RubyGems - bundler - Versions diffs - 2.2.16 → 2.4.19 - Mend

bundler 2.2.16 → 2.4.19

Files changed (280) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +971 -7
data/README.md +4 -7
data/bundler.gemspec +10 -13
data/exe/bundle +12 -24
data/exe/bundler +1 -1
data/lib/bundler/.document +1 -0
data/lib/bundler/build_metadata.rb +3 -3
data/lib/bundler/cli/add.rb +1 -1
data/lib/bundler/cli/binstubs.rb +6 -2
data/lib/bundler/cli/cache.rb +1 -1
data/lib/bundler/cli/check.rb +5 -3
data/lib/bundler/cli/common.rb +6 -2
data/lib/bundler/cli/config.rb +10 -1
data/lib/bundler/cli/console.rb +2 -2
data/lib/bundler/cli/doctor.rb +22 -5
data/lib/bundler/cli/exec.rb +1 -6
data/lib/bundler/cli/gem.rb +147 -35
data/lib/bundler/cli/info.rb +28 -7
data/lib/bundler/cli/init.rb +6 -2
data/lib/bundler/cli/install.rb +26 -58
data/lib/bundler/cli/issue.rb +4 -3
data/lib/bundler/cli/list.rb +7 -1
data/lib/bundler/cli/lock.rb +11 -4
data/lib/bundler/cli/open.rb +7 -6
data/lib/bundler/cli/outdated.rb +23 -17
data/lib/bundler/cli/platform.rb +8 -6
data/lib/bundler/cli/remove.rb +1 -2
data/lib/bundler/cli/show.rb +1 -1
data/lib/bundler/cli/update.rb +17 -8
data/lib/bundler/cli/viz.rb +1 -1
data/lib/bundler/cli.rb +95 -65
data/lib/bundler/compact_index_client/cache.rb +1 -10
data/lib/bundler/compact_index_client/updater.rb +56 -43
data/lib/bundler/compact_index_client.rb +2 -8
data/lib/bundler/constants.rb +1 -1
data/lib/bundler/current_ruby.rb +19 -6
data/lib/bundler/definition.rb +386 -419
data/lib/bundler/dependency.rb +24 -71
data/lib/bundler/digest.rb +71 -0
data/lib/bundler/dsl.rb +48 -63
data/lib/bundler/endpoint_specification.rb +15 -13
data/lib/bundler/env.rb +3 -3
data/lib/bundler/environment_preserver.rb +7 -3
data/lib/bundler/errors.rb +30 -14
data/lib/bundler/feature_flag.rb +0 -5
data/lib/bundler/fetcher/base.rb +6 -8
data/lib/bundler/fetcher/compact_index.rb +21 -28
data/lib/bundler/fetcher/dependency.rb +2 -6
data/lib/bundler/fetcher/downloader.rb +12 -10
data/lib/bundler/fetcher/index.rb +1 -29
data/lib/bundler/fetcher.rb +35 -30
data/lib/bundler/force_platform.rb +18 -0
data/lib/bundler/friendly_errors.rb +26 -39
data/lib/bundler/gem_helper.rb +10 -22
data/lib/bundler/gem_helpers.rb +9 -2
data/lib/bundler/gem_version_promoter.rb +53 -98
data/lib/bundler/graph.rb +3 -3
data/lib/bundler/index.rb +14 -57
data/lib/bundler/injector.rb +20 -6
data/lib/bundler/inline.rb +10 -22
data/lib/bundler/installer/gem_installer.rb +16 -21
data/lib/bundler/installer/parallel_installer.rb +4 -34
data/lib/bundler/installer/standalone.rb +53 -17
data/lib/bundler/installer.rb +26 -58
data/lib/bundler/lazy_specification.rb +72 -55
data/lib/bundler/lockfile_generator.rb +3 -3
data/lib/bundler/lockfile_parser.rb +31 -45
data/lib/bundler/man/bundle-add.1 +21 -5
data/lib/bundler/man/bundle-add.1.ronn +16 -4
data/lib/bundler/man/bundle-binstubs.1 +1 -1
data/lib/bundler/man/bundle-cache.1 +9 -3
data/lib/bundler/man/bundle-cache.1.ronn +9 -2
data/lib/bundler/man/bundle-check.1 +1 -1
data/lib/bundler/man/bundle-clean.1 +2 -2
data/lib/bundler/man/bundle-clean.1.ronn +1 -1
data/lib/bundler/man/bundle-config.1 +50 -26
data/lib/bundler/man/bundle-config.1.ronn +47 -32
data/lib/bundler/man/bundle-console.1 +53 -0
data/lib/bundler/man/bundle-console.1.ronn +44 -0
data/lib/bundler/man/bundle-doctor.1 +1 -1
data/lib/bundler/man/bundle-exec.1 +6 -6
data/lib/bundler/man/bundle-exec.1.ronn +6 -6
data/lib/bundler/man/bundle-gem.1 +37 -34
data/lib/bundler/man/bundle-gem.1.ronn +21 -5
data/lib/bundler/man/bundle-help.1 +13 -0
data/lib/bundler/man/bundle-help.1.ronn +12 -0
data/lib/bundler/man/bundle-info.1 +3 -3
data/lib/bundler/man/bundle-info.1.ronn +3 -3
data/lib/bundler/man/bundle-init.1 +5 -1
data/lib/bundler/man/bundle-init.1.ronn +2 -0
data/lib/bundler/man/bundle-inject.1 +5 -2
data/lib/bundler/man/bundle-inject.1.ronn +3 -1
data/lib/bundler/man/bundle-install.1 +6 -31
data/lib/bundler/man/bundle-install.1.ronn +8 -31
data/lib/bundler/man/bundle-list.1 +1 -1
data/lib/bundler/man/bundle-lock.1 +1 -1
data/lib/bundler/man/bundle-open.1 +22 -2
data/lib/bundler/man/bundle-open.1.ronn +9 -1
data/lib/bundler/man/bundle-outdated.1 +15 -18
data/lib/bundler/man/bundle-outdated.1.ronn +13 -19
data/lib/bundler/man/bundle-platform.1 +16 -6
data/lib/bundler/man/bundle-platform.1.ronn +14 -7
data/lib/bundler/man/bundle-plugin.1 +81 -0
data/lib/bundler/man/bundle-plugin.1.ronn +59 -0
data/lib/bundler/man/bundle-pristine.1 +1 -1
data/lib/bundler/man/bundle-remove.1 +1 -1
data/lib/bundler/man/bundle-show.1 +1 -1
