| Age | Commit message (Collapse) | Author |
|---|
| https://.com/rubygems/rubygems/commit/5956e7f8e5 |
| mutable dependencies array That restores support for compact index dummy implementations that only lists versions, without checksums or dependencies. This format is undocumented, so we may want to get rid of it in the future. However, some of our tests rely on it, and some implementations did use it (gems.mutant.dev at least). And the way the code was written suggest that support was intentional. So for now, we should restore it. https://.com/rubygems/rubygems/commit/0427d8c983 |
| Removes usage of these classes as ACE gadgets See https://nastystereo.com/security/ruby-3.4-deserialization.html Signed-off-by: Samuel Giddins <[email protected]> https://.com/rubygems/rubygems/commit/89ad04db86 |
| https://.com/rubygems/rubygems/commit/d8d68cc00e |
| clearing results from all sources https://.com/rubygems/rubygems/commit/0549ddbcc5 |
| has extensions and `gemspec` DSL is being used In a `bundle exec` context, the local specification will actually be part of the known specifications, so RubyGems will assume it has already been installed, which is not actually true. This will cause `RequestSet` to rebuild extensions for a gem that's not actually installed, causing errors. The fix is to make sure detection of installed activation requests considers not only that there's a known spec with the same full name as the one being installed, but also that this spec is installed in the same gem_home were pretend to install the new gem. https://.com/rubygems/rubygems/commit/a8ef1286a6 |
| Every time a gem is not found in the Compact Index API, RubyGems will fallback to the full index, which is very slow. This is unnecessary because both indexes should be providing the same gems, so if a gem can't be found in the Compact Index API, it won't be found in the full index. We _do_ want a fallback to the full index, whenever the Compact Index API is not implemented. To detect that, we check that the API responds to the "/versions" endpoint, just like Bundler does. Before: ``` $ time gem install fooasdsfafs ERROR: Could not find a valid gem 'fooasdsfafs' (>= 0) in any repository gem 20,77s user 0,59s system 96% cpu 22,017 total ``` After: ``` $ time gem install fooasdsfafs ERROR: Could not find a valid gem 'fooasdsfafs' (>= 0) in any repository gem 5,02s user 0,09s system 91% cpu 5,568 total ``` https://.com/rubygems/rubygems/commit/c0d6b9eea7 |
| not properly compared They were delegating their `#hash` value to a class not overriding that method, and so were returning inconsistent results. https://.com/rubygems/rubygems/commit/723e4ee0fc |
| https://.com/rubygems/rubygems/commit/d7c15f6fd7 |
| |
| |
| reproducible Helps ensure that unsuspecting diffs to the vendored code arent accidentally introduced https://.com/rubygems/rubygems/commit/7c425d49dd |
| This still allocates a ton (a string for each line, plus a bunch of splits into arrays), but it helps a bit when Bundler has to go through dependency resolution. ``` ==> memprof.after.txt <== Total allocated: 194.14 MB (2317172 objects) Total retained: 60.81 MB (593164 objects) ==> memprof.before.txt <== Total allocated: 211.97 MB (2404890 objects) Total retained: 62.85 MB (640342 objects) ``` https://.com/rubygems/rubygems/commit/c68b41b0e5 |
| in <code> - fix rubygems.org link - fix zenspider.com link https://.com/rubygems/rubygems/commit/9eaac94a63 |
| https://.com/rubygems/rubygems/commit/ec5f04f7b1 |
| https://.com/rubygems/rubygems/commit/6d9e8025dc |
| https://.com/rubygems/rubygems/commit/132a56569d |
| https://.com/rubygems/rubygems/commit/67ece7b8b6 |
| Notes: Merged: https://.com/ruby/ruby/pull/7582 |
| Notes: Merged: https://.com/ruby/ruby/pull/7582 |
| https://.com/rubygems/rubygems/commit/e5868e92f7 Notes: Merged: https://.com/ruby/ruby/pull/7582 |
| |
