diff --git a/bundler/lib/bundler/gem_helper.rb b/bundler/lib/bundler/gem_helper.rb index 0bbd2d9b75be..180a654aac09 100644 --- a/bundler/lib/bundler/gem_helper.rb +++ b/bundler/lib/bundler/gem_helper.rb @@ -5,6 +5,10 @@ module Bundler class GemHelper + CHECKSUMS = { + "sha256" => "::Digest::SHA256", + "sha512" => "::Digest::SHA512", + }.freeze include Rake::DSL if defined? Rake::DSL class << self @@ -47,9 +51,9 @@ def install built_gem_path = build_gem end - desc "Generate SHA512 checksum if #{name}-#{version}.gem into the checksums directory." + desc "Build #{name}-#{version}.gem into pkg directory, then generate SHA256 & SHA512 checksums in checksums directory." task "build:checksum" => "build" do - build_checksum(built_gem_path) + build_checksums(built_gem_path) end desc "Build and install #{name}-#{version}.gem into system gems." @@ -102,19 +106,25 @@ def install_gem(built_gem_path = nil, local = false) Bundler.ui.confirm "#{name} (#{version}) installed." end - def build_checksum(built_gem_path = nil) + def build_checksums(built_gem_path = nil) built_gem_path ||= build_gem - SharedHelpers.filesystem_access(File.join(base, "checksums")) {|p| FileUtils.mkdir_p(p) } - file_name = "#{File.basename(built_gem_path)}.sha512" require "digest/sha2" - checksum = ::Digest::SHA512.file(built_gem_path).hexdigest + CHECKSUMS.each do |extension, digest_klass| + write_checksum(built_gem_path, extension, Object.const_get(digest_klass)) + end + end + + protected + + def write_checksum(built_gem_path, extension, type) + SharedHelpers.filesystem_access(File.join(base, "checksums")) {|p| FileUtils.mkdir_p(p) } + file_name = "#{File.basename(built_gem_path)}.#{extension}" + checksum = type.file(built_gem_path).hexdigest target = File.join(base, "checksums", file_name) File.write(target, checksum + "\n") Bundler.ui.confirm "#{name} #{version} checksum written to checksums/#{file_name}." end - protected - def rubygem_push(path) cmd = [*gem_command, "push", path] cmd << "--key" << gem_key if gem_key diff --git a/bundler/spec/bundler/gem_helper_spec.rb b/bundler/spec/bundler/gem_helper_spec.rb index 7d955007ab93..4d1ecdb78357 100644 --- a/bundler/spec/bundler/gem_helper_spec.rb +++ b/bundler/spec/bundler/gem_helper_spec.rb @@ -62,20 +62,15 @@ def mock_build_message(name, version) mock_confirm_message message end - def mock_checksum_message(name, version) - message = "#{name} #{version} checksum written to checksums/#{name}-#{version}.gem.sha512." + def mock_checksum_message(name, version, extension) + message = "#{name} #{version} checksum written to checksums/#{name}-#{version}.gem.#{extension}." mock_confirm_message message end - def sha512_hexdigest(path) - Digest::SHA512.file(path).hexdigest - end - subject! { Bundler::GemHelper.new(app_path) } let(:app_version) { "0.1.0" } let(:app_gem_dir) { app_path.join("pkg") } let(:app_gem_path) { app_gem_dir.join("#{app_name}-#{app_version}.gem") } - let(:app_sha_path) { app_path.join("checksums", "#{app_name}-#{app_version}.gem.sha512") } let(:app_gemspec_content) { File.read(app_gemspec_path) } before(:each) do @@ -173,44 +168,52 @@ def sha512_hexdigest(path) end end - describe "#build_checksum" do - it "calculates SHA512 of the content" do - FileUtils.mkdir_p(app_gem_dir) - File.write(app_gem_path, "") - mock_checksum_message app_name, app_version - subject.build_checksum(app_gem_path) - expect(File.read(app_sha_path).chomp).to eql(Digest::SHA512.hexdigest("")) - end - - context "when build was successful" do - it "creates .sha512 file" do - mock_build_message app_name, app_version - mock_checksum_message app_name, app_version - subject.build_checksum - expect(app_sha_path).to exist - expect(File.read(app_sha_path).chomp).to eql(sha512_hexdigest(app_gem_path)) + describe "#build_checksums" do + %w[SHA256 SHA512].each do |sha_bits| + let(:digest) { Object.const_get("Digest::#{sha_bits}") } + let(:hex_digest) { digest.file(app_gem_path).hexdigest } + let(:app_sha_path) { app_path.join("checksums", "#{app_name}-#{app_version}.gem.