bundler 1.12.6 → 1.13.0.pre.1

data/lib/bundler/cli/plugin.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+require "bundler/vendored_thor"
+module Bundler
+  class CLI::Plugin < Thor
+    desc "install PLUGINS", "Install the plugin from the source"
+    long_desc <<-D
+      Install plugins either from the rubygems source provided (with --source option) or from a git source provided with (--git option). If no sources are provided, it uses Gem.sources
+   D
+    method_option "source", :type => :string, :default => nil, :banner =>
+      "URL of the RubyGems source to fetch the plugin from"
+    method_option "version", :type => :string, :default => nil, :banner =>
+      "The version of the plugin to fetch"
+    method_option "git", :type => :string, :default => nil, :banner =>
+      "URL of the git repo to fetch from"
+    method_option "branch", :type => :string, :default => nil, :banner =>
+      "The git branch to checkout"
+    method_option "ref", :type => :string, :default => nil, :banner =>
+      "The git revision to check out"
+    def install(*plugins)
+      Bundler::Plugin.install(plugins, options)
+    end
+  end
+end

data/lib/bundler/cli/update.rb

@@ -13,7 +13,7 @@ module Bundler
       sources = Array(options[:source])
       groups  = Array(options[:group]).map(&:to_sym)
 
-      if gems.empty? && sources.empty? && groups.empty? && !options[:ruby]
+      if gems.empty? && sources.empty? && groups.empty? && !options[:ruby] && !options[:bundler]
         # We're doing a full update
         Bundler.definition(true)
       else
@@ -21,7 +21,7 @@ module Bundler
           raise GemfileLockNotFound, "This Bundle hasn't been installed yet. " \
             "Run `bundle install` to update and install the bundled gems."
         end
-        # cycle through the requested gems, just to make sure they exist
+        # cycle through the requested gems, to make sure they exist
         names = Bundler.locked_gems.specs.map(&:name)
         gems.each do |g|
           next if names.include?(g)

data/lib/bundler/cli/viz.rb

@@ -8,7 +8,10 @@ module Bundler
 
     def run
       require "graphviz"
+
+      options[:without] = options[:without].join(":").tr(" ", ":").split(":")
       output_file = File.expand_path(options[:file])
+
       graph = Graph.new(Bundler.load, output_file, options[:version], options[:requirements], options[:format], options[:without])
       graph.viz
     rescue LoadError => e

data/lib/bundler/definition.rb

@@ -85,10 +85,17 @@ module Bundler
 
       @unlock[:gems] ||= []
       @unlock[:sources] ||= []
+      @unlock[:ruby] ||= if @ruby_version && @locked_ruby_version
+        unless locked_ruby_version_object = RubyVersion.from_string(@locked_ruby_version)
+          raise LockfileError, "Failed to create a `RubyVersion` object from " \
+            "`#{@locked_ruby_version}` found in #{lockfile} -- try running `bundle update --ruby`."
+        end
+        @ruby_version.diff(locked_ruby_version_object)
+      end
+      @unlocking ||= @unlock[:ruby] || (!@locked_ruby_version ^ !@ruby_version)
 
       current_platform = Bundler.rubygems.platforms.map {|p| generic(p) }.compact.last
-      @new_platform = !@platforms.include?(current_platform)
-      @platforms |= [current_platform]
+      add_platform(current_platform)
 
       @path_changes = converge_paths
       eager_unlock = expand_dependencies(@unlock[:gems])
@@ -137,8 +144,17 @@ module Bundler
     # @return [Bundler::SpecSet]
     def specs
       @specs ||= begin
-        specs = resolve.materialize(Bundler.settings[:cache_all_platforms] ? dependencies : requested_dependencies)
-
+        begin
+          specs = resolve.materialize(Bundler.settings[:cache_all_platforms] ? dependencies : requested_dependencies)
+        rescue GemNotFound => e # Handle yanked gem
+          gem_name, gem_version = extract_gem_info(e)
+          locked_gem = @locked_specs[gem_name].last
+          raise if locked_gem.nil? || locked_gem.version.to_s != gem_version
+          raise GemNotFound, "Your bundle is locked to #{locked_gem}, but that version could not " \
+                             "be found in any of the sources listed in your Gemfile. If you haven't changed sources, " \
+                             "that means the author of #{locked_gem} has removed it. You'll need to update your bundle " \
+                             "to a different version of #{locked_gem} that hasn't been removed in order to install."
+        end
         unless specs["bundler"].any?
           local = Bundler.settings[:frozen] ? rubygems_index : index
           bundler = local.search(Gem::Dependency.new("bundler", VERSION)).last
@@ -167,6 +183,12 @@ module Bundler
       missing
     end
 
