bundler 2.2.21 → 2.2.25
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of bundler might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +63 -0
- data/lib/bundler.rb +4 -9
- data/lib/bundler/build_metadata.rb +2 -2
- data/lib/bundler/cli.rb +7 -0
- data/lib/bundler/cli/cache.rb +1 -1
- data/lib/bundler/cli/doctor.rb +12 -2
- data/lib/bundler/cli/install.rb +5 -18
- data/lib/bundler/cli/list.rb +7 -1
- data/lib/bundler/cli/lock.rb +5 -1
- data/lib/bundler/cli/open.rb +1 -2
- data/lib/bundler/cli/update.rb +9 -4
- data/lib/bundler/current_ruby.rb +4 -4
- data/lib/bundler/definition.rb +48 -93
- data/lib/bundler/dsl.rb +23 -21
- data/lib/bundler/feature_flag.rb +0 -1
- data/lib/bundler/fetcher/downloader.rb +1 -2
- data/lib/bundler/index.rb +1 -5
- data/lib/bundler/installer.rb +4 -4
- data/lib/bundler/installer/gem_installer.rb +3 -16
- data/lib/bundler/installer/standalone.rb +1 -1
- data/lib/bundler/lockfile_parser.rb +3 -20
- data/lib/bundler/man/bundle-add.1 +1 -1
- data/lib/bundler/man/bundle-binstubs.1 +1 -1
- data/lib/bundler/man/bundle-cache.1 +1 -1
- data/lib/bundler/man/bundle-check.1 +1 -1
- data/lib/bundler/man/bundle-clean.1 +1 -1
- data/lib/bundler/man/bundle-config.1 +1 -4
- data/lib/bundler/man/bundle-config.1.ronn +0 -3
- data/lib/bundler/man/bundle-doctor.1 +1 -1
- data/lib/bundler/man/bundle-exec.1 +1 -1
- data/lib/bundler/man/bundle-gem.1 +1 -1
- data/lib/bundler/man/bundle-info.1 +1 -1
- data/lib/bundler/man/bundle-init.1 +1 -1
- data/lib/bundler/man/bundle-inject.1 +1 -1
- data/lib/bundler/man/bundle-install.1 +1 -1
- data/lib/bundler/man/bundle-list.1 +1 -1
- data/lib/bundler/man/bundle-lock.1 +1 -1
- data/lib/bundler/man/bundle-open.1 +1 -1
- data/lib/bundler/man/bundle-outdated.1 +1 -1
- data/lib/bundler/man/bundle-platform.1 +1 -1
- data/lib/bundler/man/bundle-pristine.1 +1 -1
- data/lib/bundler/man/bundle-remove.1 +1 -1
- data/lib/bundler/man/bundle-show.1 +1 -1
- data/lib/bundler/man/bundle-update.1 +4 -4
- data/lib/bundler/man/bundle-update.1.ronn +3 -3
- data/lib/bundler/man/bundle-viz.1 +1 -1
- data/lib/bundler/man/bundle.1 +1 -1
- data/lib/bundler/man/gemfile.5 +1 -1
- data/lib/bundler/plugin.rb +2 -0
- data/lib/bundler/plugin/index.rb +4 -1
- data/lib/bundler/plugin/installer.rb +1 -1
- data/lib/bundler/resolver.rb +1 -1
- data/lib/bundler/rubygems_ext.rb +22 -6
- data/lib/bundler/rubygems_gem_installer.rb +5 -1
- data/lib/bundler/runtime.rb +16 -9
- data/lib/bundler/settings.rb +4 -7
- data/lib/bundler/setup.rb +2 -2
- data/lib/bundler/shared_helpers.rb +0 -7
- data/lib/bundler/source/git/git_proxy.rb +1 -2
- data/lib/bundler/source/rubygems.rb +5 -14
- data/lib/bundler/source_list.rb +50 -20
- data/lib/bundler/spec_set.rb +15 -42
- data/lib/bundler/templates/Executable.bundler +6 -6
- data/lib/bundler/version.rb +1 -1
- data/lib/bundler/worker.rb +17 -2
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 42284d8028f6f07937bba73b6c9e55c511c9d14c599b5b2e3b951599a6cff7e7
|
4
|
+
