ruby-changes:53080
From: hsbt <ko1@a...>
Date: Mon, 22 Oct 2018 09:27:10 +0900 (JST)
Subject: [ruby-changes:53080] hsbt:r65294 (trunk): Merge rubygems master branch from github.com/rubygems/rubygems.
hsbt 2018-10-22 09:27:02 +0900 (Mon, 22 Oct 2018) New Revision: 65294 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=65294 Log: Merge rubygems master branch from github.com/rubygems/rubygems. Modified files: trunk/lib/rubygems/bundler_version_finder.rb trunk/lib/rubygems/command.rb trunk/lib/rubygems/command_manager.rb trunk/lib/rubygems/commands/build_command.rb trunk/lib/rubygems/commands/cert_command.rb trunk/lib/rubygems/commands/help_command.rb trunk/lib/rubygems/commands/setup_command.rb trunk/lib/rubygems/commands/uninstall_command.rb trunk/lib/rubygems/commands/update_command.rb trunk/lib/rubygems/compatibility.rb trunk/lib/rubygems/config_file.rb trunk/lib/rubygems/defaults.rb trunk/lib/rubygems/dependency.rb trunk/lib/rubygems/doctor.rb trunk/lib/rubygems/ext/builder.rb trunk/lib/rubygems/ext/ext_conf_builder.rb trunk/lib/rubygems/ext/rake_builder.rb trunk/lib/rubygems/install_update_options.rb trunk/lib/rubygems/installer.rb trunk/lib/rubygems/package/tar_header.rb trunk/lib/rubygems/package.rb trunk/lib/rubygems/platform.rb trunk/lib/rubygems/remote_fetcher.rb trunk/lib/rubygems/request_set/gem_dependency_api.rb trunk/lib/rubygems/requirement.rb trunk/lib/rubygems/resolver/source_set.rb trunk/lib/rubygems/resolver/stats.rb trunk/lib/rubygems/safe_yaml.rb trunk/lib/rubygems/security/policies.rb trunk/lib/rubygems/security/policy.rb trunk/lib/rubygems/security/signer.rb trunk/lib/rubygems/security/trust_dir.rb trunk/lib/rubygems/security.rb trunk/lib/rubygems/server.rb trunk/lib/rubygems/source.rb trunk/lib/rubygems/spec_fetcher.rb trunk/lib/rubygems/specification.rb trunk/lib/rubygems/specification_policy.rb trunk/lib/rubygems/stub_specification.rb trunk/lib/rubygems/test_case.rb trunk/lib/rubygems/test_utilities.rb trunk/lib/rubygems/text.rb trunk/lib/rubygems/uninstaller.rb trunk/lib/rubygems/version.rb trunk/lib/rubygems.rb trunk/test/rubygems/simple_gem.rb trunk/test/rubygems/test_gem.rb trunk/test/rubygems/test_gem_command_manager.rb trunk/test/rubygems/test_gem_commands_build_command.rb trunk/test/rubygems/test_gem_commands_cert_command.rb trunk/test/rubygems/test_gem_commands_install_command.rb trunk/test/rubygems/test_gem_commands_pristine_command.rb trunk/test/rubygems/test_gem_commands_setup_command.rb trunk/test/rubygems/test_gem_config_file.rb trunk/test/rubygems/test_gem_dependency_list.rb trunk/test/rubygems/test_gem_ext_rake_builder.rb trunk/test/rubygems/test_gem_install_update_options.rb trunk/test/rubygems/test_gem_path_support.rb trunk/test/rubygems/test_gem_remote_fetcher.rb trunk/test/rubygems/test_gem_source.rb trunk/test/rubygems/test_gem_specification.rb trunk/test/rubygems/test_gem_util.rb Index: lib/rubygems/ext/rake_builder.rb =================================================================== --- lib/rubygems/ext/rake_builder.rb (revision 65293) +++ lib/rubygems/ext/rake_builder.rb (revision 65294) @@ -5,6 +5,8 @@ https://github.com/ruby/ruby/blob/trunk/lib/rubygems/ext/rake_builder.rb#L5 # See LICENSE.txt for permissions. #++ +require "shellwords" + class Gem::Ext::RakeBuilder < Gem::Ext::Builder def self.build(extension, dest_path, results, args=[], lib_dir=nil) @@ -14,9 +16,6 @@ class Gem::Ext::RakeBuilder < Gem::Ext:: https://github.com/ruby/ruby/blob/trunk/lib/rubygems/ext/rake_builder.rb#L16 run cmd, results end - # Deal with possible spaces in the path, e.g. C:/Program Files - dest_path = '"' + dest_path.to_s + '"' if dest_path.to_s.include?