[pull] master from ruby:master

.github/workflows/annocheck.yml

@@ -73,7 +73,7 @@ jobs:
           builddir: build
           makeup: true
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

.github/workflows/auto_review_pr.yml

@@ -23,7 +23,7 @@ jobs:
         with:
           persist-credentials: false
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.4'
           bundler: none

.github/workflows/baseruby.yml

@@ -48,7 +48,7 @@ jobs:
           - ruby-3.3
 
     steps:
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: ${{ matrix.ruby }}
           bundler: none

.github/workflows/bundled_gems.yml

@@ -38,7 +38,7 @@ jobs:
         with:
           token: ${{ (github.repository == 'ruby/ruby' && !startsWith(github.event_name, 'pull')) && secrets.MATZBOT_AUTO_UPDATE_TOKEN || secrets.GITHUB_TOKEN }}
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: 4.0
 

.github/workflows/check_dependencies.yml

@@ -42,7 +42,7 @@ jobs:
 
       - uses: ./.github/actions/setup/directories
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

.github/workflows/check_misc.yml

@@ -23,7 +23,7 @@ jobs:
           token: ${{ (github.repository == 'ruby/ruby' && !startsWith(github.event_name, 'pull')) && secrets.MATZBOT_AUTO_UPDATE_TOKEN || secrets.GITHUB_TOKEN }}
           persist-credentials: false
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: head
 

.github/workflows/check_sast.yml

@@ -112,7 +112,7 @@ jobs:
           output: sarif-results
 
       - name: filter-sarif
-        uses: advanced-security/filter-sarif@f3b8118a9349d88f7b1c0c488476411145b6270d # v1.0.1
+        uses: advanced-security/filter-sarif@2da736ff05ef065cb2894ac6892e47b5eac2c3c0 # v1.1.0.1.1
         with:
           patterns: |
             +**/*.rb

.github/workflows/modgc.yml

@@ -62,7 +62,7 @@ jobs:
         uses: ./.github/actions/setup/ubuntu
         if: ${{ contains(matrix.os, 'ubuntu') }}
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

.github/workflows/parse_y.yml

@@ -59,7 +59,7 @@ jobs:
 
       - uses: ./.github/actions/setup/ubuntu
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

.github/workflows/publish.yml

@@ -19,7 +19,7 @@ jobs:
         with:
           persist-credentials: false
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: 3.3.4
 

.github/workflows/spec_guards.yml

@@ -49,7 +49,7 @@ jobs:
         with:
           persist-credentials: false
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: ${{ matrix.ruby }}
           bundler: none

.github/workflows/sync_default_gems.yml

@@ -36,7 +36,7 @@ jobs:
         with:
           token: ${{ github.repository == 'ruby/ruby' && secrets.MATZBOT_AUTO_UPDATE_TOKEN || secrets.GITHUB_TOKEN }}
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.4'
           bundler: none

.github/workflows/ubuntu.yml

@@ -70,7 +70,7 @@ jobs:
         with:
           arch: ${{ matrix.arch }}
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

.github/workflows/wasm.yml

@@ -99,7 +99,7 @@ jobs:
         run: |
           echo "WASI_SDK_PATH=/opt/wasi-sdk" >> $GITHUB_ENV
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

.github/workflows/windows.yml

@@ -59,7 +59,7 @@ jobs:
       - run: md build
         working-directory:
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           # windows-11-arm has only 3.4.1, 3.4.2, 3.4.3, head
           ruby-version: ${{ !endsWith(matrix.os, 'arm') && '3.1' || '3.4' }}

.github/workflows/yjit-ubuntu.yml

@@ -133,7 +133,7 @@ jobs:
 
       - uses: ./.github/actions/setup/ubuntu
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

.github/workflows/zjit-ubuntu.yml

@@ -114,7 +114,7 @@ jobs:
 
       - uses: ./.github/actions/setup/ubuntu
 
-      - uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c # v1.290.0
+      - uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
         with:
           ruby-version: '3.1'
           bundler: none

file.c

@@ -5269,10 +5269,10 @@ rb_file_s_extname(VALUE klass, VALUE fname)
 }
 
 /*
- *  call-seq:
+ * call-seq:
  *     File.path(path)  ->  string
  *
- *  Returns the string representation of the path
+ * Returns the string representation of the path
  *
  *     File.path(File::NULL)           #=> "/dev/null"
  *     File.path(Pathname.new("/tmp")) #=> "/tmp"