data.tar.gz: dcda6b29a424bc079333e3a9f5f02f679e7cae039b3dd07e25cb6da6ebf29b4c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9cb7f2e44d450503a5c0786dcc9e3972cfa830180a518de00c5733965c9fe790ab1090611e1da3d2a8cffbd911e2a3c7531b0707a3712efd8c162b95723e827b
|
7
|
+
data.tar.gz: 0dc46959901b2edf345dbb4b0b448a9762caa91179011899d36939f927379af22b8406ddf4bb17e67c410a7d65c76c43f3c4fcb9c3ec6a4b92dcce82364cdf91
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,66 @@
|
|
1
|
+
# 2.2.25 (July 30, 2021)
|
2
|
+
|
3
|
+
## Deprecations:
|
4
|
+
|
5
|
+
- Deprecate Gemfile without an explicit global source [#4779](https://github.com/rubygems/rubygems/pull/4779)
|
6
|
+
- Deprecate `bundle cache --path` [#4496](https://github.com/rubygems/rubygems/pull/4496)
|
7
|
+
|
8
|
+
## Enhancements:
|
9
|
+
|
10
|
+
- Give better errors when materialization fails [#4788](https://github.com/rubygems/rubygems/pull/4788)
|
11
|
+
- Lazily load `shellwords` library [#4786](https://github.com/rubygems/rubygems/pull/4786)
|
12
|
+
- Show original error and backtrace directly on `bundle install` errors instead of a more brittle `gem install` hint [#4778](https://github.com/rubygems/rubygems/pull/4778)
|
13
|
+
- Remove LoadError message in regards to requiring a relative file [#4772](https://github.com/rubygems/rubygems/pull/4772)
|
14
|
+
|
15
|
+
## Bug fixes:
|
16
|
+
|
17
|
+
- Fix `BUNDLE_USER_CONFIG` no longer respected as config location [#4797](https://github.com/rubygems/rubygems/pull/4797)
|
18
|
+
- Fix `--standalone` installation of default gems [#4782](https://github.com/rubygems/rubygems/pull/4782)
|
19
|
+
- Fix `--quiet` flag not printing warnings [#4781](https://github.com/rubygems/rubygems/pull/4781)
|
20
|
+
- Fix bundler binstub version selection [#4775](https://github.com/rubygems/rubygems/pull/4775)
|
21
|
+
- Fix interrupt handling in Bundler workers [#4767](https://github.com/rubygems/rubygems/pull/4767)
|
22
|
+
|
23
|
+
# 2.2.24 (July 15, 2021)
|
24
|
+
|
25
|
+
## Bug fixes:
|
26
|
+
|
27
|
+
- Fix development gem unintentionally removed on an edge case [#4751](https://github.com/rubygems/rubygems/pull/4751)
|
28
|
+
- Fix dangling empty plugin hooks [#4755](https://github.com/rubygems/rubygems/pull/4755)
|
29
|
+
- Fix `bundle plugin install --help` showing `bundle install`'s help [#4756](https://github.com/rubygems/rubygems/pull/4756)
|
30
|
+
- Make sure `bundle check` shows uniq missing gems [#4749](https://github.com/rubygems/rubygems/pull/4749)
|
31
|
+
|
32
|
+
## Performance:
|
33
|
+
|
34
|
+
- Slightly speed up `bundler/setup` [#4750](https://github.com/rubygems/rubygems/pull/4750)
|
35
|
+
|
36
|
+
# 2.2.23 (July 9, 2021)
|
37
|
+
|
38
|
+
## Enhancements:
|
39
|
+
|
40
|
+
- Fix `bundle install` on truffleruby selecting incorrect variant for `sorbet-static` gem [#4625](https://github.com/rubygems/rubygems/pull/4625)
|
41
|
+
- Spare meaningless warning on read-only bundle invocations [#4724](https://github.com/rubygems/rubygems/pull/4724)