data/lib/bundler/man/bundle-update.1 +5 -5
data/lib/bundler/man/bundle-update.1.ronn +5 -4
data/lib/bundler/man/bundle-version.1 +35 -0
data/lib/bundler/man/bundle-version.1.ronn +24 -0
data/lib/bundler/man/bundle-viz.1 +4 -1
data/lib/bundler/man/bundle-viz.1.ronn +2 -0
data/lib/bundler/man/bundle.1 +15 -10
data/lib/bundler/man/bundle.1.ronn +12 -7
data/lib/bundler/man/gemfile.5 +131 -81
data/lib/bundler/man/gemfile.5.ronn +111 -85
data/lib/bundler/man/index.txt +4 -0
data/lib/bundler/match_metadata.rb +13 -0
data/lib/bundler/match_platform.rb +0 -1
data/lib/bundler/match_remote_metadata.rb +29 -0
data/lib/bundler/mirror.rb +5 -7
data/lib/bundler/plugin/api/source.rb +17 -8
data/lib/bundler/plugin/index.rb +9 -6
data/lib/bundler/plugin/installer/git.rb +0 -4
data/lib/bundler/plugin/installer/rubygems.rb +0 -8
data/lib/bundler/plugin/installer.rb +9 -4
data/lib/bundler/plugin.rb +30 -9
data/lib/bundler/process_lock.rb +1 -1
data/lib/bundler/remote_specification.rb +7 -5
data/lib/bundler/resolver/base.rb +107 -0
data/lib/bundler/resolver/candidate.rb +94 -0
data/lib/bundler/resolver/incompatibility.rb +15 -0
data/lib/bundler/resolver/package.rb +72 -0
data/lib/bundler/resolver/root.rb +25 -0
data/lib/bundler/resolver/spec_group.rb +42 -94
data/lib/bundler/resolver.rb +331 -381
data/lib/bundler/retry.rb +1 -1
data/lib/bundler/ruby_dsl.rb +7 -1
data/lib/bundler/ruby_version.rb +8 -21
data/lib/bundler/rubygems_ext.rb +175 -34
data/lib/bundler/rubygems_gem_installer.rb +46 -14
data/lib/bundler/rubygems_integration.rb +57 -108
data/lib/bundler/runtime.rb +20 -18
data/lib/bundler/safe_marshal.rb +31 -0
data/lib/bundler/self_manager.rb +168 -0
data/lib/bundler/settings.rb +101 -30
data/lib/bundler/setup.rb +5 -2
data/lib/bundler/shared_helpers.rb +17 -32
data/lib/bundler/source/git/git_proxy.rb +242 -77
data/lib/bundler/source/git.rb +82 -41
data/lib/bundler/source/metadata.rb +3 -4
data/lib/bundler/source/path/installer.rb +1 -22
data/lib/bundler/source/path.rb +7 -7
data/lib/bundler/source/rubygems.rb +158 -212
data/lib/bundler/source/rubygems_aggregate.rb +68 -0
data/lib/bundler/source.rb +19 -5
data/lib/bundler/source_list.rb +91 -52
data/lib/bundler/source_map.rb +71 -0
data/lib/bundler/spec_set.rb +69 -57
data/lib/bundler/stub_specification.rb +5 -3
data/lib/bundler/templates/Executable +3 -5
data/lib/bundler/templates/Executable.bundler +11 -16
data/lib/bundler/templates/Executable.standalone +4 -4
data/lib/bundler/templates/Gemfile +0 -2
data/lib/bundler/templates/newgem/Cargo.toml.tt +7 -0
data/lib/bundler/templates/newgem/Gemfile.tt +8 -2
data/lib/bundler/templates/newgem/README.md.tt +7 -11
data/lib/bundler/templates/newgem/Rakefile.tt +27 -3
data/lib/bundler/templates/newgem/bin/console.tt +0 -4
data/lib/bundler/templates/newgem/circleci/config.yml.tt +12 -0
data/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +15 -0
data/lib/bundler/templates/newgem/ext/newgem/extconf-c.rb.tt +10 -0
data/lib/bundler/templates/newgem/ext/newgem/extconf-rust.rb.tt +6 -0
data/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +1 -1
data/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +12 -0
data/lib/bundler/templates/newgem/github/workflows/main.yml.tt +24 -3
data/lib/bundler/templates/newgem/gitignore.tt +3 -0
data/lib/bundler/templates/newgem/gitlab-ci.yml.tt +13 -4
data/lib/bundler/templates/newgem/newgem.gemspec.tt +27 -18
data/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
data/lib/bundler/templates/newgem/standard.yml.tt +3 -0
data/lib/bundler/templates/newgem/test/minitest/{newgem_test.rb.tt → test_newgem.rb.tt} +1 -1
data/lib/bundler/ui/rg_proxy.rb +1 -1
data/lib/bundler/ui/shell.rb +36 -13
data/lib/bundler/ui/silent.rb +21 -5
data/lib/bundler/uri_normalizer.rb +23 -0
data/lib/bundler/vendor/.document +1 -0
data/lib/bundler/vendor/connection_pool/LICENSE +20 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +19 -21
data/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
data/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +56 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +41 -74
data/lib/bundler/vendor/fileutils/LICENSE.txt +22 -0
data/lib/bundler/vendor/fileutils/lib/fileutils.rb +1351 -409
data/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1 -1