+    def missing_dependencies
+      missing = []
+      resolve.materialize(current_dependencies, missing)
+      missing
+    end
+
     def requested_specs
       @requested_specs ||= begin
         groups = requested_groups
@@ -194,9 +216,11 @@ module Bundler
       @resolve ||= begin
         last_resolve = converge_locked_specs
         if Bundler.settings[:frozen] || (!@unlocking && nothing_changed?)
+          Bundler.ui.debug("Found no changes, using resolution from the lockfile")
           last_resolve
         else
           # Run a resolve against the locally available gems
+          Bundler.ui.debug("Found changes from the lockfile, re-resolving dependencies")
           last_resolve.merge Resolver.resolve(expanded_dependencies, index, source_requirements, last_resolve, ruby_version)
         end
       end
@@ -210,7 +234,7 @@ module Bundler
           source.dependency_names = dependency_names.dup
           idx.add_source source.specs
           dependency_names -= pinned_spec_names(source.specs)
-          dependency_names.push(*source.unmet_deps).uniq!
+          dependency_names.concat(source.unmet_deps).uniq!
         end
       end
     end
@@ -352,10 +376,20 @@ module Bundler
       changed = []
 
       gemfile_sources = sources.lock_sources
-      if @locked_sources != gemfile_sources
-        new_sources = gemfile_sources - @locked_sources
-        deleted_sources = @locked_sources - gemfile_sources
 
+      new_sources = gemfile_sources - @locked_sources
+      deleted_sources = @locked_sources - gemfile_sources
+
+      new_deps = @dependencies - @locked_deps
+      deleted_deps = @locked_deps - @dependencies
+
+      # Check if it is possible that the source is only changed thing
+      if (new_deps.empty? && deleted_deps.empty?) && (!new_sources.empty? && !deleted_sources.empty?)
+        new_sources.reject! {|source| source.is_a_path? && source.path.exist? }
+        deleted_sources.reject! {|source| source.is_a_path? && source.path.exist? }
+      end
+
+      if @locked_sources != gemfile_sources
         if new_sources.any?
           added.concat new_sources.map {|source| "* source: #{source}" }
         end
@@ -365,11 +399,7 @@ module Bundler
         end
       end
 
-      new_deps = @dependencies - @locked_deps
-      deleted_deps = @locked_deps - @dependencies
-
       added.concat new_deps.map {|d| "* #{pretty_dep(d)}" } if new_deps.any?
-
       if deleted_deps.any?
         deleted.concat deleted_deps.map {|d| "* #{pretty_dep(d)}" }
       end
@@ -418,6 +448,11 @@ module Bundler
       end
     end
 
+    def add_platform(platform)
+      @new_platform ||= !@platforms.include?(platform)
+      @platforms |= [platform]
+    end
+
     attr_reader :sources
     private :sources
 
@@ -447,14 +482,21 @@ module Bundler
         end
       end
 
-      !locked || unlocking || dependencies_for_source_changed?(locked) || source.specs != locked.specs
+      !locked || unlocking || dependencies_for_source_changed?(source) || specs_for_source_changed?(source)
     end
 
     def dependencies_for_source_changed?(source)
       deps_for_source = @dependencies.select {|s| s.source == source }
       locked_deps_for_source = @locked_deps.select {|s| s.source == source }
 
-      deps_for_source != locked_deps_for_source
+      Set.new(deps_for_source) != Set.new(locked_deps_for_source)
+    end
+
+    def specs_for_source_changed?(source)
+      locked_index = Index.new
+      locked_index.use(@locked_specs.select {|s| source.can_lock?(s) })
+
+      source.specs != locked_index
     end
 