|
42
|
+
|
43
|
+
## Bug fixes:
|
44
|
+
|
45
|
+
- Fix incorrect warning about duplicated gems in the Gemfile [#4732](https://github.com/rubygems/rubygems/pull/4732)
|
46
|
+
- Fix `bundle plugin install foo` crashing [#4734](https://github.com/rubygems/rubygems/pull/4734)
|
47
|
+
|
48
|
+
# 2.2.22 (July 6, 2021)
|
49
|
+
|
50
|
+
## Enhancements:
|
51
|
+
|
52
|
+
- Never downgrade indirect dependencies when running `bundle update` [#4713](https://github.com/rubygems/rubygems/pull/4713)
|
53
|
+
- Fix `getaddrinfo` errors not treated as fatal on non darwin platforms [#4703](https://github.com/rubygems/rubygems/pull/4703)
|
54
|
+
|
55
|
+
## Bug fixes:
|
56
|
+
|
57
|
+
- Fix `bundle update <gem>` sometimes hanging and `bundle lock --update` not being able to update an insecure lockfile to the new format if it requires downgrades [#4652](https://github.com/rubygems/rubygems/pull/4652)
|
58
|
+
- Fix edge case combination of DSL methods and duplicated sources causing gems to not be found [#4711](https://github.com/rubygems/rubygems/pull/4711)
|
59
|
+
- Fix `bundle doctor` crashing when finding a broken symlink [#4707](https://github.com/rubygems/rubygems/pull/4707)
|
60
|
+
- Fix incorrect re-resolve edge case [#4700](https://github.com/rubygems/rubygems/pull/4700)
|
61
|
+
- Fix some gems being unintentionally locked under multiple lockfile sections [#4701](https://github.com/rubygems/rubygems/pull/4701)
|
62
|
+
- Fix `--conservative` flag unexpectedly updating indirect dependencies [#4692](https://github.com/rubygems/rubygems/pull/4692)
|
63
|
+
|
1
64
|
# 2.2.21 (June 23, 2021)
|
2
65
|
|
3
66
|
## Security fixes:
|
data/lib/bundler.rb
CHANGED
@@ -236,8 +236,9 @@ module Bundler
|
|
236
236
|
end
|
237
237
|
|
238
238
|
if warning
|
239
|
-
|
240
|
-
|
239
|
+
Bundler.ui.warn "#{warning}\n"
|
240
|
+
user_home = tmp_home_path
|
241
|
+
Bundler.ui.warn "Bundler will use `#{user_home}' as your home directory temporarily.\n"
|
241
242
|
user_home
|
242
243
|
else
|
243
244
|
Pathname.new(home)
|
@@ -652,10 +653,6 @@ EOF
|
|
652
653
|
rescue ScriptError, StandardError => e
|
653
654
|
msg = "There was an error while loading `#{path.basename}`: #{e.message}"
|
654
655
|
|
655
|
-
if e.is_a?(LoadError)
|
656
|
-
msg += "\nDoes it try to require a relative path? That's been removed in Ruby 1.9"
|
657
|
-
end
|
658
|
-
|
659
656
|
raise GemspecError, Dsl::DSLError.new(msg, path, e.backtrace, contents)
|
660
657
|
end
|
661
658
|
|
@@ -684,15 +681,13 @@ EOF
|
|
684
681
|
Bundler.rubygems.clear_paths
|
685
682
|
end
|
686
683
|
|
687
|
-
def tmp_home_path
|
684
|
+
def tmp_home_path
|
688
685
|
Kernel.send(:require, "tmpdir")
|
689
686
|
SharedHelpers.filesystem_access(Dir.tmpdir) do
|
690
687
|
path = Bundler.tmp
|
691
688
|
at_exit { Bundler.rm_rf(path) }
|
692
689
|
path
|
693
690
|
end
|
694
|
-
rescue RuntimeError => e
|
695
|
-
raise e.exception("#{warning}\nBundler also failed to create a temporary home directory':\n#{e}")
