Class: Bundler::RubyGemsGemInstaller
Relationships & Source Files | |
Extension / Inclusion / Inheritance Descendants | |
Subclasses:
|
|
Super Chains via Extension / Inclusion / Inheritance | |
Class Chain:
self,
Gem::Installer
|
|
Instance Chain:
self,
Gem::Installer
|
|
Inherits: |
Gem::Installer
|
Defined in: | lib/bundler/rubygems_gem_installer.rb |
Instance Method Summary
- #build_extensions
- #check_executable_overwrite(filename)
- #generate_plugins
- #install
- #pre_install_checks
- #spec
- #base64digest!(digest) private
- #checksum_type(checksum) private
- #hexdigest!(digest) private
- #prepare_extension_build(extension_dir) private
- #strict_rm_rf(dir) private
- #validate_bundler_checksum(checksum) private
Instance Method Details
#base64digest!(digest) (private)
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 162
def base64digest!(digest) if digest.respond_to?(:base64digest!) digest.base64digest! else [digest.digest!].pack("m0") end end
#build_extensions
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 67
def build_extensions extension_cache_path = [:bundler_extension_cache_path] extension_dir = spec.extension_dir unless extension_cache_path && extension_dir prepare_extension_build(extension_dir) return super end build_complete = SharedHelpers.filesystem_access(extension_cache_path.join("gem.build_complete"), :read, &:file?) if build_complete && ! [:force] SharedHelpers.filesystem_access(File.dirname(extension_dir)) do |p| FileUtils.mkpath p end SharedHelpers.filesystem_access(extension_cache_path) do FileUtils.cp_r extension_cache_path, extension_dir end else prepare_extension_build(extension_dir) super SharedHelpers.filesystem_access(extension_cache_path.parent, &:mkpath) SharedHelpers.filesystem_access(extension_cache_path) do FileUtils.cp_r extension_dir, extension_cache_path end end end
#check_executable_overwrite(filename)
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 7
def check_executable_overwrite(filename) # Bundler needs to install gems regardless of binstub overwriting end
#checksum_type(checksum) (private)
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 150
def checksum_type(checksum) case checksum.length when 64 then :hexdigest! when 44 then :base64digest! else raise InstallError, "The given checksum for #{spec.full_name} (#{checksum.inspect}) is not a valid SHA256 hexdigest nor base64digest" end end
#generate_plugins
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 48
def generate_plugins return unless Gem::Installer.instance_methods(false).include?(:generate_plugins) latest = Gem::Specification.stubs_for(spec.name).first return if latest && latest.version > spec.version ensure_writable_dir @plugins_dir if spec.plugins.empty? remove_plugins_for(spec, @plugins_dir) else regenerate_plugins_for(spec, @plugins_dir) end end
#hexdigest!(digest) (private)
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 158
def hexdigest!(digest) digest.hexdigest! end
#install
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 11
def install pre_install_checks run_pre_install_hooks spec.loaded_from = spec_file # Completely remove any previous gem files strict_rm_rf gem_dir strict_rm_rf spec.extension_dir SharedHelpers.filesystem_access(gem_dir, :create) do FileUtils.mkdir_p gem_dir, :mode => 0o755 end extract_files build_extensions if spec.extensions.any? write_build_info_file run_post_build_hooks generate_bin generate_plugins write_spec SharedHelpers.filesystem_access("#{gem_home}/cache", :write) do write_cache_file end say spec. unless spec. .nil? run_post_install_hooks spec end
#pre_install_checks
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 63
def pre_install_checks super && validate_bundler_checksum( [:bundler_expected_checksum]) end
#prepare_extension_build(extension_dir) (private)
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 103
def prepare_extension_build(extension_dir) SharedHelpers.filesystem_access(extension_dir, :create) do FileUtils.mkdir_p extension_dir end require "shellwords" unless Bundler.rubygems.provides?(">= 3.2.25") end
#spec
[ GitHub ]#strict_rm_rf(dir) (private)
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 110
def strict_rm_rf(dir) Bundler.rm_rf dir rescue Errno::ENOTEMPTY => e raise DirectoryRemovalError.new(e.cause, "Could not delete previous installation of `#{dir}`") end
#validate_bundler_checksum(checksum) (private)
[ GitHub ]# File 'lib/bundler/rubygems_gem_installer.rb', line 116
def validate_bundler_checksum(checksum) return true if Bundler.settings[:disable_checksum_validation] return true unless checksum return true unless source = @package.instance_variable_get(:@gem) return true unless source.respond_to?(:with_read_io) digest = source.with_read_io do |io| digest = SharedHelpers.digest(:SHA256).new digest << io.read(16_384) until io.eof? io.rewind send(checksum_type(checksum), digest) end unless digest == checksum raise SecurityError, <<-MESSAGE Bundler cannot continue installing #{spec.name} (#{spec.version}). The checksum for the downloaded `#{spec.full_name}.gem` does not match \ the checksum given by the server. This means the contents of the downloaded \ gem is different from what was uploaded to the server, and could be a potential security issue. To resolve this issue: 1. delete the downloaded gem located at: `#{spec.gem_dir}/#{spec.full_name}.gem` 2. run `bundle install` If you wish to continue installing the downloaded gem, and are certain it does not pose a \ security issue despite the mismatching checksum, do the following: 1. run `bundle config set --local disable_checksum_validation true` to turn off checksum verification 2. run `bundle install` (More info: The expected SHA256 checksum was #{checksum.inspect}, but the \ checksum for the downloaded gem was #{digest.inspect}.) MESSAGE end true end