data/lib/bundler/vendor/pub_grub/LICENSE.txt +21 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb +20 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +189 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/failure_writer.rb +182 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/incompatibility.rb +150 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/package.rb +43 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/partial_solution.rb +121 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/rubygems.rb +45 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/solve_failure.rb +19 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +60 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/term.rb +105 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version.rb +3 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_constraint.rb +129 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +411 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +248 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb +178 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub.rb +31 -0
data/lib/bundler/vendor/thor/LICENSE.md +20 -0
data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +5 -5
data/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +1 -2
data/lib/bundler/vendor/thor/lib/thor/actions.rb +6 -2
data/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +6 -0
data/lib/bundler/vendor/thor/lib/thor/error.rb +9 -4
data/lib/bundler/vendor/thor/lib/thor/parser/options.rb +19 -1
data/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +23 -5
data/lib/bundler/vendor/thor/lib/thor/shell.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/util.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/version.rb +1 -1
data/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
data/lib/bundler/vendor/tsort/lib/tsort.rb +452 -0
data/lib/bundler/vendor/uri/LICENSE.txt +22 -0
data/lib/bundler/vendor/uri/lib/uri/common.rb +76 -91
data/lib/bundler/vendor/uri/lib/uri/file.rb +7 -1
data/lib/bundler/vendor/uri/lib/uri/ftp.rb +2 -2
data/lib/bundler/vendor/uri/lib/uri/generic.rb +32 -13
data/lib/bundler/vendor/uri/lib/uri/http.rb +40 -3
data/lib/bundler/vendor/uri/lib/uri/https.rb +2 -2
data/lib/bundler/vendor/uri/lib/uri/ldap.rb +2 -2
data/lib/bundler/vendor/uri/lib/uri/ldaps.rb +2 -1
data/lib/bundler/vendor/uri/lib/uri/mailto.rb +2 -3
data/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +16 -23
data/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +12 -18
data/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
data/lib/bundler/vendor/uri/lib/uri/ws.rb +83 -0
data/lib/bundler/vendor/uri/lib/uri/wss.rb +23 -0
data/lib/bundler/vendor/uri/lib/uri.rb +3 -3
data/lib/bundler/vendored_persistent.rb +1 -33
data/lib/bundler/{vendored_molinillo.rb → vendored_pub_grub.rb} +1 -1
data/lib/bundler/{vendored_tmpdir.rb → vendored_tsort.rb} +1 -1
data/lib/bundler/version.rb +5 -1
data/lib/bundler/worker.rb +24 -11
data/lib/bundler.rb +66 -110
metadata +70 -41
data/lib/bundler/dep_proxy.rb +0 -55
data/lib/bundler/gemdeps.rb +0 -29
data/lib/bundler/psyched_yaml.rb +0 -22
data/lib/bundler/templates/gems.rb +0 -8
data/lib/bundler/templates/newgem/ext/newgem/extconf.rb.tt +0 -5
data/lib/bundler/templates/newgem/travis.yml.tt +0 -6
data/lib/bundler/vendor/connection_pool/lib/connection_pool/monotonic_time.rb +0 -66
data/lib/bundler/vendor/molinillo/lib/molinillo/delegates/resolution_state.rb +0 -57
data/lib/bundler/vendor/molinillo/lib/molinillo/delegates/specification_provider.rb +0 -88
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/action.rb +0 -36
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +0 -66
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +0 -62
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +0 -63
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +0 -61
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/log.rb +0 -126
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/set_payload.rb +0 -46
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/tag.rb +0 -36
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb +0 -164
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +0 -255
data/lib/bundler/vendor/molinillo/lib/molinillo/errors.rb +0 -143
data/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb +0 -6
data/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +0 -112
data/lib/bundler/vendor/molinillo/lib/molinillo/modules/ui.rb +0 -67
data/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb +0 -839
data/lib/bundler/vendor/molinillo/lib/molinillo/resolver.rb +0 -46
data/lib/bundler/vendor/molinillo/lib/molinillo/state.rb +0 -58
data/lib/bundler/vendor/molinillo/lib/molinillo.rb +0 -11
data/lib/bundler/vendor/tmpdir/lib/tmpdir.rb +0 -154
data/lib/bundler/version_ranges.rb +0 -122