(' ') - rake = ENV['rake'] rake ||= begin @@ -26,9 +25,8 @@ class Gem::Ext::RakeBuilder < Gem::Ext:: https://github.com/ruby/ruby/blob/trunk/lib/rubygems/ext/rake_builder.rb#L25 rake ||= Gem.default_exec_format % 'rake' - cmd = "#{rake} RUBYARCHDIR=#{dest_path} RUBYLIBDIR=#{dest_path}" # ENV is frozen - - run cmd, results + rake_args = ["RUBYARCHDIR=#{dest_path}", "RUBYLIBDIR=#{dest_path}", *args] + run "#{rake} #{rake_args.shelljoin}", results results end Index: lib/rubygems/commands/help_command.rb =================================================================== --- lib/rubygems/commands/help_command.rb (revision 65293) +++ lib/rubygems/commands/help_command.rb (revision 65294) @@ -4,7 +4,7 @@ require 'rubygems/command' https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/help_command.rb#L4 class Gem::Commands::HelpCommand < Gem::Command # :stopdoc: - EXAMPLES = <<-EOF + EXAMPLES = <<-EOF.freeze Some examples of 'gem' usage. * Install 'rake', either from local directory or remote server: @@ -53,7 +53,7 @@ Some examples of 'gem' usage. https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/help_command.rb#L53 gem update --system EOF - GEM_DEPENDENCIES = <<-EOF + GEM_DEPENDENCIES = <<-EOF.freeze A gem dependencies file allows installation of a consistent set of gems across multiple environments. The RubyGems implementation is designed to be compatible with Bundler's Gemfile format. You can see additional @@ -230,7 +230,7 @@ default. This may be overridden with th https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/help_command.rb#L230 EOF - PLATFORMS = <<-'EOF' + PLATFORMS = <<-'EOF'.freeze RubyGems platforms are composed of three parts, a CPU, an OS, and a version. These values are taken from values in rbconfig.rb. You can view your current platform by running `gem environment`. @@ -277,7 +277,7 @@ platform. https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/help_command.rb#L277 ["examples", EXAMPLES], ["gem_dependencies", GEM_DEPENDENCIES], ["platforms", PLATFORMS], - ] + ].freeze # :startdoc: def initialize Index: lib/rubygems/commands/uninstall_command.rb =================================================================== --- lib/rubygems/commands/uninstall_command.rb (revision 65293) +++ lib/rubygems/commands/uninstall_command.rb (revision 65294) @@ -20,7 +20,7 @@ class Gem::Commands::UninstallCommand < https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/uninstall_command.rb#L20 add_option('-a', '--[no-]all', 'Uninstall all matching versions' - ) do |value, options| + ) do |value, options| options[:all] = value end Index: lib/rubygems/compatibility.rb =================================================================== --- lib/rubygems/compatibility.rb (revision 65293) +++ lib/rubygems/compatibility.rb (revision 65294) @@ -22,7 +22,7 @@ module Gem https://github.com/ruby/ruby/blob/trunk/lib/rubygems/compatibility.rb#L22 EXEEXT RUBY_SO_NAME arch bindir datadir libdir ruby_install_name ruby_version rubylibprefix sitedir sitelibdir vendordir vendorlibdir rubylibdir - ] + ].freeze unless defined?