bundler 2.1.4 → 2.2.33

data/lib/bundler/friendly_errors.rb

@@ -4,7 +4,19 @@ require_relative "vendored_thor"
 
 module Bundler
   module FriendlyErrors
-  module_function
+    module_function
+
+    def enable!
+      @disabled = false
+    end
+
+    def disabled?
+      @disabled
+    end
+
+    def disable!
+      @disabled = true
+    end
 
     def log_error(error)
       case error
@@ -23,13 +35,7 @@ module Bundler
         Bundler.ui.error error.message
       when LoadError
         raise error unless error.message =~ /cannot load such file -- openssl|openssl.so|libcrypto.so/
-        Bundler.ui.error "\nCould not load OpenSSL."
-        Bundler.ui.warn <<-WARN, :wrap => true
-          You must recompile Ruby with OpenSSL support or change the sources in your \
-          Gemfile from 'https' to 'http'. Instructions for compiling with OpenSSL \
-          using RVM are available at https://rvm.io/packages/openssl.
-        WARN
-        Bundler.ui.trace error
+        Bundler.ui.error "\nCould not load OpenSSL. #{error.class}: #{error}\n#{error.backtrace.join("\n  ")}"
       when Interrupt
         Bundler.ui.error "\nQuitting..."
         Bundler.ui.trace error
@@ -43,8 +49,6 @@ module Bundler
           "Alternatively, you can increase the amount of memory the JVM is able to use by running Bundler with jruby -J-Xmx1024m -S bundle (JRuby defaults to 500MB)."
       else request_issue_report_for(error)
       end
-    rescue StandardError
-      raise error
     end
 
     def exit_status(error)
@@ -57,36 +61,8 @@ module Bundler
     end
 
     def request_issue_report_for(e)
-      Bundler.ui.info <<-EOS.gsub(/^ {8}/, "")
+      Bundler.ui.error <<-EOS.gsub(/^ {8}/, ""), nil, nil
         --- ERROR REPORT TEMPLATE -------------------------------------------------------
-        # Error Report
-
-        ## Questions
-
-        Please fill out answers to these questions, it'll help us figure out
-        why things are going wrong.
-
-        - **What did you do?**
-
-          I ran the command `#{$PROGRAM_NAME} #{ARGV.join(" ")}`
-
-        - **What did you expect to happen?**
-
-          I expected Bundler to...
-
-        - **What happened instead?**
-
-          Instead, what happened was...
-
-        - **Have you tried any solutions posted on similar issues in our issue tracker, stack overflow, or google?**
-
-          I tried...
-
-        - **Have you read our issues document, https://github.com/bundler/bundler/blob/master/doc/contributing/ISSUES.md?**
-
-          ...
-
-        ## Backtrace
 
         ```
         #{e.class}: #{e.message}
@@ -100,13 +76,12 @@ module Bundler
 
       Bundler.ui.error "Unfortunately, an unexpected error occurred, and Bundler cannot continue."
 
-      Bundler.ui.warn <<-EOS.gsub(/^ {8}/, "")
+      Bundler.ui.error <<-EOS.gsub(/^ {8}/, ""), nil, :yellow
 
         First, try this link to see if there are any existing issue reports for this error:
         #{issues_url(e)}
 
-        If there aren't any reports for this error yet, please create copy and paste the report template above into a new issue. Don't forget to anonymize any private data! The new issue form is located at:
-        https://github.com/bundler/bundler/issues/new
+        If there aren't any reports for this error yet, please fill in the new issue form located at #{new_issue_url}, and copy and paste the report template above in there.
       EOS
     end
 
