1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
|
# frozen_string_literal: true
require_relative "../command"
require_relative "../remote_fetcher"
require_relative "../spec_fetcher"
require_relative "../local_remote_options"
class Gem::Commands::SourcesCommand < Gem::Command
include Gem::LocalRemoteOptions
def initialize
require "fileutils"
super "sources",
"Manage the sources and cache file RubyGems uses to search for gems"
add_option "-a", "--add SOURCE_URI", "Add source" do |value, options|
options[:add] = value
end
add_option "--append SOURCE_URI", "Append source (can be used multiple times)" do |value, options|
options[:append] = value
end
add_option "-p", "--prepend SOURCE_URI", "Prepend source (can be used multiple times)" do |value, options|
options[:prepend] = value
end
add_option "-l", "--list", "List sources" do |value, options|
options[:list] = value
end
add_option "-r", "--remove SOURCE_URI", "Remove source" do |value, options|
options[:remove] = value
end
add_option "-c", "--clear-all", "Remove all sources (clear the cache)" do |value, options|
options[:clear_all] = value
end
add_option "-u", "--update", "Update source cache" do |value, options|
options[:update] = value
end
add_option "-f", "--[no-]force", "Do not show any confirmation prompts and behave as if 'yes' was always answered" do |value, options|
options[:force] = value
end
add_proxy_option
end
def add_source(source_uri) # :nodoc:
check_rubygems_https source_uri
source = Gem::Source.new source_uri
check_typo_squatting(source)
begin
if Gem.sources.include? source
say "source #{source_uri} already present in the cache"
else
source.load_specs :released
Gem.sources << source
Gem.configuration.write
say "#{source_uri} added to sources"
end
rescue Gem::URI::Error, ArgumentError
say "#{source_uri} is not a URI"
terminate_interaction 1
rescue Gem::RemoteFetcher::FetchError => e
say "Error fetching #{Gem::Uri.redact(source.uri)}:\n\t#{e.message}"
terminate_interaction 1
end
end
def append_source(source_uri) # :nodoc:
check_rubygems_https source_uri
source = Gem::Source.new source_uri
check_typo_squatting(source)
begin
source.load_specs :released
was_present = Gem.sources.include?(source)
Gem.sources.append source
Gem.configuration.write
if was_present
say "#{source_uri} moved to end of sources"
else
say "#{source_uri} added to sources"
end
rescue Gem::URI::Error, ArgumentError
say "#{source_uri} is not a URI"
terminate_interaction 1
rescue Gem::RemoteFetcher::FetchError => e
say "Error fetching #{Gem::Uri.redact(source.uri)}:\n\t#{e.message}"
terminate_interaction 1
end
end
def prepend_source(source_uri) # :nodoc:
check_rubygems_https source_uri
source = Gem::Source.new source_uri
check_typo_squatting(source)
begin
source.load_specs :released
was_present = Gem.sources.include?(source)
Gem.sources.prepend source
Gem.configuration.write
if was_present
say "#{source_uri} moved to top of sources"
else
say "#{source_uri} added to sources"
end
rescue Gem::URI::Error, ArgumentError
say "#{source_uri} is not a URI"
terminate_interaction 1
rescue Gem::RemoteFetcher::FetchError => e
say "Error fetching #{Gem::Uri.redact(source.uri)}:\n\t#{e.message}"
terminate_interaction 1
end
end
def check_typo_squatting(source)
if source.typo_squatting?("rubygems.org")
question = <<-QUESTION.chomp
#{source.uri} is too similar to https://rubygems.org
Do you want to add this source?
QUESTION
terminate_interaction 1 unless options[:force] || ask_yes_no(question)
end
end
def check_rubygems_https(source_uri) # :nodoc:
uri = Gem::URI source_uri
if uri.scheme && uri.scheme.casecmp("http").zero? &&
uri.host.casecmp("rubygems.org").zero?
question = <<-QUESTION.chomp
https://rubygems.org is recommended for security over #{uri}
Do you want to add this insecure source?