|
696
691
|
end
|
697
692
|
|
698
693
|
# @param env [Hash]
|
@@ -4,8 +4,8 @@ module Bundler
|
|
4
4
|
# Represents metadata from when the Bundler gem was built.
|
5
5
|
module BuildMetadata
|
6
6
|
# begin ivars
|
7
|
-
@built_at = "2021-
|
8
|
-
@git_commit_sha = "
|
7
|
+
@built_at = "2021-07-30".freeze
|
8
|
+
@git_commit_sha = "7f0f257c7a".freeze
|
9
9
|
@release = true
|
10
10
|
# end ivars
|
11
11
|
|
data/lib/bundler/cli.rb
CHANGED
@@ -14,6 +14,7 @@ module Bundler
|
|
14
14
|
COMMAND_ALIASES = {
|
15
15
|
"check" => "c",
|
16
16
|
"install" => "i",
|
17
|
+
"plugin" => "",
|
17
18
|
"list" => "ls",
|
18
19
|
"exec" => ["e", "ex", "exe"],
|
19
20
|
"cache" => ["package", "pack"],
|
@@ -455,6 +456,12 @@ module Bundler
|
|
455
456
|
"do in future versions. Instead please use `bundle config set cache_all true`, " \
|
456
457
|
"and stop using this flag" if ARGV.include?("--all")
|
457
458
|
|
459
|
+
SharedHelpers.major_deprecation 2,
|
460
|
+
"The `--path` flag is deprecated because its semantics are unclear. " \
|
461
|
+
"Use `bundle config cache_path` to configure the path of your cache of gems, " \
|
462
|
+
"and `bundle config path` to configure the path where your gems are installed, " \
|
463
|
+
"and stop using this flag" if ARGV.include?("--path")
|
464
|
+
|
458
465
|
require_relative "cli/cache"
|
459
466
|
Cache.new(options).run
|
460
467
|
end
|
data/lib/bundler/cli/cache.rb
CHANGED
@@ -9,7 +9,7 @@ module Bundler
|
|
9
9
|
end
|
10
10
|
|
11
11
|
def run
|
12
|
-
Bundler.ui.level = "
|
12
|
+
Bundler.ui.level = "warn" if options[:quiet]
|
13
13
|
Bundler.settings.set_command_option_if_given :path, options[:path]
|
14
14
|
Bundler.settings.set_command_option_if_given :cache_path, options["cache-path"]
|
15
15
|
|
data/lib/bundler/cli/doctor.rb
CHANGED
@@ -61,7 +61,7 @@ module Bundler
|
|
61
61
|
end
|
62
62
|
|
63
63
|
def run
|
64
|
-
Bundler.ui.level = "
|
64
|
+
Bundler.ui.level = "warn" if options[:quiet]
|
65
65
|
Bundler.settings.validate!
|
66
66
|
check!
|
67
67
|
|
@@ -100,8 +100,11 @@ module Bundler
|
|
100
100
|
files_not_readable_or_writable = []
|
101
101
|
files_not_rw_and_owned_by_different_user = []
|
102
102
|
files_not_owned_by_current_user_but_still_rw = []
|
103
|
+
broken_symlinks = []
|
103
104
|
Find.find(Bundler.bundle_path.to_s).each do |f|
|
104
|
-
if !File.
|
105
|
+
if !File.exist?(f)
|
106
|
+
broken_symlinks << f
|
107
|
+
elsif !File.writable?(f) || !File.readable?(f)
|
105
108
|
if File.stat(f).uid != Process.uid
|
106
109
|
files_not_rw_and_owned_by_different_user << f
|
107
110
|
else
|
@@ -113,6 +116,13 @@ module Bundler
|
|
113
116
|
end
|
114
117
|
|
115
118
|
ok = true
|
119
|
+
|
120
|
+
if broken_symlinks.any?
