bundler 2.2.21 → 2.2.22

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of bundler might be problematic. Click here for more details.

Files changed (49) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +16 -0
  3. data/lib/bundler/build_metadata.rb +2 -2
  4. data/lib/bundler/cli/doctor.rb +11 -1
  5. data/lib/bundler/cli/install.rb +1 -1
  6. data/lib/bundler/cli/lock.rb +5 -1
  7. data/lib/bundler/cli/update.rb +8 -3
  8. data/lib/bundler/current_ruby.rb +4 -4
  9. data/lib/bundler/definition.rb +13 -49
  10. data/lib/bundler/dsl.rb +3 -11
  11. data/lib/bundler/feature_flag.rb +0 -1
  12. data/lib/bundler/fetcher/downloader.rb +1 -2
  13. data/lib/bundler/installer.rb +4 -4
  14. data/lib/bundler/lockfile_parser.rb +2 -20
  15. data/lib/bundler/man/bundle-add.1 +1 -1
  16. data/lib/bundler/man/bundle-binstubs.1 +1 -1
  17. data/lib/bundler/man/bundle-cache.1 +1 -1
  18. data/lib/bundler/man/bundle-check.1 +1 -1
  19. data/lib/bundler/man/bundle-clean.1 +1 -1
  20. data/lib/bundler/man/bundle-config.1 +1 -4
  21. data/lib/bundler/man/bundle-config.1.ronn +0 -3
  22. data/lib/bundler/man/bundle-doctor.1 +1 -1
  23. data/lib/bundler/man/bundle-exec.1 +1 -1
  24. data/lib/bundler/man/bundle-gem.1 +1 -1
  25. data/lib/bundler/man/bundle-info.1 +1 -1
  26. data/lib/bundler/man/bundle-init.1 +1 -1
  27. data/lib/bundler/man/bundle-inject.1 +1 -1
  28. data/lib/bundler/man/bundle-install.1 +1 -1
  29. data/lib/bundler/man/bundle-list.1 +1 -1
  30. data/lib/bundler/man/bundle-lock.1 +1 -1
  31. data/lib/bundler/man/bundle-open.1 +1 -1
  32. data/lib/bundler/man/bundle-outdated.1 +1 -1
  33. data/lib/bundler/man/bundle-platform.1 +1 -1
  34. data/lib/bundler/man/bundle-pristine.1 +1 -1
  35. data/lib/bundler/man/bundle-remove.1 +1 -1
  36. data/lib/bundler/man/bundle-show.1 +1 -1
  37. data/lib/bundler/man/bundle-update.1 +4 -4
  38. data/lib/bundler/man/bundle-update.1.ronn +3 -3
  39. data/lib/bundler/man/bundle-viz.1 +1 -1
  40. data/lib/bundler/man/bundle.1 +1 -1
  41. data/lib/bundler/man/gemfile.5 +1 -1
  42. data/lib/bundler/plugin/installer.rb +1 -1
  43. data/lib/bundler/resolver.rb +1 -1
  44. data/lib/bundler/settings.rb +0 -1
  45. data/lib/bundler/source/rubygems.rb +1 -14
  46. data/lib/bundler/source_list.rb +36 -19
  47. data/lib/bundler/spec_set.rb +2 -6
  48. data/lib/bundler/version.rb +1 -1
  49. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 420be71d17b8361ff58b192c7d65aff87352858d123b6c30cbbc19eb582503b1
4
- data.tar.gz: 8d1b50e3080888aee87a46a11511f144fc27c9767eae003e0b09fe6a5b5def50
3
+ metadata.gz: dd506f45451a29ba6416b7b97ee93f67f40e71b8ef9c9db79484ff6f840d6189
4
+ data.tar.gz: bb18e91f6cfbd8c62febba280ebcb91de345e9fdc5599a7a44245ff47364a141
5
5
  SHA512:
6
- metadata.gz: a97c3dbb69d51982f210c6c78ea5a987bf4fa6439a2925769794c2fad30f42c35efc57d2f2713f37be84ee08050526513bc12a9fddd09763fb7f9748e7e4673b
7
- data.tar.gz: 1faa09cb9aa4bcf42d15820bde1c0558e6b50709b7671750758f219d56058d02a57bb22f891b7d233941194ec2519d3c3dca193e5e07d1a9be8b22a4ae1a8d5f
6
+ metadata.gz: 1d9dc3b77ecff1849b900a3164578eb40371afeb49f2f1c557485b9647f71292fbf43dd61501416afdfdd9cd50d6da581606aec5c349550a1ea97153e3f94b98
7
+ data.tar.gz: ae00d5fa66bd664d65915cf15df9431512dc6a77b35f4b60f7faf649962fbd06d56f0b7b7a0659b7ef9ff2c23860c862d8b5b888d43714c714a6af6fbd5b524a
data/CHANGELOG.md CHANGED
@@ -1,3 +1,19 @@
1
+ # 2.2.22 (July 6, 2021)
2
+
3
+ ## Enhancements:
4
+
5
+ - Never downgrade indirect dependencies when running `bundle update` [#4713](https://github.com/rubygems/rubygems/pull/4713)
6
+ - Fix `getaddrinfo` errors not treated as fatal on non darwin platforms [#4703](https://github.com/rubygems/rubygems/pull/4703)
7
+
8
+ ## Bug fixes:
9
+
10
+ - Fix `bundle update <gem>` sometimes hanging and `bundle lock --update` not being able to update an insecure lockfile to the new format if it requires downgrades [#4652](https://github.com/rubygems/rubygems/pull/4652)
11
+ - Fix edge case combination of DSL methods and duplicated sources causing gems to not be found [#4711](https://github.com/rubygems/rubygems/pull/4711)
12
+ - Fix `bundle doctor` crashing when finding a broken symlink [#4707](https://github.com/rubygems/rubygems/pull/4707)
13
+ - Fix incorrect re-resolve edge case [#4700](https://github.com/rubygems/rubygems/pull/4700)
14
+ - Fix some gems being unintentionally locked under multiple lockfile sections [#4701](https://github.com/rubygems/rubygems/pull/4701)
15
+ - Fix `--conservative` flag unexpectedly updating indirect dependencies [#4692](https://github.com/rubygems/rubygems/pull/4692)
16
+
1
17
  # 2.2.21 (June 23, 2021)
2
18
 
