diff options
author | hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-03-05 03:32:58 +0000 |
---|---|---|
committer | hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-03-05 03:32:58 +0000 |
commit | 08f8cfe14e0f8937e3bcf8a22becdc5ce60b920e (patch) | |
tree | 30977064b5f93f9ac5b01b2a676f6d6ffdcec652 /lib/rubygems/commands/update_command.rb | |
parent | 593505ac6f802d2b5bff469425b7c76b65cc9b10 (diff) | |
download | ruby-08f8cfe14e0f8937e3bcf8a22becdc5ce60b920e.tar.gz |
Merge RubyGems upstream: 56c0bbb69e4506bda7ef7f447dfec5db820df20b
It fixed the multiple vulnerabilities.
https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/rubygems/commands/update_command.rb')
-rw-r--r-- | lib/rubygems/commands/update_command.rb | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/lib/rubygems/commands/update_command.rb b/lib/rubygems/commands/update_command.rb index c44dcf0bd8..4b182396f3 100644 --- a/lib/rubygems/commands/update_command.rb +++ b/lib/rubygems/commands/update_command.rb @@ -97,8 +97,8 @@ command to remove old versions. if options[:explain] say "Gems to update:" - gems_to_update.each do |(name, version)| - say " #{name}-#{version}" + gems_to_update.each do |name_tuple| + say " #{name_tuple.full_name}" end return @@ -146,18 +146,18 @@ command to remove old versions. hig end - def highest_remote_version(spec) # :nodoc: + def highest_remote_name_tuple(spec) # :nodoc: spec_tuples = fetch_remote_gems spec matching_gems = spec_tuples.select do |g,_| g.name == spec.name and g.match_platform? end - highest_remote_gem = matching_gems.max_by { |g,_| g.version } + highest_remote_gem = matching_gems.max highest_remote_gem ||= [Gem::NameTuple.null] - highest_remote_gem.first.version + highest_remote_gem.first end def install_rubygems(version) # :nodoc: @@ -194,7 +194,7 @@ command to remove old versions. } gems_to_update = which_to_update hig, options[:args], :system - _, up_ver = gems_to_update.first + up_ver = gems_to_update.first.version target = if update_latest up_ver @@ -226,8 +226,8 @@ command to remove old versions. end def update_gems(gems_to_update) - gems_to_update.uniq.sort.each do |(name, version)| - update_gem name, version + gems_to_update.uniq.sort.each do |name_tuple| + update_gem name_tuple.name, name_tuple.version end @updated @@ -271,10 +271,12 @@ command to remove old versions. next if not gem_names.empty? and gem_names.none? { |name| name == l_spec.name } - highest_remote_ver = highest_remote_version l_spec + highest_remote_tup = highest_remote_name_tuple l_spec + highest_remote_ver = highest_remote_tup.version + highest_installed_ver = l_spec.version - if system or (l_spec.version < highest_remote_ver) - result << [l_spec.name, [l_spec.version, highest_remote_ver].max] + if system or (highest_installed_ver < highest_remote_ver) + result << Gem::NameTuple.new(l_spec.name, [highest_installed_ver, highest_remote_ver].max, highest_remote_tup.platform) end end |