ruby-changes:57918

https://git.ruby-lang.org/ruby.git/commit/?id=1eb503373e

From 1eb503373e808b9cd2e1dbff5ec72d151a74d981 Mon Sep 17 00:00:00 2001
From: Hiroshi SHIBATA <hsbt@r...>
Date: Wed, 25 Sep 2019 21:34:55 +0900
Subject: [rubygems/rubygems] filter dependency type and name strictly.

Co-authored-by: Yusuke Endoh <mame@r...>

https://github.com/rubygems/rubygems/commit/92892bbc3a

diff --git a/lib/rubygems/installer.rb b/lib/rubygems/installer.rb
index 898f6e4..0ffddc5 100644
--- a/lib/rubygems/installer.rb
+++ b/lib/rubygems/installer.rb
@@ -754,7 +754,11 @@ class Gem::Installer https://github.com/ruby/ruby/blob/trunk/lib/rubygems/installer.rb#L754
       raise Gem::InstallError, "#{spec} has an invalid specification_version"
     end
 
-    if spec.dependencies.any? {|dep| dep.type =~ /\R/ || dep.name =~ /\R/ }
+    if spec.dependencies.any? {|dep| dep.type != :runtime && dep.type != :development }
+      raise Gem::InstallError, "#{spec} has an invalid dependencies"
+    end
+
+    if spec.dependencies.any? {|dep| dep.name =~ /(?:\R|[<>])/ }
       raise Gem::InstallError, "#{spec} has an invalid dependencies"
     end
   end
-- 
cgit v0.10.2


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/