appraisal2 3.0.5 → 3.0.7

data/RUBOCOP.md

@@ -0,0 +1,71 @@
+# RuboCop Usage Guide
+
+## Overview
+
+A tale of two RuboCop plugin gems.
+
+### RuboCop Gradual
+
+This project uses `rubocop_gradual` instead of vanilla RuboCop for code style checking. The `rubocop_gradual` tool allows for gradual adoption of RuboCop rules by tracking violations in a lock file.
+
+### RuboCop LTS
+
+This project uses `rubocop-lts` to ensure, on a best-effort basis, compatibility with Ruby >= 1.9.2.
+RuboCop rules are meticulously configured by the `rubocop-lts` family of gems to ensure that a project is compatible with a specific version of Ruby. See: https://rubocop-lts.gitlab.io for more.
+
+## Checking RuboCop Violations
+
+To check for RuboCop violations in this project, always use:
+
+```bash
+bundle exec rake rubocop_gradual:check
+```
+
+**Do not use** the standard RuboCop commands like:
+- `bundle exec rubocop`
+- `rubocop`
+
+## Understanding the Lock File
+
+The `.rubocop_gradual.lock` file tracks all current RuboCop violations in the project. This allows the team to:
+
+1. Prevent new violations while gradually fixing existing ones
+2. Track progress on code style improvements
+3. Ensure CI builds don't fail due to pre-existing violations
+
+## Common Commands
+
+- **Check violations**
+    - `bundle exec rake rubocop_gradual`
+    - `bundle exec rake rubocop_gradual:check`
+- **(Safe) Autocorrect violations, and update lockfile if no new violations**
+  - `bundle exec rake rubocop_gradual:autocorrect`
+- **Force update the lock file (w/o autocorrect) to match violations present in code**
+  - `bundle exec rake rubocop_gradual:force_update`
+
+## Workflow
+
+1. Before submitting a PR, run `bundle exec rake rubocop_gradual:autocorrect`
+   a. or just the default `bundle exec rake`, as autocorrection is a pre-requisite of the default task.
+2. If there are new violations, either:
+   - Fix them in your code
+   - Run `bundle exec rake rubocop_gradual:force_update` to update the lock file (only for violations you can't fix immediately)
+3. Commit the updated `.rubocop_gradual.lock` file along with your changes
+
+## Never add inline RuboCop disables
+
+Do not add inline `rubocop:disable` / `rubocop:enable` comments anywhere in the codebase (including specs, except when following the few existing `rubocop:disable` patterns for a rule already being disabled elsewhere in the code). We handle exceptions in two supported ways:
+
+- Permanent/structural exceptions: prefer adjusting the RuboCop configuration (e.g., in `.rubocop.yml`) to exclude a rule for a path or file pattern when it makes sense project-wide.
+- Temporary exceptions while improving code: record the current violations in `.rubocop_gradual.lock` via the gradual workflow:
+  - `bundle exec rake rubocop_gradual:autocorrect` (preferred; will autocorrect what it can and update the lock only if no new violations were introduced)
+  - If needed, `bundle exec rake rubocop_gradual:force_update` (as a last resort when you cannot fix the newly reported violations immediately)
+
+In general, treat the rules as guidance to follow; fix violations rather than ignore them. For example, RSpec conventions in this project expect `described_class` to be used in specs that target a specific class under test.
+
+## Benefits of rubocop_gradual
+
+- Allows incremental adoption of code style rules
+- Prevents CI failures due to pre-existing violations
+- Provides a clear record of code style debt
+- Enables focused efforts on improving code quality over time

data/SECURITY.md

@@ -4,7 +4,7 @@
 
 | Version  | Supported |
 |----------|-----------|
-| 1.latest | ✅         |
+| 3.0.latest | ✅         |
 
 ## Security contact information
 
@@ -18,4 +18,4 @@ If you are interested in support for versions older than the latest release,
 please consider sponsoring the project / maintainer @ https://liberapay.com/pboling/donate,
 or find other sponsorship links in the [README].
 