(ConfigMap) ## Index: lib/rubygems/dependency.rb =================================================================== --- lib/rubygems/dependency.rb (revision 65293) +++ lib/rubygems/dependency.rb (revision 65294) @@ -19,7 +19,7 @@ class Gem::Dependency https://github.com/ruby/ruby/blob/trunk/lib/rubygems/dependency.rb#L19 TYPES = [ :development, :runtime, - ] + ].freeze ## # Dependency name or regular expression. Index: lib/rubygems/install_update_options.rb =================================================================== --- lib/rubygems/install_update_options.rb (revision 65293) +++ lib/rubygems/install_update_options.rb (revision 65294) @@ -63,30 +63,6 @@ module Gem::InstallUpdateOptions https://github.com/ruby/ruby/blob/trunk/lib/rubygems/install_update_options.rb#L63 options[:document] = [] end - add_option(:Deprecated, '--[no-]rdoc', - 'Generate RDoc for installed gems', - 'Use --document instead') do |value, options| - if value then - options[:document] << 'rdoc' - else - options[:document].delete 'rdoc' - end - - options[:document].uniq! - end - - add_option(:Deprecated, '--[no-]ri', - 'Generate ri data for installed gems.', - 'Use --document instead') do |value, options| - if value then - options[:document] << 'ri' - else - options[:document].delete 'ri' - end - - options[:document].uniq! - end - add_option(:"Install/Update", '-E', '--[no-]env-shebang', "Rewrite the shebang line on installed", "scripts to use /usr/bin/env") do |value, options| Index: lib/rubygems/spec_fetcher.rb =================================================================== --- lib/rubygems/spec_fetcher.rb (revision 65293) +++ lib/rubygems/spec_fetcher.rb (revision 65294) @@ -203,9 +203,9 @@ class Gem::SpecFetcher https://github.com/ruby/ruby/blob/trunk/lib/rubygems/spec_fetcher.rb#L203 matches = if matches.empty? && type != :prerelease suggest_gems_from_name gem_name, :prerelease - else - matches.uniq.sort_by { |name, dist| dist } - end + else + matches.uniq.sort_by { |name, dist| dist } + end matches.first(5).map { |name, dist| name } end Index: lib/rubygems/ext/builder.rb =================================================================== --- lib/rubygems/ext/builder.rb (revision 65293) +++ lib/rubygems/ext/builder.rb (revision 65294) @@ -148,9 +148,21 @@ EOF https://github.com/ruby/ruby/blob/trunk/lib/rubygems/ext/builder.rb#L148 def build_extension extension, dest_path # :nodoc: results = [] + # FIXME: Determine if this line is necessary and, if so, why. + # Notes: + # 1. As far as I can tell, this method is only called by +build_extensions+. + # 2. The existence of this line implies +extension+ is, or previously was, + # sometimes +false+ or +nil+. + # 3. #1 and #2 combined suggests, but does not confirm, that + # +@s...+ sometimes contained +false+ or +nil+ values. + # 4. Nothing seems to explicitly handle +extension+ being empty, + # which makes me wonder both what it should do and what it does. + # + # - @duckinator extension ||= '' # I wish I knew why this line existed + extension_dir = - File.expand_path File.join @gem_dir, File.dirname(extension) + File.expand_path File.join(@gem_dir, File.dirname(extension)) lib_dir = File.join @spec.full_gem_path, @spec.raw_require_paths.first builder = builder_for extension @@ -200,6 +212,7 @@ EOF https://github.com/ruby/ruby/blob/trunk/lib/rubygems/ext/builder.rb#L212 FileUtils.rm_f @spec.gem_build_complete_path + # FIXME: action at a distance: @ran_rake modified deep in build_extension(). - @duckinator @ran_rake = false # only run rake once @spec.extensions.each do |extension| Index: lib/rubygems/commands/update_command.rb =================================================================== --- lib/rubygems/commands/update_command.rb (revision 65293) +++ lib/rubygems/commands/update_command.rb (revision 65294) @@ -168,12 +168,8 @@ command to remove old versions. https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/update_command.rb#L168 