QUESTION
terminate_interaction 1 unless options[:force] || ask_yes_no(question)
end
end
def clear_all # :nodoc:
path = Gem.spec_cache_dir
FileUtils.rm_rf path
if File.exist? path
if File.writable? path
say "*** Unable to remove source cache ***"
else
say "*** Unable to remove source cache (write protected) ***"
end
terminate_interaction 1
else
say "*** Removed specs cache ***"
end
end
def defaults_str # :nodoc:
"--list"
end
def description # :nodoc:
<<-EOF
RubyGems fetches gems from the sources you have configured (stored in your
~/.gemrc).
The default source is https://rubygems.org, but you may have other sources
configured. This guide will help you update your sources or configure
yourself to use your own gem server.
Without any arguments the sources lists your currently configured sources:
$ gem sources
*** NO CONFIGURED SOURCES, DEFAULT SOURCES LISTED BELOW ***
https://rubygems.org
This may list multiple sources or non-rubygems sources. You probably
configured them before or have an old `~/.gemrc`. If you have sources you
do not recognize you should remove them.
RubyGems has been configured to serve gems via the following URLs through
its history:
* http://gems.rubyforge.org (RubyGems 1.3.5 and earlier)
* http://rubygems.org (RubyGems 1.3.6 through 1.8.30, and 2.0.0)
* https://rubygems.org (RubyGems 2.0.1 and newer)
Since all of these sources point to the same set of gems you only need one
of them in your list. https://rubygems.org is recommended as it brings the
protections of an SSL connection to gem downloads.
To add a private gem source use the --prepend argument to insert it before
the default source. This is usually the best place for private gem sources:
$ gem sources --prepend https://my.private.source
https://my.private.source added to sources
RubyGems will check to see if gems can be installed from the source given
before it is added.
To add or move a source after all other sources, use --append:
$ gem sources --append https://rubygems.org
https://rubygems.org moved to end of sources
To remove a source use the --remove argument:
$ gem sources --remove https://my.private.source/
https://my.private.source/ removed from sources
EOF
end
def list # :nodoc:
if configured_sources
header = "*** CURRENT SOURCES ***"
list = configured_sources
else
header = "*** NO CONFIGURED SOURCES, DEFAULT SOURCES LISTED BELOW ***"
list = Gem.sources
end
say header
say
list.each do |src|
say src
end
end
def list? # :nodoc:
!(options[:add] ||
options[:prepend] ||
options[:append] ||
options[:clear_all] ||
options[:remove] ||
options[:update])
end
def execute
clear_all if options[:clear_all]
add_source options[:add] if options[:add]
prepend_source options[:prepend] if options[:prepend]
append_source options[:append] if options[:append]
remove_source options[:remove] if options[:remove]
update if options[:update]
list if list?
end
def remove_source(source_uri) # :nodoc:
source = Gem::Source.new source_uri
if configured_sources&.include? source
Gem.sources.delete source
Gem.configuration.write
if default_sources.include?(source) && configured_sources.one?
alert_warning "Removing a default source when it is the only source has no effect. Add a different source to #{config_file_name} if you want to stop using it as a source."
else
say "#{source_uri} removed from sources"
end
elsif configured_sources
say "source #{source_uri} cannot be removed because it's not present in #{config_file_name}"
else
say "source #{source_uri} cannot be removed because there are no configured sources in #{config_file_name}"
end
end
def update # :nodoc:
Gem.sources.each_source do |src|
src.load_specs :released
src.load_specs :latest
end
say "source cache successfully updated"
end
def remove_cache_file(desc, path) # :nodoc:
FileUtils.rm_rf path
if !File.exist?(path)
say "*** Removed #{desc} source cache ***"
elsif !File.writable?(path)
say "*** Unable to remove #{desc} source cache (write protected) ***"
else
say "*** Unable to remove #{desc} source cache ***"
end
end
private
def default_sources
Gem::SourceList.from(Gem.default_sources)
end
def configured_sources
return @configured_sources if defined?(@configured_sources)
configuration_sources = Gem.configuration.sources
@configured_sources = Gem::SourceList.from(configuration_sources) if configuration_sources
end
def config_file_name
Gem.configuration.config_file_name
end
end
|
