bundler 2.1.4 → 2.2.18

data/lib/bundler/source/git/git_proxy.rb

@@ -17,8 +17,8 @@ module Bundler
       class GitNotAllowedError < GitError
         def initialize(command)
           msg = String.new
-          msg << "Bundler is trying to run a `git #{command}` at runtime. You probably need to run `bundle install`. However, "
-          msg << "this error message could probably be more useful. Please submit a ticket at https://github.com/bundler/bundler/issues "
+          msg << "Bundler is trying to run `#{command}` at runtime. You probably need to run `bundle install`. However, "
+          msg << "this error message could probably be more useful. Please submit a ticket at https://github.com/rubygems/rubygems/issues/new?labels=Bundler&template=bundler-related-issue.md "
           msg << "with steps to reproduce as well as the following\n\nCALLER: #{caller.join("\n")}"
           super msg
         end
@@ -27,21 +27,21 @@ module Bundler
       class GitCommandError < GitError
         attr_reader :command
 
-        def initialize(command, path = nil, extra_info = nil)
+        def initialize(command, path, extra_info = nil)
           @command = command
 
           msg = String.new
-          msg << "Git error: command `git #{command}` in directory #{SharedHelpers.pwd} has failed."
+          msg << "Git error: command `#{command}` in directory #{path} has failed."
           msg << "\n#{extra_info}" if extra_info
-          msg << "\nIf this error persists you could try removing the cache directory '#{path}'" if path && path.exist?
+          msg << "\nIf this error persists you could try removing the cache directory '#{path}'" if path.exist?
           super msg
         end
       end
 
       class MissingGitRevisionError < GitCommandError
-        def initialize(command, path, ref, repo)
+        def initialize(command, destination_path, ref, repo)
           msg = "Revision #{ref} does not exist in the repository #{repo}. Maybe you misspelled it?"
-          super command, path, msg
+          super command, destination_path, msg
         end
       end
 
@@ -62,26 +62,18 @@ module Bundler
         end
 
         def revision
-          return @revision if @revision
-
-          begin
-            @revision ||= find_local_revision
-          rescue GitCommandError => e
-            raise MissingGitRevisionError.new(e.command, path, ref, URICredentialsFilter.credential_filtered_uri(uri))
-          end
-
-          @revision
+          @revision ||= find_local_revision
         end
 
         def branch
-          @branch ||= allowed_in_path do
-            git("rev-parse --abbrev-ref HEAD").strip
+          @branch ||= allowed_with_path do
+            git("rev-parse", "--abbrev-ref", "HEAD", :dir => path).strip
           end
         end
 
         def contains?(commit)
-          allowed_in_path do
-            result, status = git_null("branch --contains #{commit}")
+          allowed_with_path do
+            result, status = git_null("branch", "--contains", commit, :dir => path)
             status.success? && result =~ /^\* (.*)$/
           end
         end
@@ -96,20 +88,22 @@ module Bundler
 
         def checkout
           return if path.exist? && has_revision_cached?
-          extra_ref = "#{Shellwords.shellescape(ref)}:#{Shellwords.shellescape(ref)}" if ref && ref.start_with?("refs/")
+          extra_ref = "#{ref}:#{ref}" if ref && ref.start_with?("refs/")
 
           Bundler.ui.info "Fetching #{URICredentialsFilter.credential_filtered_uri(uri)}"
 
+          configured_uri = configured_uri_for(uri).to_s
+
           unless path.exist?
             SharedHelpers.filesystem_access(path.dirname) do |p|
               FileUtils.mkdir_p(p)
             end
-            git_retry %(clone #{uri_escaped_with_configured_credentials} "#{path}" --bare --no-hardlinks --quiet)
+            git_retry "clone", configured_uri, path.to_s, "--bare", "--no-hardlinks", "--quiet"
             return unless extra_ref
           end
 
-          in_path do
-            git_retry %(fetch --force --quiet --tags #{uri_escaped_with_configured_credentials} "refs/heads/*:refs/heads/*" #{extra_ref})
+          with_path do
+            git_retry(*["fetch", "--force", "--quiet", "--tags", configured_uri, "refs/heads/*:refs/heads/*", extra_ref].compact, :dir => path)
           end
         end
 