@@ -114,16 +89,23 @@ module Bundler
       message = exception.message.lines.first.tr(":", " ").chomp
       message = message.split("-").first if exception.is_a?(Errno)
       require "cgi"
-      "https://github.com/bundler/bundler/search?q=" \
+      "https://github.com/rubygems/rubygems/search?q=" \
         "#{CGI.escape(message)}&type=Issues"
     end
+
+    def new_issue_url
+      "https://github.com/rubygems/rubygems/issues/new?labels=Bundler&template=bundler-related-issue.md"
+    end
   end
 
   def self.with_friendly_errors
+    FriendlyErrors.enable!
     yield
   rescue SignalException
     raise
   rescue Exception => e # rubocop:disable Lint/RescueException
+    raise if FriendlyErrors.disabled?
+
     FriendlyErrors.log_error(e)
     exit FriendlyErrors.exit_status(e)
   end

data/lib/bundler/gem_helper.rb

@@ -15,6 +15,10 @@ module Bundler
         new(opts[:dir], opts[:name]).install
       end
 
+      def tag_prefix=(prefix)
+        instance.tag_prefix = prefix
+      end
+
       def gemspec(&block)
         gemspec = instance.gemspec
         block.call(gemspec) if block
@@ -24,12 +28,15 @@ module Bundler
 
     attr_reader :spec_path, :base, :gemspec
 
+    attr_writer :tag_prefix
+
     def initialize(base = nil, name = nil)
-      @base = (base ||= SharedHelpers.pwd)
-      gemspecs = name ? [File.join(base, "#{name}.gemspec")] : Dir[File.join(base, "{,*}.gemspec")]
+      @base = File.expand_path(base || SharedHelpers.pwd)
+      gemspecs = name ? [File.join(@base, "#{name}.gemspec")] : Gem::Util.glob_files_in_dir("{,*}.gemspec", @base)
       raise "Unable to determine name from existing gemspec. Use :name => 'gemname' in #install_tasks to manually set it." unless gemspecs.size == 1
       @spec_path = gemspecs.first
       @gemspec = Bundler.load_gemspec(@spec_path)
+      @tag_prefix = ""
     end
 
     def install
@@ -40,6 +47,11 @@ module Bundler
         built_gem_path = build_gem
       end
 
+      desc "Generate SHA512 checksum if #{name}-#{version}.gem into the checksums directory."
+      task "build:checksum" => "build" do
+        build_checksum(built_gem_path)
+      end
+
       desc "Build and install #{name}-#{version}.gem into system gems."
       task "install" => "build" do
         install_gem(built_gem_path)
@@ -64,7 +76,7 @@ module Bundler
         tag_version { git_push(args[:remote]) } unless already_tagged?
       end
 
-      task "release:rubygem_push" do
+      task "release:rubygem_push" => "build" do
         rubygem_push(built_gem_path) if gem_push?
       end
 
@@ -73,7 +85,7 @@ module Bundler
 
     def build_gem
       file_name = nil
-      sh("#{gem_command} build -V #{spec_path.shellescape}".shellsplit) do
+      sh([*gem_command, "build", "-V", spec_path]) do
         file_name = File.basename(built_gem_path)
         SharedHelpers.filesystem_access(File.join(base, "pkg")) {|p| FileUtils.mkdir_p(p) }
         FileUtils.mv(built_gem_path, "pkg")
@@ -84,36 +96,54 @@ module Bundler
 
     def install_gem(built_gem_path = nil, local = false)
       built_gem_path ||= build_gem
-      cmd = "#{gem_command} install #{built_gem_path}"
-      cmd += " --local" if local
-      _, status = sh_with_status(cmd.shellsplit)
-      unless status.success?
-        raise "Couldn't install gem, run `gem install #{built_gem_path}' for more detailed output"
-      end
+      cmd = [*gem_command, "install", built_gem_path.to_s]
+      cmd << "--local" if local
+      sh(cmd)
       Bundler.ui.confirm "#{name} (#{version}) installed."
     end
 