|
121
|
+
Bundler.ui.warn "Broken links exist in the Bundler home. Please report them to the offending gem's upstream repo. These files are:\n - #{broken_symlinks.join("\n - ")}"
|
122
|
+
|
123
|
+
ok = false
|
124
|
+
end
|
125
|
+
|
116
126
|
if files_not_owned_by_current_user_but_still_rw.any?
|
117
127
|
Bundler.ui.warn "Files exist in the Bundler home that are owned by another " \
|
118
128
|
"user, but are still readable/writable. These files are:\n - #{files_not_owned_by_current_user_but_still_rw.join("\n - ")}"
|
data/lib/bundler/cli/install.rb
CHANGED
@@ -8,7 +8,7 @@ module Bundler
|
|
8
8
|
end
|
9
9
|
|
10
10
|
def run
|
11
|
-
Bundler.ui.level = "
|
11
|
+
Bundler.ui.level = "warn" if options[:quiet]
|
12
12
|
|
13
13
|
warn_if_root
|
14
14
|
|
@@ -60,7 +60,7 @@ module Bundler
|
|
60
60
|
installer = Installer.install(Bundler.root, definition, options)
|
61
61
|
|
62
62
|
Bundler.settings.temporary(:cache_all_platforms => options[:local] ? false : Bundler.settings[:cache_all_platforms]) do
|
63
|
-
Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle?
|
63
|
+
Bundler.load.cache(nil, options[:local]) if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle?
|
64
64
|
end
|
65
65
|
|
66
66
|
Bundler.ui.confirm "Bundle complete! #{dependencies_count_for(definition)}, #{gems_installed_for(definition)}."
|
@@ -83,28 +83,15 @@ module Bundler
|
|
83
83
|
end
|
84
84
|
|
85
85
|
Bundler::CLI::Common.output_fund_metadata_summary
|
86
|
-
rescue
|
87
|
-
if options[:local] && Bundler.app_cache.exist?
|
88
|
-
Bundler.ui.warn "Some gems seem to be missing from your #{Bundler.settings.app_cache_path} directory."
|
89
|
-
end
|
90
|
-
|
91
|
-
unless Bundler.definition.has_rubygems_remotes?
|
92
|
-
Bundler.ui.warn <<-WARN, :wrap => true
|
93
|
-
Your Gemfile has no gem server sources. If you need gems that are \
|
94
|
-
not already on your machine, add a line like this to your Gemfile:
|
95
|
-
source 'https://rubygems.org'
|
96
|
-
WARN
|
97
|
-
end
|
98
|
-
raise e
|
99
|
-
rescue Gem::InvalidSpecificationException => e
|
86
|
+
rescue Gem::InvalidSpecificationException
|
100
87
|
Bundler.ui.warn "You have one or more invalid gemspecs that need to be fixed."
|
101
|
-
raise
|
88
|
+
raise
|
102
89
|
end
|
103
90
|
|
104
91
|
private
|
105
92
|
|
106
93
|
def warn_if_root
|
107
|
-
return if Bundler.settings[:silence_root_warning] ||
|
94
|
+
return if Bundler.settings[:silence_root_warning] || Gem.win_platform? || !Process.uid.zero?
|
108
95
|
Bundler.ui.warn "Don't run Bundler as root. Bundler can ask for sudo " \
|
109
96
|
"if it is needed, and installing your bundle as root will break this " \
|
110
97
|
"application for all non-root users on this machine.", :wrap => true
|
data/lib/bundler/cli/list.rb
CHANGED
@@ -16,7 +16,13 @@ module Bundler
|
|
16
16
|
specs = if @only_group.any? || @without_group.any?
