bundler 2.2.11 → 2.3.26

data/lib/bundler/runtime.rb

@@ -12,22 +12,16 @@ module Bundler
     def setup(*groups)
       @definition.ensure_equivalent_gemfile_and_lockfile if Bundler.frozen_bundle?
 
-      groups.map!(&:to_sym)
-
       # Has to happen first
       clean_load_path
 
-      specs = groups.any? ? @definition.specs_for(groups) : requested_specs
+      specs = @definition.specs_for(groups)
 
       SharedHelpers.set_bundle_environment
       Bundler.rubygems.replace_entrypoints(specs)
 
       # Activate the specs
       load_paths = specs.map do |spec|
-        unless spec.loaded_from
-          raise GemNotFound, "#{spec.full_name} is missing. Run `bundle install` to get it."
-        end
-
         check_for_activated_spec!(spec)
 
         Bundler.rubygems.mark_loaded(spec)
@@ -106,7 +100,7 @@ module Bundler
 
     alias_method :gems, :specs
 
-    def cache(custom_path = nil)
+    def cache(custom_path = nil, local = false)
       cache_path = Bundler.app_cache(custom_path)
       SharedHelpers.filesystem_access(cache_path) do |p|
         FileUtils.mkdir_p(p)
@@ -114,11 +108,23 @@ module Bundler
 
       Bundler.ui.info "Updating files in #{Bundler.settings.app_cache_path}"
 
-      specs_to_cache = Bundler.settings[:cache_all_platforms] ? @definition.resolve.materialized_for_all_platforms : specs
+      specs_to_cache = if Bundler.settings[:cache_all_platforms]
+        @definition.resolve.materialized_for_all_platforms
+      else
+        begin
+          specs
+        rescue GemNotFound
+          if local
+            Bundler.ui.warn "Some gems seem to be missing from your #{Bundler.settings.app_cache_path} directory."
+          end
+
+          raise
+        end
+      end
+
       specs_to_cache.each do |spec|
         next if spec.name == "bundler"
         next if spec.source.is_a?(Source::Gemspec)
-        spec.source.send(:fetch_gem, spec) if Bundler.settings[:cache_all_platforms] && spec.source.respond_to?(:fetch_gem, true)
         spec.source.cache(spec, custom_path) if spec.source.respond_to?(:cache)
       end
 
@@ -258,7 +264,7 @@ module Bundler
 
       return if manuals.empty?
       Bundler::SharedHelpers.set_env "MANPATH", manuals.concat(
-        ENV["MANPATH"].to_s.split(File::PATH_SEPARATOR)
+        ENV["MANPATH"] ? ENV["MANPATH"].to_s.split(File::PATH_SEPARATOR) : [""]
       ).uniq.join(File::PATH_SEPARATOR)
     end
 
@@ -284,7 +290,7 @@ module Bundler
       return unless activated_spec = Bundler.rubygems.loaded_specs(spec.name)
       return if activated_spec.version == spec.version
 
-      suggestion = if Bundler.rubygems.spec_default_gem?(activated_spec)
+      suggestion = if activated_spec.default_gem?
         "Since #{spec.name} is a default gem, you can either remove your dependency on it" \
         " or try updating to a newer version of bundler that supports #{spec.name} as a default gem."
       else