-[README]: README.md
+[README]: README.md

data/certs/pboling.pem

@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEgDCCAuigAwIBAgIBATANBgkqhkiG9w0BAQsFADBDMRUwEwYDVQQDDAxwZXRl
+ci5ib2xpbmcxFTATBgoJkiaJk/IsZAEZFgVnbWFpbDETMBEGCgmSJomT8ixkARkW
+A2NvbTAeFw0yNTA1MDQxNTMzMDlaFw00NTA0MjkxNTMzMDlaMEMxFTATBgNVBAMM
+DHBldGVyLmJvbGluZzEVMBMGCgmSJomT8ixkARkWBWdtYWlsMRMwEQYKCZImiZPy
+LGQBGRYDY29tMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAruUoo0WA
+uoNuq6puKWYeRYiZekz/nsDeK5x/0IEirzcCEvaHr3Bmz7rjo1I6On3gGKmiZs61
+LRmQ3oxy77ydmkGTXBjruJB+pQEn7UfLSgQ0xa1/X3kdBZt6RmabFlBxnHkoaGY5
+mZuZ5+Z7walmv6sFD9ajhzj+oIgwWfnEHkXYTR8I6VLN7MRRKGMPoZ/yvOmxb2DN
+coEEHWKO9CvgYpW7asIihl/9GMpKiRkcYPm9dGQzZc6uTwom1COfW0+ZOFrDVBuV
+FMQRPswZcY4Wlq0uEBLPU7hxnCL9nKK6Y9IhdDcz1mY6HZ91WImNslOSI0S8hRpj
+yGOWxQIhBT3fqCBlRIqFQBudrnD9jSNpSGsFvbEijd5ns7Z9ZMehXkXDycpGAUj1
+to/5cuTWWw1JqUWrKJYoifnVhtE1o1DZ+LkPtWxHtz5kjDG/zR3MG0Ula0UOavlD
+qbnbcXPBnwXtTFeZ3C+yrWpE4pGnl3yGkZj9SMTlo9qnTMiPmuWKQDatAgMBAAGj
+fzB9MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBQE8uWvNbPVNRXZ
+HlgPbc2PCzC4bjAhBgNVHREEGjAYgRZwZXRlci5ib2xpbmdAZ21haWwuY29tMCEG
+A1UdEgQaMBiBFnBldGVyLmJvbGluZ0BnbWFpbC5jb20wDQYJKoZIhvcNAQELBQAD
+ggGBAJbnUwfJQFPkBgH9cL7hoBfRtmWiCvdqdjeTmi04u8zVNCUox0A4gT982DE9
+wmuN12LpdajxZONqbXuzZvc+nb0StFwmFYZG6iDwaf4BPywm2e/Vmq0YG45vZXGR
+L8yMDSK1cQXjmA+ZBKOHKWavxP6Vp7lWvjAhz8RFwqF9GuNIdhv9NpnCAWcMZtpm
+GUPyIWw/Cw/2wZp74QzZj6Npx+LdXoLTF1HMSJXZ7/pkxLCsB8m4EFVdb/IrW/0k
+kNSfjtAfBHO8nLGuqQZVH9IBD1i9K6aSs7pT6TW8itXUIlkIUI2tg5YzW6OFfPzq
+QekSkX3lZfY+HTSp/o+YvKkqWLUV7PQ7xh1ZYDtocpaHwgxe/j3bBqHE+CUPH2vA
+0V/FwdTRWcwsjVoOJTrYcff8pBZ8r2MvtAc54xfnnhGFzeRHfcltobgFxkAXdE6p
+DVjBtqT23eugOqQ73umLcYDZkc36vnqGxUBSsXrzY9pzV5gGr2I8YUxMqf6ATrZt
+L9nRqA==
+-----END CERTIFICATE-----

data/lib/appraisal/appraisal.rb

@@ -109,7 +109,7 @@ module Appraisal
       File.open(lockfile_path, "w") do |file|
         file.write(lockfile_content.gsub(
           / #{current_directory}/,
-          " #{relative_path}",
+          " #{relative_path}"
         ))
       end
     end

data/lib/appraisal/bundler_dsl.rb

@@ -7,18 +7,18 @@ module Appraisal
   class BundlerDSL
     attr_reader :dependencies
 
-    PARTS = %w[
-      source
-      ruby_version
-      gits
-      paths
-      dependencies
-      groups
-      platforms
-      source_blocks
-      install_if
-      gemspec
-      eval_gemfile
+    PARTS = [
+      "source",
+      "ruby_version",
+      "gits",
+      "paths",
+      "dependencies",
+      "groups",
+      "platforms",
+      "source_blocks",
+      "install_if",
+      "gemspec",
+      "eval_gemfile"
     ]
 
     def initialize

data/lib/appraisal/command.rb

@@ -7,6 +7,32 @@ module Appraisal
   class Command
     attr_reader :command, :env, :gemfile
 
