diff options
author | hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-03-05 03:32:58 +0000 |
---|---|---|
committer | hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-03-05 03:32:58 +0000 |
commit | 08f8cfe14e0f8937e3bcf8a22becdc5ce60b920e (patch) | |
tree | 30977064b5f93f9ac5b01b2a676f6d6ffdcec652 /lib/rubygems/commands/owner_command.rb | |
parent | 593505ac6f802d2b5bff469425b7c76b65cc9b10 (diff) | |
download | ruby-08f8cfe14e0f8937e3bcf8a22becdc5ce60b920e.tar.gz |
Merge RubyGems upstream: 56c0bbb69e4506bda7ef7f447dfec5db820df20b
It fixed the multiple vulnerabilities.
https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/rubygems/commands/owner_command.rb')
-rw-r--r-- | lib/rubygems/commands/owner_command.rb | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/lib/rubygems/commands/owner_command.rb b/lib/rubygems/commands/owner_command.rb index 9fcabaa9f8..f8e68c48e7 100644 --- a/lib/rubygems/commands/owner_command.rb +++ b/lib/rubygems/commands/owner_command.rb @@ -2,9 +2,11 @@ require 'rubygems/command' require 'rubygems/local_remote_options' require 'rubygems/gemcutter_utilities' +require 'rubygems/text' class Gem::Commands::OwnerCommand < Gem::Command + include Gem::Text include Gem::LocalRemoteOptions include Gem::GemcutterUtilities @@ -68,7 +70,7 @@ permission to. end with_response response do |resp| - owners = Gem::SafeYAML.load resp.body + owners = Gem::SafeYAML.load clean_text(resp.body) say "Owners for gem: #{name}" owners.each do |owner| @@ -89,11 +91,6 @@ permission to. owners.each do |owner| begin response = send_owner_request(method, name, owner) - - if need_otp? response - response = send_owner_request(method, name, owner, true) - end - action = method == :delete ? "Removing" : "Adding" with_response response, "#{action} #{owner}" @@ -105,11 +102,11 @@ permission to. private - def send_owner_request(method, name, owner, use_otp = false) + def send_owner_request(method, name, owner) rubygems_api_request method, "api/v1/gems/#{name}/owners" do |request| request.set_form_data 'email' => owner request.add_field "Authorization", api_key - request.add_field "OTP", options[:otp] if use_otp + request.add_field "OTP", options[:otp] if options[:otp] end end |