diff options
author | Martin Emde <[email protected]> | 2023-12-13 11:15:51 -0800 |
---|---|---|
committer | git <[email protected]> | 2023-12-13 20:28:37 +0000 |
commit | 7f4b271a61a11b0254304b78db72fd2c954a4370 (patch) | |
tree | d5b9044cfff2ee8c99d7fb18d59f98595fd2660f /lib | |
parent | 14c7895c21bee44934336a9a9ea94aefc5cc7879 (diff) |
[rubygems/rubygems] Store Checksum::Store indexed by spec.lock_name
https://github.com/rubygems/rubygems/commit/34d6c6c72f
Diffstat (limited to 'lib')
-rw-r--r-- | lib/bundler/checksum.rb | 32 | ||||
-rw-r--r-- | lib/bundler/errors.rb | 8 |
2 files changed, 20 insertions, 20 deletions
diff --git a/lib/bundler/checksum.rb b/lib/bundler/checksum.rb index abc635bd4d..633aab5f10 100644 --- a/lib/bundler/checksum.rb +++ b/lib/bundler/checksum.rb @@ -165,8 +165,8 @@ module Bundler def initialize_copy(other) @store = {} - other.store.each do |name_tuple, checksums| - store[name_tuple] = checksums.dup + other.store.each do |lock_name, checksums| + store[lock_name] = checksums.dup end end @@ -175,7 +175,7 @@ module Bundler end def fetch(spec, algo = DEFAULT_ALGORITHM) - store[spec.name_tuple]&.fetch(algo, nil) + store[spec.name_tuple.lock_name]&.fetch(algo, nil) end # Replace when the new checksum is from the same source. @@ -191,45 +191,45 @@ module Bundler def replace(spec, checksum) return unless checksum - name_tuple = spec.name_tuple - checksums = (store[name_tuple] ||= {}) + lock_name = spec.name_tuple.lock_name + checksums = (store[lock_name] ||= {}) existing = checksums[checksum.algo] # we assume only one source because this is used while building the index if !existing || existing.sources.first == checksum.sources.first checksums[checksum.algo] = checksum else - register_checksum(name_tuple, checksum) + register_checksum(lock_name, checksum) end end def register(spec, checksum) return unless checksum - register_checksum(spec.name_tuple, checksum) + register_checksum(spec.name_tuple.lock_name, checksum) end def merge!(other) - other.store.each do |name_tuple, checksums| + other.store.each do |lock_name, checksums| checksums.each do |_algo, checksum| - register_checksum(name_tuple, checksum) + register_checksum(lock_name, checksum) end end end def to_lock(spec) - name_tuple = spec.name_tuple - if checksums = store[name_tuple] - "#{name_tuple.lock_name} #{checksums.values.map(&:to_lock).sort.join(",")}" + lock_name = spec.name_tuple.lock_name + if checksums = store[lock_name] + "#{lock_name} #{checksums.values.map(&:to_lock).sort.join(",")}" else - name_tuple.lock_name + lock_name end end private - def register_checksum(name_tuple, checksum) + def register_checksum(lock_name, checksum) return unless checksum - checksums = (store[name_tuple] ||= {}) + checksums = (store[lock_name] ||= {}) existing = checksums[checksum.algo] if !existing @@ -237,7 +237,7 @@ module Bundler elsif existing.merge!(checksum) checksum else - raise ChecksumMismatchError.new(name_tuple, existing, checksum) + raise ChecksumMismatchError.new(lock_name, existing, checksum) end end end diff --git a/lib/bundler/errors.rb b/lib/bundler/errors.rb index eec72b1692..b6a11cc721 100644 --- a/lib/bundler/errors.rb +++ b/lib/bundler/errors.rb @@ -53,8 +53,8 @@ module Bundler class MarshalError < StandardError; end class ChecksumMismatchError < SecurityError - def initialize(name_tuple, existing, checksum) - @name_tuple = name_tuple + def initialize(lock_name, existing, checksum) + @lock_name = lock_name @existing = existing @checksum = checksum end @@ -62,9 +62,9 @@ module Bundler def message <<~MESSAGE Bundler found mismatched checksums. This is a potential security risk. - #{@name_tuple.lock_name} #{@existing.to_lock} + #{@lock_name} #{@existing.to_lock} from #{@existing.sources.join("\n and ")} - #{@name_tuple.lock_name} #{@checksum.to_lock} + #{@lock_name} #{@checksum.to_lock} from #{@checksum.sources.join("\n and ")} #{mismatch_resolution_instructions} |