3
19
  ## Security fixes:
@@ -4,8 +4,8 @@ module Bundler
4
4
  # Represents metadata from when the Bundler gem was built.
5
5
  module BuildMetadata
6
6
  # begin ivars
7
- @built_at = "2021-06-23".freeze
8
- @git_commit_sha = "0b5db72094".freeze
7
+ @built_at = "2021-07-06".freeze
8
+ @git_commit_sha = "0bdd3e8e71".freeze
9
9
  @release = true
10
10
  # end ivars
11
11
 
@@ -100,8 +100,11 @@ module Bundler
100
100
  files_not_readable_or_writable = []
101
101
  files_not_rw_and_owned_by_different_user = []
102
102
  files_not_owned_by_current_user_but_still_rw = []
103
+ broken_symlinks = []
103
104
  Find.find(Bundler.bundle_path.to_s).each do |f|
104
- if !File.writable?(f) || !File.readable?(f)
105
+ if !File.exist?(f)
106
+ broken_symlinks << f
107
+ elsif !File.writable?(f) || !File.readable?(f)
105
108
  if File.stat(f).uid != Process.uid
106
109
  files_not_rw_and_owned_by_different_user << f
107
110
  else
@@ -113,6 +116,13 @@ module Bundler
113
116
  end
114
117
 
115
118
  ok = true
119
+
120
+ if broken_symlinks.any?
121
+ Bundler.ui.warn "Broken links exist in the Bundler home. Please report them to the offending gem's upstream repo. These files are:\n - #{broken_symlinks.join("\n - ")}"
122
+
123
+ ok = false
124
+ end
125
+
116
126
  if files_not_owned_by_current_user_but_still_rw.any?
117
127
  Bundler.ui.warn "Files exist in the Bundler home that are owned by another " \
118
128
  "user, but are still readable/writable. These files are:\n - #{files_not_owned_by_current_user_but_still_rw.join("\n - ")}"
@@ -104,7 +104,7 @@ module Bundler
104
104
  private
105
105
 
106
106
  def warn_if_root
107
- return if Bundler.settings[:silence_root_warning] || Bundler::WINDOWS || !Process.uid.zero?
107
+ return if Bundler.settings[:silence_root_warning] || Gem.win_platform? || !Process.uid.zero?
108
108
  Bundler.ui.warn "Don't run Bundler as root. Bundler can ask for sudo " \
109
109
  "if it is needed, and installing your bundle as root will break this " \
110
110
  "application for all non-root users on this machine.", :wrap => true
@@ -21,9 +21,13 @@ module Bundler
21
21
  Bundler::Fetcher.disable_endpoint = options["full-index"]
22
22
 
23
23
  update = options[:update]
24
+ conservative = options[:conservative]
25
+
24
26
  if update.is_a?(Array) # unlocking specific gems
25
27
  Bundler::CLI::Common.ensure_all_gems_in_lockfile!(update)
26
- update = { :gems => update, :lock_shared_dependencies => options[:conservative] }
28
+ update = { :gems => update, :conservative => conservative }
29
+ elsif update
30
+ update = { :conservative => conservative } if conservative
27
31
  end
28
32
  definition = Bundler.definition(update)
29
33
 
@@ -27,9 +27,14 @@ module Bundler
27
27
  raise InvalidOption, "Cannot specify --all along with specific options."
28
28
  end
29
29
 
30
+ conservative = options[:conservative]
31
+
30
32
  if full_update
31
- # We're doing a full update
32
- Bundler.definition(true)
33
+ if conservative
34
+ Bundler.definition(:conservative => conservative)
35
+ else
36
+ Bundler.definition(true)
37
+ end
33
38
  else
34
39
  unless Bundler.default_lockfile.exist?
35
40
  raise GemfileLockNotFound, "This Bundle hasn't been installed yet. " \
@@ -43,7 +48,7 @@ module Bundler
43
48
  end
44
49
 
45
50
  Bundler.definition(:gems => gems, :sources => sources, :ruby => options[:ruby],
46
- :lock_shared_dependencies => options[:conservative],
51
+ :conservative => conservative,
47
52
  :bundler => options[:bundler])
48
53
  end
49
54
 
@@ -65,19 +65,19 @@ module Bundler
65
65
  end
66
66
 
67
67
  def mswin?
68
- Bundler::WINDOWS
68
+ Gem.win_platform?
69
69
  end
70
70
 