     # Get all locals and override their matching sources.
@@ -523,7 +565,15 @@ module Bundler
 
     def converge_dependencies
       (@dependencies + @locked_deps).each do |dep|
-        dep.source = sources.get(dep.source) if dep.source
+        locked_source = @locked_deps.select {|d| d.name == dep.name }.last
+        # This is to make sure that if bundler is installing in deployment mode and
+        # after locked_source and sources don't match, we still use locked_source.
+        if Bundler.settings[:frozen] && !locked_source.nil? &&
+            locked_source.respond_to?(:source) && locked_source.source.instance_of?(Source::Path) && locked_source.source.path.exist?
+          dep.source = locked_source.source
+        elsif dep.source
+          dep.source = sources.get(dep.source)
+        end
       end
       Set.new(@dependencies) != Set.new(@locked_deps)
     end
@@ -572,7 +622,7 @@ module Bundler
         next if s.source.nil? || @unlock[:sources].include?(s.name)
 
         # If the spec is from a path source and it doesn't exist anymore
-        # then we just unlock it.
+        # then we unlock it.
 
         # Path sources have special logic
         if s.source.instance_of?(Source::Path)
@@ -684,5 +734,11 @@ module Bundler
       end
       current == proposed
     end
+
+    def extract_gem_info(error)
+      # This method will extract the error message like "Could not find foo-1.2.3 in any of the sources"
+      # to an array. The first element will be the gem name (e.g. foo), the second will be the version number.
+      error.message.scan(/Could not find (\w+)-(\d+(?:\.\d+)+)/).flatten
+    end
   end
 end

data/lib/bundler/dsl.rb

@@ -34,7 +34,9 @@ module Bundler
     end
 
     def eval_gemfile(gemfile, contents = nil)
-      @gemfile = Pathname.new(gemfile)
+      expanded_gemfile_path = Pathname.new(gemfile).expand_path
+      original_gemfile = @gemfile
+      @gemfile = expanded_gemfile_path
       contents ||= Bundler.read_file(gemfile.to_s)
       instance_eval(contents, gemfile.to_s, 1)
     rescue Exception => e
@@ -43,6 +45,8 @@ module Bundler
         "`#{File.basename gemfile.to_s}`: #{e.message}"
 
       raise DSLError.new(message, gemfile, e.backtrace, contents)
+    ensure
+      @gemfile = original_gemfile
     end
 
     def gemspec(opts = nil)
@@ -63,16 +67,16 @@ module Bundler
             "#{file}. Make sure you can build the gem, then try again"
         end
 
+        @gemspecs << spec
+
         gem_platforms = Bundler::Dependency::REVERSE_PLATFORM_MAP[Bundler::GemHelpers.generic_local_platform]
-        gem spec.name, :path => path, :glob => glob, :platforms => gem_platforms
+        gem spec.name, :name => spec.name, :path => path, :glob => glob, :platforms => gem_platforms
 
         group(development_group) do
           spec.development_dependencies.each do |dep|
-            gem dep.name, *(dep.requirement.as_list + [:type => :development])
+            gem dep.name, *(dep.requirement.as_list + [:type => :development, :platforms => gem_platforms])
           end
         end
-
-        @gemspecs << gemspecs.first
       when 0
         raise InvalidOption, "There are no gemspecs at #{expanded_path}"
       else
@@ -103,7 +107,7 @@ module Bundler
         else
           Bundler.ui.warn "Your Gemfile lists the gem #{current.name} (#{current.requirement}) more than once.\n" \
                           "You should probably keep only one of them.\n" \
-                          "While it's not a problem now, it could cause errors if you change the version of just one of them later."
+                          "While it's not a problem now, it could cause errors if you change the version of one of them later."
         end
 
         if current.source != dep.source
@@ -145,7 +149,11 @@ module Bundler
     end
 
     def path(path, options = {}, &blk)
-      source_options = normalize_hash(options).merge("path" => Pathname.new(path), "root_path" => gemfile_root)
+      source_options = normalize_hash(options).merge(
+        "path" => Pathname.new(path),
+        "root_path" => gemfile_root,
+        "gemspec" => gemspecs.find {|g| g.name == options["name"] }
+      )
       source = @sources.add_path_source(source_options)
       with_source(source, &blk)
     end
@@ -216,6 +224,10 @@ module Bundler
       @env = old
     end
 
