Since 9e21dd9, Gem::Package::TarWriter#add_file adds the file to
the tar with Gem.source_date_epoch for its mtime.
This behavior breaks the code depending on the previous add_file
behavior.
Therefore, add_file accepts mtime as an argument, and uses
Gem.source_date_epoch if not specified.
7020ea98a0
For now, on a small rails app I have hanging around:
```
==> memprof.after.txt <==
Total allocated: 872.51 MB (465330 objects)
Total retained: 40.48 kB (326 objects)
==> memprof.before.txt <==
Total allocated: 890.79 MB (1494026 objects)
Total retained: 40.40 kB (328 objects)
```
Not a huge difference in memory usage, but it's a drastic improvement
in total number of allocations.
Additionally, this will pay huge dividends once
https://github.com/ruby/zlib/pull/61 is merged, as it will allow us to
completely avoid allocations in the repeated calls to readpartial,
which currently accounts for most of the memory usage shown above.
f78d45d927
Gem::Package::TarReader::Entry now raises EOFError or returns nil
appropriately based on Ruby core IO.read and IO.readpartial behavior.
Zlib will respond accordingly by raising Zlib::GzipFile::Error on EOF.
When verifying a gem or extracting contents, raise FormatError similar
to other cases of corrupt gems.
Addresses a bug where Gem::Package would attempt to call size on nil
instead of raising a more descriptive and useful error, leading users
to assume the problem is internal to rubygems.
Remove unused error class TarReader::UnexpectedEOF that was never raised
since the NoMethodError on nil would happen first. Use EOFError instead.
dc6129644b
String#unpack("C*") is equivalent to String#bytes and Array#inject {|a,b| a + b } is equivalent to Array#sum.
This is a minor enhancement in terms of speed and readability.
TarReader#each previously implemented a partial version of seek.
This code moved to Entry#seek for use from TarReader#each.
Entry#close now returns nil instead of true, like IO#close.
Closing an Entry now seeks to the end of the Entry, seeking past
any remaining zero byte tar file padding and moving the io to the
correcty position to read the next file in the archive.
Uses seek for Entry#rewind and #pos=, fixing the tar->gzip->tar nested
rewind that would break previous to this change.
Add Entry.open that behaves more like File.open.
f5149565d5
TarReader is used as an IO object, but doesn't behave the same as other
implementations. These fixes make `read` and `readpartial` conform to the
interface of StringIO and File.
bba32d7217
The previous commit introduces the Gem::Security.create_digest method, allowing to:
- decouple algorithm choice from implementation (OpenSSL or Ruby built-in)
- untangle the SHA512 fallback for TarWriter from the generic hashing digest choice (undoing commit 9471f8ed2bdc12248d2619bbbce6e53cd6c16cb6)
1bc03231e4
Fixes#2290.
1. `Gem::Specification.date` returns SOURCE_DATE_EPOCH when defined,
2. this commit makes RubyGems set it _persistently_ when not provided.
This combination means that you can build a gem, check the build time,
and use that value to generate a new build -- and then verify they're
the same.
d830d53f59
`Gem::Package::TarWriter#add_file_signed` expects to fallback to
`Digest::SHA512`, and `digest.respond_to? :name` or not.
So lib/rubygems/security.rb should use same logic for
`Gem::Security::DIGEST_ALGORITHM` and `Gem::Security::DIGEST_NAME`.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63851 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* It drop to support < Ruby 2.2
* Cleanup deprecated methods and classes.
* Mark obsoleted methods to deprecate.
* and other enhancements.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63528 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
