bundler 1.13.7 → 1.14.0.pre.1

data/lib/bundler/vendor/{net → net-http-persistent/lib/net}/http/persistent/ssl_reuse.rb

@@ -7,7 +7,7 @@
 # This class is an implementation detail and is subject to change or removal
 # at any time.
 
-class Net::HTTP::Persistent::SSLReuse < Net::HTTP
+class Bundler::Persistent::Net::HTTP::Persistent::SSLReuse < Net::HTTP
 
   @is_proxy_class = false
   @proxy_addr = nil
@@ -126,3 +126,4 @@ class Net::HTTP::Persistent::SSLReuse < Net::HTTP
   private :connect
 
 end
+

data/lib/bundler/vendored_persistent.rb

@@ -6,7 +6,12 @@ begin
 rescue LoadError
   # some Ruby builds don't have OpenSSL
 end
-
-vendor = File.expand_path("../vendor", __FILE__)
-$:.unshift(vendor) unless $:.include?(vendor)
-require "net/http/persistent"
+module Bundler
+  module Persistent
+    module Net
+      module HTTP
+      end
+    end
+  end
+end
+require "bundler/vendor/net-http-persistent/lib/net/http/persistent"

data/lib/bundler/version.rb

@@ -7,5 +7,5 @@ module Bundler
   # We're doing this because we might write tests that deal
   # with other versions of bundler and we are unsure how to
   # handle this better.
-  VERSION = "1.13.7" unless defined?(::Bundler::VERSION)
+  VERSION = "1.14.0.pre.1" unless defined?(::Bundler::VERSION)
 end

data/lib/bundler/worker.rb

@@ -25,11 +25,8 @@ module Bundler
       @request_queue = Queue.new
       @response_queue = Queue.new
       @func = func
-      @threads = Array.new(size) do |i|
-        Thread.start { process_queue(i) }.tap do |thread|
-          thread.name = "#{name} Worker ##{i}" if thread.respond_to?(:name=)
-        end
-      end
+      @size = size
+      @threads = nil
       trap("INT") { abort_threads }
     end
 
@@ -37,6 +34,7 @@ module Bundler
     #
     # @param obj [String] mostly it is name of spec that should be downloaded
     def enq(obj)
+      create_threads unless @threads
       @request_queue.enq obj
     end
 
@@ -70,13 +68,37 @@ module Bundler
     # Stop the worker threads by sending a poison object down the request queue
     # so as worker threads after retrieving it, shut themselves down
     def stop_threads
+      return unless @threads
       @threads.each { @request_queue.enq POISON }
       @threads.each(&:join)
+      @threads = nil
     end
 
     def abort_threads
+      return unless @threads
       @threads.each(&:exit)
       exit 1
     end
+
+    def create_threads
+      creation_errors = []
+
+      @threads = Array.new(@size) do |i|
+        begin
+          Thread.start { process_queue(i) }.tap do |thread|
+            thread.name = "#{name} Worker ##{i}" if thread.respond_to?(:name=)
+          end
+        rescue ThreadError => e
+          creation_errors << e
+          nil
+        end
+      end.compact
+
+      return if creation_errors.empty?
+
+      message = "Failed to create threads for the #{name} worker: #{creation_errors.map(&:to_s).uniq.join(", ")}"
+      raise ThreadCreationError, message if @threads.empty?
+      Bundler.ui.info message
+    end
   end
 end

data/lib/bundler/yaml_serializer.rb

@@ -52,7 +52,7 @@ module Bundler
       stack = [res]
       last_hash = nil
       last_empty_key = nil
-      str.split("\n").each do |line|
+      str.split(/\r?\n/).each do |line|
         if match = HASH_REGEX.match(line)
           indent, key, _, val = match.captures
           key = convert_to_backward_compatible_key(key)

data/man/bundle-config.ronn

@@ -65,7 +65,7 @@ The options that can be configured are:
   The location to install the specified gems to. This defaults to Rubygems'
   setting. Bundler shares this location with Rubygems, `gem install ...` will
   have gem installed there, too. Therefore, gems installed without a
-  `--path ...` setting will show up by calling `gem list`. Accodingly, gems
+  `--path ...` setting will show up by calling `gem list`. Accordingly, gems
   installed to other locations will not get listed.
 