@@ -123,68 +117,69 @@ module Bundler
               SharedHelpers.filesystem_access(destination) do |p|
                 FileUtils.rm_rf(p)
               end
-              git_retry %(clone --no-checkout --quiet "#{path}" "#{destination}")
+              git_retry "clone", "--no-checkout", "--quiet", path.to_s, destination.to_s
               File.chmod(((File.stat(destination).mode | 0o777) & ~File.umask), destination)
             rescue Errno::EEXIST => e
-              file_path = e.message[%r{.*?(/.*)}, 1]
+              file_path = e.message[%r{.*?((?:[a-zA-Z]:)?/.*)}, 1]
               raise GitError, "Bundler could not install a gem because it needs to " \
                 "create a directory, but a file exists - #{file_path}. Please delete " \
                 "this file and try again."
             end
           end
           # method 2
-          SharedHelpers.chdir(destination) do
-            git_retry %(fetch --force --quiet --tags "#{path}")
+          git_retry "fetch", "--force", "--quiet", "--tags", path.to_s, :dir => destination
 
-            begin
-              git "reset --hard #{@revision}"
-            rescue GitCommandError => e
-              raise MissingGitRevisionError.new(e.command, path, @revision, URICredentialsFilter.credential_filtered_uri(uri))
-            end
+          begin
+            git "reset", "--hard", @revision, :dir => destination
+          rescue GitCommandError => e
+            raise MissingGitRevisionError.new(e.command, destination, @revision, URICredentialsFilter.credential_filtered_uri(uri))
+          end
 
-            if submodules
-              git_retry "submodule update --init --recursive"
-            elsif Gem::Version.create(version) >= Gem::Version.create("2.9.0")
-              git_retry "submodule deinit --all --force"
-            end
+          if submodules
+            git_retry "submodule", "update", "--init", "--recursive", :dir => destination
+          elsif Gem::Version.create(version) >= Gem::Version.create("2.9.0")
+            inner_command = "git -C $toplevel submodule deinit --force $sm_path"
+            git_retry "submodule", "foreach", "--quiet", inner_command, :dir => destination
           end
         end
 
-      private
+        private
 
-        def git_null(command)
-          command_with_no_credentials = URICredentialsFilter.credential_filtered_string(command, uri)
-          raise GitNotAllowedError.new(command_with_no_credentials) unless allow?
+        def git_null(*command, dir: nil)
+          check_allowed(command)
 
           out, status = SharedHelpers.with_clean_git_env do
-            capture_and_ignore_stderr("git #{command}")
+            capture_and_ignore_stderr(*capture3_args_for(command, dir))
           end
 
           [URICredentialsFilter.credential_filtered_string(out, uri), status]
         end
 
-        def git_retry(command)
-          Bundler::Retry.new("`git #{URICredentialsFilter.credential_filtered_string(command, uri)}`", GitNotAllowedError).attempts do
-            git(command)
+        def git_retry(*command, dir: nil)
+          command_with_no_credentials = check_allowed(command)
+
+          Bundler::Retry.new("`#{command_with_no_credentials}` at #{dir || SharedHelpers.pwd}").attempts do
+            git(*command, :dir => dir)
           end
         end
 
-        def git(command, check_errors = true, error_msg = nil)
-          command_with_no_credentials = URICredentialsFilter.credential_filtered_string(command, uri)
-          raise GitNotAllowedError.new(command_with_no_credentials) unless allow?
+        def git(*command, dir: nil)
+          command_with_no_credentials = check_allowed(command)
 
           out, status = SharedHelpers.with_clean_git_env do
-            capture_and_filter_stderr(uri, "git #{command}")
+            capture_and_filter_stderr(*capture3_args_for(command, dir))
           end
 