data/lib/bundler/source/rubygems_aggregate.rb ADDED Viewed

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+module Bundler
+  class Source
+    class RubygemsAggregate
+      attr_reader :source_map, :sources
+      def initialize(sources, source_map)
+        @sources = sources
+        @source_map = source_map
+        @index = build_index
+      end
+      def specs
+        @index
+      end
+      def identifier
+        to_s
+      end
+      def to_s
+        "any of the sources"
+      end
+      private
+      def build_index
+        Index.build do |idx|
+          dependency_names = source_map.pinned_spec_names
+          sources.all_sources.each do |source|
+            source.dependency_names = dependency_names - source_map.pinned_spec_names(source)
+            idx.add_source source.specs
+            dependency_names.concat(source.unmet_deps).uniq!
+          end
+          double_check_for_index(idx, dependency_names)
+        end
+      end
+      # Suppose the gem Foo depends on the gem Bar.  Foo exists in Source A.  Bar has some versions that exist in both
+      # sources A and B.  At this point, the API request will have found all the versions of Bar in source A,
+      # but will not have found any versions of Bar from source B, which is a problem if the requested version
+      # of Foo specifically depends on a version of Bar that is only found in source B. This ensures that for
+      # each spec we found, we add all possible versions from all sources to the index.
+      def double_check_for_index(idx, dependency_names)
+        pinned_names = source_map.pinned_spec_names
+        names = :names # do this so we only have to traverse to get dependency_names from the index once
+        unmet_dependency_names = lambda do
+          return names unless names == :names
+          new_names = sources.all_sources.map(&:dependency_names_to_double_check)
+          return names = nil if new_names.compact!
+          names = new_names.flatten(1).concat(dependency_names)
+          names.uniq!
+          names -= pinned_names
+          names
+        end
+        sources.all_sources.each do |source|
+          source.double_check_for(unmet_dependency_names)
+        end
+      end
+    end
+  end
+end

