Merge pull request #4460 from rubygems/prevent_downgrading_too_much

Prevent downgrades to untested rubygems versions (cherry picked from commit 66602ec)
rubygems · Mar 18, 2021 · 4d5b85a · 4d5b85a
1 parent ccec74e
commit 4d5b85a
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 4 deletions.
diff --git a/lib/rubygems/commands/update_command.rb b/lib/rubygems/commands/update_command.rb
@@ -76,7 +76,7 @@ def check_latest_rubygems(version) # :nodoc:
 
   def check_oldest_rubygems(version) # :nodoc:
     if oldest_supported_version > version
-      alert_error "rubygems #{version} is not supported. The oldest supported version is #{oldest_supported_version}"
+      alert_error "rubygems #{version} is not supported on #{RUBY_VERSION}. The oldest version supported by this ruby is #{oldest_supported_version}"
       terminate_interaction 1
     end
   end
@@ -322,8 +322,26 @@ def which_to_update(highest_installed_gems, gem_names, system = false)
 
   private
 
+  #
+  # Oldest version we support downgrading to. This is the version that
+  # originally ships with the first patch version of each ruby, because we never
+  # test each ruby against older rubygems, so we can't really guarantee it
+  # works. Version list can be checked here: https://stdgems.org/rubygems
+  #
   def oldest_supported_version
-    # for Ruby 2.3
-    @oldest_supported_version ||= Gem::Version.new("2.5.2")
+    @oldest_supported_version ||=
+      if Gem.ruby_version > Gem::Version.new("3.0.a")
+        Gem::Version.new("3.2.3")
+      elsif Gem.ruby_version > Gem::Version.new("2.7.a")
+        Gem::Version.new("3.1.2")
+      elsif Gem.ruby_version > Gem::Version.new("2.6.a")
+        Gem::Version.new("3.0.1")
+      elsif Gem.ruby_version > Gem::Version.new("2.5.a")
+        Gem::Version.new("2.7.3")
+      elsif Gem.ruby_version > Gem::Version.new("2.4.a")
+        Gem::Version.new("2.6.8")
+      else
+        Gem::Version.new("2.5.2")
+      end
   end
 end
diff --git a/test/rubygems/test_gem_commands_update_command.rb b/test/rubygems/test_gem_commands_update_command.rb
@@ -168,14 +168,23 @@ def test_execute_system_specific_older_than_minimum_supported_rubygems
     @cmd.options[:args]          = []
     @cmd.options[:system]        = "2.5.1"
 
+    oldest_version_mod = Module.new do
+      def oldest_supported_version
+        Gem::Version.new("2.5.2")
+      end
+      private :oldest_supported_version
+    end
+
+    @cmd.extend(oldest_version_mod)
+
     assert_raises Gem::MockGemUi::TermError do
       use_ui @ui do
         @cmd.execute
       end
     end
 
     assert_empty @ui.output
-    assert_equal "ERROR:  rubygems 2.5.1 is not supported. The oldest supported version is 2.5.2\n", @ui.error
+    assert_equal "ERROR:  rubygems 2.5.1 is not supported on #{RUBY_VERSION}. The oldest version supported by this ruby is 2.5.2\n", @ui.error
   end
 
   def test_execute_system_specific_older_than_3_2_removes_plugins_dir
@@ -185,6 +194,15 @@ def test_execute_system_specific_older_than_3_2_removes_plugins_dir
       end
     end
 
+    oldest_version_mod = Module.new do
+      def oldest_supported_version
+        Gem::Version.new("2.5.2")
+      end
+      private :oldest_supported_version
+    end
+
+    @cmd.extend(oldest_version_mod)
+
     @cmd.options[:args]          = []
     @cmd.options[:system]        = "3.1"
 
@@ -203,6 +221,15 @@ def test_execute_system_specific_newer_than_or_equal_to_3_2_leaves_plugins_dir_a
       end
     end
 
+    oldest_version_mod = Module.new do
+      def oldest_supported_version
+        Gem::Version.new("2.5.2")
+      end
+      private :oldest_supported_version
+    end
+
+    @cmd.extend(oldest_version_mod)
+
     @cmd.options[:args]          = []
     @cmd.options[:system]        = "3.2.a"