-          stdout_with_no_credentials = URICredentialsFilter.credential_filtered_string(out, uri)
-          raise GitCommandError.new(command_with_no_credentials, path, error_msg) if check_errors && !status.success?
-          stdout_with_no_credentials
+          filtered_out = URICredentialsFilter.credential_filtered_string(out, uri)
+
+          raise GitCommandError.new(command_with_no_credentials, dir || SharedHelpers.pwd, filtered_out) unless status.success?
+
+          filtered_out
         end
 
         def has_revision_cached?
           return unless @revision
-          in_path { git("cat-file -e #{@revision}") }
+          with_path { git("cat-file", "-e", @revision, :dir => path) }
           true
         rescue GitError
           false
@@ -195,23 +190,11 @@ module Bundler
         end
 
         def find_local_revision
-          allowed_in_path do
-            git("rev-parse --verify #{Shellwords.shellescape(ref)}", true).strip
-          end
-        end
-
-        # Escape the URI for git commands
-        def uri_escaped_with_configured_credentials
-          remote = configured_uri_for(uri)
-          if Bundler::WINDOWS
-            # Windows quoting requires double quotes only, with double quotes
-            # inside the string escaped by being doubled.
-            '"' + remote.gsub('"') { '""' } + '"'
-          else
-            # Bash requires single quoted strings, with the single quotes escaped
-            # by ending the string, escaping the quote, and restarting the string.
-            "'" + remote.gsub("'") { "'\\''" } + "'"
+          allowed_with_path do
+            git("rev-parse", "--verify", ref || "HEAD", :dir => path).strip
           end
+        rescue GitCommandError => e
+          raise MissingGitRevisionError.new(e.command, path, ref, URICredentialsFilter.credential_filtered_uri(uri))
         end
 
         # Adds credentials to the URI as Fetcher#configured_uri_for does
@@ -230,29 +213,48 @@ module Bundler
           @git ? @git.allow_git_ops? : true
         end
 
-        def in_path(&blk)
+        def with_path(&blk)
           checkout unless path.exist?
-          _ = URICredentialsFilter # load it before we chdir
-          SharedHelpers.chdir(path, &blk)
+          blk.call
         end
 
-        def allowed_in_path
-          return in_path { yield } if allow?
+        def allowed_with_path
+          return with_path { yield } if allow?
           raise GitError, "The git source #{uri} is not yet checked out. Please run `bundle install` before trying to start your application"
         end
 
-        def capture_and_filter_stderr(uri, cmd)
+        def check_allowed(command)
+          command_with_no_credentials = URICredentialsFilter.credential_filtered_string("git #{command.shelljoin}", uri)
+          raise GitNotAllowedError.new(command_with_no_credentials) unless allow?
+          command_with_no_credentials
+        end
+
+        def capture_and_filter_stderr(*cmd)
           require "open3"
-          return_value, captured_err, status = Open3.capture3(cmd)
-          Bundler.ui.warn URICredentialsFilter.credential_filtered_string(captured_err, uri) if uri && !captured_err.empty?
+          return_value, captured_err, status = Open3.capture3(*cmd)
+          Bundler.ui.warn URICredentialsFilter.credential_filtered_string(captured_err, uri) unless captured_err.empty?
           [return_value, status]
         end
 
-        def capture_and_ignore_stderr(cmd)
+        def capture_and_ignore_stderr(*cmd)
           require "open3"
-          return_value, _, status = Open3.capture3(cmd)
+          return_value, _, status = Open3.capture3(*cmd)
           [return_value, status]
         end
+
+        def capture3_args_for(cmd, dir)
+          return ["git", *cmd] unless dir
+
+          if Bundler.feature_flag.bundler_3_mode? || supports_minus_c?
+            ["git", "-C", dir.to_s, *cmd]
+          else
+            ["git", *cmd, { :chdir => dir.to_s }]
+          end
+        end
+
+        def supports_minus_c?
+          @supports_minus_c ||= Gem::Version.new(version) >= Gem::Version.new("1.8.5")
+        end
       end
     end
   end

data/lib/bundler/source/git.rb

@@ -22,7 +22,7 @@ module Bundler
         @uri        = options["uri"] || ""
         @safe_uri   = URICredentialsFilter.credential_filtered_uri(@uri)
         @branch     = options["branch"]
-        @ref        = options["ref"] || options["branch"] || options["tag"] || "master"
+        @ref        = options["ref"] || options["branch"] || options["tag"]
         @submodules = options["submodules"]
         @name       = options["name"]
         @version    = options["version"].to_s.strip.gsub("-", ".pre.")
@@ -60,25 +60,27 @@ module Bundler
       alias_method :==, :eql?
 