+    # BUNDLE_* environment variables that must be preserved for proper bundler operation
+    # and test isolation. These are preserved when using with_bundler_env to ensure:
+    # - Bundler version switching works (BUNDLE_GEMFILE)
+    # - Test isolation is maintained (BUNDLE_APP_CONFIG, etc.)
+    # - User settings are respected (BUNDLE_PATH, BUNDLE_USER_CACHE, etc.)
+    #
+    # NOTE: BUNDLE_LOCKFILE is NOT preserved because:
+    # - Bundler automatically infers lockfile from BUNDLE_GEMFILE (e.g., foo.gemfile -> foo.gemfile.lock)
+    # - Forcing BUNDLE_LOCKFILE breaks appraisal's ability to create per-gemfile lockfiles
+    # - Each appraisal needs its own lockfile, not the root Gemfile.lock
+    PRESERVED_BUNDLE_VARS = [
+      "BUNDLE_GEMFILE",
+      "BUNDLE_APP_CONFIG",
+      "BUNDLE_PATH",
+      "BUNDLE_USER_CONFIG",
+      "BUNDLE_USER_CACHE",
+      "BUNDLE_USER_PLUGIN",
+      "BUNDLE_IGNORE_FUNDING_REQUESTS",
+      "BUNDLE_DISABLE_SHARED_GEMS"
+    ].freeze
+
+    PRESERVED_RUNTIME_VARS = [
+      "PATH",
+      "GEM_PATH"
+    ].freeze
+
     def initialize(command, options = {})
       @gemfile = options[:gemfile]
       @env = options.fetch(:env, {})
@@ -15,19 +41,22 @@ module Appraisal
     end
 
     def run
-      # Capture BUNDLE_PATH from the current environment before with_original_env scrubs it
-      bundle_path = ENV["BUNDLE_PATH"]
       run_env = test_environment.merge(env)
 
       if @skip_bundle_exec
         execute(run_env)
       else
-        # This will wipe out BUNDLE_* variables
-        Bundler.with_original_env do
-          # Restore BUNDLE_PATH if it was set
-          # BUNDLE_PATH is often used for caching between appraisals
-          ENV["BUNDLE_PATH"] = bundle_path if bundle_path
+        # For bundler version switching to work reliably, we need to preserve
+        # the appraisal Gemfile while avoiding the active parent Bundler process.
+        # However, we still need to isolate from the parent's bundler state
+        # to avoid conflicts.
+        #
+        # Solution: Use a selective environment approach instead of with_original_env,
+        # which strips all BUNDLE_* variables and breaks version switching.
+        with_bundler_env do
+          apply_run_env(run_env)
           ensure_bundler_is_available
+          ensure_locked_bundler_is_available
           execute(run_env)
         end
       end
@@ -35,10 +64,60 @@ module Appraisal
 
     private
 
+    # Provide a clean environment while preserving Bundler's version switching
+    # inputs and test isolation settings.
+    #
+    # The current Ruby process has bundler activated, which adds bundler/setup to RUBYOPT.
+    # When we run a subprocess, we need to remove that activation so the subprocess bundler
+    # can start fresh. However, we keep all test isolation variables intact.
+    def with_bundler_env
+      backup_env = ENV.to_h
+
+      begin
+        clean_env = if Bundler.respond_to?(:original_env)
+          Bundler.original_env.to_h
+        else
+          backup_env.to_h
+        end
+
+        # Avoid leaking a global BUNDLE_LOCKFILE into subprocesses.
+        clean_env.delete("BUNDLE_LOCKFILE")
+
+        preserved_vars = PRESERVED_BUNDLE_VARS + PRESERVED_RUNTIME_VARS
+
+        preserved_vars.each do |var|
+          clean_env[var] = backup_env[var] if backup_env[var]
+        end
+
+        # Remove bundler/setup from RUBYOPT so subprocess doesn't auto-load bundler
+        if backup_env["RUBYOPT"]
+          rubyopt = backup_env["RUBYOPT"].split(" ")
+          rubyopt.reject! { |opt| opt == "-rbundler/setup" || opt.include?("bundler/setup") }
+          clean_env["RUBYOPT"] = rubyopt.join(" ") unless rubyopt.empty?
+        end
+
+        # Remove Bundler activation markers from the subprocess environment.
+        # BUNDLE_BIN_PATH pins the already-active Bundler executable, so keeping
+        # it would bypass the BUNDLED WITH version selected below.
+        clean_env.delete("BUNDLE_BIN_PATH")
+        clean_env.delete("BUNDLER_SETUP")
+        clean_env.delete("BUNDLER_VERSION")
+
+        ENV.replace(clean_env)
+
+        yield
+      ensure
+        ENV.replace(backup_env)
+      end
+    end
+
     def execute(run_env)
       announce
 
