Gem::Package::TarReader::Entry now raises EOFError or returns nil
appropriately based on Ruby core IO.read and IO.readpartial behavior.
Zlib will respond accordingly by raising Zlib::GzipFile::Error on EOF.
When verifying a gem or extracting contents, raise FormatError similar
to other cases of corrupt gems.
Addresses a bug where Gem::Package would attempt to call size on nil
instead of raising a more descriptive and useful error, leading users
to assume the problem is internal to rubygems.
Remove unused error class TarReader::UnexpectedEOF that was never raised
since the NoMethodError on nil would happen first. Use EOFError instead.
dc6129644b
String#unpack("C*") is equivalent to String#bytes and Array#inject {|a,b| a + b } is equivalent to Array#sum.
This is a minor enhancement in terms of speed and readability.
TarReader#each previously implemented a partial version of seek.
This code moved to Entry#seek for use from TarReader#each.
Entry#close now returns nil instead of true, like IO#close.
Closing an Entry now seeks to the end of the Entry, seeking past
any remaining zero byte tar file padding and moving the io to the
correcty position to read the next file in the archive.
Uses seek for Entry#rewind and #pos=, fixing the tar->gzip->tar nested
rewind that would break previous to this change.
Add Entry.open that behaves more like File.open.
f5149565d5
TarReader is used as an IO object, but doesn't behave the same as other
implementations. These fixes make `read` and `readpartial` conform to the
interface of StringIO and File.
bba32d7217
The previous commit introduces the Gem::Security.create_digest method, allowing to:
- decouple algorithm choice from implementation (OpenSSL or Ruby built-in)
- untangle the SHA512 fallback for TarWriter from the generic hashing digest choice (undoing commit 9471f8ed2bdc12248d2619bbbce6e53cd6c16cb6)
1bc03231e4
Fixes#2290.
1. `Gem::Specification.date` returns SOURCE_DATE_EPOCH when defined,
2. this commit makes RubyGems set it _persistently_ when not provided.
This combination means that you can build a gem, check the build time,
and use that value to generate a new build -- and then verify they're
the same.
d830d53f59
`Gem::Package::TarWriter#add_file_signed` expects to fallback to
`Digest::SHA512`, and `digest.respond_to? :name` or not.
So lib/rubygems/security.rb should use same logic for
`Gem::Security::DIGEST_ALGORITHM` and `Gem::Security::DIGEST_NAME`.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63851 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* It drop to support < Ruby 2.2
* Cleanup deprecated methods and classes.
* Mark obsoleted methods to deprecate.
* and other enhancements.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63528 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
HEAD(2c6d256). It contains to update vendored Molinillo to 0.5.0.
https://github.com/rubygems/rubygems/pull/1638
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55441 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
It supports to enable frozen string literal and add `--norc` option for
disable to `.gemrc` configuration.
See 2.5.2 release notes for other fixes and enhancements.
a8aa3bac72/History.txt (L3)
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53707 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
When you change this to true, you may need to add more tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
this version contains many enhancements see http://git.io/vtNwF
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51092 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