-  protected
+    def build_checksum(built_gem_path = nil)
+      built_gem_path ||= build_gem
+      SharedHelpers.filesystem_access(File.join(base, "checksums")) {|p| FileUtils.mkdir_p(p) }
+      file_name = "#{File.basename(built_gem_path)}.sha512"
+      require "digest/sha2"
+      checksum = ::Digest::SHA512.new.hexdigest(built_gem_path.to_s)
+      target = File.join(base, "checksums", file_name)
+      File.write(target, checksum)
+      Bundler.ui.confirm "#{name} #{version} checksum written to checksums/#{file_name}."
+    end
+
+    protected
 
     def rubygem_push(path)
-      cmd = %W[#{gem_command} push #{path}]
+      cmd = [*gem_command, "push", path]
       cmd << "--key" << gem_key if gem_key
       cmd << "--host" << allowed_push_host if allowed_push_host
-      unless allowed_push_host || Bundler.user_home.join(".gem/credentials").file?
-        raise "Your rubygems.org credentials aren't set. Run `gem push` to set them."
-      end
       sh_with_input(cmd)
       Bundler.ui.confirm "Pushed #{name} #{version} to #{gem_push_host}"
     end
 
     def built_gem_path
-      Dir[File.join(base, "#{name}-*.gem")].sort_by {|f| File.mtime(f) }.last
+      Gem::Util.glob_files_in_dir("#{name}-*.gem", base).sort_by {|f| File.mtime(f) }.last
     end
 
-    def git_push(remote = "")
-      perform_git_push remote
-      perform_git_push "#{remote} --tags"
-      Bundler.ui.confirm "Pushed git commits and tags."
+    def git_push(remote = nil)
+      remote ||= default_remote
+      sh("git push #{remote} refs/heads/#{current_branch}".shellsplit)
+      sh("git push #{remote} refs/tags/#{version_tag}".shellsplit)
+      Bundler.ui.confirm "Pushed git commits and release tag."
+    end
+
+    def default_remote
+      remote_for_branch, status = sh_with_status(%W[git config --get branch.#{current_branch}.remote])
+      return "origin" unless status.success?
+
+      remote_for_branch.strip
+    end
+
+    def current_branch
+      # We can replace this with `git branch --show-current` once we drop support for git < 2.22.0
+      sh(%w[git rev-parse --abbrev-ref HEAD]).gsub(%r{\Aheads/}, "").strip
     end
 
     def allowed_push_host
@@ -128,13 +158,6 @@ module Bundler
       allowed_push_host || env_rubygems_host || "rubygems.org"
     end
 
-    def perform_git_push(options = "")
-      cmd = "git push #{options}"
-      out, status = sh_with_status(cmd.shellsplit)
-      return if status.success?
-      raise "Couldn't git push. `#{cmd}' failed with the following output:\n\n#{out}\n"
-    end
-
     def already_tagged?
       return false unless sh(%w[git tag]).split(/\n/).include?(version_tag)
       Bundler.ui.confirm "Tag #{version_tag} has already been created."
@@ -168,7 +191,7 @@ module Bundler
     end
 
     def version_tag
-      "v#{version}"
+      "#{@tag_prefix}v#{version}"
     end
 
     def name
@@ -185,8 +208,7 @@ module Bundler
     def sh(cmd, &block)
       out, status = sh_with_status(cmd, &block)
       unless status.success?
-        cmd = cmd.shelljoin if cmd.respond_to?(:shelljoin)
-        raise(out.empty? ? "Running `#{cmd}` failed. Run this command directly for more detailed output." : out)
+        raise("Running `#{cmd.shelljoin}` failed with the following output:\n\n#{out}\n")
       end
       out
     end
@@ -210,7 +232,7 @@ module Bundler
     end
 
     def gem_command
-      ENV["GEM_COMMAND"] ? ENV["GEM_COMMAND"] : "gem"
+      ENV["GEM_COMMAND"]&.shellsplit || ["gem"]
     end
   end
 end

data/lib/bundler/gem_helpers.rb

@@ -24,47 +24,44 @@ module Bundler
     module_function :generic
 
     def generic_local_platform
-      generic(Bundler.local_platform)
+      generic(local_platform)
     end
     module_function :generic_local_platform
 