71
71
  def mswin64?
72
- Bundler::WINDOWS && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mswin64" && Bundler.local_platform.cpu == "x64"
72
+ Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mswin64" && Bundler.local_platform.cpu == "x64"
73
73
  end
74
74
 
75
75
  def mingw?
76
- Bundler::WINDOWS && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu != "x64"
76
+ Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu != "x64"
77
77
  end
78
78
 
79
79
  def x64_mingw?
80
- Bundler::WINDOWS && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu == "x64"
80
+ Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu == "x64"
81
81
  end
82
82
 
83
83
  (KNOWN_MINOR_VERSIONS + KNOWN_MAJOR_VERSIONS).each do |version|
@@ -56,10 +56,8 @@ module Bundler
56
56
  @unlocking_bundler = false
57
57
  @unlocking = unlock
58
58
  else
59
- unlock = unlock.dup
60
59
  @unlocking_bundler = unlock.delete(:bundler)
61
- unlock.delete_if {|_k, v| Array(v).empty? }
62
- @unlocking = !unlock.empty?
60
+ @unlocking = unlock.any? {|_k, v| !Array(v).empty? }
63
61
  end
64
62
 
65
63
  @dependencies = dependencies
@@ -106,8 +104,8 @@ module Bundler
106
104
  @locked_platforms = []
107
105
  end
108
106
 
109
- @locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
110
- @multisource_allowed = @locked_gem_sources.any?(&:multiple_remotes?) && (sources.aggregate_global_source? || Bundler.frozen_bundle?)
107
+ locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
108
+ @multisource_allowed = locked_gem_sources.size == 1 && locked_gem_sources.first.multiple_remotes? && Bundler.frozen_bundle?
111
109
 
112
110
  if @multisource_allowed
113
111
  unless sources.aggregate_global_source?
@@ -116,10 +114,9 @@ module Bundler
116
114
  Bundler::SharedHelpers.major_deprecation 2, msg
117
115
  end
118
116
 
119
- @sources.merged_gem_lockfile_sections!
117
+ @sources.merged_gem_lockfile_sections!(locked_gem_sources.first)
120
118
  end
121
119
 
122
- @unlock[:gems] ||= []
123
120
  @unlock[:sources] ||= []
124
121
  @unlock[:ruby] ||= if @ruby_version && locked_ruby_version_object
125
122
  @ruby_version.diff(locked_ruby_version_object)
@@ -132,8 +129,10 @@ module Bundler
132
129
  @path_changes = converge_paths
133
130
  @source_changes = converge_sources
134
131
 
135
- unless @unlock[:lock_shared_dependencies]
136
- eager_unlock = expand_dependencies(@unlock[:gems], true)
132
+ if @unlock[:conservative]
133
+ @unlock[:gems] ||= @dependencies.map(&:name)
134
+ else
135
+ eager_unlock = expand_dependencies(@unlock[:gems] || [], true)
137
136
  @unlock[:gems] = @locked_specs.for(eager_unlock, [], false, false, false).map(&:name)
138
137
  end
139
138
 
@@ -257,7 +256,7 @@ module Bundler
257
256
 
258
257
  def specs_for(groups)
259
258
  deps = dependencies_for(groups)
260
- specs.for(expand_dependencies(deps))
259
+ SpecSet.new(specs.for(expand_dependencies(deps)))
261
260
  end
262
261
 
263
262
  def dependencies_for(groups)
@@ -498,9 +497,6 @@ module Bundler
498
497
  attr_reader :sources
499
498
  private :sources
500
499
 
501
- attr_reader :locked_gem_sources
502
- private :locked_gem_sources
503
-
504
500
  def nothing_changed?
505
501
  !@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@locked_specs_incomplete_for_platform
506
502
  end
@@ -628,35 +624,11 @@ module Bundler
628
624
  end
629
625
  end
630
626
 
631
- def converge_rubygems_sources
632
- return false unless multisource_allowed?
633
-
634
- return false if locked_gem_sources.empty?
635
-
636
- # Get the RubyGems remotes from the Gemfile
637
- actual_remotes = sources.rubygems_remotes
638
- return false if actual_remotes.empty?
639
-
640
- changes = false
641
-
642
- # If there is a RubyGems source in both
643
- locked_gem_sources.each do |locked_gem_source|
644
- # Merge the remotes from the Gemfile into the Gemfile.lock
645
- changes |= locked_gem_source.replace_remotes(actual_remotes, Bundler.settings[:allow_deployment_source_credential_changes])
646
- end
647
-
648
- changes
649
- end
650
-
651
627
  def converge_sources
652
- changes = false
653
-
654
- changes |= converge_rubygems_sources
655
-
656
628
  # Replace the sources from the Gemfile with the sources from the Gemfile.lock,
657
629
  # if they exist in the Gemfile.lock and are `==`. If you can't find an equivalent
658
630
  # source in the Gemfile.lock, use the one from the Gemfile.
659
- changes |= sources.replace_sources!(@locked_sources)
631
+ changes = sources.replace_sources!(@locked_sources)
660
632
 
661
633
  sources.all_sources.each do |source|
662
634
  # If the source is unlockable and the current command allows an unlock of
@@ -741,8 +713,6 @@ module Bundler
741
713
  end
742
714
  end
743
715
 