data/lib/bundler/self_manager.rb

@@ -0,0 +1,168 @@
+# frozen_string_literal: true
+
+module Bundler
+  #
+  # This class handles installing and switching to the version of bundler needed
+  # by an application.
+  #
+  class SelfManager
+    def restart_with_locked_bundler_if_needed
+      return unless needs_switching? && installed?
+
+      restart_with(lockfile_version)
+    end
+
+    def install_locked_bundler_and_restart_with_it_if_needed
+      return unless needs_switching?
+
+      Bundler.ui.info \
+        "Bundler #{current_version} is running, but your lockfile was generated with #{lockfile_version}. " \
+        "Installing Bundler #{lockfile_version} and restarting using that version."
+
+      install_and_restart_with(lockfile_version)
+    end
+
+    def update_bundler_and_restart_with_it_if_needed(target)
+      return unless autoswitching_applies?
+
+      spec = resolve_update_version_from(target)
+      return unless spec
+
+      version = spec.version
+
+      Bundler.ui.info "Updating bundler to #{version}."
+
+      install(spec)
+
+      restart_with(version)
+    end
+
+    private
+
+    def install_and_restart_with(version)
+      requirement = Gem::Requirement.new(version)
+      spec = find_latest_matching_spec(requirement)
+
+      if spec.nil?
+        Bundler.ui.warn "Your lockfile is locked to a version of bundler (#{lockfile_version}) that doesn't exist at https://rubygems.org/. Going on using #{current_version}"
+        return
+      end
+
+      install(spec)
+    rescue StandardError => e
+      Bundler.ui.trace e
+      Bundler.ui.warn "There was an error installing the locked bundler version (#{lockfile_version}), rerun with the `--verbose` flag for more details. Going on using bundler #{current_version}."
+    else
+      restart_with(version)
+    end
+
+    def install(spec)
+      spec.source.install(spec)
+    end
+
+    def restart_with(version)
+      configured_gem_home = ENV["GEM_HOME"]
+      configured_gem_path = ENV["GEM_PATH"]
+
+      cmd = [$PROGRAM_NAME, *ARGV]
+      cmd.unshift(Gem.ruby) unless File.executable?($PROGRAM_NAME)
+
+      Bundler.with_original_env do
+        Kernel.exec(
+          { "GEM_HOME" => configured_gem_home, "GEM_PATH" => configured_gem_path, "BUNDLER_VERSION" => version.to_s },
+          *cmd
+        )
+      end
+    end
+
+    def needs_switching?
+      autoswitching_applies? &&
+        released?(lockfile_version) &&
+        !running?(lockfile_version) &&
+        !updating?
+    end
+
+    def autoswitching_applies?
+      ENV["BUNDLER_VERSION"].nil? &&
+        Bundler.rubygems.supports_bundler_trampolining? &&
+        SharedHelpers.in_bundle? &&
+        lockfile_version
+    end
+
+    def resolve_update_version_from(target)
+      requirement = Gem::Requirement.new(target)
+      update_candidate = find_latest_matching_spec(requirement)
+
+      if update_candidate.nil?
+        raise InvalidOption, "The `bundle update --bundler` target version (#{target}) does not exist"
+      end
+
+      resolved_version = update_candidate.version
+      needs_update = requirement.specific? ? !running?(resolved_version) : running_older_than?(resolved_version)
+
+      return unless needs_update
+
+      update_candidate
+    end
+
+    def local_specs
+      @local_specs ||= Bundler::Source::Rubygems.new("allow_local" => true).specs.select {|spec| spec.name == "bundler" }
+    end
+
+    def remote_specs
+      @remote_specs ||= begin
+        source = Bundler::Source::Rubygems.new("remotes" => "https://rubygems.org")
+        source.remote!
+        source.add_dependency_names("bundler")
+        source.specs
+      end
+    end
+
+    def find_latest_matching_spec(requirement)
+      local_result = find_latest_matching_spec_from_collection(local_specs, requirement)
+      return local_result if local_result && requirement.specific?
+
+      remote_result = find_latest_matching_spec_from_collection(remote_specs, requirement)
+      return remote_result if local_result.nil?
+
+      [local_result, remote_result].max
+    end
+
+    def find_latest_matching_spec_from_collection(specs, requirement)
+      specs.sort.reverse_each.find {|spec| requirement.satisfied_by?(spec.version) }
+    end
+
+    def running?(version)
+      version == current_version
+    end
+
+    def running_older_than?(version)
+      current_version < version
+    end
+
+    def released?(version)
+      !version.to_s.end_with?(".dev")
+    end
+
+    def updating?
+      "update".start_with?(ARGV.first || " ") && ARGV[1..-1].any? {|a| a.start_with?("--bundler") }
+    end
+
+    def installed?
+      Bundler.configure
+
+      Bundler.rubygems.find_bundler(lockfile_version.to_s)
+    end
+
+    def current_version
+      @current_version ||= Gem::Version.new(Bundler::VERSION)
+    end
+
+    def lockfile_version
+      return @lockfile_version if defined?(@lockfile_version)
+
+      parsed_version = Bundler::LockfileParser.bundled_with
+      @lockfile_version = parsed_version ? Gem::Version.new(parsed_version) : nil
+    end
+  end
+end