lib/pathname.rb

@@ -55,11 +55,35 @@ def rmtree(noop: nil, verbose: nil, secure: nil)
 end
 
 class Pathname    # * tmpdir *
-  # Creates a tmp directory and wraps the returned path in a Pathname object.
+  # call-seq:
+  #   Pathname.mktmpdir -> new_pathname
+  #   Pathname.mktmpdir {|pathname| ... } -> object
   #
-  # Note that you need to require 'pathname' to use this method.
+  # Creates:
+  #
+  # - A temporary directory via Dir.mktmpdir.
+  # - A \Pathname object that contains the path to that directory.
+  #
+  # With no block given, returns the created pathname;
+  # the caller should delete the created directory when it is no longer needed
+  # (FileUtils.rm_r is a convenient method for the deletion):
+  #
+  #   pathname = Pathname.mktmpdir
+  #   dirpath = pathname.to_s
+  #   Dir.exist?(dirpath) # => true
+  #   # Do something with the directory.
+  #   require 'fileutils'
+  #   FileUtils.rm_r(dirpath)
+  #
+  # With a block given, calls the block with the created pathname;
+  # on block exit, automatically deletes the created directory and all its contents;
+  # returns the block's exit value:
   #
-  # See Dir.mktmpdir
+  #   pathname = Pathname.mktmpdir do |p|
+  #     # Do something with the directory.
+  #     p
+  #   end
+  #   Dir.exist?(pathname.to_s) # => false
   def self.mktmpdir
     require 'tmpdir' unless defined?(Dir.mktmpdir)
     if block_given?

lib/rubygems/commands/owner_command.rb

@@ -75,7 +75,7 @@ def show_owners(name)
     end
 
     with_response response do |resp|
-      owners = Gem::SafeYAML.load clean_text(resp.body)
+      owners = Gem::SafeYAML.safe_load clean_text(resp.body)
 
       say "Owners for gem: #{name}"
       owners.each do |owner|

lib/rubygems/config_file.rb

@@ -47,7 +47,7 @@ class Gem::ConfigFile
   DEFAULT_CONCURRENT_DOWNLOADS = 8
   DEFAULT_CERT_EXPIRATION_LENGTH_DAYS = 365
   DEFAULT_IPV4_FALLBACK_ENABLED = false
-  DEFAULT_INSTALL_EXTENSION_IN_LIB = false
+  DEFAULT_INSTALL_EXTENSION_IN_LIB = true
   DEFAULT_GLOBAL_GEM_CACHE = false
   DEFAULT_USE_PSYCH = false
 

lib/rubygems/safe_yaml.rb

@@ -48,21 +48,8 @@ def self.safe_load(input)
       end
     end
 
-    def self.load(input)
-      if Gem.use_psych?
-        if ::Psych.respond_to?(:unsafe_load)
-          ::Psych.unsafe_load(input)
-        else
-          ::Psych.load(input)
-        end
-      else
-        Gem::YAMLSerializer.load(
-          input,
-          permitted_classes: PERMITTED_CLASSES,
-          permitted_symbols: PERMITTED_SYMBOLS,
-          aliases: aliases_enabled?
-        )
-      end
+    class << self
+      alias_method :load, :safe_load
     end
   end
 end

lib/rubygems/specification_policy.rb

@@ -476,6 +476,7 @@ def validate_extensions # :nodoc:
 
     validate_rake_extensions(builder)
     validate_rust_extensions(builder)
+    validate_extension_require_relative
   end
 
   def validate_rust_extensions(builder) # :nodoc:
@@ -496,6 +497,33 @@ def validate_rake_extensions(builder) # :nodoc:
     WARNING
   end
 
+  def validate_extension_require_relative # :nodoc:
+    return unless @specification.extensions.any?
+
+    require_paths = @specification.require_paths
+
+    @specification.files.each do |rb_file|
+      next unless rb_file.end_with?(".rb")
+      next unless require_paths.any? {|rp| rb_file.start_with?("#{rp}/") }
+      next unless File.file?(rb_file)
+
+      File.foreach(rb_file).with_index(1) do |line, lineno|
+        next unless line =~ /^\s*require_relative\s+["']([^"']+)["']/
+
+        required_path = Regexp.last_match(1)
+        resolved = File.join(File.dirname(rb_file), required_path)
+
+        next if @specification.files.any? {|f| f == "#{resolved}.rb" || f == resolved }
+
+        warning <<~WARNING
+          #{rb_file}:#{lineno} uses `require_relative "#{required_path}"` to load a compiled extension.
+          This will break in RubyGems 4.2, which will stop copying compiled extensions into the gem's lib directory.
+          Use `require` instead of `require_relative` to load compiled extensions.
+        WARNING
+      end
+    end
+  end
+
   def validate_unique_links
     links = @specification.metadata.slice(*METADATA_LINK_KEYS)
     grouped = links.group_by {|_key, uri| uri }