 * `without`:
@@ -142,7 +142,7 @@ learn more about their operation in [bundle install(1)][bundle-install].
   and key in PEM format.
 * `cache_path` (`BUNDLE_CACHE_PATH`): The directory that bundler will place
   cached gems in when running <code>bundle package</code>, and that bundler
-  will look in when installing gems.
+  will look in when installing gems. Defaults to `vendor/bundle`.
 * `disable_multisource` (`BUNDLE_DISABLE_MULTISOURCE`): When set, Gemfiles
   containing multiple sources will produce errors instead of warnings. Use
   `bundle config --delete disable_multisource` to unset.
@@ -155,6 +155,20 @@ learn more about their operation in [bundle install(1)][bundle-install].
    The number of redirects allowed for network requests. Defaults to `5`.
 * `timeout` (`BUNDLE_TIMEOUT`):
    The seconds allowed before timing out for network requests. Defaults to `10`.
+* `force_ruby_platform` (`BUNDLE_FORCE_RUBY_PLATFORM`):
+   Ignore the current machine's platform and install only `ruby` platform gems.
+   As a result, gems with native extensions will be compiled from source.
+* `specific_platform` (`BUNDLE_SPECIFIC_PLATFORM`):
+   Allow bundler to resolve for the specific running platform and store it in
+   the lockfile, instead of only using a generic platform.
+   A specific platform is the exact platform triple reported by
+   `Gem::Platform.local`, such as `x86_64-darwin-16` or `universal-java-1.8`.
+   On the other hand, generic platforms are those such as `ruby`, `mswin`, or
+   `java`. In this example, `x86_64-darwin-16` would map to `ruby` and
+   `universal-java-1.8` to `java`.
+* `disable_checksum_validation` (`BUNDLE_DISABLE_CHECKSUM_VALIDATION`):
+   Allow installing gems even if they do not match the checksum provided by
+   RubyGems.
 
 In general, you should set these settings per-application by using the applicable
 flag to the [bundle install(1)][bundle-install] or [bundle package(1)][bundle-package] command.
@@ -223,3 +237,16 @@ For example, to save the credentials of user `claudette` for the gem source at
 Or you can set the credentials as an environment variable like this:
 
     export BUNDLE_GEMS__LONGEROUS__COM="claudette:s00pers3krit"
+
+For gems with a git source with HTTP(S) URL you can specify credentials like so:
+
+    bundle config https://github.com/bundler/bundler.git username:password
+
+Or you can set the credentials as an environment variable like so:
+
+    export BUNDLE_GITHUB__COM=username:password
+
+This is especially useful for private repositories on hosts such as Github,
+where you can use personal OAuth tokens:
+
+    export BUNDLE_GITHUB__COM=abcd0123generatedtoken:x-oauth-basic

data/man/bundle-install.ronn

@@ -110,7 +110,7 @@ time `bundle install` is run, use `bundle config` (see bundle-config(1)).
   The location to install the specified gems to. This defaults to Rubygems'
   setting. Bundler shares this location with Rubygems, `gem install ...` will
   have gem installed there, too. Therefore, gems installed without a
-  `--path ...` setting will show up by calling `gem list`. Accodingly, gems
+  `--path ...` setting will show up by calling `gem list`. Accordingly, gems
   installed to other locations will not get listed.
 
 * `--quiet`:

data/man/bundle-lock.ronn

@@ -7,6 +7,14 @@ bundle-lock(1) -- Creates / Updates a lockfile without installing
               [--local]
               [--print]
               [--lockfile=PATH]
+              [--full-index]
+              [--add-platform]
+              [--remove-platform]
+              [--patch]
+              [--minor]
+              [--major]
+              [--strict]
+              [--conservative]
 
 ## DESCRIPTION
 
@@ -30,6 +38,31 @@ Lock the gems specified in Gemfile.
 * `--lockfile=<path>`:
   The path where the lockfile should be written to.
 