data/lib/bundler/settings.rb

@@ -13,27 +13,28 @@ module Bundler
       auto_install
       cache_all
       cache_all_platforms
+      clean
       default_install_uses_path
       deployment
-      deployment_means_frozen
       disable_checksum_validation
       disable_exec_load
       disable_local_branch_check
       disable_local_revision_check
-      disable_multisource
       disable_shared_gems
       disable_version_check
       force_ruby_platform
       forget_cli_options
       frozen
+      gem.changelog
       gem.coc
       gem.mit
+      git.allow_insecure
       global_gem_cache
       ignore_messages
       init_gems_rb
+      inline
       no_install
       no_prune
-      only_update_to_newer_versions
       path_relative_to_cwd
       path.system
       plugins
@@ -43,9 +44,7 @@ module Bundler
       silence_deprecations
       silence_root_warning
       suppress_install_using_messages
-      unlock_source_unlocks_spec
       update_requires_all_flag
-      use_gem_version_promoter_for_major_updates
     ].freeze
 
     NUMBER_KEYS = %w[
@@ -57,10 +56,27 @@ module Bundler
     ].freeze
 
     ARRAY_KEYS = %w[
+      only
       with
       without
     ].freeze
 
+    STRING_KEYS = %w[
+      bin
+      cache_path
+      console
+      gem.ci
+      gem.github_username
+      gem.linter
+      gem.rubocop
+      gem.test
+      gemfile
+      path
+      shebang
+      system_bindir
+      trust-policy
+    ].freeze
+
     DEFAULT_CONFIG = {
       "BUNDLE_SILENCE_DEPRECATIONS" => false,
       "BUNDLE_DISABLE_VERSION_CHECK" => true,
@@ -126,8 +142,8 @@ module Bundler
       keys = @temporary.keys | @global_config.keys | @local_config.keys | @env_config.keys
 
       keys.map do |key|
-        key.sub(/^BUNDLE_/, "").gsub(/__/, ".").downcase
-      end
+        key.sub(/^BUNDLE_/, "").gsub(/___/, "-").gsub(/__/, ".").downcase
+      end.sort
     end
 
     def local_overrides
@@ -173,29 +189,37 @@ module Bundler
       locations = []
 
       if value = @temporary[key]
-        locations << "Set for the current command: #{converted_value(value, exposed_key).inspect}"
+        locations << "Set for the current command: #{printable_value(value, exposed_key).inspect}"
       end
 
       if value = @local_config[key]
-        locations << "Set for your local app (#{local_config_file}): #{converted_value(value, exposed_key).inspect}"
+        locations << "Set for your local app (#{local_config_file}): #{printable_value(value, exposed_key).inspect}"
       end
 
       if value = @env_config[key]
-        locations << "Set via #{key}: #{converted_value(value, exposed_key).inspect}"
+        locations << "Set via #{key}: #{printable_value(value, exposed_key).inspect}"
       end
 
       if value = @global_config[key]
-        locations << "Set for the current user (#{global_config_file}): #{converted_value(value, exposed_key).inspect}"
+        locations << "Set for the current user (#{global_config_file}): #{printable_value(value, exposed_key).inspect}"
       end
 
       return ["You have not configured a value for `#{exposed_key}`"] if locations.empty?
       locations
     end
 
+    def processor_count
+      require "etc"
+      Etc.nprocessors
+    rescue StandardError
+      1
+    end
+
     # for legacy reasons, in Bundler 2, we do not respect :disable_shared_gems
     def path
       configs.each do |_level, settings|
         path = value_for("path", settings)
+        path = "vendor/bundle" if value_for("deployment", settings) && path.nil?
         path_system = value_for("path.system", settings)
         disabled_shared_gems = value_for("disable_shared_gems", settings)
         next if path.nil? && path_system.nil? && disabled_shared_gems.nil?
@@ -277,9 +301,7 @@ module Bundler
     end
 
     def key_for(key)
-      key = Settings.normalize_uri(key).to_s if key.is_a?(String) && /https?:/ =~ key
-      key = key.to_s.gsub(".", "__").upcase
-      "BUNDLE_#{key}"
+      self.class.key_for(key)
     end
 
     private
@@ -314,6 +336,10 @@ module Bundler
       BOOL_KEYS.include?(name.to_s) || BOOL_KEYS.include?(parent_setting_for(name.to_s))
     end
 