data/lib/bundler/source.rb CHANGED Viewed

@@ -7,6 +7,7 @@ module Bundler
     autoload :Metadata, File.expand_path("source/metadata", __dir__)
     autoload :Path,     File.expand_path("source/path", __dir__)
     autoload :Rubygems, File.expand_path("source/rubygems", __dir__)
+    autoload :RubygemsAggregate, File.expand_path("source/rubygems_aggregate", __dir__)
     attr_accessor :dependency_names
@@ -14,13 +15,12 @@ module Bundler
       specs.unmet_dependency_names
     end
-    def version_message(spec)
+    def version_message(spec, locked_spec = nil)
       message = "#{spec.name} #{spec.version}"
       message += " (#{spec.platform})" if spec.platform != Gem::Platform::RUBY && !spec.platform.nil?
-      if Bundler.locked_gems
-        locked_spec = Bundler.locked_gems.specs.find {|s| s.name == spec.name }
-        locked_spec_version = locked_spec.version if locked_spec
+      if locked_spec
+        locked_spec_version = locked_spec.version
         if locked_spec_version && spec.version != locked_spec_version
           message += Bundler.ui.add_color(" (was #{locked_spec_version})", version_color(spec.version, locked_spec_version))
         end
@@ -35,10 +35,16 @@ module Bundler
     def local!; end
+    def local_only!; end
     def cached!; end
     def remote!; end
+    def add_dependency_names(names)
+      @dependency_names = Array(dependency_names) | Array(names)
+    end
     # it's possible that gems from one source depend on gems from some
     # other source, so now we download gemspecs and iterate over those
     # dependencies, looking for gems we don't have info on yet.
@@ -48,6 +54,10 @@ module Bundler
       specs.dependency_names
     end
+    def spec_names
+      specs.spec_names
+    end
     def include?(other)
       other == self
     end
@@ -56,6 +66,10 @@ module Bundler
       "#<#{self.class}:0x#{object_id} #{self}>"
     end
+    def identifier
+      to_s
+    end
     def path?
       instance_of?(Bundler::Source::Path)
     end
@@ -86,7 +100,7 @@ module Bundler
     end
     def print_using_message(message)
-      if !message.include?("(was ") && Bundler.feature_flag.suppress_install_using_messages?
+      if !message.include?("(was ")
         Bundler.ui.debug message
       else
         Bundler.ui.info message