       def to_s
-        at = if local?
-          path
-        elsif user_ref = options["ref"]
-          if ref =~ /\A[a-z0-9]{4,}\z/i
-            shortref_for_display(user_ref)
+        begin
+          at = if local?
+            path
+          elsif user_ref = options["ref"]
+            if ref =~ /\A[a-z0-9]{4,}\z/i
+              shortref_for_display(user_ref)
+            else
+              user_ref
+            end
+          elsif ref
+            ref
           else
-            user_ref
+            git_proxy.branch
           end
-        else
-          ref
-        end
 
-        rev = begin
-                "@#{shortref_for_display(revision)}"
-              rescue GitError
-                nil
-              end
+          rev = " (at #{at}@#{shortref_for_display(revision)})"
+        rescue GitError
+          ""
+        end
 
-        "#{@safe_uri} (at #{at}#{rev})"
+        "#{@safe_uri}#{rev}"
       end
 
       def name
@@ -146,7 +148,7 @@ module Bundler
 
         changed = cached_revision && cached_revision != git_proxy.revision
 
-        if changed && !@unlocked && !git_proxy.contains?(cached_revision)
+        if !Bundler.settings[:disable_local_revision_check] && changed && !@unlocked && !git_proxy.contains?(cached_revision)
           raise GitError, "The Gemfile lock is pointing to revision #{shortref_for_display(cached_revision)} " \
             "but the current branch in your local override for #{name} does not contain such commit. " \
             "Please make sure your branch is up to date."
@@ -230,7 +232,11 @@ module Bundler
         @allow_remote || @allow_cached
       end
 
-    private
+      def local?
+        @local
+      end
+
+      private
 
       def serialize_gemspecs_in(destination)
         destination = destination.expand_path(Bundler.root) if destination.relative?
@@ -256,10 +262,6 @@ module Bundler
         cached_revision && super
       end
 
-      def local?
-        @local
-      end
-
       def requires_checkout?
         allow_git_ops? && !local? && !cached_revision_checked_out?
       end

data/lib/bundler/source/metadata.rb

@@ -33,10 +33,6 @@ module Bundler
         end
       end
 
-      def cached!; end
-
-      def remote!; end
-
       def options
         {}
       end

data/lib/bundler/source/path/installer.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require_relative "../../rubygems_gem_installer"
+
 module Bundler
   class Source
     class Path
@@ -26,23 +28,21 @@ module Bundler
         end
 
         def post_install
-          SharedHelpers.chdir(@gem_dir) do
-            run_hooks(:pre_install)
+          run_hooks(:pre_install)
 
-            unless @disable_extensions
-              build_extensions
-              run_hooks(:post_build)
-            end
+          unless @disable_extensions
+            build_extensions
+            run_hooks(:post_build)
+          end
 
-            generate_bin unless spec.executables.nil? || spec.executables.empty?
+          generate_bin unless spec.executables.empty?
 
-            run_hooks(:post_install)
-          end
+          run_hooks(:post_install)
         ensure
           Bundler.rm_rf(@tmp_dir) if Bundler.requires_sudo?
         end
 
-      private
+        private
 
         def generate_bin
           super

data/lib/bundler/source/path.rb

@@ -82,7 +82,9 @@ module Bundler
       end
 
       def install(spec, options = {})
-        print_using_message "Using #{version_message(spec)} from #{self}"
+        using_message = "Using #{version_message(spec)} from #{self}"
+        using_message += " and installing its executables" unless spec.executables.empty?
+        print_using_message using_message
         generate_bin(spec, :disable_extensions => true)
         nil # no post-install message
       end
@@ -125,14 +127,18 @@ module Bundler
         @expanded_original_path ||= expand(original_path)
       end
 