|
17
17
|
filtered_specs_by_groups
|
18
18
|
else
|
19
|
-
|
19
|
+
begin
|
20
|
+
Bundler.load.specs
|
21
|
+
rescue GemNotFound => e
|
22
|
+
Bundler.ui.error e.message
|
23
|
+
Bundler.ui.warn "Install missing gems with `bundle install`."
|
24
|
+
exit 1
|
25
|
+
end
|
20
26
|
end.reject {|s| s.name == "bundler" }.sort_by(&:name)
|
21
27
|
|
22
28
|
return Bundler.ui.info "No gems in the Gemfile" if specs.empty?
|
data/lib/bundler/cli/lock.rb
CHANGED
@@ -21,9 +21,13 @@ module Bundler
|
|
21
21
|
Bundler::Fetcher.disable_endpoint = options["full-index"]
|
22
22
|
|
23
23
|
update = options[:update]
|
24
|
+
conservative = options[:conservative]
|
25
|
+
|
24
26
|
if update.is_a?(Array) # unlocking specific gems
|
25
27
|
Bundler::CLI::Common.ensure_all_gems_in_lockfile!(update)
|
26
|
-
update = { :gems => update, :
|
28
|
+
update = { :gems => update, :conservative => conservative }
|
29
|
+
elsif update
|
30
|
+
update = { :conservative => conservative } if conservative
|
27
31
|
end
|
28
32
|
definition = Bundler.definition(update)
|
29
33
|
|
data/lib/bundler/cli/open.rb
CHANGED
@@ -1,7 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require "shellwords"
|
4
|
-
|
5
3
|
module Bundler
|
6
4
|
class CLI::Open
|
7
5
|
attr_reader :options, :name
|
@@ -19,6 +17,7 @@ module Bundler
|
|
19
17
|
else
|
20
18
|
path = spec.full_gem_path
|
21
19
|
Dir.chdir(path) do
|
20
|
+
require "shellwords"
|
22
21
|
command = Shellwords.split(editor) + [path]
|
23
22
|
Bundler.with_original_env do
|
24
23
|
system(*command)
|
data/lib/bundler/cli/update.rb
CHANGED
@@ -9,7 +9,7 @@ module Bundler
|
|
9
9
|
end
|
10
10
|
|
11
11
|
def run
|
12
|
-
Bundler.ui.level = "
|
12
|
+
Bundler.ui.level = "warn" if options[:quiet]
|
13
13
|
|
14
14
|
Plugin.gemfile_install(Bundler.default_gemfile) if Bundler.feature_flag.plugins?
|
15
15
|
|
@@ -27,9 +27,14 @@ module Bundler
|
|
27
27
|
raise InvalidOption, "Cannot specify --all along with specific options."
|
28
28
|
end
|
29
29
|
|
30
|
+
conservative = options[:conservative]
|
31
|
+
|
30
32
|
if full_update
|
31
|
-
|
32
|
-
|
33
|
+
if conservative
|
34
|
+
Bundler.definition(:conservative => conservative)
|
35
|
+
else
|
36
|
+
Bundler.definition(true)
|
37
|
+
end
|
33
38
|
else
|
34
39
|
unless Bundler.default_lockfile.exist?
|
35
40
|
raise GemfileLockNotFound, "This Bundle hasn't been installed yet. " \
|
@@ -43,7 +48,7 @@ module Bundler
|
|
43
48
|
end
|
44
49
|
|
45
50
|
Bundler.definition(:gems => gems, :sources => sources, :ruby => options[:ruby],
|
46
|
-
:
|
51
|
+
:conservative => conservative,
|
47
52
|
:bundler => options[:bundler])
|
48
53
|
end
|
49
54
|
|
data/lib/bundler/current_ruby.rb
CHANGED
@@ -65,19 +65,19 @@ module Bundler
|
|
65
65
|
end
|
66
66
|
|
67
67
|
def mswin?
|
68
|
-
|
68
|
+
Gem.win_platform?
|
69
69
|
end
|
70
70
|
|
71
71
|
def mswin64?