Dir.chdir update_dir do say "Installing RubyGems #{version}" - # Make sure old rubygems isn't loaded - old = ENV["RUBYOPT"] - ENV.delete("RUBYOPT") if old - installed = system Gem.ruby, 'setup.rb', *args + installed = system Gem.ruby, '--disable-gems', 'setup.rb', *args say "RubyGems system software updated" if installed - ENV["RUBYOPT"] = old if old end end Index: lib/rubygems/commands/setup_command.rb =================================================================== --- lib/rubygems/commands/setup_command.rb (revision 65293) +++ lib/rubygems/commands/setup_command.rb (revision 65294) @@ -9,7 +9,7 @@ class Gem::Commands::SetupCommand < Gem: https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/setup_command.rb#L9 HISTORY_HEADER = /^===\s*[\d.a-zA-Z]+\s*\/\s*\d{4}-\d{2}-\d{2}\s*$/ VERSION_MATCHER = /^===\s*([\d.a-zA-Z]+)\s*\/\s*\d{4}-\d{2}-\d{2}\s*$/ - ENV_PATHS = %w[/usr/bin/env /bin/env] + ENV_PATHS = %w[/usr/bin/env /bin/env].freeze def initialize require 'tmpdir' @@ -84,8 +84,8 @@ class Gem::Commands::SetupCommand < Gem: https://github.com/ruby/ruby/blob/trunk/lib/rubygems/commands/setup_command.rb#L84 add_option '--[no-]regenerate-binstubs', 'Regenerate gem binstubs' do |value, options| - options[:regenerate_binstubs] = value - end + options[:regenerate_binstubs] = value + end add_option('-E', '--[no-]env-shebang', 'Rewrite executables with a shebang', Index: lib/rubygems/security/policy.rb =================================================================== --- lib/rubygems/security/policy.rb (revision 65293) +++ lib/rubygems/security/policy.rb (revision 65294) @@ -196,9 +196,9 @@ class Gem::Security::Policy https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/policy.rb#L196 def inspect # :nodoc: ("[Policy: %s - data: %p signer: %p chain: %p root: %p " + "signed-only: %p trusted-only: %p]") % [ - @name, @verify_chain, @verify_data, @verify_root, @verify_signer, - @only_signed, @only_trusted, - ] + @name, @verify_chain, @verify_data, @verify_root, @verify_signer, + @only_signed, @only_trusted, + ] end ## Index: lib/rubygems/security/trust_dir.rb =================================================================== --- lib/rubygems/security/trust_dir.rb (revision 65293) +++ lib/rubygems/security/trust_dir.rb (revision 65294) @@ -11,7 +11,7 @@ class Gem::Security::TrustDir https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/trust_dir.rb#L11 DEFAULT_PERMISSIONS = { :trust_dir => 0700, :trusted_cert => 0600, - } + }.freeze ## # The directory where trusted certificates will be stored. Index: lib/rubygems/security/policies.rb =================================================================== --- lib/rubygems/security/policies.rb (revision 65293) +++ lib/rubygems/security/policies.rb (revision 65294) @@ -110,7 +110,7 @@ module Gem::Security https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/policies.rb#L110 'MediumSecurity' => MediumSecurity, 'HighSecurity' => HighSecurity, # SigningPolicy is not intended for use by `gem -P` so do not list it - } + }.freeze end Index: lib/rubygems/security/signer.rb =================================================================== --- lib/rubygems/security/signer.rb (revision 65293) +++ lib/rubygems/security/signer.rb (revision 65294) @@ -30,6 +30,15 @@ class Gem::Security::Signer https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/signer.rb#L30 attr_reader :digest_name # :nodoc: ## + # Gem::Security::Signer options + + attr_reader :options + + DEFAULT_OPTIONS = { + expiration_length_days: 