-    private
+      private
 
       def expanded_path
         @expanded_path ||= expand(path)
       end
 
       def expand(somepath)
-        somepath.expand_path(root_path)
+        if Bundler.current_ruby.jruby? # TODO: Unify when https://github.com/rubygems/bundler/issues/7598 fixed upstream and all supported jrubies include the fix
+          somepath.expand_path(root_path).expand_path
+        else
+          somepath.expand_path(root_path)
+        end
       rescue ArgumentError => e
         Bundler.ui.debug(e)
         raise PathError, "There was an error while trying to use the path " \
@@ -167,7 +173,7 @@ module Bundler
 
         if File.directory?(expanded_path)
           # We sort depth-first since `<<` will override the earlier-found specs
-          Dir["#{expanded_path}/#{@glob}"].sort_by {|p| -p.split(File::SEPARATOR).size }.each do |file|
+          Gem::Util.glob_files_in_dir(@glob, expanded_path).sort_by {|p| -p.split(File::SEPARATOR).size }.each do |file|
             next unless spec = load_gemspec(file)
             spec.source = self
 

data/lib/bundler/source/rubygems/remote.rb

@@ -39,7 +39,7 @@ module Bundler
           "rubygems remote at #{anonymized_uri}"
         end
 
-      private
+        private
 
         def apply_auth(uri, auth)
           if auth && uri.userinfo.nil?

data/lib/bundler/source/rubygems.rb

@@ -20,17 +20,29 @@ module Bundler
         @dependency_names = []
         @allow_remote = false
         @allow_cached = false
+        @allow_local = options["allow_local"] || false
         @caches = [cache_path, *Bundler.rubygems.gem_cache]
 
-        Array(options["remotes"] || []).reverse_each {|r| add_remote(r) }
+        Array(options["remotes"]).reverse_each {|r| add_remote(r) }
+      end
+
+      def local!
+        return if @allow_local
+
+        @specs = nil
+        @allow_local = true
       end
 
       def remote!
+        return if @allow_remote
+
         @specs = nil
         @allow_remote = true
       end
 
       def cached!
+        return if @allow_cached
+
         @specs = nil
         @allow_cached = true
       end
@@ -49,8 +61,12 @@ module Bundler
         o.is_a?(Rubygems) && (o.credless_remotes - credless_remotes).empty?
       end
 
+      def disable_multisource?
+        @remotes.size <= 1
+      end
+
       def can_lock?(spec)
-        return super if Bundler.feature_flag.disable_multisource?
+        return super if disable_multisource?
         spec.source.is_a?(Rubygems)
       end
 
@@ -87,7 +103,7 @@ module Bundler
           # small_idx.use large_idx.
           idx = @allow_remote ? remote_specs.dup : Index.new
           idx.use(cached_specs, :override_dupes) if @allow_cached || @allow_remote
-          idx.use(installed_specs, :override_dupes)
+          idx.use(installed_specs, :override_dupes) if @allow_local
           idx
         end
       end
@@ -145,20 +161,19 @@ module Bundler
 
           Bundler.mkdir_p bin_path, :no_sudo => true unless spec.executables.empty? || Bundler.rubygems.provides?(">= 2.7.5")
 
-          installed_spec = nil
-          Bundler.rubygems.preserve_paths do
-            installed_spec = Bundler::RubyGemsGemInstaller.at(
-              path,
-              :install_dir         => install_path.to_s,
-              :bin_dir             => bin_path.to_s,
-              :ignore_dependencies => true,
-              :wrappers            => true,
-              :env_shebang         => true,
-              :build_args          => opts[:build_args],
-              :bundler_expected_checksum => spec.respond_to?(:checksum) && spec.checksum,
-              :bundler_extension_cache_path => extension_cache_path(spec)
-            ).install
-          end
+          require_relative "../rubygems_gem_installer"
+
+          installed_spec = Bundler::RubyGemsGemInstaller.at(
+            path,
+            :install_dir         => install_path.to_s,
+            :bin_dir             => bin_path.to_s,
+            :ignore_dependencies => true,
+            :wrappers            => true,
+            :env_shebang         => true,
+            :build_args          => opts[:build_args],
+            :bundler_expected_checksum => spec.respond_to?(:checksum) && spec.checksum,
+            :bundler_extension_cache_path => extension_cache_path(spec)
+          ).install
           spec.full_gem_path = installed_spec.full_gem_path
 