|
72
|
-
|
72
|
+
Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mswin64" && Bundler.local_platform.cpu == "x64"
|
73
73
|
end
|
74
74
|
|
75
75
|
def mingw?
|
76
|
-
|
76
|
+
Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu != "x64"
|
77
77
|
end
|
78
78
|
|
79
79
|
def x64_mingw?
|
80
|
-
|
80
|
+
Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu == "x64"
|
81
81
|
end
|
82
82
|
|
83
83
|
(KNOWN_MINOR_VERSIONS + KNOWN_MAJOR_VERSIONS).each do |version|
|
data/lib/bundler/definition.rb
CHANGED
@@ -56,10 +56,8 @@ module Bundler
|
|
56
56
|
@unlocking_bundler = false
|
57
57
|
@unlocking = unlock
|
58
58
|
else
|
59
|
-
unlock = unlock.dup
|
60
59
|
@unlocking_bundler = unlock.delete(:bundler)
|
61
|
-
unlock.
|
62
|
-
@unlocking = !unlock.empty?
|
60
|
+
@unlocking = unlock.any? {|_k, v| !Array(v).empty? }
|
63
61
|
end
|
64
62
|
|
65
63
|
@dependencies = dependencies
|
@@ -106,8 +104,8 @@ module Bundler
|
|
106
104
|
@locked_platforms = []
|
107
105
|
end
|
108
106
|
|
109
|
-
|
110
|
-
@multisource_allowed =
|
107
|
+
locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
|
108
|
+
@multisource_allowed = locked_gem_sources.size == 1 && locked_gem_sources.first.multiple_remotes? && Bundler.frozen_bundle?
|
111
109
|
|
112
110
|
if @multisource_allowed
|
113
111
|
unless sources.aggregate_global_source?
|
@@ -116,10 +114,9 @@ module Bundler
|
|
116
114
|
Bundler::SharedHelpers.major_deprecation 2, msg
|
117
115
|
end
|
118
116
|
|
119
|
-
@sources.merged_gem_lockfile_sections!
|
117
|
+
@sources.merged_gem_lockfile_sections!(locked_gem_sources.first)
|
120
118
|
end
|
121
119
|
|
122
|
-
@unlock[:gems] ||= []
|
123
120
|
@unlock[:sources] ||= []
|
124
121
|
@unlock[:ruby] ||= if @ruby_version && locked_ruby_version_object
|
125
122
|
@ruby_version.diff(locked_ruby_version_object)
|
@@ -132,9 +129,11 @@ module Bundler
|
|
132
129
|
@path_changes = converge_paths
|
133
130
|
@source_changes = converge_sources
|
134
131
|
|
135
|
-
|
136
|
-
|
137
|
-
|
132
|
+
if @unlock[:conservative]
|
133
|
+
@unlock[:gems] ||= @dependencies.map(&:name)
|
134
|
+
else
|
135
|
+
eager_unlock = expand_dependencies(@unlock[:gems] || [], true)
|
136
|
+
@unlock[:gems] = @locked_specs.for(eager_unlock, false, false).map(&:name)
|
138
137
|
end
|
139
138
|
|
140
139
|
@dependency_changes = converge_dependencies
|
@@ -186,25 +185,7 @@ module Bundler
|
|
186
185
|
#
|
187
186
|
# @return [Bundler::SpecSet]
|
188
187
|
def specs
|
189
|
-
@specs ||=
|
190
|
-
begin
|
191
|
-
specs = resolve.materialize(requested_dependencies)
|
192
|
-
rescue GemNotFound => e # Handle yanked gem
|
193
|
-
gem_name, gem_version = extract_gem_info(e)
|
194
|
-
locked_gem = @locked_specs[gem_name].last
|
195
|
-
raise if locked_gem.nil? || locked_gem.version.to_s != gem_version || !@remote
|
196
|
-
raise GemNotFound, "Your bundle is locked to #{locked_gem} from #{locked_gem.source}, but that version can " \
|
197
|
-
"no longer be found in that source. That means the author of #{locked_gem} has removed it. " \
|
198
|
-
"You'll need to update your bundle to a version other than #{locked_gem} that hasn't been " \
|
199
|
-
"removed in order to install."
