rubygems/rubygems/commit/56fc830e19a573a5905eba7f4714ad1f21ed1927 commit
to helping users understand the issue and had a guard condition to include the message for `RUBY_VERSION >= "1.9"`.
However, the guard condition was removed as part of the "Ruby version leftover" cleanup by
https://github.com/rubygems/rubygems/commit/8c9cf76e419fbd8ba83144d701b24ca388813b14
Ruby 1.9 development was ended a long time ago and this message is not useful anymore.
https://github.com/rubygems/rubygems/commit/a23609b15a
|
|
The existing interrupt handling using `SharedHelpers.trap` fails when the previous
handler for a signal is not callable (for example, when it is the string "DEFAULT").
Instead, we now handle interrupts by aborting the process when worker threads are
running, and restore the previous handler after worker threads are finished.
Fixes #4764.
https://github.com/rubygems/rubygems/commit/b9f455d487
|
|
Support int that follow on symbeg in IRB
https://github.com/ruby/irb/commit/90cb27b1bd
|
|
https://github.com/ruby/irb/commit/e7d71fea46
|
|
https://github.com/ruby/racc/commit/2f6f02e5c1
|
|
https://github.com/ruby/racc/commit/d044ae883f
|
|
https://github.com/ruby/racc/commit/2e8d7d286d
|
|
rake task
https://github.com/ruby/racc/commit/ec7d01980a
|
|
https://github.com/ruby/racc/commit/27e2a64e13
|
|
https://github.com/rubygems/rubygems/commit/c4004fadd9
|
|
install`'s help
https://github.com/rubygems/rubygems/commit/b7b7d16aa8
|
|
it turns out that running `bundle plugin uninstall some-plugin` would remove that plugin from the list of hooks, but if the list of hooks for an event was now empty, we would serialize the empty array into yaml as an empty single bullet item. which would then get unserialized as a plugin with the name empty string. which we would then try to load and explode. 😬
https://github.com/rubygems/rubygems/commit/545ebba9a5
|
|
https://github.com/rubygems/rubygems/commit/e64b1f3497
|
|
When a development dependency was duplicated inside the gemspec and
Gemfile with the same requirements, we went from printing a warning to
removing the gem altogether.
This change makes it not print a warning, but don't remove the gem
either.
https://github.com/rubygems/rubygems/commit/8bb2488131
|
|
[Fixes #4733]
https://github.com/rubygems/rubygems/commit/fce7f3eb7d
|
|
|
|
https://github.com/ruby/irb/commit/6160d74199
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4648
|
|
are :time and :stackprof
https://github.com/ruby/irb/commit/759be5a344
|
|
https://github.com/ruby/error_highlight/commit/9d671284cb
|
|
Now, the highlight line is created by replacing non-tab characters with
spaces, and keeping all hard tabs as-is. This means the highlight line
has the completely same indentation as the code snippet line.
Fixes #7
https://github.com/ruby/error_highlight/commit/38f20fa542
|
|
characters
See https://github.com/ruby/error_highlight/issues/4
https://github.com/ruby/error_highlight/commit/c20efd3961
|
|
Co-authored-by: Nobuyoshi Nakada <nobu@ruby-lang.org>
https://github.com/ruby/irb/commit/b431742430
|
|
This fixes at least an issue where irb will incorrectly assume
code opens a heredoc when it does not, such as this code:
```ruby
s1 = 'testing'
s2 = 'this'
s2 <<s1
p s1
s1
```
Ruby parses the `s2 <<s1` as `s2.<<(s1)`, not as a heredoc, because
`s2` is a local variable in scope. irb was using ripper without
letting ripper know that `s2` was a local variable, so ripper would
lex it as a heredoc instead of a method call.
Fix the situation by prepending a line at line 0 with all local
variable definitions in scope whenever lexing. This fixes the
heredoc issue, and potentially other issues that depend on whether
an identifier is a local variable or not.
Fixes [Bug #17530]
https://github.com/ruby/irb/commit/4ed2187f76
|
|
To check for variables accessible but not declared.
|
|
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4634
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4533
|
|
https://github.com/ruby/rdoc/commit/0a3a674583
|
|
https://github.com/ruby/rdoc/commit/424bd5db4d
|
|
https://github.com/ruby/rdoc/commit/caf234665c
|
|
https://github.com/ruby/rdoc/commit/85bb2d33bb
|
|
ref. https://github.com/rails/rails/blob/168ddaa08a63cd956bb7c3ba10be1a7ae36d4ee2/activerecord/lib/active_record/core.rb#L9-L20
https://github.com/ruby/rdoc/commit/a2d651dade
Co-authored-by: Fumiaki MATSUSHIMA <mtsmfm@gmail.com>
|
|
Fixes #814
Signed-off-by: Ulysse Buonomo <buonomo.ulysse@gmail.com>
https://github.com/ruby/rdoc/commit/b45f747216
|
|
ri supports 'ruby:' as a kind of "pseudo gem name" to display files of the core Ruby documentation such as syntax and NEWS. Add the appropriate documentation to the description of options shown by "ri --help".
https://github.com/ruby/rdoc/commit/a0e5df6702
|
|
|
|
|
|
When the original source code is erb, RubyVM::AST.of does not work well.
https://github.com/rails/rails/issues/42678.
https://github.com/ruby/error_highlight/commit/b1572761a6
|
|
standard libraries
https://github.com/ruby/irb/commit/7092ad2ab5
|
|
Rescuing StandardError is prone to bugs caused by a typo or obsoleted methods.
https://github.com/ruby/irb/commit/eb5260fcd5
|
|
such as `ls 42`, `ls :sym` and so on
https://github.com/ruby/irb/commit/b1d436a853
|
|
Ruby 3.1
https://github.com/ruby/error_highlight/commit/2dca1446c9
|
|
|
|
https://github.com/ruby/error_highlight/commit/8d483c251e
|
|
https://github.com/ruby/error_highlight/commit/acb2046a82
|