+    def plugin(*args)
+      # Pass on
+    end
+
     def method_missing(name, *args)
       raise GemfileError, "Undefined local variable or method `#{name}' for Gemfile"
     end

data/lib/bundler/endpoint_specification.rb

@@ -115,8 +115,8 @@ module Bundler
       end
     end
 
-    def build_dependency(name, *requirements)
-      Gem::Dependency.new(name, *requirements)
+    def build_dependency(name, requirements)
+      Gem::Dependency.new(name, requirements)
     rescue ArgumentError => e
       raise unless e.message.include?(ILLFORMED_MESSAGE)
       puts # we shouldn't print the error message on the "fetching info" status line

data/lib/bundler/env.rb

@@ -44,8 +44,8 @@ module Bundler
       if print_gemspecs
         dsl = Dsl.new.tap {|d| d.eval_gemfile(Bundler.default_gemfile) }
         dsl.gemspecs.each do |gs|
-          out << "\n#{Pathname.new(gs).basename}"
-          out << "\n\n    " << read_file(gs).gsub(/\n/, "\n    ") << "\n"
+          out << "\n#{File.basename(gs.loaded_from)}"
+          out << "\n\n    " << read_file(gs.loaded_from).gsub(/\n/, "\n    ") << "\n"
         end
       end
 

data/lib/bundler/errors.rb

@@ -30,12 +30,18 @@ module Bundler
   class GemspecError < BundlerError; status_code(14); end
   class InvalidOption < BundlerError; status_code(15); end
   class ProductionError < BundlerError; status_code(16); end
-  class HTTPError < BundlerError; status_code(17); end
+  class HTTPError < BundlerError
+    status_code(17)
+    def filter_uri(uri)
+      URICredentialsFilter.credential_filtered_uri(uri)
+    end
+  end
   class RubyVersionMismatch < BundlerError; status_code(18); end
   class SecurityError < BundlerError; status_code(19); end
   class LockfileError < BundlerError; status_code(20); end
   class CyclicDependencyError < BundlerError; status_code(21); end
   class GemfileLockNotFound < BundlerError; status_code(22); end
+  class PluginError < BundlerError; status_code(23); end
   class GemfileEvalError < GemfileError; end
   class MarshalError < StandardError; end
 
@@ -107,4 +113,12 @@ module Bundler
 
     status_code(27)
   end
+
+  class OperationNotSupportedError < PermissionError
+    def message
+      "Attempting to #{action} `#{@path}` is unsupported by your OS."
+    end
+
+    status_code(28)
+  end
 end

data/lib/bundler/fetcher.rb

@@ -19,6 +19,7 @@ module Bundler
     # This is the error raised if OpenSSL fails the cert verification
     class CertificateFailureError < HTTPError
       def initialize(remote_uri)
+        remote_uri = filter_uri(remote_uri)
         super "Could not verify the SSL certificate for #{remote_uri}.\nThere" \
           " is a chance you are experiencing a man-in-the-middle attack, but" \
           " most likely your system doesn't have the CA certificates needed" \
@@ -39,6 +40,7 @@ module Bundler
     # This error is raised if HTTP authentication is required, but not provided.
     class AuthenticationRequiredError < HTTPError
       def initialize(remote_uri)
+        remote_uri = filter_uri(remote_uri)
         super "Authentication is required for #{remote_uri}.\n" \
           "Please supply credentials for this source. You can do this by running:\n" \
           " bundle config #{remote_uri} username:password"
@@ -47,6 +49,7 @@ module Bundler
     # This error is raised if HTTP authentication is provided, but incorrect.
     class BadAuthenticationError < HTTPError
       def initialize(remote_uri)
+        remote_uri = filter_uri(remote_uri)
         super "Bad username or password for #{remote_uri}.\n" \
           "Please double-check your credentials and correct them."
       end
@@ -63,7 +66,7 @@ module Bundler
     FAIL_ERRORS = begin
       fail_errors = [AuthenticationRequiredError, BadAuthenticationError, FallbackError]
       fail_errors << Gem::Requirement::BadRequirementError if defined?(Gem::Requirement::BadRequirementError)
-      fail_errors.push(*NET_ERRORS.map {|e| SharedHelpers.const_get_safely(e, Net) }.compact)
+      fail_errors.concat(NET_ERRORS.map {|e| SharedHelpers.const_get_safely(e, Net) }.compact)
     end.freeze
 