+    def is_string(name)
+      STRING_KEYS.include?(name.to_s) || name.to_s.start_with?("local.") || name.to_s.start_with?("mirror.") || name.to_s.start_with?("build.")
+    end
+
     def to_bool(value)
       case value
       when nil, /\A(false|f|no|n|0|)\z/i, false
@@ -331,9 +357,17 @@ module Bundler
       ARRAY_KEYS.include?(key.to_s)
     end
 
+    def is_credential(key)
+      key == "gem.push_key"
+    end
+
+    def is_userinfo(value)
+      value.include?(":")
+    end
+
     def to_array(value)
       return [] unless value
-      value.split(":").map(&:to_sym)
+      value.tr(" ", ":").split(":").map(&:to_sym)
     end
 
     def array_to_s(array)
@@ -377,15 +411,38 @@ module Bundler
       end
     end
 
+    def printable_value(value, key)
+      converted = converted_value(value, key)
+      return converted unless converted.is_a?(String)
+
+      if is_string(key)
+        converted
+      elsif is_credential(key)
+        "[REDACTED]"
+      elsif is_userinfo(converted)
+        username, pass = converted.split(":", 2)
+
+        if pass == "x-oauth-basic"
+          username = "[REDACTED]"
+        else
+          pass = "[REDACTED]"
+        end
+
+        [username, pass].join(":")
+      else
+        converted
+      end
+    end
+
     def global_config_file
       if ENV["BUNDLE_CONFIG"] && !ENV["BUNDLE_CONFIG"].empty?
         Pathname.new(ENV["BUNDLE_CONFIG"])
-      else
-        begin
-          Bundler.user_bundle_path("config")
-        rescue PermissionError, GenericSystemCallError
-          nil
-        end
+      elsif ENV["BUNDLE_USER_CONFIG"] && !ENV["BUNDLE_USER_CONFIG"].empty?
+        Pathname.new(ENV["BUNDLE_USER_CONFIG"])
+      elsif ENV["BUNDLE_USER_HOME"] && !ENV["BUNDLE_USER_HOME"].empty?
+        Pathname.new(ENV["BUNDLE_USER_HOME"]).join("config")
+      elsif Bundler.rubygems.user_home && !Bundler.rubygems.user_home.empty?
+        Pathname.new(Bundler.rubygems.user_home).join(".bundle/config")
       end
     end
 
@@ -399,7 +456,20 @@ module Bundler
         valid_file = file.exist? && !file.size.zero?
         return {} unless valid_file
         require_relative "yaml_serializer"
-        YAMLSerializer.load file.read
+        YAMLSerializer.load(file.read).inject({}) do |config, (k, v)|
+          new_k = k
+
+          if k.include?("-")
+            Bundler.ui.warn "Your #{file} config includes `#{k}`, which contains the dash character (`-`).\n" \
+              "This is deprecated, because configuration through `ENV` should be possible, but `ENV` keys cannot include dashes.\n" \
+              "Please edit #{file} and replace any dashes in configuration keys with a triple underscore (`___`)."
+
+            new_k = k.gsub("-", "___")
+          end
+
+          config[new_k] = v
+          config
+        end
       end
     end
 
@@ -416,6 +486,12 @@ module Bundler
         \z
       /ix.freeze
 
+    def self.key_for(key)
+      key = normalize_uri(key).to_s if key.is_a?(String) && key.start_with?("http", "mirror.http")
+      key = key.to_s.gsub(".", "__").gsub("-", "___").upcase
+      "BUNDLE_#{key}"
+    end
+
     # TODO: duplicates Rubygems#normalize_uri
     # TODO: is this the correct place to validate mirror URIs?
     def self.normalize_uri(uri)

data/lib/bundler/setup.rb

@@ -9,10 +9,10 @@ if Bundler::SharedHelpers.in_bundle?
     begin
       Bundler.ui.silence { Bundler.setup }
     rescue Bundler::BundlerError => e
-      Bundler.ui.warn "\e[31m#{e.message}\e[0m"
+      Bundler.ui.error e.message
       Bundler.ui.warn e.backtrace.join("\n") if ENV["DEBUG"]
       if e.is_a?(Bundler::GemNotFound)
-        Bundler.ui.warn "\e[33mRun `bundle install` to install missing gems.\e[0m"
+        Bundler.ui.warn "Run `bundle install` to install missing gems."
       end
       exit e.status_code
     end