744
- unlock_source_unlocks_spec = Bundler.feature_flag.unlock_source_unlocks_spec?
745
-
746
716
  converged = []
747
717
  @locked_specs.each do |s|
748
718
  # Replace the locked dependency's source with the equivalent source from the Gemfile
@@ -754,11 +724,6 @@ module Bundler
754
724
  next if s.source.nil?
755
725
  next if @unlock[:sources].include?(s.source.name)
756
726
 
757
- # XXX This is a backwards-compatibility fix to preserve the ability to
758
- # unlock a single gem by passing its name via `--source`. See issue #3759
759
- # TODO: delete in Bundler 2
760
- next if unlock_source_unlocks_spec && @unlock[:sources].include?(s.name)
761
-
762
727
  # If the spec is from a path source and it doesn't exist anymore
763
728
  # then we unlock it.
764
729
 
@@ -790,7 +755,7 @@ module Bundler
790
755
 
791
756
  resolve = SpecSet.new(converged)
792
757
  @locked_specs_incomplete_for_platform = !resolve.for(expand_dependencies(requested_dependencies & deps), @unlock[:gems], true, true)
793
- resolve = resolve.for(expand_dependencies(deps, true), @unlock[:gems], false, false, false)
758
+ resolve = SpecSet.new(resolve.for(expand_dependencies(deps, true), [], false, false, false).reject{|s| @unlock[:gems].include?(s.name) })
794
759
  diff = nil
795
760
 
796
761
  # Now, we unlock any sources that do not have anymore gems pinned to it
@@ -912,14 +877,13 @@ module Bundler
912
877
  end
913
878
 
914
879
  def additional_base_requirements_for_resolve
915
- return [] unless @locked_gems
880
+ return [] unless @locked_gems && unlocking? && !sources.expired_sources?(@locked_gems.sources)
916
881
  dependencies_by_name = dependencies.inject({}) {|memo, dep| memo.update(dep.name => dep) }
917
882
  @locked_gems.specs.reduce({}) do |requirements, locked_spec|
918
883
  name = locked_spec.name
919
884
  dependency = dependencies_by_name[name]
920
- next requirements unless dependency
921
885
  next requirements if @locked_gems.dependencies[name] != dependency
922
- next requirements if dependency.source.is_a?(Source::Path)
886
+ next requirements if dependency && dependency.source.is_a?(Source::Path)
923
887
  dep = Gem::Dependency.new(name, ">= #{locked_spec.version}")
924
888
  requirements[name] = DepProxy.get_proxy(dep, locked_spec.platform)
925
889
  requirements
data/lib/bundler/dsl.rb CHANGED
@@ -24,9 +24,6 @@ module Bundler
24
24
  def initialize
25
25
  @source = nil
26
26
  @sources = SourceList.new
27
-
28
- @global_rubygems_sources = []
29
-
30
27
  @git_sources = {}
31
28
  @dependencies = []
32
29
  @groups = []
@@ -48,7 +45,6 @@ module Bundler
48
45
  @gemfiles << expanded_gemfile_path
49
46
  contents ||= Bundler.read_file(@gemfile.to_s)
50
47
  instance_eval(contents.dup.tap{|x| x.untaint if RUBY_VERSION < "2.7" }, gemfile.to_s, 1)
51
- check_primary_source_safety
52
48
  rescue Exception => e # rubocop:disable Lint/RescueException
53
49
  message = "There was an error " \
54
50
  "#{e.is_a?(GemfileEvalError) ? "evaluating" : "parsing"} " \
@@ -168,7 +164,7 @@ module Bundler
168
164
  elsif block_given?
169
165
  with_source(@sources.add_rubygems_source("remotes" => source), &blk)
170
166
  else
171
- @global_rubygems_sources << source
167
+ @sources.add_global_rubygems_remote(source)
172
168
  end
173
169
  end
174
170
 
@@ -222,6 +218,7 @@ module Bundler
222
218
  end
223
219
 
224
220
  def to_definition(lockfile, unlock)
221
+ check_primary_source_safety
225
222
  Definition.new(lockfile, @dependencies, @sources, unlock, @ruby_version, @optional_groups, @gemfiles)
226
223
  end
227
224
 
@@ -453,12 +450,7 @@ repo_name ||= user_name
453
450
  end
454
451
 
455
452
  def check_rubygems_source_safety
456
- @sources.global_rubygems_source = @global_rubygems_sources.shift
457
- return if @global_rubygems_sources.empty?
458
-
459
- @global_rubygems_sources.each do |source|
460
- @sources.add_rubygems_remote(source)
461
- end
453
+ return unless @sources.aggregate_global_source?
462
454
 
463
455
  if Bundler.feature_flag.bundler_3_mode?
464
456
  msg = "This Gemfile contains multiple primary sources. " \
@@ -38,7 +38,6 @@ module Bundler
38
38
  settings_flag(:print_only_version_number) { bundler_3_mode? }
39
39
  settings_flag(:setup_makes_kernel_gem_public) { !bundler_3_mode? }
40
40
  settings_flag(:suppress_install_using_messages) { bundler_3_mode? }
41
- settings_flag(:unlock_source_unlocks_spec) { !bundler_3_mode? }
42
41
  settings_flag(:update_requires_all_flag) { bundler_4_mode? }
43
42
  settings_flag(:use_gem_version_promoter_for_major_updates) { bundler_3_mode? }
44
43
 