365 + }.freeze + + ## # Attemps to re-sign an expired cert with a given private key def self.re_sign_cert(expired_cert, expired_cert_path, private_key) return unless expired_cert.not_after < Time.now @@ -40,7 +49,11 @@ class Gem::Security::Signer https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/signer.rb#L49 Gem::Security.write(expired_cert, new_expired_cert_path) - re_signed_cert = Gem::Security.re_sign(expired_cert, private_key) + re_signed_cert = Gem::Security.re_sign( + expired_cert, + private_key, + (Gem::Security::ONE_DAY * Gem.configuration.cert_expiration_length_days) + ) Gem::Security.write(re_signed_cert, expired_cert_path) @@ -52,10 +65,11 @@ class Gem::Security::Signer https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/signer.rb#L65 # +chain+ containing X509 certificates, encoding certificates or paths to # certificates. - def initialize key, cert_chain, passphrase = nil + def initialize key, cert_chain, passphrase = nil, options = {} @cert_chain = cert_chain @key = key @passphrase = passphrase + @options = DEFAULT_OPTIONS.merge(options) unless @key then default_key = File.join Gem.default_key_path @@ -130,7 +144,9 @@ class Gem::Security::Signer https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/signer.rb#L144 raise Gem::Security::Exception, 'no certs provided' if @cert_chain.empty? if @cert_chain.length == 1 and @cert_chain.last.not_after < Time.now then - re_sign_key + re_sign_key( + expiration_length: (Gem::Security::ONE_DAY * options[:expiration_length_days]) + ) end full_name = extract_name @cert_chain.last @@ -154,7 +170,7 @@ class Gem::Security::Signer https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/signer.rb#L170 # be saved as ~/.gem/gem-public_cert.pem.expired.%Y%m%d%H%M%S where the # expiry time (not after) is used for the timestamp. - def re_sign_key # :nodoc: + def re_sign_key(expiration_length: Gem::Security::ONE_YEAR) # :nodoc: old_cert = @cert_chain.last disk_cert_path = File.join(Gem.default_cert_path) @@ -174,7 +190,7 @@ class Gem::Security::Signer https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security/signer.rb#L190 unless File.exist?(old_cert_path) Gem::Security.write(old_cert, old_cert_path) - cert = Gem::Security.re_sign(old_cert, @key) + cert = Gem::Security.re_sign(old_cert, @key, expiration_length) Gem::Security.write(cert, disk_cert_path) Index: lib/rubygems/command_manager.rb =================================================================== --- lib/rubygems/command_manager.rb (revision 65293) +++ lib/rubygems/command_manager.rb (revision 65294) @@ -69,11 +69,11 @@ class Gem::CommandManager https://github.com/ruby/ruby/blob/trunk/lib/rubygems/command_manager.rb#L69 :update, :which, :yank, - ] + ].freeze ALIAS_COMMANDS = { 'i' => 'install' - } + }.freeze ## # Return the authoritative instance of the command manager. Index: lib/rubygems/text.rb =================================================================== --- lib/rubygems/text.rb (revision 65293) +++ lib/rubygems/text.rb (revision 65294) @@ -73,7 +73,7 @@ module Gem::Text https://github.com/ruby/ruby/blob/trunk/lib/rubygems/text.rb#L73 d[j+1] + 1, # insertion e + 1, # deletion d[j] + cost # substitution - ) + ) d[j] = e e = x end Index: lib/rubygems/bundler_version_finder.rb =================================================================== --- lib/rubygems/bundler_version_finder.rb (revision 65293) +++ lib/rubygems/bundler_version_finder.rb (revision 65294) @@ -104,9 +104,9 @@ To install the missing version, run `gem https://github.com/ruby/ruby/blob/trunk/lib/rubygems/bundler_version_finder.rb#L104 return unless gemfile lockfile = case gemfile - when "gems.rb" then "gems.locked" - else "#{gemfile}.lock" - end.dup.untaint + when "gems.rb" then "gems.locked" + else "#{gemfile}.lock" + end.dup.untaint return unless File.file?