data/lib/bundler/source_list.rb CHANGED Viewed

@@ -21,15 +21,24 @@ module Bundler
       @rubygems_sources       = []
       @metadata_source        = Source::Metadata.new
-      @disable_multisource = true
+      @merged_gem_lockfile_sections = false
     end
-    def disable_multisource?
-      @disable_multisource
+    def merged_gem_lockfile_sections?
+      @merged_gem_lockfile_sections
     end
-    def merged_gem_lockfile_sections!
-      @disable_multisource = false
+    def merged_gem_lockfile_sections!(replacement_source)
+      @merged_gem_lockfile_sections = true
+      @global_rubygems_source = replacement_source
+    end
+    def aggregate_global_source?
+      global_rubygems_source.multiple_remotes?
+    end
+    def implicit_global_source?
+      global_rubygems_source.no_remotes?
     end
     def add_path_source(options = {})
@@ -49,18 +58,17 @@ module Bundler
     end
     def add_rubygems_source(options = {})
-      add_source_to_list Source::Rubygems.new(options), @rubygems_sources
+      new_source = Source::Rubygems.new(options)
+      return @global_rubygems_source if @global_rubygems_source == new_source
+      add_source_to_list new_source, @rubygems_sources
     end
     def add_plugin_source(source, options = {})
       add_source_to_list Plugin.source(source).new(options), @plugin_sources
     end
-    def global_rubygems_source=(uri)
-      @global_rubygems_source ||= rubygems_aggregate_class.new("remotes" => uri, "allow_local" => true)
-    end
-    def add_rubygems_remote(uri)
+    def add_global_rubygems_remote(uri)
       global_rubygems_source.add_remote(uri)
       global_rubygems_source
     end
@@ -70,7 +78,11 @@ module Bundler
     end
     def rubygems_sources
-      @rubygems_sources + [global_rubygems_source]
+      non_global_rubygems_sources + [global_rubygems_source]
+    end
+    def non_global_rubygems_sources
+      @rubygems_sources
     end
     def rubygems_remotes
@@ -81,36 +93,51 @@ module Bundler
       path_sources + git_sources + plugin_sources + rubygems_sources + [metadata_source]
     end
+    def non_default_explicit_sources
+      all_sources - [default_source, metadata_source]
+    end
     def get(source)
-      source_list_for(source).find {|s| equal_source?(source, s) || equivalent_source?(source, s) }
+      source_list_for(source).find {|s| equivalent_source?(source, s) }
     end
     def lock_sources
-      lock_sources = (path_sources + git_sources + plugin_sources).sort_by(&:to_s)
-      if disable_multisource?
-        lock_sources + rubygems_sources.sort_by(&:to_s).uniq
+      lock_other_sources + lock_rubygems_sources
+    end
+    def lock_other_sources
+      (path_sources + git_sources + plugin_sources).sort_by(&:identifier)
+    end
+    def lock_rubygems_sources
+      if merged_gem_lockfile_sections?
+        [combine_rubygems_sources]
       else
-        lock_sources << combine_rubygems_sources
+        rubygems_sources.sort_by(&:identifier)
       end
     end
     # Returns true if there are changes
     def replace_sources!(replacement_sources)
-      return true if replacement_sources.empty?
+      return false if replacement_sources.empty?
-      [path_sources, git_sources, plugin_sources].each do |source_list|
-        source_list.map! do |source|
-          replacement_sources.find {|s| s == source } || source
-        end
-      end
+      @rubygems_sources, @path_sources, @git_sources, @plugin_sources = map_sources(replacement_sources)
+      @global_rubygems_source = global_replacement_source(replacement_sources)
-      replacement_rubygems = !disable_multisource? &&
-        replacement_sources.detect {|s| s.is_a?(Source::Rubygems) }
-      @global_rubygems_source = replacement_rubygems if replacement_rubygems
+      different_sources?(lock_sources, replacement_sources)
+    end
-      return true if !equal_sources?(lock_sources, replacement_sources) && !equivalent_sources?(lock_sources, replacement_sources)
+    # Returns true if there are changes
+    def expired_sources?(replacement_sources)
+      return false if replacement_sources.empty?
-      false
+      lock_sources = dup_with_replaced_sources(replacement_sources).lock_sources
+      different_sources?(lock_sources, replacement_sources)
+    end
+    def local_only!
+      all_sources.each(&:local_only!)
     end
     def cached!
@@ -123,6 +150,38 @@ module Bundler
     private
+    def dup_with_replaced_sources(replacement_sources)
+      new_source_list = dup
+      new_source_list.replace_sources!(replacement_sources)
+      new_source_list
+    end
+    def map_sources(replacement_sources)
+      rubygems, git, plugin = [@rubygems_sources, @git_sources, @plugin_sources].map do |sources|
+        sources.map do |source|
+          replacement_sources.find {|s| s == source } || source
+        end
+      end
+      path = @path_sources.map do |source|
+        replacement_sources.find {|s| s == (source.is_a?(Source::Gemspec) ? source.as_path_source : source) } || source
+      end
+      [rubygems, path, git, plugin]
+    end
+    def global_replacement_source(replacement_sources)
+      replacement_source = replacement_sources.find {|s| s == global_rubygems_source }
+      return global_rubygems_source unless replacement_source
+      replacement_source.local!
+      replacement_source
+    end
+    def different_sources?(lock_sources, replacement_sources)
+      !equivalent_sources?(lock_sources, replacement_sources)
+    end
     def rubygems_aggregate_class
       Source::Rubygems
     end
@@ -149,7 +208,7 @@ module Bundler
     def warn_on_git_protocol(source)
       return if Bundler.settings["git.allow_insecure"]
-      if source.uri =~ /^git\:/
+      if /^git\:/.match?(source.uri)
         Bundler.ui.warn "The git source `#{source.uri}` uses the `git` protocol, " \
           "which transmits data without encryption. Disable this warning with " \
           "`bundle config set --local git.allow_insecure true`, or switch to the `https` " \
@@ -157,32 +216,12 @@ module Bundler
       end
     end
-    def equal_sources?(lock_sources, replacement_sources)
-      lock_sources.sort_by(&:to_s) == replacement_sources.sort_by(&:to_s)
-    end
-    def equal_source?(source, other_source)
-      source == other_source
-    end
-    def equivalent_source?(source, other_source)
-      return false unless Bundler.settings[:allow_deployment_source_credential_changes] && source.is_a?(Source::Rubygems)
-      equivalent_rubygems_sources?([source], [other_source])
-    end
     def equivalent_sources?(lock_sources, replacement_sources)
-      return false unless Bundler.settings[:allow_deployment_source_credential_changes]
-      lock_rubygems_sources, lock_other_sources = lock_sources.partition {|s| s.is_a?(Source::Rubygems) }
-      replacement_rubygems_sources, replacement_other_sources = replacement_sources.partition {|s| s.is_a?(Source::Rubygems) }
-      equivalent_rubygems_sources?(lock_rubygems_sources, replacement_rubygems_sources) && equal_sources?(lock_other_sources, replacement_other_sources)
+      lock_sources.sort_by(&:identifier) == replacement_sources.sort_by(&:identifier)
     end
-    def equivalent_rubygems_sources?(lock_sources, replacement_sources)
-      actual_remotes = replacement_sources.map(&:remotes).flatten.uniq
-      lock_sources.all? {|s| s.equivalent_remotes?(actual_remotes) }
+    def equivalent_source?(source, other_source)
+      source == other_source
     end
   end
 end

