* lib/rubygems: Update to RubyGems master dcce4ff. Important changes

  in this commit:

  Remove automatic detection of gem dependencies files.  This prevents a
  security hole as described in [ruby-core:58490]

  Fixed bugs for installing git gems.

* test/rubygems:  ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43806 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

3 files changed, 10 insertions, 4 deletions

diff --git a/lib/rubygems/resolver/composed_set.rb b/lib/rubygems/resolver/composed_set.rb
index 702bd9ccfc..19227e095b 100644
--- a/lib/rubygems/resolver/composed_set.rb
+++ b/lib/rubygems/resolver/composed_set.rb
@@ -23,9 +23,9 @@ class Gem::Resolver::ComposedSet < Gem::Resolver::Set
   # Finds all specs matching +req+ in all sets.
 
   def find_all req
-    res = []
-    @sets.each { |s| res += s.find_all(req) }
-    res
+    @sets.map do |s|
+      s.find_all req
+    end.flatten
   end
 
   ##
diff --git a/lib/rubygems/source/git.rb b/lib/rubygems/source/git.rb
index 82690923ff..c4f2724645 100644
--- a/lib/rubygems/source/git.rb
+++ b/lib/rubygems/source/git.rb
@@ -121,6 +121,12 @@ class Gem::Source::Git < Gem::Source
   end
 
   ##
+  # Nothing to download for git gems
+
+  def download full_spec, path # :nodoc:
+  end
+
+  ##
   # The directory where the git gem will be installed.
 
   def install_dir # :nodoc:
diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb
index 22e2981198..2bcc2c0ef2 100644
--- a/lib/rubygems/specification.rb
+++ b/lib/rubygems/specification.rb
@@ -2177,7 +2177,7 @@ class Gem::Specification < Gem::BasicSpecification
   # Used by Gem::Resolver to order Gem::Specification objects
 
   def source # :nodoc:
-    self
+    Gem::Source::Installed.new
   end
 
   ##