bundler 1.3.0.pre.7 → 1.3.0.pre.8

data/lib/bundler/friendly_errors.rb

@@ -12,18 +12,6 @@ module Bundler
       exit 1
     rescue SystemExit => e
       exit e.status
-    rescue LoadError => e
-      case e.message
-      when /cannot load such file -- openssl/, /openssl.so/, /libcrypto.so/
-        Bundler.ui.error "\nCould not load OpenSSL."
-        Bundler.ui.warn "You must recompile Ruby with OpenSSL support or change the sources in your" \
-          "\nGemfile from 'https' to 'http'. Instructions for compiling with OpenSSL" \
-          "\nusing RVM are available at rvm.io/packages/openssl."
-        Bundler.ui.trace e
-        exit 1
-      else
-        raise e
-      end
     rescue Exception => e
       Bundler.ui.error(
         "Unfortunately, a fatal error has occurred. Please see the Bundler \n" \

data/lib/bundler/index.rb

@@ -31,7 +31,7 @@ module Bundler
     end
 
     def inspect
-      "<Index sources=#{sources.map{|s| s.inspect}} specs.size=#{specs.size}>"
+      "#<#{self.class}:0x#{object_id} sources=#{sources.map{|s| s.inspect}} specs.size=#{specs.size}>"
     end
 
     def empty?
@@ -95,7 +95,7 @@ module Bundler
           s.dependencies.map{|d| d.name }
         end
       end.flatten.uniq
-      dependency_names.select{|name| specs_by_name(name).empty? }
+      dependency_names.select{|name| name != 'bundler' && specs_by_name(name).empty? }
     end
 
     def use(other, override_dupes = false)

data/lib/bundler/injector.rb

@@ -61,4 +61,4 @@ module Bundler
 
 
   end
-end
+end

data/lib/bundler/installer.rb

@@ -66,11 +66,13 @@ module Bundler
       end
 
       if Bundler.default_lockfile.exist? && !options["update"]
+        real_ui, Bundler.ui = Bundler.ui, Bundler::UI.new
         begin
           tmpdef = Definition.build(Bundler.default_gemfile, Bundler.default_lockfile, nil)
           local = true unless tmpdef.new_platform? || tmpdef.missing_specs.any?
         rescue BundlerError
         end
+        Bundler.ui = real_ui
       end
 
       # Since we are installing, we can resolve the definition
@@ -107,14 +109,16 @@ module Bundler
 
       # newline comes after installing, some gems say "with native extensions"
       Bundler.ui.info ""
-      if Bundler.settings[:bin]
-        standalone ? generate_standalone_bundler_executable_stubs(spec) : generate_bundler_executable_stubs(spec)
+      if Bundler.settings[:bin] && standalone
+        generate_standalone_bundler_executable_stubs(spec)
+      elsif Bundler.settings[:bin]
+        generate_bundler_executable_stubs(spec, :force => true)
       end
 
       FileUtils.rm_rf(Bundler.tmp)
     rescue Exception => e
       # install hook failed
-      raise e if e.is_a?(Bundler::InstallHookError)
+      raise e if e.is_a?(Bundler::InstallHookError) || e.is_a?(Bundler::SecurityError)
 
       # other failure, likely a native extension build failure
       Bundler.ui.info ""

data/lib/bundler/resolver.rb

@@ -122,6 +122,7 @@ module Bundler
     # <GemBundle>,nil:: If the list of dependencies can be resolved, a
     #   collection of gemspecs is returned. Otherwise, nil is returned.
     def self.resolve(requirements, index, source_requirements = {}, base = [])
+      Bundler.ui.info "Resolving dependencies..."
       base = SpecSet.new(base) unless base.is_a?(SpecSet)
       resolver = new(index, source_requirements, base)
       result = catch(:success) do
@@ -295,6 +296,22 @@ module Bundler
           conflict = resolve_requirement(spec_group, current, reqs.dup, activated.dup)
           conflicts << conflict if conflict
         end
+
+        # We throw the conflict up the dependency chain if it has not been
+        # resolved (in @errors), thus avoiding branches of the tree that have no effect
+        # on this conflict.  Note that if the tree has multiple conflicts, we don't
+        # care which one we throw, as long as we get out safe
+        if !current.required_by.empty? && !conflicts.empty?
+          @errors.reverse_each do |name, pair|
+            if conflicts.include?(name)
+              # Choose the closest pivot in the stack that will affect the conflict
+              errorpivot = (@stack & [name, current.required_by.last.name]).last
+              debug { "    -> Jumping to: #{errorpivot}" }
+              throw errorpivot, name
+            end
+          end
+        end
+
         # If the current requirement is a root level gem and we have conflicts, we
         # can figure out the best spot to backtrack to.
         if current.required_by.empty? && !conflicts.empty?