lib/rubygems/yaml_serializer.rb

@@ -132,6 +132,8 @@ def parse_sequence_item(content, indent)
           @lines.any? && current_indent > indent ? parse_node(indent) : nil
         elsif content.start_with?("!ruby/object:")
           parse_tagged_content(content.strip, indent)
+        elsif content.start_with?("!binary ")
+          parse_binary_value(content, indent)
         elsif content.start_with?("-")
           @lines.unshift("#{" " * (indent + 2)}#{content}")
           parse_node(indent)
@@ -156,6 +158,8 @@ def parse_mapping(indent, anchor)
           @lines.shift
           val = strip_comment($2.to_s.strip)
 
+          key = decode_binary_tag(key) if key.start_with?("!binary ")
+
           val_anchor, val = consume_value_anchor(val)
           value = parse_mapping_value(val, indent)
           value = register_anchor(val_anchor, value) if val_anchor
@@ -170,6 +174,8 @@ def parse_mapping_value(val, indent)
           parse_inline_alias(val)
         elsif val.start_with?("!ruby/object:")
           parse_tagged_content(val.strip, indent)
+        elsif val.start_with?("!binary ")
+          parse_binary_value(val, indent)
         elsif val.empty?
           next_stripped = nil
           next_indent = nil
@@ -306,6 +312,22 @@ def coerce(val)
         end
       end
 
+      def decode_binary_tag(str)
+        content = str.sub(/\A!binary\s+/, "")
+        content = $1 if content =~ /\A"(.*)"\z/ || content =~ /\A'(.*)'\z/
+        content.unpack1("m")
+      end
+
+      def parse_binary_value(val, indent)
+        rest = val.sub(/\A!binary\s+/, "")
+        if rest.start_with?("|")
+          content = parse_block_scalar(indent, rest[1..].to_s.strip)
+          Scalar.new(value: content.unpack1("m"))
+        else
+          Scalar.new(value: decode_binary_tag(val))
+        end
+      end
+
       def parse_alias_ref
         AliasRef.new(name: @lines.shift.lstrip[1..].strip)
       end

prism/prism.c

@@ -8594,6 +8594,7 @@ escape_write_escape_encoded(pm_parser_t *parser, pm_buffer_t *buffer, pm_buffer_
     }
 
     if (width == 1) {
+        if (*parser->current.end == '\n') pm_line_offset_list_append(&parser->line_offsets, PM_TOKEN_END(parser, &parser->current) + 1);
         escape_write_byte(parser, buffer, regular_expression_buffer, flags, escape_byte(*parser->current.end++, flags));
     } else if (width > 1) {
         // Valid multibyte character.  Just ignore escape.
@@ -8910,6 +8911,7 @@ escape_read(pm_parser_t *parser, pm_buffer_t *buffer, pm_buffer_t *regular_expre
                         return;
                     }
 
+                    if (peeked == '\n') pm_line_offset_list_append(&parser->line_offsets, PM_TOKEN_END(parser, &parser->current) + 1);
                     parser->current.end++;
                     escape_write_byte(parser, buffer, regular_expression_buffer, flags, escape_byte(peeked, flags | PM_ESCAPE_FLAG_CONTROL));
                     return;
@@ -8968,6 +8970,7 @@ escape_read(pm_parser_t *parser, pm_buffer_t *buffer, pm_buffer_t *regular_expre
                         return;
                     }
 
+                    if (peeked == '\n') pm_line_offset_list_append(&parser->line_offsets, PM_TOKEN_END(parser, &parser->current) + 1);
                     parser->current.end++;
                     escape_write_byte(parser, buffer, regular_expression_buffer, flags, escape_byte(peeked, flags | PM_ESCAPE_FLAG_CONTROL));
                     return;
@@ -9021,13 +9024,15 @@ escape_read(pm_parser_t *parser, pm_buffer_t *buffer, pm_buffer_t *regular_expre
                         return;
                     }
 
+                    if (peeked == '\n') pm_line_offset_list_append(&parser->line_offsets, PM_TOKEN_END(parser, &parser->current) + 1);
                     parser->current.end++;
                     escape_write_byte(parser, buffer, regular_expression_buffer, flags, escape_byte(peeked, flags | PM_ESCAPE_FLAG_META));
                     return;
             }
         }
         case '\r': {
             if (peek_offset(parser, 1) == '\n') {
+                pm_line_offset_list_append(&parser->line_offsets, PM_TOKEN_END(parser, &parser->current) + 2);
                 parser->current.end += 2;
                 escape_write_byte_encoded(parser, buffer, flags, escape_byte('\n', flags));
                 return;