diff --git a/lib/bundler/dsl.rb b/lib/bundler/dsl.rb index cc23f9b389a..77ddeb1e7b0 100644 --- a/lib/bundler/dsl.rb +++ b/lib/bundler/dsl.rb @@ -44,7 +44,7 @@ def eval_gemfile(gemfile, contents = nil) @gemfile = expanded_gemfile_path @gemfiles << expanded_gemfile_path contents ||= Bundler.read_file(@gemfile.to_s) - instance_eval(contents.dup.untaint, gemfile.to_s, 1) + instance_eval(contents.dup.tap{|x| x.untaint if RUBY_VERSION < '2.7'}, gemfile.to_s, 1) rescue Exception => e # rubocop:disable Lint/RescueException message = "There was an error " \ "#{e.is_a?(GemfileEvalError) ? "evaluating" : "parsing"} " \ diff --git a/lib/bundler/rubygems_ext.rb b/lib/bundler/rubygems_ext.rb index 96b93836c7f..10f16456fc2 100644 --- a/lib/bundler/rubygems_ext.rb +++ b/lib/bundler/rubygems_ext.rb @@ -29,7 +29,7 @@ def full_gem_path # gems at that time, this method could be called inside another require, # thus raising with that constant being undefined. Better to check a method if source.respond_to?(:path) || (source.respond_to?(:bundler_plugin_api_source?) && source.bundler_plugin_api_source?) - Pathname.new(loaded_from).dirname.expand_path(source.root).to_s.untaint + Pathname.new(loaded_from).dirname.expand_path(source.root).to_s.tap{|x| x.untaint if RUBY_VERSION < '2.7'} else rg_full_gem_path end diff --git a/lib/bundler/shared_helpers.rb b/lib/bundler/shared_helpers.rb index dc44f8345c6..40f7ecf6310 100644 --- a/lib/bundler/shared_helpers.rb +++ b/lib/bundler/shared_helpers.rb @@ -13,13 +13,13 @@ module SharedHelpers def root gemfile = find_gemfile raise GemfileNotFound, "Could not locate Gemfile" unless gemfile - Pathname.new(gemfile).untaint.expand_path.parent + Pathname.new(gemfile).tap{|x| x.untaint if RUBY_VERSION < '2.7'}.expand_path.parent end def default_gemfile gemfile = find_gemfile raise GemfileNotFound, "Could not locate Gemfile" unless gemfile - Pathname.new(gemfile).untaint.expand_path + Pathname.new(gemfile).tap{|x| x.untaint if RUBY_VERSION < '2.7'}.expand_path end def default_lockfile @@ -28,7 +28,7 @@ def default_lockfile case gemfile.basename.to_s when "gems.rb" then Pathname.new(gemfile.sub(/.rb$/, ".locked")) else Pathname.new("#{gemfile}.lock") - end.untaint + end.tap{|x| x.untaint if RUBY_VERSION < '2.7'} end def default_bundle_dir @@ -100,7 +100,7 @@ def set_bundle_environment # # @see {Bundler::PermissionError} def filesystem_access(path, action = :write, &block) - yield(path.dup.untaint) + yield(path.dup.tap{|x| x.untaint if RUBY_VERSION < '2.7'}) rescue Errno::EACCES raise PermissionError.new(path, action) rescue Errno::EAGAIN @@ -268,7 +268,7 @@ def find_directory(*names) def search_up(*names) previous = nil - current = File.expand_path(SharedHelpers.pwd).untaint + current = File.expand_path(SharedHelpers.pwd).tap{|x| x.untaint if RUBY_VERSION < '2.7'} until !File.directory?(current) || current == previous if ENV["BUNDLE_SPEC_RUN"] diff --git a/lib/bundler/source/git.rb b/lib/bundler/source/git.rb index 73123622d4f..526108dd647 100644 --- a/lib/bundler/source/git.rb +++ b/lib/bundler/source/git.rb @@ -316,7 +316,7 @@ def validate_spec(_spec); end def load_gemspec(file) stub = Gem::StubSpecification.gemspec_stub(file, install_path.parent, install_path.parent) - stub.full_gem_path = Pathname.new(file).dirname.expand_path(root).to_s.untaint + stub.full_gem_path = Pathname.new(file).dirname.expand_path(root).to_s.tap{|x| x.untaint if RUBY_VERSION < '2.7'} StubSpecification.from_stub(stub) end diff --git a/lib/bundler/vendor/fileutils/lib/fileutils.rb b/lib/bundler/vendor/fileutils/lib/fileutils.rb index e495d01aa5d..babd763749b 100644 --- a/lib/bundler/vendor/fileutils/lib/fileutils.rb +++ b/lib/bundler/vendor/fileutils/lib/fileutils.rb @@ -1300,7 +1300,7 @@ def entries .reject {|n| n == '.' or n == '..' } end - files.map {|n| Entry_.new(prefix(), join(rel(), n.untaint)) } + files.map {|n| Entry_.new(prefix(), join(rel(), n.tap{|x| x.untaint if RUBY_VERSION < '2.7'})) } end def stat