bundler 2.2.14 → 2.2.19

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of bundler might be problematic. Click here for more details.

Files changed (72) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +81 -5
  3. data/bundler.gemspec +2 -3
  4. data/lib/bundler.rb +1 -0
  5. data/lib/bundler/build_metadata.rb +2 -2
  6. data/lib/bundler/cli.rb +16 -35
  7. data/lib/bundler/cli/common.rb +15 -2
  8. data/lib/bundler/cli/gem.rb +9 -1
  9. data/lib/bundler/cli/outdated.rb +8 -11
  10. data/lib/bundler/compact_index_client/updater.rb +9 -5
  11. data/lib/bundler/current_ruby.rb +1 -0
  12. data/lib/bundler/definition.rb +21 -84
  13. data/lib/bundler/feature_flag.rb +0 -2
  14. data/lib/bundler/fetcher.rb +2 -1
  15. data/lib/bundler/fetcher/downloader.rb +8 -4
  16. data/lib/bundler/friendly_errors.rb +1 -1
  17. data/lib/bundler/gem_helper.rb +16 -0
  18. data/lib/bundler/index.rb +1 -2
  19. data/lib/bundler/injector.rb +2 -2
  20. data/lib/bundler/inline.rb +1 -1
  21. data/lib/bundler/installer/parallel_installer.rb +30 -7
  22. data/lib/bundler/lazy_specification.rb +6 -1
  23. data/lib/bundler/man/bundle-add.1 +1 -1
  24. data/lib/bundler/man/bundle-binstubs.1 +1 -1
  25. data/lib/bundler/man/bundle-cache.1 +1 -1
  26. data/lib/bundler/man/bundle-check.1 +1 -1
  27. data/lib/bundler/man/bundle-clean.1 +1 -1
  28. data/lib/bundler/man/bundle-config.1 +21 -10
  29. data/lib/bundler/man/bundle-config.1.ronn +21 -11
  30. data/lib/bundler/man/bundle-doctor.1 +1 -1
  31. data/lib/bundler/man/bundle-exec.1 +1 -1
  32. data/lib/bundler/man/bundle-gem.1 +1 -1
  33. data/lib/bundler/man/bundle-info.1 +1 -1
  34. data/lib/bundler/man/bundle-init.1 +1 -1
  35. data/lib/bundler/man/bundle-inject.1 +1 -1
  36. data/lib/bundler/man/bundle-install.1 +1 -1
  37. data/lib/bundler/man/bundle-list.1 +1 -1
  38. data/lib/bundler/man/bundle-lock.1 +1 -1
  39. data/lib/bundler/man/bundle-open.1 +1 -1
  40. data/lib/bundler/man/bundle-outdated.1 +1 -1
  41. data/lib/bundler/man/bundle-platform.1 +1 -1
  42. data/lib/bundler/man/bundle-pristine.1 +1 -1
  43. data/lib/bundler/man/bundle-remove.1 +1 -1
  44. data/lib/bundler/man/bundle-show.1 +1 -1
  45. data/lib/bundler/man/bundle-update.1 +1 -1
  46. data/lib/bundler/man/bundle-viz.1 +1 -1
  47. data/lib/bundler/man/bundle.1 +1 -1
  48. data/lib/bundler/man/gemfile.5 +1 -1
  49. data/lib/bundler/plugin.rb +2 -2
  50. data/lib/bundler/plugin/api/source.rb +14 -0
  51. data/lib/bundler/resolver.rb +13 -96
  52. data/lib/bundler/resolver/spec_group.rb +0 -24
  53. data/lib/bundler/retry.rb +1 -1
  54. data/lib/bundler/rubygems_ext.rb +2 -2
  55. data/lib/bundler/settings.rb +74 -12
  56. data/lib/bundler/source.rb +9 -0
  57. data/lib/bundler/source/path.rb +3 -1
  58. data/lib/bundler/source/path/installer.rb +1 -1
  59. data/lib/bundler/source/rubygems.rb +17 -10
  60. data/lib/bundler/source/rubygems_aggregate.rb +64 -0
  61. data/lib/bundler/source_list.rb +29 -10
  62. data/lib/bundler/source_map.rb +58 -0
  63. data/lib/bundler/spec_set.rb +18 -7
  64. data/lib/bundler/templates/Gemfile +1 -1
  65. data/lib/bundler/templates/gems.rb +1 -1
  66. data/lib/bundler/templates/newgem/github/workflows/main.yml.tt +2 -4
  67. data/lib/bundler/templates/newgem/newgem.gemspec.tt +1 -1
  68. data/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +1 -1
  69. data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +1 -1
  70. data/lib/bundler/vendor/tmpdir/lib/tmpdir.rb +1 -1
  71. data/lib/bundler/version.rb +1 -1
  72. metadata +9 -4
data/lib/bundler/source_map.rb ADDED
@@ -0,0 +1,58 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Bundler
4
+ class SourceMap
5
+ attr_reader :sources, :dependencies
6
+
7
+ def initialize(sources, dependencies)
8
+ @sources = sources
9
+ @dependencies = dependencies
10
+ end
11
+
12
+ def pinned_spec_names(skip = nil)
13
+ direct_requirements.reject {|_, source| source == skip }.keys
14
+ end
15
+
16
+ def all_requirements
17
+ requirements = direct_requirements.dup
18
+
19
+ unmet_deps = sources.non_default_explicit_sources.map do |source|
20
+ (source.spec_names - pinned_spec_names).each do |indirect_dependency_name|
21
+ previous_source = requirements[indirect_dependency_name]
22
+ if previous_source.nil?
23
+ requirements[indirect_dependency_name] = source
24
+ else
25
+ no_ambiguous_sources = Bundler.feature_flag.bundler_3_mode?
26
+
27
+ msg = ["The gem '#{indirect_dependency_name}' was found in multiple relevant sources."]
28
+ msg.concat [previous_source, source].map {|s| " * #{s}" }.sort
29
+ msg << "You #{no_ambiguous_sources ? :must : :should} add this gem to the source block for the source you wish it to be installed from."
30
+ msg = msg.join("\n")
31
+
32
+ raise SecurityError, msg if no_ambiguous_sources
33
+ Bundler.ui.warn "Warning: #{msg}"
34
+ end
35
+ end
36
+
37
+ source.unmet_deps
38
+ end
39
+
40
+ sources.default_source.add_dependency_names(unmet_deps.flatten - requirements.keys)
41
+
42
+ requirements
43
+ end
44
+
45
+ def direct_requirements
46
+ @direct_requirements ||= begin
47
+ requirements = {}
48
+ default = sources.default_source
49
+ dependencies.each do |dep|
50
+ dep_source = dep.source || default
51
+ dep_source.add_dependency_names(dep.name)
52
+ requirements[dep.name] = dep_source
53
+ end
54
+ requirements
55
+ end
56
+ end
57
+ end
58
+ end
data/lib/bundler/spec_set.rb CHANGED
@@ -78,11 +78,17 @@ module Bundler
78
78
 