     class << self
@@ -269,7 +272,7 @@ module Bundler
       Timeout::Error, EOFError, SocketError, Errno::ENETDOWN, Errno::ENETUNREACH,
       Errno::EINVAL, Errno::ECONNRESET, Errno::ETIMEDOUT, Errno::EAGAIN,
       Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError,
-      Net::HTTP::Persistent::Error, Zlib::BufError
+      Net::HTTP::Persistent::Error, Zlib::BufError, Errno::EHOSTUNREACH
     ].freeze
 
     def bundler_cert_store

data/lib/bundler/fetcher/compact_index.rb

@@ -16,7 +16,7 @@ module Bundler
           rescue NetworkDownError, CompactIndexClient::Updater::MisMatchedChecksumError => e
             raise HTTPError, e.message
           rescue AuthenticationRequiredError
-            # We got a 401 from the server. Just fail.
+            # Fail since we got a 401 from the server.
             raise
           rescue HTTPError => e
             Bundler.ui.trace(e)
@@ -41,7 +41,7 @@ module Bundler
           deps = compact_index_client.dependencies(remaining_gems)
           next_gems = deps.map {|d| d[3].map(&:first).flatten(1) }.flatten(1).uniq
           deps.each {|dep| gem_info << dep }
-          complete_gems.push(*deps.map(&:first)).uniq!
+          complete_gems.concat(deps.map(&:first)).uniq!
           remaining_gems = next_gems - complete_gems
         end
 

data/lib/bundler/fetcher/dependency.rb

@@ -10,7 +10,7 @@ module Bundler
       rescue NetworkDownError => e
         raise HTTPError, e.message
       rescue AuthenticationRequiredError
-        # We got a 401 from the server. Just fail.
+        # Fail since we got a 401 from the server.
         raise
       rescue HTTPError
         false
@@ -33,10 +33,14 @@ module Bundler
 
         returned_gems = spec_list.map(&:first).uniq
         specs(deps_list, full_dependency_list + returned_gems, spec_list + last_spec_list)
-      rescue HTTPError, MarshalError, GemspecError
+      rescue MarshalError
         Bundler.ui.info "" unless Bundler.ui.debug? # new line now that the dots are over
         Bundler.ui.debug "could not fetch from the dependency API, trying the full index"
         nil
+      rescue HTTPError, GemspecError
+        Bundler.ui.info "" unless Bundler.ui.debug? # new line now that the dots are over
+        Bundler.ui.debug "could not fetch from the dependency API\nit's suggested to retry using the full index via `bundle install --full-index`"
+        nil
       end
 
       def dependency_specs(gem_names)
@@ -50,7 +54,7 @@ module Bundler
         gem_list = []
         gem_names.each_slice(Source::Rubygems::API_REQUEST_SIZE) do |names|
           marshalled_deps = downloader.fetch(dependency_api_uri(names)).body
-          gem_list.push(*Bundler.load_marshal(marshalled_deps))
+          gem_list.concat(Bundler.load_marshal(marshalled_deps))
         end
         gem_list
       end
@@ -60,7 +64,7 @@ module Bundler
         spec_list = []
 
         gem_list.each do |s|
-          deps_list.push(*s[:dependencies].map(&:first))
+          deps_list.concat(s[:dependencies].map(&:first))
           deps = s[:dependencies].map {|n, d| [n, d.split(", ")] }
           spec_list.push([s[:name], s[:number], s[:platform], deps])
         end