| Age | Commit message (Collapse) | Author |
|---|
|
https://github.com/rubygems/rubygems/commit/d478ec403f
|
|
https://github.com/rubygems/rubygems/commit/716666f65f
|
|
For now, on a small rails app I have hanging around:
```
==> memprof.after.txt <==
Total allocated: 872.51 MB (465330 objects)
Total retained: 40.48 kB (326 objects)
==> memprof.before.txt <==
Total allocated: 890.79 MB (1494026 objects)
Total retained: 40.40 kB (328 objects)
```
Not a huge difference in memory usage, but it's a drastic improvement
in total number of allocations.
Additionally, this will pay huge dividends once
https://github.com/ruby/zlib/pull/61 is merged, as it will allow us to
completely avoid allocations in the repeated calls to readpartial,
which currently accounts for most of the memory usage shown above.
https://github.com/rubygems/rubygems/commit/f78d45d927
|
|
https://github.com/rubygems/rubygems/commit/bb66253f2c
|
|
https://github.com/rubygems/rubygems/commit/46258d6cb4
|
|
Previously, `rake install` or `rake update` would fail if there was a non-tar format `.gem` file in the current working directory.
https://github.com/rubygems/rubygems/commit/f562788f1d
|
|
corrupt gem
Gem::Package::TarReader::Entry now raises EOFError or returns nil
appropriately based on Ruby core IO.read and IO.readpartial behavior.
Zlib will respond accordingly by raising Zlib::GzipFile::Error on EOF.
When verifying a gem or extracting contents, raise FormatError similar
to other cases of corrupt gems.
Addresses a bug where Gem::Package would attempt to call size on nil
instead of raising a more descriptive and useful error, leading users
to assume the problem is internal to rubygems.
Remove unused error class TarReader::UnexpectedEOF that was never raised
since the NoMethodError on nil would happen first. Use EOFError instead.
https://github.com/rubygems/rubygems/commit/dc6129644b
|
|
https://github.com/rubygems/rubygems/commit/6d9e8025dc
|
|
|
|
https://github.com/rubygems/rubygems/commit/132a56569d
|
|
https://github.com/rubygems/rubygems/commit/52ae4452c2
|
|
String#sum(0) sums the character bytes without a modulo.
Follow-up of #6476 based on comment from @nobu.
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/05cc97bdf8
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/9d25906e44
Notes:
Merged: https://github.com/ruby/ruby/pull/7582
|
|
https://github.com/rubygems/rubygems/commit/fba6e94de9
|
|
String#unpack("C*") is equivalent to String#bytes and Array#inject {|a,b| a + b } is equivalent to Array#sum.
This is a minor enhancement in terms of speed and readability.
|
|
TarReader#each previously implemented a partial version of seek.
This code moved to Entry#seek for use from TarReader#each.
Entry#close now returns nil instead of true, like IO#close.
Closing an Entry now seeks to the end of the Entry, seeking past
any remaining zero byte tar file padding and moving the io to the
correcty position to read the next file in the archive.
Uses seek for Entry#rewind and #pos=, fixing the tar->gzip->tar nested
rewind that would break previous to this change.
Add Entry.open that behaves more like File.open.
https://github.com/rubygems/rubygems/commit/f5149565d5
|
|
StringIO#read
TarReader is used as an IO object, but doesn't behave the same as other
implementations. These fixes make `read` and `readpartial` conform to the
interface of StringIO and File.
https://github.com/rubygems/rubygems/commit/bba32d7217
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/6330
|
|
Pick from https://github.com/rubygems/rubygems/commit/dfbb5a38114640e0d8d616861607f3de73ee0199
Notes:
Merged: https://github.com/ruby/ruby/pull/6224
|
|
Signed-off-by: Takuya Noguchi <[email protected]>
|
|
Picked at 12aeef6ba9a3be0022be9934c1a3e4c46a03ed3a
Notes:
Merged: https://github.com/ruby/ruby/pull/5462
|
|
https://github.com/rubygems/rubygems/commit/c74fc58695
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4648
|
|
https://github.com/rubygems/rubygems/commit/aa390a3500
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3864
|
|
31a6eaabc165d8a222e176f2c809d90622d88ec2 is obsoleted with
https://github.com/rubygems/rubygems/pull/3820
|
|
Enable Style/EmptyLinesAroundClassBody rubocop cop.
|
|
The previous commit introduces the Gem::Security.create_digest method, allowing to:
- decouple algorithm choice from implementation (OpenSSL or Ruby built-in)
- untangle the SHA512 fallback for TarWriter from the generic hashing digest choice (undoing commit 9471f8ed2bdc12248d2619bbbce6e53cd6c16cb6)
https://github.com/rubygems/rubygems/commit/1bc03231e4
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
|
To normalize the code style with `bundler`.
Notes:
Merged: https://github.com/ruby/ruby/pull/3379
|
|
They are no longer needed since ruby 2.0.
Notes:
Merged: https://github.com/ruby/ruby/pull/3229
|
|
To make rubygems code style consistent with bundler.
Notes:
Merged: https://github.com/ruby/ruby/pull/3229
|
|
https://github.com/rubygems/rubygems/commit/e9e25731d8
Notes:
Merged: https://github.com/ruby/ruby/pull/3092
|
|
https://github.com/rubygems/rubygems/commit/1de8f39ac4
|
|
Fixes #2290.
1. `Gem::Specification.date` returns SOURCE_DATE_EPOCH when defined,
2. this commit makes RubyGems set it _persistently_ when not provided.
This combination means that you can build a gem, check the build time,
and use that value to generate a new build -- and then verify they're
the same.
https://github.com/rubygems/rubygems/commit/d830d53f59
|
|
I picked the commit from 3c469e0da538428a0ddd94f99aa73c32da22e8ba
|
|
It fixed the issues of RubyGems 3.0.0.
https://blog.rubygems.org/2018/12/23/3.0.1-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66499 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* Enable Style/MethodDefParentheses in Rubocop
https://github.com/rubygems/rubygems/pull/2478
* Enable Style/MultilineIfThen in Rubocop
https://github.com/rubygems/rubygems/pull/2479
* Fix required_ruby_version with prereleases and improve error message
https://github.com/rubygems/rubygems/pull/2344
* Fix bundler rubygems binstub not properly looking for bundler
https://github.com/rubygems/rubygems/pull/2426
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65904 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65294 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* It's preparation to release RubyGems 3.0.0.beta2 and Ruby 2.6.0
preview 3.
* https://github.com/rubygems/rubygems/compare/v3.0.0.beta1...fad2eb15a282b19dfcb4b48bc95b8b39ebb4511f
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64555 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
`Gem::Package::TarWriter#add_file_signed` expects to fallback to
`Digest::SHA512`, and `digest.respond_to? :name` or not.
So lib/rubygems/security.rb should use same logic for
`Gem::Security::DIGEST_ALGORITHM` and `Gem::Security::DIGEST_NAME`.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63851 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* It drop to support < Ruby 2.2
* Cleanup deprecated methods and classes.
* Mark obsoleted methods to deprecate.
* and other enhancements.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63528 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It fixed some security vulnerabilities.
http://blog.rubygems.org/2018/02/15/2.7.6-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Please see its details: http://blog.rubygems.org/2018/02/06/2.7.5-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62244 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
It fixed http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
This is RC version of Rubygems 2.7.0.
https://github.com/rubygems/rubygems/commit/688fb7e83c13c3fe7c2bb03c49a2db4c82852aee
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60133 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
HEAD(2c6d256). It contains to update vendored Molinillo to 0.5.0.
https://github.com/rubygems/rubygems/pull/1638
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55441 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