data/lib/bundler/rubygems_ext.rb

@@ -133,15 +133,16 @@ module Gem
   end
 
   class Platform
-    JAVA  = Gem::Platform.new('java')
-    MSWIN = Gem::Platform.new('mswin32')
-    MINGW = Gem::Platform.new('x86-mingw32')
+    JAVA  = Gem::Platform.new('java') unless defined?(JAVA)
+    MSWIN = Gem::Platform.new('mswin32') unless defined?(MSWIN)
+    MINGW = Gem::Platform.new('x86-mingw32') unless defined?(MINGW)
 
     undef_method :hash if method_defined? :hash
     def hash
       @cpu.hash ^ @os.hash ^ @version.hash
     end
 
+    undef_method :eql? if method_defined? :eql?
     alias eql? ==
   end
 end

data/lib/bundler/rubygems_integration.rb

@@ -1,4 +1,7 @@
 require 'rubygems'
+# rubygems master requires UI for ConfigFile but doesn't require it
+require 'rubygems/user_interaction'
+require 'rubygems/config_file'
 
 module Bundler
   class RubygemsIntegration
@@ -98,21 +101,22 @@ module Bundler
     end
 
     def fetch_specs(all, pre, &blk)
-      Gem::SpecFetcher.new.list(all, pre).each(&blk)
+      specs = Gem::SpecFetcher.new.list(all, pre)
+      specs.each { yield } if block_given?
+      specs
+    end
+
+    def fetch_prerelease_specs
+      fetch_specs(false, true)
+    rescue Gem::RemoteFetcher::FetchError
+      [] # if we can't download them, there aren't any
     end
 
     def fetch_all_remote_specs
-      spec_list = Hash.new { |h,k| h[k] = [] }
-      begin
-        # Fetch all specs, minus prerelease specs
-        spec_list = Gem::SpecFetcher.new.list(true, false)
-        # Then fetch the prerelease specs
-        begin
-          Gem::SpecFetcher.new.list(false, true).each {|k, v| spec_list[k] += v }
-        rescue Gem::RemoteFetcher::FetchError
-          # ignore if we can't fetch the prerelease specs
-        end
-      end
+      # Fetch all specs, minus prerelease specs
+      spec_list = fetch_specs(true, false)
+      # Then fetch the prerelease specs
+      fetch_prerelease_specs.each {|k, v| spec_list[k] += v }
 
       return spec_list
     end
@@ -127,11 +131,26 @@ module Bundler
       end
     end
 
-    def spec_from_gem(path)
+    def gem_from_path(path, policy = nil)
       require 'rubygems/format'
-      Gem::Format.from_file_by_path(path).spec
+      Gem::Format.from_file_by_path(path, policy)
+    end
+
+    def spec_from_gem(path, policy = nil)
+      require 'rubygems/security'
+      gem_from_path(path, Gem::Security::Policies[policy]).spec
     rescue Gem::Package::FormatError
-      raise Bundler::GemspecError, "Could not read gem at #{path}. It may be corrupted."
+      raise GemspecError, "Could not read gem at #{path}. It may be corrupted."
+    rescue Exception, Gem::Exception, Gem::Security::Exception => e
+      if e.is_a?(Gem::Security::Exception) ||
+          e.message =~ /unknown trust policy|unsigned gem/i ||
+          e.message =~ /couldn't verify (meta)?data signature/i
+        raise SecurityError,
+          "The gem #{File.basename(path, '.gem')} can't be installed because " \
+          "the security policy didn't allow it, with the message: #{e.message}"
+      else
+        raise e
+      end
     end
 
     def build(spec)
@@ -440,10 +459,10 @@ module Bundler
         hash
       end
 
-      def spec_from_gem(path)
-        Gem::Package.new(path).spec
-      rescue Gem::Package::FormatError
-        raise Bundler::GemspecError, "Could not read gem at #{path}. It may be corrupted."
+      def gem_from_path(path, policy = nil)
+        p = Gem::Package.new(path)
+        p.security_policy = policy if policy
+        return p
       end
 
       def build(spec)

data/lib/bundler/runtime.rb

@@ -5,6 +5,8 @@ module Bundler
     include SharedHelpers
 
     def setup(*groups)
+      groups.map! { |g| g.to_sym }
+
       # Has to happen first
       clean_load_path
 