| https://.com/rubygems/rubygems/commit/b595d3cf0f |
| https://.com/rubygems/rubygems/commit/7c1168c623 |
| https://.com/rubygems/rubygems/commit/add44e56eb |
| https://.com/rubygems/rubygems/commit/1c3356a872 |
| https://.com/rubygems/rubygems/commit/5c88c77873 |
| https://.com/rubygems/rubygems/commit/acb0548bf6 |
| from https://.com/rubygems/rubygems/commit/0635c1423db5d7c461d53bf0c3329bca75de7609 Notes: Merged: https://.com/ruby/ruby/pull/7094 |
| And configure tsort to be vendored as a dependency of Molinillo. https://.com/rubygems/rubygems/commit/8ec749f891 |
| Gem::Resolver::InstallerSet https://.com/rubygems/rubygems/commit/05cb5410cb |
| Pick from https://.com/rubygems/rubygems/commit/dfbb5a38114640e0d8d616861607f3de73ee0199 Notes: Merged: https://.com/ruby/ruby/pull/6224 |
| https://.com/rubygems/rubygems/commit/f087f1b590 |
| Signed-off-by: Takuya Noguchi <[email protected]> |
| Before: ``` $ gem install sfdsfdsfsdide --force ERROR: While executing gem ... (NoMethodError) undefined method `spec' for nil:NilClass @always_install << newest.spec ^^^^^ ``` After: ``` $ gem install sfdsfdsfsdide --force ERROR: Could not find a valid gem 'sfdsfdsfsdide' (>= 0) in any repository ``` https://.com/rubygems/rubygems/commit/4e2bfd1101 |
| So that it loads a consistent version of the library and `rubygems` is never affected by gem activation conflicts related to `tsort`. Getting CI green required updating one `bundler` spec, because `tsort` is no longer loaded by `bundle clean` until after `BUNDLE_PATH` has been changed, so to ensure it is found, it needs to be installed under `BUNDLE_PATH` as well (which will be different from the global system path on Bundler 3, meaning installing `tsort` to the global system path is not enough there). This spec workaround can be removed once we also vendor `tsort` inside `bundler`. https://.com/rubygems/rubygems/commit/d326880999 |
| https://.com/rubygems/rubygems/commit/ef5f30cba7 |
| The `Gem::Platform::RUBY ? -1 : 1` has been used multiple times in different places and could be refactored to a method (DRY). https://.com/rubygems/rubygems/commit/9d43ca8f0c Notes: Merged: https://.com/ruby/ruby/pull/4789 |
| https://.com/rubygems/rubygems/commit/e3d150d822 Co-authored-by: David Rodríguez <[email protected]> Notes: Merged: https://.com/ruby/ruby/pull/4789 |
| https://.com/rubygems/rubygems/commit/c74fc58695 Notes: Merged: https://.com/ruby/ruby/pull/4789 |
| Notes: Merged: https://.com/ruby/ruby/pull/4367 |
| Notes: Merged: https://.com/ruby/ruby/pull/4143 |
| iff means if and only if, but readers without that knowledge might assume this to be a spelling mistake. To me, this seems like exclusionary language that is unnecessary. Simply using "if and only if" or "whether" should suffice. https://.com/rubygems/rubygems/commit/88318ebc6d |
| 55634a8af18a52df86c4275d70fa1179118bcc20 Notes: Merged: https://.com/ruby/ruby/pull/4021 |
| Notes: Merged: https://.com/ruby/ruby/pull/3982 |
| Notes: Merged: https://.com/ruby/ruby/pull/3901 |
| Notes: Merged: https://.com/ruby/ruby/pull/3864 |
| As far as I could see, `Gem::Resolver::APISpecification` objects are supposed to be immutable. If my guessing is correct, then we can cache and reuse its instances for performance. At least, `rake` passes on my machine. Before this change: ``` $ time ruby -I lib bin/gem install --no-doc aws-sdk Successfully installed aws-sdk-3.0.1 1 gem installed real 0m37.104s user 0m36.952s sys 0m0.333s ``` After this change: ``` $ time ruby -I lib bin/gem install --no-doc aws-sdk Successfully installed aws-sdk-3.0.1 1 gem installed real 0m23.905s user 0m23.740s sys 0m0.365s ``` https://.com/rubygems/rubygems/commit/7e8fbba85c Notes: Merged: https://.com/ruby/ruby/pull/3599 |
| 31a6eaabc165d8a222e176f2c809d90622d88ec2 is obsoleted with https://.com/rubygems/rubygems/pull/3820 |
| Enable Style/EmptyLinesAroundClassBody rubocop cop. |