+    def local_platform
+      Bundler.local_platform
+    end
+    module_function :local_platform
+
     def platform_specificity_match(spec_platform, user_platform)
       spec_platform = Gem::Platform.new(spec_platform)
-      return PlatformMatch::EXACT_MATCH if spec_platform == user_platform
-      return PlatformMatch::WORST_MATCH if spec_platform.nil? || spec_platform == Gem::Platform::RUBY || user_platform == Gem::Platform::RUBY
-
-      PlatformMatch.new(
-        PlatformMatch.os_match(spec_platform, user_platform),
-        PlatformMatch.cpu_match(spec_platform, user_platform),
-        PlatformMatch.platform_version_match(spec_platform, user_platform)
-      )
+
+      PlatformMatch.specificity_score(spec_platform, user_platform)
     end
     module_function :platform_specificity_match
 
     def select_best_platform_match(specs, platform)
-      specs.select {|spec| spec.match_platform(platform) }.
-        min_by {|spec| platform_specificity_match(spec.platform, platform) }
+      matching = specs.select {|spec| spec.match_platform(platform) }
+      exact = matching.select {|spec| spec.platform == platform }
+      return exact if exact.any?
+
+      sorted_matching = matching.sort_by {|spec| platform_specificity_match(spec.platform, platform) }
+      exemplary_spec = sorted_matching.first
+
+      sorted_matching.take_while{|spec| same_specificity(platform, spec, exemplary_spec) && same_deps(spec, exemplary_spec) }
     end
     module_function :select_best_platform_match
 
-    PlatformMatch = Struct.new(:os_match, :cpu_match, :platform_version_match)
     class PlatformMatch
-      def <=>(other)
-        return nil unless other.is_a?(PlatformMatch)
-
-        m = os_match <=> other.os_match
-        return m unless m.zero?
-
-        m = cpu_match <=> other.cpu_match
-        return m unless m.zero?
+      def self.specificity_score(spec_platform, user_platform)
+        return -1 if spec_platform == user_platform
+        return 1_000_000 if spec_platform.nil? || spec_platform == Gem::Platform::RUBY || user_platform == Gem::Platform::RUBY
 
-        m = platform_version_match <=> other.platform_version_match
-        m
+        os_match(spec_platform, user_platform) +
+          cpu_match(spec_platform, user_platform) * 10 +
+          platform_version_match(spec_platform, user_platform) * 100
       end
 
-      EXACT_MATCH = new(-1, -1, -1).freeze
-      WORST_MATCH = new(1_000_000, 1_000_000, 1_000_000).freeze
-
       def self.os_match(spec_platform, user_platform)
         if spec_platform.os == user_platform.os
           0
@@ -95,5 +92,19 @@ module Bundler
         end
       end
     end
+
+    def same_specificity(platform, spec, exemplary_spec)
+      platform_specificity_match(spec.platform, platform) == platform_specificity_match(exemplary_spec.platform, platform)
+    end
+    module_function :same_specificity
+
+    def same_deps(spec, exemplary_spec)
+      same_runtime_deps = spec.dependencies.sort == exemplary_spec.dependencies.sort
+      return same_runtime_deps unless spec.is_a?(Gem::Specification) && exemplary_spec.is_a?(Gem::Specification)
+
+      same_metadata_deps = spec.required_ruby_version == exemplary_spec.required_ruby_version && spec.required_rubygems_version == exemplary_spec.required_rubygems_version
+      same_runtime_deps && same_metadata_deps
+    end
+    module_function :same_deps
   end
 end

data/lib/bundler/gem_version_promoter.rb

@@ -7,7 +7,7 @@ module Bundler
   # available dependency versions as found in its index, before returning it to
   # to the resolution engine to select the best version.
   class GemVersionPromoter
-    DEBUG = ENV["DEBUG_RESOLVER"]
+    DEBUG = ENV["BUNDLER_DEBUG_RESOLVER"] || ENV["DEBUG_RESOLVER"]
 
     attr_reader :level, :locked_specs, :unlock_gems
 
@@ -81,8 +81,8 @@ module Bundler
           sort_dep_specs(spec_groups, locked_spec)
         end.tap do |specs|
           if DEBUG
-            warn before_result
-            warn " after sort_versions: #{debug_format_result(dep, specs).inspect}"
+            puts before_result
+            puts " after sort_versions: #{debug_format_result(dep, specs).inspect}"
           end
         end
       end
@@ -98,7 +98,7 @@ module Bundler
       level == :minor
     end
 