@@ -78,7 +80,7 @@ module Bundler
             rescue LoadError
               REGEXPS.find { |r| r =~ e.message }
               regex_name = $1
-              raise if dep.autorequire || (regex_name && regex_name.gsub('-', '/') != namespaced_file)
+              raise e if dep.autorequire || (regex_name && regex_name.gsub('-', '/') != namespaced_file)
               raise e if regex_name.nil?
             end
           end
@@ -218,8 +220,12 @@ module Bundler
       # Set RUBYOPT
       rubyopt = [ENV["RUBYOPT"]].compact
       if rubyopt.empty? || rubyopt.first !~ /-rbundler\/setup/
-        rubyopt.unshift "-rbundler/setup"
-        rubyopt.unshift "-I#{File.expand_path('../..', __FILE__)}"
+        rubyopt.unshift %|-rbundler/setup|
+        if Bundler::WINDOWS
+          rubyopt.unshift %|"-I#{File.expand_path('../..', __FILE__)}"|
+        else
+          rubyopt.unshift %|-I#{File.expand_path('../..', __FILE__)}|
+        end
         ENV["RUBYOPT"] = rubyopt.join(' ')
       end
     end

data/lib/bundler/source/git.rb

@@ -27,8 +27,7 @@ module Bundler
         @name       = options["name"]
         @version    = options["version"]
 
-        @update     = false
-        @installed  = nil
+        @copied     = false
         @local      = false
       end
 
@@ -140,10 +139,11 @@ module Bundler
           set_local!(app_cache_path)
         end
 
-        if requires_checkout? && !@update
+        if requires_checkout? && !@copied
           git_proxy.checkout
           git_proxy.copy_to(install_path, submodules)
-          @update = true
+          serialize_gemspecs_in(install_path)
+          @copied = true
         end
 
         local_specs
@@ -151,10 +151,11 @@ module Bundler
 
       def install(spec)
         Bundler.ui.info "Using #{spec.name} (#{spec.version}) from #{to_s} "
-        if requires_checkout? && !@installed
+        if requires_checkout? && !@copied
           Bundler.ui.debug "  * Checking out revision: #{ref}"
           git_proxy.copy_to(install_path, submodules)
-          @installed = true
+          serialize_gemspecs_in(install_path)
+          @copied = true
         end
         generate_bin(spec)
       end
@@ -166,11 +167,7 @@ module Bundler
         FileUtils.rm_rf(app_cache_path)
         git_proxy.checkout if requires_checkout?
         git_proxy.copy_to(app_cache_path, @submodules)
-        # Evaluate gemspecs and cache the result. Gemspecs
-        # in git might require git or other dependencies.
-        # The gemspecs we cache should already be evaluated.
-        spec_path = app_cache_path.join(File.basename(spec.loaded_from))
-        File.open(spec_path, 'wb') {|file| file.print spec.to_ruby }
+        serialize_gemspecs_in(app_cache_path)
       end
 
       def load_spec_files
@@ -201,6 +198,18 @@ module Bundler
 
     private
 
+      def serialize_gemspecs_in(destination)
+        expanded_path = destination.expand_path(Bundler.root)
+        Dir["#{expanded_path}/#{@glob}"].each do |spec_path|
+          # Evaluate gemspecs and cache the result. Gemspecs
+          # in git might require git or other dependencies.
+          # The gemspecs we cache should already be evaluated.
+          spec = Bundler.load_gemspec(spec_path)
+          next unless spec
+          File.open(spec_path, 'wb') {|file| file.write(spec.to_ruby) }
+        end
+      end
+
       def set_local!(path)
         @local       = true
         @local_specs = @git_proxy = nil
@@ -261,7 +270,6 @@ module Bundler
 
       def git_proxy
         @git_proxy ||= GitProxy.new(cache_path, uri, ref, cached_revision){ allow_git_ops? }
-
       end
 
     end

data/lib/bundler/source/git/git_proxy.rb

@@ -137,6 +137,7 @@ module Bundler
             raise GitError, "The git source #{uri} is not yet checked out. Please run `bundle install` before trying to start your application"
           end
         end
+
       end
 
     end

data/lib/bundler/source/path/installer.rb

@@ -31,4 +31,4 @@ module Bundler
 
     end
   end
-end
+end

data/lib/bundler/source/rubygems.rb

@@ -6,7 +6,7 @@ module Bundler
   module Source
     # TODO: Refactor this class
     class Rubygems
-      FORCE_MODERN_INDEX_LIMIT = 100 # threshold for switching back to the modern index instead of fetching every spec
+      API_REQUEST_LIMIT = 100 # threshold for switching back to the modern index instead of fetching every spec
 
       attr_reader :remotes, :caches
       attr_accessor :dependency_names
@@ -216,41 +216,35 @@ module Bundler
 
       def remote_specs
         @remote_specs ||= begin
-          idx     = Index.new
-          old     = Bundler.rubygems.sources
+          old = Bundler.rubygems.sources
+          idx = Index.new
 