data/lib/bundler/shared_helpers.rb

@@ -13,13 +13,13 @@ module Bundler
     def root
       gemfile = find_gemfile
       raise GemfileNotFound, "Could not locate Gemfile" unless gemfile
-      Pathname.new(gemfile).tap{|x| x.untaint if RUBY_VERSION < "2.7" }.expand_path.parent
+      Pathname.new(gemfile).tap {|x| x.untaint if RUBY_VERSION < "2.7" }.expand_path.parent
     end
 
     def default_gemfile
       gemfile = find_gemfile
       raise GemfileNotFound, "Could not locate Gemfile" unless gemfile
-      Pathname.new(gemfile).tap{|x| x.untaint if RUBY_VERSION < "2.7" }.expand_path
+      Pathname.new(gemfile).tap {|x| x.untaint if RUBY_VERSION < "2.7" }.expand_path
     end
 
     def default_lockfile
@@ -28,7 +28,7 @@ module Bundler
       case gemfile.basename.to_s
       when "gems.rb" then Pathname.new(gemfile.sub(/.rb$/, ".locked"))
       else Pathname.new("#{gemfile}.lock")
-      end.tap{|x| x.untaint if RUBY_VERSION < "2.7" }
+      end.tap {|x| x.untaint if RUBY_VERSION < "2.7" }
     end
 
     def default_bundle_dir
@@ -100,7 +100,7 @@ module Bundler
     #
     # @see {Bundler::PermissionError}
     def filesystem_access(path, action = :write, &block)
-      yield(path.dup.tap{|x| x.untaint if RUBY_VERSION < "2.7" })
+      yield(path.dup.tap {|x| x.untaint if RUBY_VERSION < "2.7" })
     rescue Errno::EACCES
       raise PermissionError.new(path, action)
     rescue Errno::EAGAIN
@@ -109,7 +109,7 @@ module Bundler
       raise VirtualProtocolError.new
     rescue Errno::ENOSPC
       raise NoSpaceOnDeviceError.new(path, action)
-    rescue *[const_get_safely(:ENOTSUP, Errno)].compact
+    rescue Errno::ENOTSUP
       raise OperationNotSupportedError.new(path, action)
     rescue Errno::EEXIST, Errno::ENOENT
       raise
@@ -117,13 +117,6 @@ module Bundler
       raise GenericSystemCallError.new(e, "There was an error accessing `#{path}`.")
     end
 
-    def const_get_safely(constant_name, namespace)
-      const_in_namespace = namespace.constants.include?(constant_name.to_s) ||
-        namespace.constants.include?(constant_name.to_sym)
-      return nil unless const_in_namespace
-      namespace.const_get(constant_name)
-    end
-
     def major_deprecation(major_version, message, print_caller_location: false)
       if print_caller_location
         caller_location = caller_locations(2, 2).first
@@ -148,17 +141,10 @@ module Bundler
       end
       return unless multiple_gemfiles
       message = "Multiple gemfiles (gems.rb and Gemfile) detected. " \
-                "Make sure you remove Gemfile and Gemfile.lock since bundler is ignoring them in favor of gems.rb and gems.rb.locked."
+                "Make sure you remove Gemfile and Gemfile.lock since bundler is ignoring them in favor of gems.rb and gems.locked."
       Bundler.ui.warn message
     end
 
-    def trap(signal, override = false, &block)
-      prior = Signal.trap(signal) do
-        block.call
-        prior.call unless override
-      end
-    end
-
     def ensure_same_dependencies(spec, old_deps, new_deps)
       new_deps = new_deps.reject {|d| d.type == :development }
       old_deps = old_deps.reject {|d| d.type == :development }
@@ -177,7 +163,7 @@ module Bundler
         "\nEither installing with `--full-index` or running `bundle update #{spec.name}` should fix the problem."
     end
 
-    def pretty_dependency(dep, print_source = false)
+    def pretty_dependency(dep)
       msg = String.new(dep.name)
       msg << " (#{dep.requirement})" unless dep.requirement == Gem::Requirement.default
 
@@ -186,7 +172,6 @@ module Bundler
         msg << " " << platform_string if !platform_string.empty? && platform_string != Gem::Platform::RUBY
       end
 
-      msg << " from the `#{dep.source}` source" if print_source && dep.source
       msg
     end
 