           # SUDO HAX
@@ -244,8 +259,16 @@ module Bundler
         !equivalent
       end
 
+      def spec_names
+        if @allow_remote && dependency_api_available?
+          remote_specs.spec_names
+        else
+          []
+        end
+      end
+
       def unmet_deps
-        if @allow_remote && api_fetchers.any?
+        if @allow_remote && dependency_api_available?
           remote_specs.unmet_dependency_names
         else
           []
@@ -261,7 +284,7 @@ module Bundler
 
       def double_check_for(unmet_dependency_names)
         return unless @allow_remote
-        return unless api_fetchers.any?
+        return unless dependency_api_available?
 
         unmet_dependency_names = unmet_dependency_names.call
         unless unmet_dependency_names.nil?
@@ -283,18 +306,21 @@ module Bundler
         remote_specs.each do |spec|
           case spec
           when EndpointSpecification, Gem::Specification, StubSpecification, LazySpecification
-            names.concat(spec.runtime_dependencies)
+            names.concat(spec.runtime_dependencies.map(&:name))
           when RemoteSpecification # from the full index
             return nil
           else
             raise "unhandled spec type (#{spec.inspect})"
           end
         end
-        names.map!(&:name) if names
         names
       end
 
-    protected
+      def dependency_api_available?
+        api_fetchers.any?
+      end
+
+      protected
 
       def credless_remotes
         remotes.map(&method(:suppress_configured_credentials))
@@ -354,7 +380,6 @@ module Bundler
       def installed_specs
         @installed_specs ||= Index.build do |idx|
           Bundler.rubygems.all_specs.reverse_each do |spec|
-            next if spec.name == "bundler"
             spec.source = self
             if Bundler.rubygems.spec_missing_extensions?(spec, false)
               Bundler.ui.debug "Source #{self} is ignoring #{spec} because it is missing extensions"
@@ -367,7 +392,7 @@ module Bundler
 
       def cached_specs
         @cached_specs ||= begin
-          idx = installed_specs.dup
+          idx = @allow_local ? installed_specs.dup : Index.new
 
           Dir["#{cache_path}/*.gem"].each do |gemfile|
             next if gemfile =~ /^bundler\-[\d\.]+?\.gem/
@@ -409,11 +434,11 @@ module Bundler
       def fetch_names(fetchers, dependency_names, index, override_dupes)
         fetchers.each do |f|
           if dependency_names
-            Bundler.ui.info "Fetching gem metadata from #{f.uri}", Bundler.ui.debug?
+            Bundler.ui.info "Fetching gem metadata from #{URICredentialsFilter.credential_filtered_uri(f.uri)}", Bundler.ui.debug?
             index.use f.specs_with_retry(dependency_names, self), override_dupes
             Bundler.ui.info "" unless Bundler.ui.debug? # new line now that the dots are over
           else
-            Bundler.ui.info "Fetching source index from #{f.uri}"
+            Bundler.ui.info "Fetching source index from #{URICredentialsFilter.credential_filtered_uri(f.uri)}"
             index.use f.specs_with_retry(nil, self), override_dupes
           end
         end
@@ -468,7 +493,7 @@ module Bundler
         Bundler.app_cache
       end
 
-    private
+      private
 
       # Checks if the requested spec exists in the global cache. If it does,
       # we copy it to the download path, and if it does not, we download it.
@@ -490,8 +515,15 @@ module Bundler
           uri = spec.remote.uri
           Bundler.ui.confirm("Fetching #{version_message(spec)}")
           rubygems_local_path = Bundler.rubygems.download_gem(spec, uri, download_path)
+
+          # older rubygems return varying file:// variants depending on version
+          rubygems_local_path = rubygems_local_path.gsub(/\Afile:/, "") unless Bundler.rubygems.provides?(">= 3.2.0.rc.2")
+          rubygems_local_path = rubygems_local_path.gsub(%r{\A//}, "") if Bundler.rubygems.provides?("< 3.1.0")
+
           if rubygems_local_path != local_path
-            FileUtils.mv(rubygems_local_path, local_path)
+            SharedHelpers.filesystem_access(local_path) do
+              FileUtils.mv(rubygems_local_path, local_path)
+            end
           end
           cache_globally(spec, local_path)
         end