-          sources = {}
-          remotes.each do |uri|
-            fetcher          = Bundler::Fetcher.new(uri)
-            specs            = fetcher.specs(dependency_names, self)
-            sources[fetcher] = specs.size
+          fetchers       = remotes.map { |uri| Bundler::Fetcher.new(uri) }
+          api_fetchers   = fetchers.select { |f| f.use_api }
+          index_fetchers = fetchers - api_fetchers
 
-            idx.use specs
-          end
+          # gather lists from non-api sites
+          index_fetchers.each { |f| idx.use f.specs(nil, self) }
+          return idx if api_fetchers.empty?
+
+          # because ensuring we have all the gems we need involves downloading
+          # the gemspecs of those gems, if the non-api sites contain more than
+          # about 100 gems, we just treat all sites as non-api for speed.
+          if idx.size < API_REQUEST_LIMIT && dependency_names.size < API_REQUEST_LIMIT
+            api_fetchers.each { |f| idx.use f.specs(dependency_names, self) }
 
-          # don't need to fetch all specifications for every gem/version on
-          # the rubygems repo if there's no api endpoints to search over
-          # or it has too many specs to fetch
-          fetchers              = sources.keys
-          api_fetchers          = fetchers.select {|fetcher| fetcher.has_api }
-          modern_index_fetchers = fetchers - api_fetchers
-          if api_fetchers.any? && modern_index_fetchers.all? {|fetcher| sources[fetcher] < FORCE_MODERN_INDEX_LIMIT }
-            # this will fetch all the specifications on the rubygems repo
-            unmet_dependency_names = idx.unmet_dependency_names
-            unmet_dependency_names -= ['bundler'] # bundler will always be unmet
-
-            Bundler.ui.debug "Unmet Dependencies: #{unmet_dependency_names}"
-            if unmet_dependency_names.any?
-              api_fetchers.each do |fetcher|
-                idx.use fetcher.specs(unmet_dependency_names, self)
-              end
-            end
+            # it's possible that gems from one source depend on gems from some
+            # other source, so now we download gemspecs and iterate over those
+            # dependencies, looking for gems we don't have info on yet.
+            unmet = idx.unmet_dependency_names
+
+            # if there are any cross-site gems we missed, get them now
+            api_fetchers.each { |f| idx.use f.specs(unmet, self) } if unmet.any?
           else
-            Bundler::Fetcher.disable_endpoint = true
-            api_fetchers.each {|fetcher| idx.use fetcher.specs([], self) }
+            api_fetchers.each { |f| idx.use f.specs(nil, self) }
           end
 
-          idx
+          return idx
         ensure
           Bundler.rubygems.sources = old
         end
@@ -258,4 +252,4 @@ module Bundler
     end
 
   end
-end
+end

data/lib/bundler/templates/newgem/.travis.yml.tt

@@ -0,0 +1,3 @@
+language: ruby
+rvm:
+  - <%= RUBY_VERSION %>

data/lib/bundler/templates/newgem/LICENSE.txt.tt

@@ -19,4 +19,4 @@ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/lib/bundler/templates/newgem/newgem.gemspec.tt

@@ -1,25 +1,26 @@
-# -*- encoding: utf-8 -*-
+# coding: utf-8
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require '<%=config[:namespaced_path]%>/version'
 
-Gem::Specification.new do |gem|
-  gem.name          = <%=config[:name].inspect%>
-  gem.version       = <%=config[:constant_name]%>::VERSION
-  gem.authors       = [<%=config[:author].inspect%>]
-  gem.email         = [<%=config[:email].inspect%>]
-  gem.description   = %q{TODO: Write a gem description}
-  gem.summary       = %q{TODO: Write a gem summary}
-  gem.homepage      = ""
-  gem.license       = "MIT"
+Gem::Specification.new do |spec|
+  spec.name          = <%=config[:name].inspect%>
+  spec.version       = <%=config[:constant_name]%>::VERSION
+  spec.authors       = [<%=config[:author].inspect%>]
+  spec.email         = [<%=config[:email].inspect%>]
+  spec.description   = %q{TODO: Write a gem description}
+  spec.summary       = %q{TODO: Write a gem summary}
+  spec.homepage      = ""
+  spec.license       = "MIT"
 
-  gem.files         = `git ls-files`.split($/)
-  gem.executables   = gem.files.grep(%r{^bin/}) { |f| File.basename(f) }
-  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
-  gem.require_paths = ["lib"]
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
 
-  gem.add_development_dependency "rake"
+  spec.add_development_dependency "bundler", "~> <%= Bundler::VERSION.split(".")[0..1].join(".") %>"
+  spec.add_development_dependency "rake"
 <% if config[:test] -%>
-  gem.add_development_dependency "<%=config[:test]%>"
+  spec.add_development_dependency "<%=config[:test]%>"
 <% end -%>
 end