79
79
  def materialize(deps, missing_specs = nil)
80
80
  materialized = self.for(deps, [], false, true, !missing_specs).to_a
81
- deps = materialized.map(&:name).uniq
81
+
82
+ materialized.group_by(&:source).each do |source, specs|
83
+ next unless specs.any?{|s| s.is_a?(LazySpecification) }
84
+
85
+ source.local!
86
+ names = -> { specs.map(&:name).uniq }
87
+ source.double_check_for(names)
88
+ end
89
+
82
90
  materialized.map! do |s|
83
91
  next s unless s.is_a?(LazySpecification)
84
- s.source.dependency_names = deps if s.source.respond_to?(:dependency_names=)
85
- s.source.local!
86
92
  spec = s.__materialize__
87
93
  unless spec
88
94
  unless missing_specs
@@ -99,12 +105,17 @@ module Bundler
99
105
  # This is in contrast to how for does platform filtering (and specifically different from how `materialize` calls `for` only for the current platform)
100
106
  # @return [Array<Gem::Specification>]
101
107
  def materialized_for_all_platforms
102
- names = @specs.map(&:name).uniq
108
+ @specs.group_by(&:source).each do |source, specs|
109
+ next unless specs.any?{|s| s.is_a?(LazySpecification) }
110
+
111
+ source.local!
112
+ source.remote!
113
+ names = -> { specs.map(&:name).uniq }
114
+ source.double_check_for(names)
115
+ end
116
+
103
117
  @specs.map do |s|
104
118
  next s unless s.is_a?(LazySpecification)
105
- s.source.dependency_names = names if s.source.respond_to?(:dependency_names=)
106
- s.source.local!
107
- s.source.remote!
108
119
  spec = s.__materialize__
109
120
  raise GemNotFound, "Could not find #{s.full_name} in any of the sources" unless spec
110
121
  spec
data/lib/bundler/templates/Gemfile CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  source "https://rubygems.org"
4
4
 
5
- git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
5
+ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
6
6
 
7
7
  # gem "rails"
data/lib/bundler/templates/gems.rb CHANGED
@@ -3,6 +3,6 @@
3
3
  # A sample gems.rb
4
4
  source "https://rubygems.org"
5
5
 
6
- git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
6
+ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
7
7
 