(lockfile) Index: lib/rubygems/package/tar_header.rb =================================================================== --- lib/rubygems/package/tar_header.rb (revision 65293) +++ lib/rubygems/package/tar_header.rb (revision 65294) @@ -50,7 +50,7 @@ class Gem::Package::TarHeader https://github.com/ruby/ruby/blob/trunk/lib/rubygems/package/tar_header.rb#L50 :uid, :uname, :version, - ] + ].freeze ## # Pack format for a tar header Index: lib/rubygems/doctor.rb =================================================================== --- lib/rubygems/doctor.rb (revision 65293) +++ lib/rubygems/doctor.rb (revision 65294) @@ -26,7 +26,7 @@ class Gem::Doctor https://github.com/ruby/ruby/blob/trunk/lib/rubygems/doctor.rb#L26 ['doc', ''], ['extensions', ''], ['gems', ''], - ] + ].freeze missing = Gem::REPOSITORY_SUBDIRECTORIES.sort - Index: lib/rubygems/remote_fetcher.rb =================================================================== --- lib/rubygems/remote_fetcher.rb (revision 65293) +++ lib/rubygems/remote_fetcher.rb (revision 65294) @@ -71,13 +71,10 @@ class Gem::RemoteFetcher https://github.com/ruby/ruby/blob/trunk/lib/rubygems/remote_fetcher.rb#L71 # HTTP_PROXY_PASS) # * <tt>:no_proxy</tt>: ignore environment variables and _don't_ use a proxy # - # +dns+: An object to use for DNS resolution of the API endpoint. - # By default, use Resolv::DNS. - # # +headers+: A set of additional HTTP headers to be sent to the server when # fetching the gem. - def initialize(proxy=nil, dns=Resolv::DNS.new, headers={}) + def initialize(proxy=nil, dns=nil, headers={}) require 'net/http' require 'stringio' require 'time' @@ -90,35 +87,10 @@ class Gem::RemoteFetcher https://github.com/ruby/ruby/blob/trunk/lib/rubygems/remote_fetcher.rb#L87 @pool_lock = Mutex.new @cert_files = Gem::Request.get_cert_files - @dns = dns @headers = headers end ## - # Given a source at +uri+, calculate what hostname to actually - # connect to query the data for it. - - def api_endpoint(uri) - host = uri.host - - begin - res = @dns.getresource "_rubygems._tcp.#{host}", - Resolv::DNS::Resource::IN::SRV - rescue Resolv::ResolvError => e - verbose "Getting SRV record failed: #{e}" - uri - else - target = res.target.to_s.strip - - if URI("http://" + target).host.end_with?(".#{host}") - return URI.parse "#{uri.scheme}://#{target}#{uri.path}" - end - - uri - end - end - - ## # Given a name and requirement, downloads this gem into cache and returns the # filename. Returns nil if the gem cannot be located. #-- Index: lib/rubygems/config_file.rb =================================================================== --- lib/rubygems/config_file.rb (revision 65293) +++ lib/rubygems/config_file.rb (revision 65294) @@ -45,6 +45,7 @@ class Gem::ConfigFile https://github.com/ruby/ruby/blob/trunk/lib/rubygems/config_file.rb#L45 DEFAULT_VERBOSITY = true DEFAULT_UPDATE_SOURCES = true DEFAULT_CONCURRENT_DOWNLOADS = 8 + DEFAULT_CERT_EXPIRATION_LENGTH_DAYS = 365 ## # For Ruby packagers to set configuration defaults. Set in @@ -136,6 +137,11 @@ class Gem::ConfigFile https://github.com/ruby/ruby/blob/trunk/lib/rubygems/config_file.rb#L137 attr_accessor :sources ## + # Expiration length to sign a certi (... truncated) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/