data/lib/bundler/source_map.rb ADDED Viewed

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+module Bundler
+  class SourceMap
+    attr_reader :sources, :dependencies, :locked_specs
+    def initialize(sources, dependencies, locked_specs)
+      @sources = sources
+      @dependencies = dependencies
+      @locked_specs = locked_specs
+    end
+    def pinned_spec_names(skip = nil)
+      direct_requirements.reject {|_, source| source == skip }.keys
+    end
+    def all_requirements
+      requirements = direct_requirements.dup
+      unmet_deps = sources.non_default_explicit_sources.map do |source|
+        (source.spec_names - pinned_spec_names).each do |indirect_dependency_name|
+          previous_source = requirements[indirect_dependency_name]
+          if previous_source.nil?
+            requirements[indirect_dependency_name] = source
+          else
+            no_ambiguous_sources = Bundler.feature_flag.bundler_3_mode?
+            msg = ["The gem '#{indirect_dependency_name}' was found in multiple relevant sources."]
+            msg.concat [previous_source, source].map {|s| "  * #{s}" }.sort
+            msg << "You #{no_ambiguous_sources ? :must : :should} add this gem to the source block for the source you wish it to be installed from."
+            msg = msg.join("\n")
+            raise SecurityError, msg if no_ambiguous_sources
+            Bundler.ui.warn "Warning: #{msg}"
+          end
+        end
+        source.unmet_deps
+      end
+      sources.default_source.add_dependency_names(unmet_deps.flatten - requirements.keys)
+      requirements
+    end
+    def direct_requirements
+      @direct_requirements ||= begin
+        requirements = {}
+        default = sources.default_source
+        dependencies.each do |dep|
+          dep_source = dep.source || default
+          dep_source.add_dependency_names(dep.name)
+          requirements[dep.name] = dep_source
+        end
+        requirements
+      end
+    end
+    def locked_requirements
+      @locked_requirements ||= begin
+        requirements = {}
+        locked_specs.each do |locked_spec|
+          source = locked_spec.source
+          source.add_dependency_names(locked_spec.name)
+          requirements[locked_spec.name] = source
+        end
+        requirements
+      end
+    end
+  end
+end