@@ -68,8 +68,7 @@ module Bundler
68
68
  raise CertificateFailureError.new(uri)
69
69
  rescue *HTTP_ERRORS => e
70
70
  Bundler.ui.trace e
71
- case e.message
72
- when /host down:/, /getaddrinfo: nodename nor servname provided/
71
+ if e.is_a?(SocketError) || e.message =~ /host down:/
73
72
  raise NetworkDownError, "Could not reach host #{uri.host}. Check your network " \
74
73
  "connection and try again."
75
74
  else
@@ -135,7 +135,7 @@ module Bundler
135
135
  next
136
136
  end
137
137
 
138
- mode = Bundler::WINDOWS ? "wb:UTF-8" : "w"
138
+ mode = Gem.win_platform? ? "wb:UTF-8" : "w"
139
139
  require "erb"
140
140
  content = if RUBY_VERSION >= "2.6"
141
141
  ERB.new(template, :trim_mode => "-").result(binding)
@@ -144,7 +144,7 @@ module Bundler
144
144
  end
145
145
 
146
146
  File.write(binstub_path, content, :mode => mode, :perm => 0o777 & ~File.umask)
147
- if Bundler::WINDOWS || options[:all_platforms]
147
+ if Gem.win_platform? || options[:all_platforms]
148
148
  prefix = "@ruby -x \"%~f0\" %*\n@exit /b %ERRORLEVEL%\n\n"
149
149
  File.write("#{binstub_path}.cmd", prefix + content, :mode => mode)
150
150
  end
@@ -182,7 +182,7 @@ module Bundler
182
182
  executable_path = Pathname(spec.full_gem_path).join(spec.bindir, executable).relative_path_from(bin_path)
183
183
  executable_path = executable_path
184
184
 
185
- mode = Bundler::WINDOWS ? "wb:UTF-8" : "w"
185
+ mode = Gem.win_platform? ? "wb:UTF-8" : "w"
186
186
  require "erb"
187
187
  content = if RUBY_VERSION >= "2.6"
188
188
  ERB.new(template, :trim_mode => "-").result(binding)
@@ -191,7 +191,7 @@ module Bundler
191
191
  end
192
192
 
193
193
  File.write("#{bin_path}/#{executable}", content, :mode => mode, :perm => 0o755)
194
- if Bundler::WINDOWS || options[:all_platforms]
194
+ if Gem.win_platform? || options[:all_platforms]
195
195
  prefix = "@ruby -x \"%~f0\" %*\n@exit /b %ERRORLEVEL%\n\n"
196
196
  File.write("#{bin_path}/#{executable}.cmd", prefix + content, :mode => mode)
197
197
  end
@@ -1,16 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- #--
4
- # Some versions of the Bundler 1.1 RC series introduced corrupted
5
- # lockfiles. There were two major problems:
6
- #
7
- # * multiple copies of the same GIT section appeared in the lockfile
8
- # * when this happened, those sections got multiple copies of gems
9
- # in those sections.
10
- #
11
- # As a result, Bundler 1.1 contains code that fixes the earlier
12
- # corruption. We will remove this fix-up code in Bundler 1.2.
13
-
14
3
  module Bundler
15
4
  class LockfileParser
16
5
  attr_reader :sources, :dependencies, :specs, :platforms, :bundler_version, :ruby_version
@@ -124,12 +113,7 @@ module Bundler
124
113
  @sources << @current_source
125
114
  when GIT
126
115
  @current_source = TYPES[@type].from_lock(@opts)
127
- # Strip out duplicate GIT sections
128
- if @sources.include?(@current_source)
129
- @current_source = @sources.find {|s| s == @current_source }
130
- else
131
- @sources << @current_source
132
- end
116
+ @sources << @current_source
133
117
  when GEM
134
118
  @opts["remotes"] = Array(@opts.delete("remote")).reverse
135
119
  @current_source = TYPES[@type].from_lock(@opts)
@@ -212,9 +196,7 @@ module Bundler
212
196
  @current_spec = LazySpecification.new(name, version, platform)
213
197
  @current_spec.source = @current_source
214
198
 
