ruby-changes:72136
From: David <ko1@a...>
Date: Sat, 11 Jun 2022 18:43:55 +0900 (JST)
Subject: [ruby-changes:72136] 965c314e34 (master): [rubygems/rubygems] Move security exception handling to the only place using it
https://git.ruby-lang.org/ruby.git/commit/?id=965c314e34 From 965c314e34d05b196c8e079f868e79633076ad4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Rodr=C3=ADguez?= <deivid.rodriguez@r...> Date: Thu, 9 Jun 2022 11:22:45 +0200 Subject: [rubygems/rubygems] Move security exception handling to the only place using it https://github.com/rubygems/rubygems/commit/ba975b3b7f --- lib/bundler/rubygems_integration.rb | 4 ---- lib/bundler/source/rubygems.rb | 4 ++++ 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/bundler/rubygems_integration.rb b/lib/bundler/rubygems_integration.rb index b5ca9120a2..bf93c57e0b 100644 --- a/lib/bundler/rubygems_integration.rb +++ b/lib/bundler/rubygems_integration.rb @@ -205,10 +205,6 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/rubygems_integration.rb#L205 def spec_from_gem(path, policy = nil) gem_from_path(path, security_policies[policy]).spec - rescue Gem::Security::Exception => e - raise SecurityError, - "The gem #{File.basename(path, ".gem")} can't be installed because " \ - "the security policy didn't allow it, with the message: #{e.message}" end def build_gem(gem_dir, spec) diff --git a/lib/bundler/source/rubygems.rb b/lib/bundler/source/rubygems.rb index 2232e04de5..3cb79667d8 100644 --- a/lib/bundler/source/rubygems.rb +++ b/lib/bundler/source/rubygems.rb @@ -157,6 +157,10 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/rubygems.rb#L157 path = fetch_gem(spec, options[:previous_spec]) begin s = Bundler.rubygems.spec_from_gem(path, Bundler.settings["trust-policy"]) + rescue Gem::Security::Exception => e + raise SecurityError, + "The gem #{File.basename(path, ".gem")} can't be installed because " \ + "the security policy didn't allow it, with the message: #{e.message}" rescue Gem::Package::FormatError Bundler.rm_rf(path) raise -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/