summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorMartin Emde <[email protected]>2023-12-13 11:15:51 -0800
committergit <[email protected]>2023-12-13 20:28:37 +0000
commit7f4b271a61a11b0254304b78db72fd2c954a4370 (patch)
treed5b9044cfff2ee8c99d7fb18d59f98595fd2660f /lib
parent14c7895c21bee44934336a9a9ea94aefc5cc7879 (diff)
[rubygems/rubygems] Store Checksum::Store indexed by spec.lock_name
https://github.com/rubygems/rubygems/commit/34d6c6c72f
Diffstat (limited to 'lib')
-rw-r--r--lib/bundler/checksum.rb32
-rw-r--r--lib/bundler/errors.rb8
2 files changed, 20 insertions, 20 deletions
diff --git a/lib/bundler/checksum.rb b/lib/bundler/checksum.rb
index abc635bd4d..633aab5f10 100644
--- a/lib/bundler/checksum.rb
+++ b/lib/bundler/checksum.rb
@@ -165,8 +165,8 @@ module Bundler
def initialize_copy(other)
@store = {}
- other.store.each do |name_tuple, checksums|
- store[name_tuple] = checksums.dup
+ other.store.each do |lock_name, checksums|
+ store[lock_name] = checksums.dup
end
end
@@ -175,7 +175,7 @@ module Bundler
end
def fetch(spec, algo = DEFAULT_ALGORITHM)
- store[spec.name_tuple]&.fetch(algo, nil)
+ store[spec.name_tuple.lock_name]&.fetch(algo, nil)
end
# Replace when the new checksum is from the same source.
@@ -191,45 +191,45 @@ module Bundler
def replace(spec, checksum)
return unless checksum
- name_tuple = spec.name_tuple
- checksums = (store[name_tuple] ||= {})
+ lock_name = spec.name_tuple.lock_name
+ checksums = (store[lock_name] ||= {})
existing = checksums[checksum.algo]
# we assume only one source because this is used while building the index
if !existing || existing.sources.first == checksum.sources.first
checksums[checksum.algo] = checksum
else
- register_checksum(name_tuple, checksum)
+ register_checksum(lock_name, checksum)
end
end
def register(spec, checksum)
return unless checksum
- register_checksum(spec.name_tuple, checksum)
+ register_checksum(spec.name_tuple.lock_name, checksum)
end
def merge!(other)
- other.store.each do |name_tuple, checksums|
+ other.store.each do |lock_name, checksums|
checksums.each do |_algo, checksum|
- register_checksum(name_tuple, checksum)
+ register_checksum(lock_name, checksum)
end
end
end
def to_lock(spec)
- name_tuple = spec.name_tuple
- if checksums = store[name_tuple]
- "#{name_tuple.lock_name} #{checksums.values.map(&:to_lock).sort.join(",")}"
+ lock_name = spec.name_tuple.lock_name
+ if checksums = store[lock_name]
+ "#{lock_name} #{checksums.values.map(&:to_lock).sort.join(",")}"
else
- name_tuple.lock_name
+ lock_name
end
end
private
- def register_checksum(name_tuple, checksum)
+ def register_checksum(lock_name, checksum)
return unless checksum
- checksums = (store[name_tuple] ||= {})
+ checksums = (store[lock_name] ||= {})
existing = checksums[checksum.algo]
if !existing
@@ -237,7 +237,7 @@ module Bundler
elsif existing.merge!(checksum)
checksum
else
- raise ChecksumMismatchError.new(name_tuple, existing, checksum)
+ raise ChecksumMismatchError.new(lock_name, existing, checksum)
end
end
end
diff --git a/lib/bundler/errors.rb b/lib/bundler/errors.rb
index eec72b1692..b6a11cc721 100644
--- a/lib/bundler/errors.rb
+++ b/lib/bundler/errors.rb
@@ -53,8 +53,8 @@ module Bundler
class MarshalError < StandardError; end
class ChecksumMismatchError < SecurityError
- def initialize(name_tuple, existing, checksum)
- @name_tuple = name_tuple
+ def initialize(lock_name, existing, checksum)
+ @lock_name = lock_name
@existing = existing
@checksum = checksum
end
@@ -62,9 +62,9 @@ module Bundler
def message
<<~MESSAGE
Bundler found mismatched checksums. This is a potential security risk.
- #{@name_tuple.lock_name} #{@existing.to_lock}
+ #{@lock_name} #{@existing.to_lock}
from #{@existing.sources.join("\n and ")}
- #{@name_tuple.lock_name} #{@checksum.to_lock}
+ #{@lock_name} #{@checksum.to_lock}
from #{@checksum.sources.join("\n and ")}
#{mismatch_resolution_instructions}