215
- # Avoid introducing multiple copies of the same spec (caused by
216
- # duplicate GIT sections)
217
- @specs[@current_spec.identifier] ||= @current_spec
199
+ @specs[@current_spec.identifier] = @current_spec
218
200
  elsif spaces.size == 6
219
201
  version = version.split(",").map(&:strip) if version
220
202
  dep = Gem::Dependency.new(name, version)
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-ADD" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-ADD" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-add\fR \- Add gem to the Gemfile and run bundle install
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-BINSTUBS" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-BINSTUBS" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-binstubs\fR \- Install the binstubs of the listed gems
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-CACHE" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-CACHE" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-cache\fR \- Package your needed \fB\.gem\fR files into your application
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-CHECK" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-CHECK" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-check\fR \- Verifies if dependencies are satisfied by installed gems
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-CLEAN" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-CLEAN" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-clean\fR \- Cleans up unused gems in your bundler directory
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-CONFIG" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-CONFIG" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-config\fR \- Set bundler configuration options
@@ -274,9 +274,6 @@ The following is a list of all configuration keys and their purpose\. You can le
274
274
  \fBtimeout\fR (\fBBUNDLE_TIMEOUT\fR): The seconds allowed before timing out for network requests\. Defaults to \fB10\fR\.
275
275
  .
276
276
  .IP "\(bu" 4
277
- \fBunlock_source_unlocks_spec\fR (\fBBUNDLE_UNLOCK_SOURCE_UNLOCKS_SPEC\fR): Whether running \fBbundle update \-\-source NAME\fR unlocks a gem with the given name\. Defaults to \fBtrue\fR\.
278
- .
279
- .IP "\(bu" 4
280
277
  \fBupdate_requires_all_flag\fR (\fBBUNDLE_UPDATE_REQUIRES_ALL_FLAG\fR): Require passing \fB\-\-all\fR to \fBbundle update\fR when everything should be updated, and disallow passing no options to \fBbundle update\fR\.
281
278
  .
282
279
  .IP "\(bu" 4
@@ -260,9 +260,6 @@ learn more about their operation in [bundle install(1)](bundle-install.1.html).
260
260
  The location where RubyGems installs binstubs. Defaults to `Gem.bindir`.
261
261
  * `timeout` (`BUNDLE_TIMEOUT`):
262
262
  The seconds allowed before timing out for network requests. Defaults to `10`.
263
- * `unlock_source_unlocks_spec` (`BUNDLE_UNLOCK_SOURCE_UNLOCKS_SPEC`):
264
- Whether running `bundle update --source NAME` unlocks a gem with the given
265
- name. Defaults to `true`.
266
263
  * `update_requires_all_flag` (`BUNDLE_UPDATE_REQUIRES_ALL_FLAG`):
267
264
  Require passing `--all` to `bundle update` when everything should be updated,
268
265
  and disallow passing no options to `bundle update`.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-DOCTOR" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-DOCTOR" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-doctor\fR \- Checks the bundle for common problems
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-EXEC" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-EXEC" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-exec\fR \- Execute a command in the context of the bundle
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-GEM" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-GEM" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-gem\fR \- Generate a project skeleton for creating a rubygem
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-INFO" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-INFO" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-info\fR \- Show information for the given gem in your bundle
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-INIT" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-INIT" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-init\fR \- Generates a Gemfile into the current working directory
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-INJECT" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-INJECT" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-inject\fR \- Add named gem(s) with version requirements to Gemfile
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-INSTALL" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-INSTALL" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-install\fR \- Install the dependencies specified in your Gemfile
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-LIST" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-LIST" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-list\fR \- List all the gems in the bundle
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-LOCK" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-LOCK" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-lock\fR \- Creates / Updates a lockfile without installing
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-OPEN" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-OPEN" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-open\fR \- Opens the source directory for a gem in your bundle
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-OUTDATED" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-OUTDATED" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-outdated\fR \- List installed gems with newer versions available
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-PLATFORM" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-PLATFORM" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-platform\fR \- Displays platform compatibility information
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-PRISTINE" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-PRISTINE" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-pristine\fR \- Restores installed gems to their pristine condition
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-REMOVE" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-REMOVE" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-remove\fR \- Removes gems from the Gemfile
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-SHOW" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-SHOW" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-show\fR \- Shows all the gems in your bundle, or the path to a gem
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-UPDATE" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-UPDATE" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-update\fR \- Update your gems to the latest available versions
@@ -79,7 +79,7 @@ Do not allow any gem to be updated past latest \fB\-\-patch\fR | \fB\-\-minor\fR
79
79
  .
80
80
  .TP
81
81
  \fB\-\-conservative\fR
82
- Use bundle install conservative update behavior and do not allow shared dependencies to be updated\.
82
+ Use bundle install conservative update behavior and do not allow indirect dependencies to be updated\.
83
83
  .
84
84
  .SH "UPDATING ALL GEMS"
85
85
  If you run \fBbundle update \-\-all\fR, bundler will ignore any previously installed gems and resolve all dependencies again based on the latest versions of all gems available in the sources\.
@@ -208,13 +208,13 @@ In this case, the two gems have their own set of dependencies, but they share \f
208
208
  In short, by default, when you update a gem using \fBbundle update\fR, bundler will update all dependencies of that gem, including those that are also dependencies of another gem\.
209
209
  .
210
210
  .P
211
- To prevent updating shared dependencies, prior to version 1\.14 the only option was the \fBCONSERVATIVE UPDATING\fR behavior in bundle install(1) \fIbundle\-install\.1\.html\fR:
211
+ To prevent updating indirect dependencies, prior to version 1\.14 the only option was the \fBCONSERVATIVE UPDATING\fR behavior in bundle install(1) \fIbundle\-install\.1\.html\fR:
212
212
  .
213
213
  .P
214
214
  In this scenario, updating the \fBthin\fR version manually in the Gemfile(5), and then running bundle install(1) \fIbundle\-install\.1\.html\fR will only update \fBdaemons\fR and \fBeventmachine\fR, but not \fBrack\fR\. For more information, see the \fBCONSERVATIVE UPDATING\fR section of bundle install(1) \fIbundle\-install\.1\.html\fR\.
215
215
  .
216
216
  .P
217
- Starting with 1\.14, specifying the \fB\-\-conservative\fR option will also prevent shared dependencies from being updated\.
217
+ Starting with 1\.14, specifying the \fB\-\-conservative\fR option will also prevent indirect dependencies from being updated\.
218
218
  .
219
219
  .SH "PATCH LEVEL OPTIONS"
220
220
  Version 1\.14 introduced 4 patch\-level options that will influence how gem versions are resolved\. One of the following options can be used: \fB\-\-patch\fR, \fB\-\-minor\fR or \fB\-\-major\fR\. \fB\-\-strict\fR can be added to further influence resolution\.
@@ -80,7 +80,7 @@ gem.
80
80
  Do not allow any gem to be updated past latest `--patch` | `--minor` | `--major`.
81
81
 
