lib/bundler.rb in bundler-2.3.27 vs lib/bundler.rb in bundler-2.4.0

@@ -37,10 +37,20 @@
   environment_preserver = EnvironmentPreserver.from_env
   ORIGINAL_ENV = environment_preserver.restore
   environment_preserver.replace_with_backup
   SUDO_MUTEX = Thread::Mutex.new
 
+  SAFE_MARSHAL_CLASSES = [Symbol, TrueClass, String, Array, Hash].freeze
+  SAFE_MARSHAL_ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed.".freeze
+  SAFE_MARSHAL_PROC = proc do |object|
+    object.tap do
+      unless SAFE_MARSHAL_CLASSES.include?(object.class)
+        raise TypeError, format(SAFE_MARSHAL_ERROR, object.class, SAFE_MARSHAL_CLASSES.join(", "))
+      end
+    end
+  end
+
   autoload :Definition,             File.expand_path("bundler/definition", __dir__)
   autoload :Dependency,             File.expand_path("bundler/dependency", __dir__)
   autoload :Deprecate,              File.expand_path("bundler/deprecate", __dir__)
   autoload :Digest,                 File.expand_path("bundler/digest", __dir__)
   autoload :Dsl,                    File.expand_path("bundler/dsl", __dir__)
@@ -73,11 +83,10 @@
   autoload :SourceMap,              File.expand_path("bundler/source_map", __dir__)
   autoload :SpecSet,                File.expand_path("bundler/spec_set", __dir__)
   autoload :StubSpecification,      File.expand_path("bundler/stub_specification", __dir__)
   autoload :UI,                     File.expand_path("bundler/ui", __dir__)
   autoload :URICredentialsFilter,   File.expand_path("bundler/uri_credentials_filter", __dir__)
-  autoload :VersionRanges,          File.expand_path("bundler/version_ranges", __dir__)
 
   class << self
     def configure
       @configured ||= configure_gem_home_and_path
     end
@@ -452,11 +461,11 @@
     def unbundled_exec(*args)
       with_env(unbundled_env) { Kernel.exec(*args) }
     end
 
     def local_platform
-      return Gem::Platform::RUBY if settings[:force_ruby_platform] || Gem.platforms == [Gem::Platform::RUBY]
+      return Gem::Platform::RUBY if settings[:force_ruby_platform]
       Gem::Platform.local
     end
 
     def default_gemfile
       SharedHelpers.default_gemfile
@@ -485,45 +494,13 @@
 
     def use_system_gems?
       configured_bundle_path.use_system_gems?
     end
 
-    def requires_sudo?
-      return @requires_sudo if defined?(@requires_sudo_ran)
-
-      sudo_present = which "sudo" if settings.allow_sudo?
-
-      if sudo_present
-        # the bundle path and subdirectories need to be writable for RubyGems
-        # to be able to unpack and install gems without exploding
-        path = bundle_path
-        path = path.parent until path.exist?
-
-        # bins are written to a different location on OS X
-        bin_dir = Pathname.new(Bundler.system_bindir)
-        bin_dir = bin_dir.parent until bin_dir.exist?
-
-        # if any directory is not writable, we need sudo
-        files = [path, bin_dir] | Dir[bundle_path.join("build_info/*").to_s] | Dir[bundle_path.join("*").to_s]
-        unwritable_files = files.reject {|f| File.writable?(f) }
-        sudo_needed = !unwritable_files.empty?
-        if sudo_needed
-          Bundler.ui.warn "Following files may not be writable, so sudo is needed:\n  #{unwritable_files.map(&:to_s).sort.join("\n  ")}"
-        end
-      end
-
-      @requires_sudo_ran = true
-      @requires_sudo = settings.allow_sudo? && sudo_present && sudo_needed
-    end
-
     def mkdir_p(path, options = {})
-      if requires_sudo? && !options[:no_sudo]
-        sudo "mkdir -p '#{path}'" unless File.exist?(path)
-      else
-        SharedHelpers.filesystem_access(path, :write) do |p|
-          FileUtils.mkdir_p(p)
-        end
+      SharedHelpers.filesystem_access(path, :write) do |p|
+        FileUtils.mkdir_p(p)
       end
     end
 
     def which(executable)
       if File.file?(executable) && File.executable?(executable)
@@ -536,43 +513,22 @@
           return executable_path if File.file?(executable_path) && File.executable?(executable_path)
         end
       end
     end
 
-    def sudo(str)
-      SUDO_MUTEX.synchronize do
-        prompt = "\n\n" + <<-PROMPT.gsub(/^ {6}/, "").strip + " "
-        Your user account isn't allowed to install to the system RubyGems.
-        You can cancel this installation and run:
-
-            bundle config set --local path 'vendor/bundle'
-            bundle install
-
-        to install the gems into ./vendor/bundle/, or you can enter your password
-        and install the bundled gems to RubyGems using sudo.
-
-        Password:
-        PROMPT
-
-        unless @prompted_for_sudo ||= system(%(sudo -k -p "#{prompt}" true))
-          raise SudoNotPermittedError,
-            "Bundler requires sudo access to install at the moment. " \
-            "Try installing again, granting Bundler sudo access when prompted, or installing into a different path."
-        end
-
-        `sudo -p "#{prompt}" #{str}`
-      end
-    end
-
     def read_file(file)
       SharedHelpers.filesystem_access(file, :read) do
         File.open(file, "r:UTF-8", &:read)
       end
     end
 
-    def load_marshal(data)
-      Marshal.load(data)
+    def safe_load_marshal(data)
+      load_marshal(data, :marshal_proc => SAFE_MARSHAL_PROC)
+    end
+
+    def load_marshal(data, marshal_proc: nil)
+      Marshal.load(data, marshal_proc)
     rescue TypeError => e
       raise MarshalError, "#{e.class}: #{e.message}"
     end
 
     def load_gemspec(file, validate = false)
@@ -606,10 +562,10 @@
       @gemspec_cache = {}
     end
 
     def git_present?
       return @git_present if defined?(@git_present)
-      @git_present = Bundler.which("git") || Bundler.which("git.exe")
+      @git_present = Bundler.which("git#{RbConfig::CONFIG["EXEEXT"]}")
     end
 
     def feature_flag
       @feature_flag ||= FeatureFlag.new(VERSION)
     end