+* `--full-index`:
+  Fall back to using the single-file index of all gems.
+
+* `--add-platform`:
+  Add a new platform to the lockfile, re-resolving for the addition of that
+  platform.
+
+* `--remove-platform`:
+  Remove a platform from the lockfile.
+
+* `--patch`:
+  If updating, prefer updating only to next patch version.
+
+* `--minor`:
+  If updating, prefer updating only to next minor version.
+
+* `--major`:
+  If updating, prefer updating to next major version (default).
+
+* `--strict`:
+  If updating, do not allow any gem to be updated past latest --patch | --minor | --major.
+
+* `--conservative`:
+  If updating, use bundle install conservative update behavior and do not allow shared dependencies to be updated.
+
 ## UPDATING ALL GEMS
 
 If you run `bundle lock` with `--update` option without list of gems, bundler will
@@ -45,3 +78,17 @@ For instance, you only want to update `nokogiri`, run `bundle lock --update noko
 
 Bundler will update `nokogiri` and any of its dependencies, but leave the rest of the
 gems that you specified locked to the versions in the `Gemfile.lock`.
+
+## SUPPORTING OTHER PLATFORMS
+
+If you want your bundle to support platforms other than the one you're running
+locally, you can run `bundle lock --add-platform PLATFORM` to add PLATFORM to
+the lockfile, force bundler to re-resolve and consider the new platform when
+picking gems, all without needing to have a machine that matches PLATFORM handy
+to install those platform-specific gems on.
+
+For a full explanation of gem platforms, see `gem help platform`.
+
+## PATCH LEVEL OPTIONS
+
+See [bundle update(1)][bundle-update] for details.

data/man/bundle-outdated.ronn

@@ -0,0 +1,107 @@
+bundle-outdated(1) -- List installed gems with newer versions available
+=======================================================================
+
+## SYNOPSIS
+
+`bundle outdated` [GEM] [--local]
+                        [--pre]
+                        [--source]
+                        [--strict]
+                        [--parseable | --porcelain]
+                        [--group=GROUP]
+                        [--groups]
+                        [--update-strict]
+                        [--patch|--minor|--major]
+                        [--filter-major]
+                        [--filter-minor]
+                        [--filter-patch]
+
+## DESCRIPTION
+
+Outdated lists the names and versions of gems that have a newer version available
+in the given source. Calling outdated with [GEM [GEM]] will only check for newer
+versions of the given gems. Prerelease gems are ignored by default. If your gems
+are up to date, Bundler will exit with a status of 0. Otherwise, it will exit 1.
+
+## OPTIONS
+
+* `--local`:
+  Do not attempt to fetch gems remotely and use the gem cache instead.
+
+* `--pre`:
+  Check for newer pre-release gems.
+
+* `--source`:
+  Check against a specific source.
+
+* `--strict`:
+  Only list newer versions allowed by your Gemfile requirements.
+
+* `--parseable`:
+   Use minimal formatting for more parseable output.
+
+* `--group`:
+  List gems from a specific group.
+
+* `--groups`:
+  List gems organized by groups.
+
+* `--update-strict`:
+  Strict conservative resolution, do not allow any gem to be updated past latest --patch | --minor| --major.
+
+* `--minor`:
+  Prefer updating only to next minor version.
+
+* `--major`:
+  Prefer updating to next major version (default).
+
+* `--patch`:
+  Prefer updating only to next patch version.
+
+* `--filter-major`:
+  Only list major newer versions.
+
+* `--filter-minor`:
+  Only list minor newer versions.
+
+* `--filter-patch`:
+  Only list patch newer versions.
+
+## PATCH LEVEL OPTIONS
+
+See [bundle update(1)][bundle-update] for details.
+
+One difference between the patch level options in `bundle update` and here is the `--strict` option.
+`--strict` was already an option on outdated before the patch level options were added. `--strict`
+wasn't altered, and the `--update-strict` option on `outdated` reflects what `--strict` does on
+`bundle update`.
+
+## FILTERING OUTPUT
+
+The 3 filtering options do not affect the resolution of versions, merely what versions are shown
+in the output.
+
+If the regular output shows the following:
+
+    * faker (newest 1.6.6, installed 1.6.5, requested ~> 1.4) in groups "development, test"
+    * hashie (newest 3.4.6, installed 1.2.0, requested = 1.2.0) in groups "default"
+    * headless (newest 2.3.1, installed 2.2.3) in groups "test"
+
+`--filter-major` would only show:
+
+    * hashie (newest 3.4.6, installed 1.2.0, requested = 1.2.0) in groups "default"
+
+`--filter-minor` would only show:
+
+    * headless (newest 2.3.1, installed 2.2.3) in groups "test"
+
+`--filter-patch` would only show:
+
+    * faker (newest 1.6.6, installed 1.6.5, requested ~> 1.4) in groups "development, test"
+
+Filter options can be combined. `--filter-minor` and `--filter-patch` would show:
+
+    * faker (newest 1.6.6, installed 1.6.5, requested ~> 1.4) in groups "development, test"
+    * headless (newest 2.3.1, installed 2.2.3) in groups "test"
+
+Combining all three `filter` options would be the same result as providing none of them.

