archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-08-23 13:04:13 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Merge RubyGems upstream: 56c0bbb69e4506bda7ef7f447dfec5db820df20b

Browse source 
It fixed the multiple vulnerabilities.
  https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
hsbt 2019-03-05 03:32:58 +00:00
parent 593505ac6f
commit 08f8cfe14e
29 changed files with 653 additions and 183 deletions
Download patch file Download diff file Expand all files Collapse all files

8
lib/rubygems/commands/push_command.rb
View file

@ -119,22 +119,18 @@ You can upgrade or downgrade to the latest release version with:
response = send_push_request(name, args)
if need_otp? response
response = send_push_request(name, args, true)
end
with_response response
end
private
def send_push_request(name, args, use_otp = false)
def send_push_request(name, args)
rubygems_api_request(*args) do |request|
request.body = Gem.read_binary name
request.add_field "Content-Length", request.body.size
request.add_field "Content-Type", "application/octet-stream"
request.add_field "Authorization", api_key
request.add_field "OTP", options[:otp] if use_otp
request.add_field "OTP", options[:otp] if options[:otp]
end
end