-  private
+    private
 
     def filter_dep_specs(spec_groups, locked_spec)
       res = spec_groups.select do |spec_group|

data/lib/bundler/graph.rb

@@ -27,7 +27,7 @@ module Bundler
       GraphVizClient.new(self).run
     end
 
-  private
+    private
 
     def _populate_relations
       parent_dependencies = _groups.values.to_set.flatten

data/lib/bundler/index.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "set"
-
 module Bundler
   class Index
     include Enumerable
@@ -65,11 +63,14 @@ module Bundler
     def unsorted_search(query, base)
       results = local_search(query, base)
 
-      seen = results.map(&:full_name).to_set unless @sources.empty?
+      seen = results.map(&:full_name).uniq unless @sources.empty?
 
       @sources.each do |source|
         source.unsorted_search(query, base).each do |spec|
-          results << spec if seen.add?(spec.full_name)
+          next if seen.include?(spec.full_name)
+
+          seen << spec.full_name
+          results << spec
         end
       end
 
@@ -121,10 +122,9 @@ module Bundler
       names
     end
 
-    # returns a list of the dependencies
     def unmet_dependency_names
       dependency_names.select do |name|
-        name != "bundler" && search(name).empty?
+        search(name).empty?
       end
     end
 
@@ -170,7 +170,7 @@ module Bundler
     def dependencies_eql?(spec, other_spec)
       deps       = spec.dependencies.select {|d| d.type != :development }
       other_deps = other_spec.dependencies.select {|d| d.type != :development }
-      Set.new(deps) == Set.new(other_deps)
+      deps.sort == other_deps.sort
     end
 
     def add_source(index)
@@ -179,7 +179,7 @@ module Bundler
       @sources.uniq! # need to use uniq! here instead of checking for the item before adding
     end
 
-  private
+    private
 
     def specs_by_name(name)
       @specs[name].values
@@ -195,7 +195,7 @@ module Bundler
           if base # allow all platforms when searching from a lockfile
             dependency.matches_spec?(spec)
           else
-            dependency.matches_spec?(spec) && Gem::Platform.match(spec.platform)
+            dependency.matches_spec?(spec) && Gem::Platform.match_spec?(spec)
           end
         end
 

data/lib/bundler/injector.rb

@@ -74,7 +74,7 @@ module Bundler
       end
     end
 
-  private
+    private
 
     def conservative_version(spec)
       version = spec.version
@@ -128,7 +128,7 @@ module Bundler
     # evaluates a gemfile to remove the specified gem
     # from it.
     def remove_deps(gemfile_path)
-      initial_gemfile = IO.readlines(gemfile_path)
+      initial_gemfile = File.readlines(gemfile_path)
 
       Bundler.ui.info "Removing gems from #{gemfile_path}"
 
@@ -179,11 +179,22 @@ module Bundler
     # @param [Pathname] gemfile_path The Gemfile from which to remove dependencies.
     def remove_gems_from_gemfile(gems, gemfile_path)
       patterns = /gem\s+(['"])#{Regexp.union(gems)}\1|gem\s*\((['"])#{Regexp.union(gems)}\2\)/
+      new_gemfile = []
+      multiline_removal = false
+      File.readlines(gemfile_path).each do |line|
+        match_data = line.match(patterns)
+        if match_data && is_not_within_comment?(line, match_data)
+          multiline_removal = line.rstrip.end_with?(",")
+          # skip lines which match the regex
+          next
+        end
 
-      # remove lines which match the regex
-      new_gemfile = IO.readlines(gemfile_path).reject {|line| line.match(patterns) }
+        # skip followup lines until line does not end with ','
+        new_gemfile << line unless multiline_removal
+        multiline_removal = line.rstrip.end_with?(",") if multiline_removal
+      end
 