data/man/bundle-update.ronn

@@ -3,7 +3,18 @@ bundle-update(1) -- Update your gems to the latest available versions
 
 ## SYNOPSIS
 
-`bundle update` <*gems> [--group=NAME] [--source=NAME] [--local] [--ruby]
+`bundle update` <*gems> [--group=NAME]
+                        [--source=NAME]
+                        [--local]
+                        [--ruby]
+                        [--bundler[=VERSION]]
+                        [--full-index]
+                        [--jobs=JOBS]
+                        [--quiet]
+                        [--force]
+                        [--patch|--minor|--major]
+                        [--strict]
+                        [--conservative]
 
 ## DESCRIPTION
 
@@ -37,6 +48,33 @@ gem.
 * `--bundler`:
   Update the locked version of bundler to the invoked bundler version.
 
+* `--full-index`:
+  Fall back to using the single-file index of all gems.
+
+* `--jobs`:
+  Specify the number of jobs to run in parallel.
+
+* `--quiet`:
+  Only output warnings and errors.
+
+* `--force`:
+  Force downloading every gem.
+
+* `--patch`:
+  Prefer updating only to next patch version.
+
+* `--minor`:
+  Prefer updating only to next minor version.
+
+* `--major`:
+  Prefer updating to next major version (default).
+
+* `--strict`:
+  Do not allow any gem to be updated past latest `--patch` | `--minor` | `--major`.
+
+* `--conservative`:
+  Use bundle install conservative update behavior and do not allow shared dependencies to be updated.
+
 ## UPDATING ALL GEMS
 
 If you run `bundle update` with no parameters, bundler will ignore
@@ -146,14 +184,125 @@ In this case, the two gems have their own set of dependencies, but they share
 `bundle update thin` will update `rack` even though it's _also_ a dependency of
 `rack-perftools_profiler`.
 
-`In short`, when you update a gem using `bundle update`, bundler will update all
-dependencies of that gem, including those that are also dependencies of another gem.
+In short, by default, when you update a gem using `bundle update`, bundler will
+update all dependencies of that gem, including those that are also dependencies
+of another gem.
+
+To prevent updating shared dependencies, prior to version 1.14 the only option
+was the `CONSERVATIVE UPDATING` behavior in [bundle install(1)][bundle-install]:
 
 In this scenario, updating the `thin` version manually in the Gemfile(5),
 and then running [bundle install(1)][bundle-install] will only update `daemons` and `eventmachine`,
 but not `rack`. For more information, see the `CONSERVATIVE UPDATING` section
 of [bundle install(1)][bundle-install].
 