       ENV["BUNDLE_GEMFILE"] = gemfile
+      if (bundler_version = locked_bundler_version)
+        ENV["BUNDLER_VERSION"] = bundler_version
+      end
       ENV["APPRAISAL_INITIALIZED"] = "1"
       run_env.each_pair do |key, value|
         ENV[key] = value
@@ -47,6 +126,12 @@ module Appraisal
       exit(1) unless Kernel.system(command_as_string)
     end
 
+    def apply_run_env(run_env)
+      run_env.each_pair do |key, value|
+        ENV[key] = value
+      end
+    end
+
     def ensure_bundler_is_available
       # Check if any version of bundler is available
       return if system(%(gem list --silent -i bundler))
@@ -65,6 +150,36 @@ manually.
       exit(1)
     end
 
+    def ensure_locked_bundler_is_available
+      locked_version = locked_bundler_version
+      return unless locked_version
+
+      return if system(%(gem list --silent -i bundler -v "#{locked_version}"))
+
+      puts ">> Bundler #{locked_version} not found, attempting to install..."
+      return if system("gem install bundler -v #{Shellwords.escape(locked_version)} --no-document")
+
+      puts
+      puts <<-ERROR.rstrip
+Bundler #{locked_version} installation failed.
+Please try running:
+  `gem install bundler -v #{locked_version}`
+manually.
+      ERROR
+      exit(1)
+    end
+
+    def locked_bundler_version
+      return unless gemfile
+
+      lockfile_path = "#{gemfile}.lock"
+      return unless File.exist?(lockfile_path)
+
+      lockfile_content = File.read(lockfile_path)
+      match = lockfile_content.match(/BUNDLED WITH\s*\n\s*([^\s]+)/)
+      match && match[1]
+    end
+
     def announce
       if gemfile
         puts ">> BUNDLE_GEMFILE=#{gemfile} #{command_as_string}"
@@ -85,7 +200,7 @@ manually.
       if command_starts_with_bundle?(original_command)
         original_command
       elsif original_command.is_a?(Array)
-        %w[bundle exec] + original_command
+        ["bundle", "exec"] + original_command
       else
         "bundle exec #{original_command}"
       end
@@ -104,7 +219,7 @@ manually.
 
       {
         "GEM_HOME" => ENV["GEM_HOME"],
-        "GEM_PATH" => "",
+        "GEM_PATH" => ""
       }
     end
   end

data/lib/appraisal/customize.rb

@@ -40,7 +40,7 @@ module Appraisal
           :lockfile => "#{gemfile.send(:gemfile_name)}.lock",
           :lockfile_path => gemfile.send(:lockfile_path),
           :relative_gemfile_path => gemfile.relative_gemfile_path,
-          :relative_lockfile_path => "#{gemfile.relative_gemfile_path}.lock",
+          :relative_lockfile_path => "#{gemfile.relative_gemfile_path}.lock"
         )
       end
     end

data/lib/appraisal/gem_manager/factory.rb

@@ -10,7 +10,7 @@ module Appraisal
     class Factory
       ADAPTERS = {
         "bundler" => BundlerAdapter,
-        "ore" => OreAdapter,
+        "ore" => OreAdapter
       }.freeze
 
       DEFAULT_MANAGER = "bundler"

data/lib/appraisal/gemspec.rb

@@ -24,7 +24,7 @@ module Appraisal
 
     def exported_options
       @options.merge(
-        :path => Utils.prefix_path(@options[:path]),
+        :path => Utils.prefix_path(@options[:path])
       )
     end
   end

data/lib/appraisal/version.rb

@@ -2,7 +2,7 @@
 
 module Appraisal
   module Version
-    VERSION = "3.0.5"
+    VERSION = "3.0.7"
   end
   VERSION = Version::VERSION # Traditional constant location
 end

data/lib/appraisal2/version.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Appraisal2
+  module Version
+    VERSION = "3.0.7"
+  end
+  VERSION = Version::VERSION # Traditional Constant Location
+end

data/lib/appraisal2.rb

@@ -1,6 +1,13 @@
 # frozen_string_literal: true
 
+require "version_gem"
+require_relative "appraisal2/version"
+
 require "appraisal/version"
 require "appraisal/task"
 
 Appraisal::Task.new
+
+Appraisal2::Version.class_eval do
+  extend VersionGem::Basic
+end

data/sig/appraisal2/version.rbs

@@ -0,0 +1,6 @@
+module Appraisal2
+  module Version
+    VERSION: String
+  end
+  VERSION: String
+end