diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-16 13:42:19 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-16 13:42:19 +0300 |
commit | 84d1bd786125c1c14a3ba5f63e38a4cc736a9027 (patch) | |
tree | f550fa965f507077e20dbb6d61a8269a99ef7107 /vendor/gems/bundler-checksum/lib | |
parent | 3a105e36e689f7b75482236712f1a47fd5a76814 (diff) |
Add latest changes from gitlab-org/gitlab@16-8-stable-eev16.8.0-rc42
Diffstat (limited to 'vendor/gems/bundler-checksum/lib')
3 files changed, 19 insertions, 8 deletions
diff --git a/vendor/gems/bundler-checksum/lib/bundler_checksum.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum.rb index b3d36521f24..083082c0ab1 100644 --- a/vendor/gems/bundler-checksum/lib/bundler_checksum.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum.rb @@ -41,12 +41,18 @@ module Bundler raise "#{@package.inspect} does not have :@gem" unless source raise "#{source.inspect} does not respond to :with_read_io" unless source.respond_to?(:with_read_io) - digest = source.with_read_io do |io| - digest = SharedHelpers.digest(:SHA256).new - digest << io.read(16_384) until io.eof? - io.rewind - send(checksum_type(checksum), digest) - end + digest = + if Gem::Version.new(Bundler::VERSION) >= Gem::Version.new("2.5.0") + gem_checksum.digest + else + source.with_read_io do |io| + digest = SharedHelpers.digest(:SHA256).new + digest << io.read(16_384) until io.eof? + io.rewind + send(checksum_type(checksum), digest) + end + end + unless digest == checksum raise SecurityError, <<-MESSAGE Bundler cannot continue installing #{spec.name} (#{spec.version}). diff --git a/vendor/gems/bundler-checksum/lib/bundler_checksum/command/init.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/init.rb index 1d8db7d78fa..7b4b29acf4f 100644 --- a/vendor/gems/bundler-checksum/lib/bundler_checksum/command/init.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/init.rb @@ -11,8 +11,13 @@ module BundlerChecksum::Command checksums = [] + require "bundler/vendored_uri" + args = [nil, Bundler::Source::Rubygems::Remote.new(Bundler::URI("https://rubygems.org")), nil] + # gem_remote_fetcher added in https://github.com/rubygems/rubygems/pull/7092/ + args << nil if Gem::Version.new(Bundler::VERSION) >= Gem::Version.new("2.5.0") + compact_index_cache = Bundler::Fetcher::CompactIndex - .new(nil, Bundler::Source::Rubygems::Remote.new(Bundler::URI("https://rubygems.org")), nil) + .new(*args) .send(:compact_index_client) .instance_variable_get(:@cache) diff --git a/vendor/gems/bundler-checksum/lib/bundler_checksum/command/lint.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/lint.rb index 0f1249dcf71..a515a6d31ea 100644 --- a/vendor/gems/bundler-checksum/lib/bundler_checksum/command/lint.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/lint.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -require 'set' +require 'set' # rubocop:disable Lint/RedundantRequireStatement -- Ruby 3.1 and earlier needs this. Drop this line after Ruby 3.2+ is only supported. module BundlerChecksum::Command module Lint |