+Starting with 1.14, specifying the `--conservative` option will also prevent shared
+dependencies from being updated.
+
+## PATCH LEVEL OPTIONS
+
+Version 1.14 introduced 4 patch-level options that will influence how gem
+versions are resolved. One of the following options can be used: `--patch`,
+`--minor` or `--major`. `--strict` can be added to further influence resolution.
+
+* `--patch`:
+  Prefer updating only to next patch version.
+
+* `--minor`:
+  Prefer updating only to next minor version.
+
+* `--major`:
+  Prefer updating to next major version (default).
+
+* `--strict`:
+  Do not allow any gem to be updated past latest `--patch` | `--minor` | `--major`.
+
+When Bundler is resolving what versions to use to satisfy declared
+requirements in the Gemfile or in parent gems, it looks up all
+available versions, filters out any versions that don't satisfy
+the requirement, and then, by default, sorts them from newest to
+oldest, considering them in that order.
+
+Providing one of the patch level options (e.g. `--patch`) changes the
+sort order of the satisfying versions, causing Bundler to consider the
+latest `--patch` or `--minor` version available before other versions.
+Note that versions outside the stated patch level could still be
+resolved to if necessary to find a suitable dependency graph.
+
+For example, if gem 'foo' is locked at 1.0.2, with no gem requirement
+defined in the Gemfile, and versions 1.0.3, 1.0.4, 1.1.0, 1.1.1, 2.0.0
+all exist, the default order of preference by default (`--major`) will
+be "2.0.0, 1.1.1, 1.1.0, 1.0.4, 1.0.3, 1.0.2".
+
+If the `--patch` option is used, the order of preference will change to
+"1.0.4, 1.0.3, 1.0.2, 1.1.1, 1.1.0, 2.0.0".
+
+If the `--minor` option is used, the order of preference will change to
+"1.1.1, 1.1.0, 1.0.4, 1.0.3, 1.0.2, 2.0.0".
+
+Combining the `--strict` option with any of the patch level options
+will remove any versions beyond the scope of the patch level option,
+to ensure that no gem is updated that far.
+
+To continue the previous example, if both `--patch` and `--strict`
+options are used, the available versions for resolution would be
+"1.0.4, 1.0.3, 1.0.2". If `--minor` and `--strict` are used, it would
+be "1.1.1, 1.1.0, 1.0.4, 1.0.3, 1.0.2".
+
+Gem requirements as defined in the Gemfile will still be the first
+determining factor for what versions are available. If the gem
+requirement for `foo` in the Gemfile is '~> 1.0', that will accomplish
+the same thing as providing the `--minor` and `--strict` options.
+
+## PATCH LEVEL EXAMPLES
+
+Given the following gem specifications:
+
+    foo 1.4.3, requires: ~> bar 2.0
+    foo 1.4.4, requires: ~> bar 2.0
+    foo 1.4.5, requires: ~> bar 2.1
+    foo 1.5.0, requires: ~> bar 2.1
+    foo 1.5.1, requires: ~> bar 3.0
+    bar with versions 2.0.3, 2.0.4, 2.1.0, 2.1.1, 3.0.0
+
+Gemfile:
+
+    gem 'foo'
+
+Gemfile.lock:
+
+    foo (1.4.3)
+      bar (~> 2.0)
+    bar (2.0.3)
+
+Cases:
+
+    #  Command Line                     Result
+    ------------------------------------------------------------
+    1  bundle update --patch            'foo 1.4.5', 'bar 2.1.1'
+    2  bundle update --patch foo        'foo 1.4.5', 'bar 2.1.1'
+    3  bundle update --minor            'foo 1.5.1', 'bar 3.0.0'
+    4  bundle update --minor --strict   'foo 1.5.0', 'bar 2.1.1'
+    5  bundle update --patch --strict   'foo 1.4.4', 'bar 2.0.4'
+
+In case 1, bar is upgraded to 2.1.1, a minor version increase, because
+the dependency from foo 1.4.5 required it.
+
+In case 2, only foo is requested to be unlocked, but bar is also
+allowed to move because it's not a declared dependency in the Gemfile.
+
+In case 3, bar goes up a whole major release, because a minor increase
+is preferred now for foo, and when it goes to 1.5.1, it requires 3.0.0
+of bar.
+
+In case 4, foo is preferred up to a minor version, but 1.5.1 won't work
+because the --strict flag removes bar 3.0.0 from consideration since
+it's a major increment.
+
+In case 5, both foo and bar have any minor or major increments removed
+from consideration because of the --strict flag, so the most they can
+move is up to 1.4.4 and 2.0.4.
+
 ## RECOMMENDED WORKFLOW
 
 In general, when working with an application managed with bundler, you should