82
82
  * `--conservative`:
83
- Use bundle install conservative update behavior and do not allow shared dependencies to be updated.
83
+ Use bundle install conservative update behavior and do not allow indirect dependencies to be updated.
84
84
 
85
85
  ## UPDATING ALL GEMS
86
86
 
@@ -195,7 +195,7 @@ In short, by default, when you update a gem using `bundle update`, bundler will
195
195
  update all dependencies of that gem, including those that are also dependencies
196
196
  of another gem.
197
197
 
198
- To prevent updating shared dependencies, prior to version 1.14 the only option
198
+ To prevent updating indirect dependencies, prior to version 1.14 the only option
199
199
  was the `CONSERVATIVE UPDATING` behavior in [bundle install(1)](bundle-install.1.html):
200
200
 
201
201
  In this scenario, updating the `thin` version manually in the Gemfile(5),
@@ -203,7 +203,7 @@ and then running [bundle install(1)](bundle-install.1.html) will only update `da
203
203
  but not `rack`. For more information, see the `CONSERVATIVE UPDATING` section
204
204
  of [bundle install(1)](bundle-install.1.html).
205
205
 
206
- Starting with 1.14, specifying the `--conservative` option will also prevent shared
206
+ Starting with 1.14, specifying the `--conservative` option will also prevent indirect
207
207
  dependencies from being updated.
208
208
 
209
209
  ## PATCH LEVEL OPTIONS
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE\-VIZ" "1" "May 2021" "" ""
4
+ .TH "BUNDLE\-VIZ" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\-viz\fR \- Generates a visual dependency graph for your Gemfile
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "BUNDLE" "1" "May 2021" "" ""
4
+ .TH "BUNDLE" "1" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBbundle\fR \- Ruby Dependency Management
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "GEMFILE" "5" "May 2021" "" ""
4
+ .TH "GEMFILE" "5" "June 2021" "" ""
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBGemfile\fR \- A format for describing gem dependencies for Ruby programs
@@ -77,7 +77,7 @@ module Bundler
77
77
  source_list = SourceList.new
78
78
 
79
79
  source_list.add_git_source(git_source_options) if git_source_options
80
- source_list.global_rubygems_source = rubygems_source if rubygems_source
80
+ source_list.add_global_rubygems_remote(rubygems_source) if rubygems_source
81
81
 
82
82
  deps = names.map {|name| Dependency.new name, version }
83
83
 
@@ -21,7 +21,7 @@ module Bundler
21
21
  base = SpecSet.new(base) unless base.is_a?(SpecSet)
22
22
  resolver = new(source_requirements, base, gem_version_promoter, additional_base_requirements, platforms)
23
23
  result = resolver.start(requirements)
24
- SpecSet.new(result).for(requirements.reject{|dep| dep.name.end_with?("\0") })
24
+ SpecSet.new(SpecSet.new(result).for(requirements.reject{|dep| dep.name.end_with?("\0") }))
25
25
  end
26
26
 
27
27
  def initialize(source_requirements, base, gem_version_promoter, additional_base_requirements, platforms)
@@ -44,7 +44,6 @@ module Bundler
44
44
  silence_deprecations
45
45
  silence_root_warning
46
46
  suppress_install_using_messages
47
- unlock_source_unlocks_spec
48
47
  update_requires_all_flag
49
48
  use_gem_version_promoter_for_major_updates
50
49
  ].freeze
@@ -73,7 +73,7 @@ module Bundler
73
73
 
74
74
  def can_lock?(spec)
75
75
  return super unless multiple_remotes?
76
- spec.source.is_a?(Rubygems)
76
+ include?(spec.source)
77
77
  end
78
78
 
79
79
  def options
@@ -252,19 +252,6 @@ module Bundler
252
252
  other_remotes.map(&method(:remove_auth)) == @remotes.map(&method(:remove_auth))
253
253
  end
254
254
 
255
- def replace_remotes(other_remotes, allow_equivalent = false)
256
- return false if other_remotes == @remotes
257
-
258
- equivalent = allow_equivalent && equivalent_remotes?(other_remotes)
259
-
260
- @remotes = []
261
- other_remotes.reverse_each do |r|
262
- add_remote r.to_s
263
- end
264
-
265
- !equivalent
266
- end
267
-
268
255
  def spec_names
269
256
  if @allow_remote && dependency_api_available?
270
257
  remote_specs.spec_names
@@ -28,8 +28,9 @@ module Bundler
28
28
  @merged_gem_lockfile_sections
29
29
  end
30
30
 
31
- def merged_gem_lockfile_sections!
31
+ def merged_gem_lockfile_sections!(replacement_source)
32
32
  @merged_gem_lockfile_sections = true
33
+ @global_rubygems_source = replacement_source
33
34
  end
34
35
 
35
36
  def aggregate_global_source?
@@ -53,18 +54,17 @@ module Bundler
53
54
  end
54
55
 