#{sha_bits.downcase}") } + + it "calculates #{sha_bits} of the content" do + FileUtils.mkdir_p(app_gem_dir) + File.write(app_gem_path, "") + subject.build_checksums(app_gem_path) + expect(File.read(app_sha_path).chomp).to eql(digest.hexdigest("")) end - end - context "when building in the current working directory" do - it "creates a .sha512 file" do - mock_build_message app_name, app_version - mock_checksum_message app_name, app_version - Dir.chdir app_path do - Bundler::GemHelper.new.build_checksum + + context "with messages" do + before do + mock_build_message app_name, app_version + %w[sha256 sha512].each do |extension| + mock_checksum_message app_name, app_version, extension + end end - expect(app_sha_path).to exist - expect(File.read(app_sha_path).chomp).to eql(sha512_hexdigest(app_gem_path)) - end - end - context "when building in a location relative to the current working directory" do - it "creates a .sha512 file" do - mock_build_message app_name, app_version - mock_checksum_message app_name, app_version - Dir.chdir File.dirname(app_path) do - Bundler::GemHelper.new(File.basename(app_path)).build_checksum + + context "when build was successful" do + it "creates .#{sha_bits} file" do + subject.build_checksums + expect(app_sha_path).to exist + expect(File.read(app_sha_path).chomp).to eql(hex_digest) + end + end + context "when building in the current working directory" do + it "creates a .#{sha_bits} file" do + Dir.chdir app_path do + Bundler::GemHelper.new.build_checksums + end + expect(app_sha_path).to exist + expect(File.read(app_sha_path).chomp).to eql(hex_digest) + end + end + context "when building in a location relative to the current working directory" do + it "creates a .#{sha_bits} file" do + Dir.chdir File.dirname(app_path) do + Bundler::GemHelper.new(File.basename(app_path)).build_checksums + end + expect(app_sha_path).to exist + expect(File.read(app_sha_path).chomp).to eql(hex_digest) + end end - expect(app_sha_path).to exist - expect(File.read(app_sha_path).chomp).to eql(sha512_hexdigest(app_gem_path)) end end end diff --git a/bundler/tool/bundler/release_gems.rb.lock b/bundler/tool/bundler/release_gems.rb.lock index b9d9e21e22db..0170bc700073 100644 --- a/bundler/tool/bundler/release_gems.rb.lock +++ b/bundler/tool/bundler/release_gems.rb.lock @@ -59,7 +59,9 @@ PLATFORMS arm64-darwin-21 universal-java-11 universal-java-18 + x86_64-darwin-19 x86_64-darwin-20 + x86_64-darwin-21 x86_64-linux DEPENDENCIES diff --git a/bundler/tool/bundler/rubocop23_gems.rb.lock b/bundler/tool/bundler/rubocop23_gems.rb.lock index 83ed3bd09535..fef006a56d1a 100644 --- a/bundler/tool/bundler/rubocop23_gems.rb.lock +++ b/bundler/tool/bundler/rubocop23_gems.rb.lock @@ -49,6 +49,7 @@ PLATFORMS universal-java-18 x86_64-darwin-19 x86_64-darwin-20 + x86_64-darwin-21 x86_64-linux DEPENDENCIES diff --git a/bundler/tool/bundler/rubocop24_gems.rb.lock b/bundler/tool/bundler/rubocop24_gems.rb.lock index 9b68c13a55bb..3b021dcaa84f 100644 --- a/bundler/tool/bundler/rubocop24_gems.rb.lock +++ b/bundler/tool/bundler/rubocop24_gems.rb.lock @@ -51,6 +51,7 @@ PLATFORMS universal-java-18 x86_64-darwin-19 x86_64-darwin-20 + x86_64-darwin-21 x86_64-linux DEPENDENCIES diff --git a/bundler/tool/bundler/standard23_gems.rb.lock b/bundler/tool/bundler/standard23_gems.rb.lock index b185f2496a8c..897f85918691 100644 --- a/bundler/tool/bundler/standard23_gems.rb.lock +++ b/bundler/tool/bundler/standard23_gems.rb.lock @@ -54,6 +54,7 @@ PLATFORMS universal-java-18 x86_64-darwin-19 x86_64-darwin-20 + x86_64-darwin-21 x86_64-linux DEPENDENCIES diff --git a/bundler/tool/bundler/standard24_gems.rb.lock b/bundler/tool/bundler/standard24_gems.rb.lock index 6482708b9340..81eced0d2b19 100644 --- a/bundler/tool/bundler/standard24_gems.rb.lock +++ b/bundler/tool/bundler/standard24_gems.rb.lock @@ -57,6 +57,7 @@ PLATFORMS universal-java-18 x86_64-darwin-19 x86_64-darwin-20 + x86_64-darwin-21 x86_64-linux DEPENDENCIES