data/lib/bundler/spec_set.rb CHANGED Viewed

@@ -1,56 +1,55 @@
 # frozen_string_literal: true
-require "tsort"
+require_relative "vendored_tsort"
 module Bundler
   class SpecSet
     include Enumerable
     include TSort
-    def initialize(specs)
+    attr_reader :incomplete_specs
+    def initialize(specs, incomplete_specs = [])
       @specs = specs
+      @incomplete_specs = incomplete_specs
     end
-    def for(dependencies, skip = [], check = false, match_current_platform = false, raise_on_missing = true)
-      handled = []
-      deps = dependencies.dup
+    def for(dependencies, check = false, platforms = [nil])
+      handled = ["bundler"].product(platforms).map {|k| [k, true] }.to_h
+      deps = dependencies.product(platforms)
       specs = []
-      skip += ["bundler"]
       loop do
         break unless dep = deps.shift
-        next if handled.include?(dep) || skip.include?(dep.name)
-        handled << dep
+        name = dep[0].name
+        platform = dep[1]
+        incomplete = false
+        key = [name, platform]
+        next if handled.key?(key)
-        specs_for_dep = spec_for_dependency(dep, match_current_platform)
+        handled[key] = true
+        specs_for_dep = specs_for_dependency(*dep)
         if specs_for_dep.any?
-          specs += specs_for_dep
+          specs.concat(specs_for_dep)
           specs_for_dep.first.dependencies.each do |d|
             next if d.type == :development
-            d = DepProxy.get_proxy(d, dep.__platform) unless match_current_platform
-            deps << d
+            incomplete = true if d.name != "bundler" && lookup[d.name].empty?
+            deps << [d, dep[1]]
           end
-        elsif check
-          return false
-        elsif raise_on_missing
-          others = lookup[dep.name] if match_current_platform
-          message = "Unable to find a spec satisfying #{dep} in the set. Perhaps the lockfile is corrupted?"
-          message += " Found #{others.join(", ")} that did not match the current platform." if others && !others.empty?
-          raise GemNotFound, message
+        else
+          incomplete = true
         end
-      end
-      if spec = lookup["bundler"].first
-        specs << spec
+        if incomplete && check
+          @incomplete_specs += lookup[name].any? ? lookup[name] : [LazySpecification.new(name, nil, nil)]
+        end
       end
-      check ? true : SpecSet.new(specs)
-    end
-    def valid_for?(deps)
-      self.for(deps, [], true)
+      specs.uniq
     end
     def [](key)
@@ -64,6 +63,12 @@ module Bundler
       @sorted = nil
     end
+    def delete(specs)
+      specs.each {|spec| @specs.delete(spec) }
+      @lookup = nil
+      @sorted = nil
+    end
     def sort!
       self
     end
@@ -76,41 +81,39 @@ module Bundler
       lookup.dup
     end
-    def materialize(deps, missing_specs = nil)
-      materialized = self.for(deps, [], false, true, !missing_specs).to_a
-      deps = materialized.map(&:name).uniq
-      materialized.map! do |s|
-        next s unless s.is_a?(LazySpecification)
-        s.source.dependency_names = deps if s.source.respond_to?(:dependency_names=)
-        s.source.local!
-        spec = s.__materialize__
-        unless spec
-          unless missing_specs
-            raise GemNotFound, "Could not find #{s.full_name} in any of the sources"
-          end
-          missing_specs << s
-        end
-        spec
-      end
-      SpecSet.new(missing_specs ? materialized.compact : materialized)
+    def materialize(deps)
+      materialized = self.for(deps, true)
+      SpecSet.new(materialized, incomplete_specs)
     end
     # Materialize for all the specs in the spec set, regardless of what platform they're for
     # This is in contrast to how for does platform filtering (and specifically different from how `materialize` calls `for` only for the current platform)
     # @return [Array<Gem::Specification>]
     def materialized_for_all_platforms
-      names = @specs.map(&:name).uniq
       @specs.map do |s|
         next s unless s.is_a?(LazySpecification)
-        s.source.dependency_names = names if s.source.respond_to?(:dependency_names=)
-        s.source.local!
         s.source.remote!
-        spec = s.__materialize__
+        spec = s.materialize_for_installation
         raise GemNotFound, "Could not find #{s.full_name} in any of the sources" unless spec
         spec
       end
     end
+    def incomplete_ruby_specs?(deps)
+      return false if @specs.empty?
+      @incomplete_specs = []
+      self.for(deps, true, [Gem::Platform::RUBY])
+      @incomplete_specs.any?
+    end
+    def missing_specs
+      @specs.select {|s| s.is_a?(LazySpecification) }
+    end
     def merge(set)
       arr = sorted.dup
       set.each do |set_spec|
@@ -121,10 +124,20 @@ module Bundler
       SpecSet.new(arr)
     end
+    def -(other)
+      SpecSet.new(to_a - other.to_a)
+    end
     def find_by_name_and_platform(name, platform)
       @specs.detect {|spec| spec.name == name && spec.match_platform(platform) }
     end
+    def delete_by_name(name)
+      @specs.reject! {|spec| spec.name == name }
+      @lookup = nil
+      @sorted = nil
+    end
     def what_required(spec)
       unless req = find {|s| s.dependencies.any? {|d| d.type == :runtime && d.name == spec.name } }
         return [spec]
@@ -162,7 +175,7 @@ module Bundler
         cgems = extract_circular_gems(error)
         raise CyclicDependencyError, "Your bundle requires gems that depend" \
           " on each other, creating an infinite loop. Please remove either" \
-          " gem '#{cgems[1]}' or gem '#{cgems[0]}' and try again."
+          " gem '#{cgems[0]}' or gem '#{cgems[1]}' and try again."
       end
     end
@@ -173,7 +186,7 @@ module Bundler
     def lookup
       @lookup ||= begin
         lookup = Hash.new {|h, k| h[k] = [] }
-        Index.sort_specs(@specs).reverse_each do |s|
+        @specs.each do |s|
           lookup[s.name] << s
         end
         lookup
@@ -185,13 +198,12 @@ module Bundler
       @specs.sort_by(&:name).each {|s| yield s }
     end
-    def spec_for_dependency(dep, match_current_platform)
-      specs_for_platforms = lookup[dep.name]
-      if match_current_platform
-        GemHelpers.select_best_platform_match(specs_for_platforms, Bundler.local_platform)
-      else
-        GemHelpers.select_best_platform_match(specs_for_platforms, dep.__platform)
-      end
+    def specs_for_dependency(dep, platform)
+      specs_for_name = lookup[dep.name]
+      target_platform = dep.force_ruby_platform ? Gem::Platform::RUBY : (platform || Bundler.local_platform)
+      matching_specs = GemHelpers.select_best_platform_match(specs_for_name, target_platform)
+      matching_specs.map!(&:materialize_for_installation).compact! if platform.nil?
+      matching_specs
     end
     def tsort_each_child(s)

data/lib/bundler/stub_specification.rb CHANGED Viewed

@@ -64,9 +64,11 @@ module Bundler
     end
     def full_gem_path
-      # deleted gems can have their stubs return nil, so in that case grab the
-      # expired path from the full spec
-      stub.full_gem_path || method_missing(:full_gem_path)
+      stub.full_gem_path
+    end
+    def full_gem_path=(path)
+      stub.full_gem_path = path
     end
     def full_require_paths

data/lib/bundler/templates/Executable CHANGED Viewed

@@ -8,14 +8,12 @@
 # this file is here to facilitate running it.
 #
-require "pathname"
-ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../<%= relative_gemfile_path %>",
-  Pathname.new(__FILE__).realpath)
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("<%= relative_gemfile_path %>", __dir__)
-bundle_binstub = File.expand_path("../bundle", __FILE__)
+bundle_binstub = File.expand_path("bundle", __dir__)
 if File.file?(bundle_binstub)
-  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+  if File.read(bundle_binstub, 300).include?("This file was generated by Bundler")
     load(bundle_binstub)
   else
     abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.