55
56
  def add_rubygems_source(options = {})
56
- add_source_to_list Source::Rubygems.new(options), @rubygems_sources
57
+ new_source = Source::Rubygems.new(options)
58
+ return @global_rubygems_source if @global_rubygems_source == new_source
59
+
60
+ add_source_to_list new_source, @rubygems_sources
57
61
  end
58
62
 
59
63
  def add_plugin_source(source, options = {})
60
64
  add_source_to_list Plugin.source(source).new(options), @plugin_sources
61
65
  end
62
66
 
63
- def global_rubygems_source=(uri)
64
- @global_rubygems_source ||= rubygems_aggregate_class.new("remotes" => uri, "allow_local" => true)
65
- end
66
-
67
- def add_rubygems_remote(uri)
67
+ def add_global_rubygems_remote(uri)
68
68
  global_rubygems_source.add_remote(uri)
69
69
  global_rubygems_source
70
70
  end
@@ -109,27 +109,26 @@ module Bundler
109
109
  if merged_gem_lockfile_sections?
110
110
  [combine_rubygems_sources]
111
111
  else
112
- rubygems_sources.sort_by(&:to_s).uniq
112
+ rubygems_sources.sort_by(&:to_s)
113
113
  end
114
114
  end
115
115
 
116
116
  # Returns true if there are changes
117
117
  def replace_sources!(replacement_sources)
118
- return true if replacement_sources.empty?
118
+ return false if replacement_sources.empty?
119
119
 
120
- [path_sources, git_sources, plugin_sources].each do |source_list|
121
- source_list.map! do |source|
122
- replacement_sources.find {|s| s == source } || source
123
- end
124
- end
120
+ @path_sources, @git_sources, @plugin_sources = map_sources(replacement_sources)
121
+
122
+ different_sources?(lock_sources, replacement_sources)
123
+ end
125
124
 
126
- replacement_rubygems = merged_gem_lockfile_sections? &&
127
- replacement_sources.detect {|s| s.is_a?(Source::Rubygems) }
128
- @global_rubygems_source = replacement_rubygems if replacement_rubygems
125
+ # Returns true if there are changes
126
+ def expired_sources?(replacement_sources)
127
+ return false if replacement_sources.empty?
129
128
 
130
- return true if !equal_sources?(lock_sources, replacement_sources) && !equivalent_sources?(lock_sources, replacement_sources)
129
+ lock_sources = dup_with_replaced_sources(replacement_sources).lock_sources
131
130
 
132
- false
131
+ different_sources?(lock_sources, replacement_sources)
133
132
  end
134
133
 
135
134
  def local_only!
@@ -146,6 +145,24 @@ module Bundler
146
145
 
147
146
  private
148
147
 
148
+ def dup_with_replaced_sources(replacement_sources)
149
+ new_source_list = dup
150
+ new_source_list.replace_sources!(replacement_sources)
151
+ new_source_list
152
+ end
153
+
154
+ def map_sources(replacement_sources)
155
+ [path_sources, git_sources, plugin_sources].map do |sources|
156
+ sources.map do |source|
157
+ replacement_sources.find {|s| s == source } || source
158
+ end
159
+ end
160
+ end
161
+
162
+ def different_sources?(lock_sources, replacement_sources)
163
+ !equal_sources?(lock_sources, replacement_sources) && !equivalent_sources?(lock_sources, replacement_sources)
164
+ end
165
+
149
166
  def rubygems_aggregate_class
150
167
  Source::Rubygems
151
168
  end
@@ -46,11 +46,7 @@ module Bundler
46
46
  specs << spec
47
47
  end
48
48
 
49
- check ? true : SpecSet.new(specs)
50
- end
51
-
52
- def valid_for?(deps)
53
- self.for(deps, [], true)
49
+ check ? true : specs
54
50
  end
55
51
 
56
52
  def [](key)
@@ -77,7 +73,7 @@ module Bundler
77
73
  end
78
74
 
79
75
  def materialize(deps, missing_specs = nil)
80
- materialized = self.for(deps, [], false, true, !missing_specs).to_a
76
+ materialized = self.for(deps, [], false, true, !missing_specs)
81
77
 
82
78
  materialized.group_by(&:source).each do |source, specs|
83
79
  next unless specs.any?{|s| s.is_a?(LazySpecification) }
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: false
2
2
 
3
3
  module Bundler
4
- VERSION = "2.2.21".freeze
4
+ VERSION = "2.2.22".freeze
5
5
 
6
6
  def self.bundler_major_version
7
7
  @bundler_major_version ||= VERSION.split(".").first.to_i
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.21
4
+ version: 2.2.22
5
5
  platform: ruby
6
6
  authors:
7
7
  - André Arko
@@ -22,7 +22,7 @@ authors:
22
22
  autorequire:
23
23
  bindir: exe
24
24
  cert_chain: []
25
- date: 2021-06-23 00:00:00.000000000 Z
25
+ date: 2021-07-06 00:00:00.000000000 Z
26
26
  dependencies: []
27
27
  description: Bundler manages an application's dependencies through its entire life,
28
28
  across many machines, systematically and repeatably
@@ -354,7 +354,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
354
354
  - !ruby/object:Gem::Version
355
355
  version: 2.5.2
356
356
  requirements: []
357
- rubygems_version: 3.2.21
357
+ rubygems_version: 3.2.22
358
358
  signing_key:
359
359
  specification_version: 4
360
360
  summary: The best way to manage your application's dependencies