diff options
author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2019-09-25 21:34:55 +0900 |
---|---|---|
committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2019-09-26 17:48:01 +0900 |
commit | 1eb503373e808b9cd2e1dbff5ec72d151a74d981 (patch) | |
tree | d4fcdd32eb7c799e8fcbb0f7aa983df3befc82bd /lib | |
parent | 0b65a7a19e949eece72a6a961a2642c0e5e19eb0 (diff) | |
download | ruby-1eb503373e808b9cd2e1dbff5ec72d151a74d981.tar.gz |
[rubygems/rubygems] filter dependency type and name strictly.
Co-authored-by: Yusuke Endoh <mame@ruby-lang.org>
https://github.com/rubygems/rubygems/commit/92892bbc3a
Diffstat (limited to 'lib')
-rw-r--r-- | lib/rubygems/installer.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/rubygems/installer.rb b/lib/rubygems/installer.rb index 898f6e46a1..0ffddc52fc 100644 --- a/lib/rubygems/installer.rb +++ b/lib/rubygems/installer.rb @@ -754,7 +754,11 @@ class Gem::Installer raise Gem::InstallError, "#{spec} has an invalid specification_version" end - if spec.dependencies.any? {|dep| dep.type =~ /\R/ || dep.name =~ /\R/ } + if spec.dependencies.any? {|dep| dep.type != :runtime && dep.type != :development } + raise Gem::InstallError, "#{spec} has an invalid dependencies" + end + + if spec.dependencies.any? {|dep| dep.name =~ /(?:\R|[<>])/ } raise Gem::InstallError, "#{spec} has an invalid dependencies" end end |