-      # remove lone \n and append them with other strings
+      # remove line \n and append them with other strings
       new_gemfile.each_with_index do |_line, index|
         if new_gemfile[index + 1] == "\n"
           new_gemfile[index] += new_gemfile[index + 1]
@@ -196,6 +207,13 @@ module Bundler
       new_gemfile.join.chomp
     end
 
+    # @param [String] line          Individual line of gemfile content.
+    # @param [MatchData] match_data Data about Regex match.
+    def is_not_within_comment?(line, match_data)
+      match_start_index = match_data.offset(0).first
+      !line[0..match_start_index].include?("#")
+    end
+
     # @param [Array] gemfile       Array of gemfile contents.
     # @param [String] block_name   Name of block name to look for.
     def remove_nested_blocks(gemfile, block_name)

data/lib/bundler/inline.rb

@@ -50,15 +50,16 @@ def gemfile(install = false, options = {}, &gemfile)
     Bundler::Plugin.gemfile_install(&gemfile) if Bundler.feature_flag.plugins?
     builder = Bundler::Dsl.new
     builder.instance_eval(&gemfile)
+    builder.check_primary_source_safety
 
-    Bundler.settings.temporary(:frozen => false) do
+    Bundler.settings.temporary(:deployment => false, :frozen => false) do
       definition = builder.to_definition(nil, true)
       def definition.lock(*); end
       definition.validate_runtime!
 
       Bundler.ui = install ? ui : Bundler::UI::Silent.new
       if install || definition.missing_specs?
-        Bundler.settings.temporary(:inline => true, :disable_platform_warnings => true) do
+        Bundler.settings.temporary(:inline => true) do
           installer = Bundler::Installer.install(Bundler.root, definition, :system => true)
           installer.post_install_messages.each do |name, message|
             Bundler.ui.info "Post-install message from #{name}:\n#{message}"

data/lib/bundler/installer/gem_installer.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "shellwords"
-
 module Bundler
   class GemInstaller
     attr_reader :spec, :standalone, :worker, :force, :installer
@@ -19,46 +17,35 @@ module Bundler
       Bundler.ui.debug "#{worker}:  #{spec.name} (#{spec.version}) from #{spec.loaded_from}"
       generate_executable_stubs
       return true, post_install_message
-    rescue Bundler::InstallHookError, Bundler::SecurityError, APIResponseMismatchError
+    rescue Bundler::InstallHookError, Bundler::SecurityError, Bundler::APIResponseMismatchError
       raise
     rescue Errno::ENOSPC
       return false, out_of_space_message
-    rescue StandardError => e
+    rescue Bundler::BundlerError, Gem::InstallError, Bundler::APIResponseInvalidDependenciesError => e
       return false, specific_failure_message(e)
     end
 
-  private
+    private
 
     def specific_failure_message(e)
       message = "#{e.class}: #{e.message}\n"
-      message += "  " + e.backtrace.join("\n  ") + "\n\n" if Bundler.ui.debug?
+      message += "  " + e.backtrace.join("\n  ") + "\n\n"
       message = message.lines.first + Bundler.ui.add_color(message.lines.drop(1).join, :clear)
       message + Bundler.ui.add_color(failure_message, :red)
     end
 
     def failure_message
-      return install_error_message if spec.source.options["git"]
-      "#{install_error_message}\n#{gem_install_message}"
+      install_error_message
     end
 
     def install_error_message
       "An error occurred while installing #{spec.name} (#{spec.version}), and Bundler cannot continue."
     end
 
-    def gem_install_message
-      source = spec.source
-      return unless source.respond_to?(:remotes)
-
-      if source.remotes.size == 1
-        "Make sure that `gem install #{spec.name} -v '#{spec.version}' --source '#{source.remotes.first}'` succeeds before bundling."
-      else
-        "Make sure that `gem install #{spec.name} -v '#{spec.version}'` succeeds before bundling."
-      end
-    end
-
     def spec_settings
       # Fetch the build settings, if there are any
       if settings = Bundler.settings["build.#{spec.name}"]
+        require "shellwords"
         Shellwords.shellsplit(settings)
       end
     end