@@ -250,10 +235,10 @@ module Bundler
 
     def search_up(*names)
       previous = nil
-      current  = File.expand_path(SharedHelpers.pwd).tap{|x| x.untaint if RUBY_VERSION < "2.7" }
+      current  = File.expand_path(SharedHelpers.pwd).tap {|x| x.untaint if RUBY_VERSION < "2.7" }
 
       until !File.directory?(current) || current == previous
-        if ENV["BUNDLE_SPEC_RUN"]
+        if ENV["BUNDLER_SPEC_RUN"]
           # avoid stepping above the tmp directory when testing
           gemspec = if ENV["GEM_COMMAND"]
             # for Ruby Core
@@ -288,10 +273,10 @@ module Bundler
 
     def set_bundle_variables
       # bundler exe & lib folders have same root folder, typical gem installation
-      exe_file = File.expand_path("../../../exe/bundle", __FILE__)
+      exe_file = File.expand_path("../../exe/bundle", __dir__)
 
       # for Ruby core repository testing
-      exe_file = File.expand_path("../../../libexec/bundle", __FILE__) unless File.exist?(exe_file)
+      exe_file = File.expand_path("../../libexec/bundle", __dir__) unless File.exist?(exe_file)
 
       # bundler is a default gem, exe path is separate
       exe_file = Bundler.rubygems.bin_path("bundler", "bundle", VERSION) unless File.exist?(exe_file)
@@ -323,16 +308,15 @@ module Bundler
     end
 
     def bundler_ruby_lib
-      resolve_path File.expand_path("../..", __FILE__)
+      File.expand_path("..", __dir__)
     end
 
     def clean_load_path
-      bundler_lib = bundler_ruby_lib
-
       loaded_gem_paths = Bundler.rubygems.loaded_gem_paths
 
       $LOAD_PATH.reject! do |p|
-        next if resolve_path(p).start_with?(bundler_lib)
+        resolved_path = resolve_path(p)
+        next if $LOADED_FEATURES.any? {|lf| lf.start_with?(resolved_path) }
         loaded_gem_paths.delete(p)
       end
       $LOAD_PATH.uniq!
@@ -340,7 +324,7 @@ module Bundler
 
     def resolve_path(path)
       expanded = File.expand_path(path)
-      return expanded unless File.respond_to?(:realpath) && File.exist?(expanded)
+      return expanded unless File.exist?(expanded)
 
       File.realpath(expanded)
     end

data/lib/bundler/source/git/git_proxy.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "shellwords"
-
 module Bundler
   class Source
     class Git
@@ -58,7 +56,6 @@ module Bundler
           @ref      = ref
           @revision = revision
           @git      = git
-          raise GitNotInstalledError.new if allow? && !Bundler.git_present?
         end
 
         def revision
@@ -98,12 +95,12 @@ module Bundler
             SharedHelpers.filesystem_access(path.dirname) do |p|
               FileUtils.mkdir_p(p)
             end
-            git_retry "clone", configured_uri, path.to_s, "--bare", "--no-hardlinks", "--quiet"
+            git_retry "clone", "--bare", "--no-hardlinks", "--quiet", "--", configured_uri, path.to_s
             return unless extra_ref
           end
 
           with_path do
-            git_retry(*["fetch", "--force", "--quiet", "--tags", configured_uri, "refs/heads/*:refs/heads/*", extra_ref].compact, :dir => path)
+            git_retry(*["fetch", "--force", "--quiet", "--tags", "--", configured_uri, "refs/heads/*:refs/heads/*", extra_ref].compact, :dir => path)
           end
         end
 
@@ -210,7 +207,11 @@ module Bundler
         end
 
         def allow?
-          @git ? @git.allow_git_ops? : true
+          allowed = @git ? @git.allow_git_ops? : true
+
+          raise GitNotInstalledError.new if allowed && !Bundler.git_present?
+
+          allowed
         end
 
         def with_path(&blk)
@@ -224,6 +225,7 @@ module Bundler
         end
 
         def check_allowed(command)
+          require "shellwords"
           command_with_no_credentials = URICredentialsFilter.credential_filtered_string("git #{command.shelljoin}", uri)
           raise GitNotAllowedError.new(command_with_no_credentials) unless allow?
           command_with_no_credentials