8
8
  # gem "rails"
data/lib/bundler/templates/newgem/github/workflows/main.yml.tt CHANGED
@@ -11,8 +11,6 @@ jobs:
11
11
  uses: ruby/setup-ruby@v1
12
12
  with:
13
13
  ruby-version: <%= RUBY_VERSION %>
14
+ bundler-cache: true
14
15
  - name: Run the default task
15
- run: |
16
- gem install bundler -v <%= Bundler::VERSION %>
17
- bundle install
18
- bundle exec rake
16
+ run: bundle exec rake
data/lib/bundler/templates/newgem/newgem.gemspec.tt CHANGED
@@ -14,7 +14,7 @@ Gem::Specification.new do |spec|
14
14
  <%- if config[:mit] -%>
15
15
  spec.license = "MIT"
16
16
  <%- end -%>
17
- spec.required_ruby_version = Gem::Requirement.new(">= <%= config[:required_ruby_version] %>")
17
+ spec.required_ruby_version = ">= <%= config[:required_ruby_version] %>"
18
18
 
19
19
  spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
20
20
 
data/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Bundler::Molinillo
4
- # Provides information about specifcations and dependencies to the resolver,
4
+ # Provides information about specifications and dependencies to the resolver,
5
5
  # allowing the {Resolver} class to remain generic while still providing power
6
6
  # and flexibility.
7
7
  #
data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb CHANGED
@@ -252,7 +252,7 @@ class Bundler::Thor
252
252
  # flag<Regexp|String>:: the regexp or string to be replaced
253
253
  # replacement<String>:: the replacement, can be also given as a block
254
254
  # config<Hash>:: give :verbose => false to not log the status, and
255
- # :force => true, to force the replacement regardles of runner behavior.
255
+ # :force => true, to force the replacement regardless of runner behavior.
256
256
  #
257
257
  # ==== Example
258
258
  #
data/lib/bundler/vendor/tmpdir/lib/tmpdir.rb CHANGED
@@ -115,7 +115,7 @@ class Bundler::Dir < Dir
115
115
  Bundler::Dir.tmpdir
116
116
  end
117
117
 
118
- UNUSABLE_CHARS = [File::SEPARATOR, File::ALT_SEPARATOR, File::PATH_SEPARATOR, ":"].uniq.join("").freeze
118
+ UNUSABLE_CHARS = "^,-.0-9A-Z_a-z~"
119
119
 
120
120
  class << (RANDOM = Random.new)
121
121
  MAX = 36**6 # < 0x100000000
data/lib/bundler/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: false
2
2
 
3
3
  module Bundler
4
- VERSION = "2.2.14".freeze
4
+ VERSION = "2.2.19".freeze
5
5
 
6
6
  def self.bundler_major_version
7
7
  @bundler_major_version ||= VERSION.split(".").first.to_i
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.14
4
+ version: 2.2.19
5
5
  platform: ruby
6
6
  authors:
7
7
  - André Arko
@@ -22,7 +22,7 @@ authors:
22
22
  autorequire:
23
23
  bindir: exe
24
24
  cert_chain: []
25
- date: 2021-03-08 00:00:00.000000000 Z
25
+ date: 2021-05-31 00:00:00.000000000 Z
26
26
  dependencies: []
27
27
  description: Bundler manages an application's dependencies through its entire life,
28
28
  across many machines, systematically and repeatably
@@ -32,7 +32,10 @@ executables:
32
32
  - bundle
33
33
  - bundler
34
34
  extensions: []
35
- extra_rdoc_files: []
35
+ extra_rdoc_files:
36
+ - CHANGELOG.md
37
+ - LICENSE.md
38
+ - README.md
36
39
  files:
37
40
  - CHANGELOG.md
38
41
  - LICENSE.md
@@ -202,7 +205,9 @@ files:
202
205
  - lib/bundler/source/path/installer.rb
203
206
  - lib/bundler/source/rubygems.rb
204
207
  - lib/bundler/source/rubygems/remote.rb
208
+ - lib/bundler/source/rubygems_aggregate.rb
205
209
  - lib/bundler/source_list.rb
210
+ - lib/bundler/source_map.rb
206
211
  - lib/bundler/spec_set.rb
207
212
  - lib/bundler/stub_specification.rb
208
213
  - lib/bundler/templates/.document
@@ -352,7 +357,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
352
357
  - !ruby/object:Gem::Version
353
358
  version: 2.5.2
354
359
  requirements: []
355
- rubygems_version: 3.2.14
360
+ rubygems_version: 3.2.19
356
361
  signing_key:
357
362
  specification_version: 4
358
363
  summary: The best way to manage your application's dependencies