Merge #7385

7385: Remove taint usage on Ruby 2.7+ r=hsbt a=jeremyevans ### What was the end-user problem that led to this PR? Ruby 2.7 is deprecating taint support. See https://bugs.ruby-lang.org/issues/16131 for details. ### What was your diagnosis of the problem? Bundler still uses `untaint` in a few places, which will cause deprecation warnings on Ruby 2.7. ### What is your fix for the problem, implemented in this PR? `s/\.untaint/.tap{|x| x.untaint if RUBY_VERSION < "2.7" }/g` ### Why did you choose this fix out of the possible options? It seemed simplest. Co-authored-by: Jeremy Evans <code@jeremyevans.net>
author: Bundlerbot <bot@bundler.io> 2019-10-20 02:53:24 +0000
committer: Bundlerbot <bot@bundler.io> 2019-10-20 02:53:24 +0000
commit: fcb0fef62096bd8d64383f5bbfa584ce77f40fd8 (patch)
tree: 2d8a4cba703039318b8bad35169f2ca7857092a9
parent: 43f1ab7c48e8a0dbe49c07d13a7ff8f47e675ee1 (diff)
parent: 8b1b7c199224a10c44c869654f061560852a3795 (diff)
download: bundler-fcb0fef62096bd8d64383f5bbfa584ce77f40fd8.tar.gz
5 files changed, 9 insertions, 9 deletions
diff --git a/lib/bundler/dsl.rb b/lib/bundler/dsl.rb
index cc23f9b389..99a369281a 100644
--- a/lib/bundler/dsl.rb
+++ b/lib/bundler/dsl.rb
@@ -44,7 +44,7 @@ module Bundler
       @gemfile = expanded_gemfile_path
       @gemfiles << expanded_gemfile_path
       contents ||= Bundler.read_file(@gemfile.to_s)
-      instance_eval(contents.dup.untaint, gemfile.to_s, 1)
+      instance_eval(contents.dup.tap{|x| x.untaint if RUBY_VERSION < "2.7" }, gemfile.to_s, 1)
     rescue Exception => e # rubocop:disable Lint/RescueException
       message = "There was an error " \
         "#{e.is_a?(GemfileEvalError) ? "evaluating" : "parsing"} " \
diff --git a/lib/bundler/rubygems_ext.rb b/lib/bundler/rubygems_ext.rb
index 96b93836c7..eda826422f 100644
--- a/lib/bundler/rubygems_ext.rb
+++ b/lib/bundler/rubygems_ext.rb
@@ -29,7 +29,7 @@ module Gem
       # gems at that time, this method could be called inside another require,
       # thus raising with that constant being undefined. Better to check a method
       if source.respond_to?(:path) || (source.respond_to?(:bundler_plugin_api_source?) && source.bundler_plugin_api_source?)
-        Pathname.new(loaded_from).dirname.expand_path(source.root).to_s.untaint
+        Pathname.new(loaded_from).dirname.expand_path(source.root).to_s.tap{|x| x.untaint if RUBY_VERSION < "2.7" }
       else
         rg_full_gem_path
       end
diff --git a/lib/bundler/shared_helpers.rb b/lib/bundler/shared_helpers.rb
index dc44f8345c..dec03ed160 100644
--- a/lib/bundler/shared_helpers.rb
+++ b/lib/bundler/shared_helpers.rb
@@ -13,13 +13,13 @@ module Bundler
     def root
       gemfile = find_gemfile
       raise GemfileNotFound, "Could not locate Gemfile" unless gemfile
-      Pathname.new(gemfile).untaint.expand_path.parent
+      Pathname.new(gemfile).tap{|x| x.untaint if RUBY_VERSION < "2.7" }.expand_path.parent
     end
 
     def default_gemfile
       gemfile = find_gemfile
       raise GemfileNotFound, "Could not locate Gemfile" unless gemfile
-      Pathname.new(gemfile).untaint.expand_path
+      Pathname.new(gemfile).tap{|x| x.untaint if RUBY_VERSION < "2.7" }.expand_path
     end
 
     def default_lockfile
@@ -28,7 +28,7 @@ module Bundler
       case gemfile.basename.to_s
       when "gems.rb" then Pathname.new(gemfile.sub(/.rb$/, ".locked"))
       else Pathname.new("#{gemfile}.lock")
-      end.untaint
+      end.tap{|x| x.untaint if RUBY_VERSION < "2.7" }
     end
 
     def default_bundle_dir
@@ -100,7 +100,7 @@ module Bundler
     #
     # @see {Bundler::PermissionError}
     def filesystem_access(path, action = :write, &block)
-      yield(path.dup.untaint)
+      yield(path.dup.tap{|x| x.untaint if RUBY_VERSION < "2.7" })
     rescue Errno::EACCES
       raise PermissionError.new(path, action)
     rescue Errno::EAGAIN
@@ -268,7 +268,7 @@ module Bundler
 
     def search_up(*names)
       previous = nil
-      current  = File.expand_path(SharedHelpers.pwd).untaint
+      current  = File.expand_path(SharedHelpers.pwd).tap{|x| x.untaint if RUBY_VERSION < "2.7" }
 
       until !File.directory?(current) || current == previous
         if ENV["BUNDLE_SPEC_RUN"]
diff --git a/lib/bundler/source/git.rb b/lib/bundler/source/git.rb
index 73123622d4..736f5bb546 100644
--- a/lib/bundler/source/git.rb
+++ b/lib/bundler/source/git.rb
@@ -316,7 +316,7 @@ module Bundler
 
       def load_gemspec(file)
         stub = Gem::StubSpecification.gemspec_stub(file, install_path.parent, install_path.parent)
-        stub.full_gem_path = Pathname.new(file).dirname.expand_path(root).to_s.untaint
+        stub.full_gem_path = Pathname.new(file).dirname.expand_path(root).to_s.tap{|x| x.untaint if RUBY_VERSION < "2.7" }
         StubSpecification.from_stub(stub)
       end
 
diff --git a/lib/bundler/vendor/fileutils/lib/fileutils.rb b/lib/bundler/vendor/fileutils/lib/fileutils.rb
index e495d01aa5..c1988dceab 100644
--- a/lib/bundler/vendor/fileutils/lib/fileutils.rb
+++ b/lib/bundler/vendor/fileutils/lib/fileutils.rb
@@ -1300,7 +1300,7 @@ module Bundler::FileUtils
            .reject {|n| n == '.' or n == '..' }
       end
 
-      files.map {|n| Entry_.new(prefix(), join(rel(), n.untaint)) }
+      files.map {|n| Entry_.new(prefix(), join(rel(), n.tap{|x| x.untaint if RUBY_VERSION < "2.7" })) }
     end
 
     def stat
author	Bundlerbot <bot@bundler.io>	2019-10-20 02:53:24 +0000
committer	Bundlerbot <bot@bundler.io>	2019-10-20 02:53:24 +0000
commit	fcb0fef62096bd8d64383f5bbfa584ce77f40fd8 (patch)
tree	2d8a4cba703039318b8bad35169f2ca7857092a9
parent	43f1ab7c48e8a0dbe49c07d13a7ff8f47e675ee1 (diff)
parent	8b1b7c199224a10c44c869654f061560852a3795 (diff)
download	bundler-fcb0fef62096bd8d64383f5bbfa584ce77f40fd8.tar.gz