|
200
|
-
end
|
201
|
-
unless specs["bundler"].any?
|
202
|
-
bundler = sources.metadata_source.specs.search(Gem::Dependency.new("bundler", VERSION)).last
|
203
|
-
specs["bundler"] = bundler
|
204
|
-
end
|
205
|
-
|
206
|
-
specs
|
207
|
-
end
|
188
|
+
@specs ||= materialize(requested_dependencies)
|
208
189
|
end
|
209
190
|
|
210
191
|
def new_specs
|
@@ -216,9 +197,7 @@ module Bundler
|
|
216
197
|
end
|
217
198
|
|
218
199
|
def missing_specs
|
219
|
-
|
220
|
-
resolve.materialize(requested_dependencies, missing)
|
221
|
-
missing
|
200
|
+
resolve.materialize(requested_dependencies).missing_specs
|
222
201
|
end
|
223
202
|
|
224
203
|
def missing_specs?
|
@@ -236,17 +215,11 @@ module Bundler
|
|
236
215
|
end
|
237
216
|
|
238
217
|
def requested_specs
|
239
|
-
|
240
|
-
groups = requested_groups
|
241
|
-
groups.map!(&:to_sym)
|
242
|
-
specs_for(groups)
|
243
|
-
end
|
218
|
+
specs_for(requested_groups)
|
244
219
|
end
|
245
220
|
|
246
221
|
def requested_dependencies
|
247
|
-
|
248
|
-
groups.map!(&:to_sym)
|
249
|
-
dependencies_for(groups)
|
222
|
+
dependencies_for(requested_groups)
|
250
223
|
end
|
251
224
|
|
252
225
|
def current_dependencies
|
@@ -256,11 +229,13 @@ module Bundler
|
|
256
229
|
end
|
257
230
|
|
258
231
|
def specs_for(groups)
|
232
|
+
groups = requested_groups if groups.empty?
|
259
233
|
deps = dependencies_for(groups)
|
260
|
-
|
234
|
+
materialize(expand_dependencies(deps))
|
261
235
|
end
|
262
236
|
|
263
237
|
def dependencies_for(groups)
|
238
|
+
groups.map!(&:to_sym)
|
264
239
|
current_dependencies.reject do |d|
|
265
240
|
(d.groups & groups).empty?
|
266
241
|
end
|
@@ -289,10 +264,6 @@ module Bundler
|
|
289
264
|
end
|
290
265
|
end
|
291
266
|
|
292
|
-
def has_rubygems_remotes?
|
293
|
-
sources.rubygems_sources.any? {|s| s.remotes.any? }
|
294
|
-
end
|
295
|
-
|
296
267
|
def spec_git_paths
|
297
268
|
sources.git_sources.map {|s| File.realpath(s.path) if File.exist?(s.path) }.compact
|
298
269
|
end
|
@@ -498,9 +469,6 @@ module Bundler
|
|
498
469
|
attr_reader :sources
|
499
470
|
private :sources
|
500
471
|
|
501
|
-
attr_reader :locked_gem_sources
|
502
|
-
private :locked_gem_sources
|
503
|
-
|
504
472
|
def nothing_changed?
|
505
473
|
!@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@locked_specs_incomplete_for_platform
|
506
474
|
end
|
@@ -511,6 +479,31 @@ module Bundler
|
|
511
479
|
|
512
480
|
private
|
513
481
|
|
482
|
+
def materialize(dependencies)
|
483
|
+
specs = resolve.materialize(dependencies)
|
484
|
+
missing_specs = specs.missing_specs
|
485
|
+
|
486
|
+
if missing_specs.any?
|
487
|
+
missing_specs.each do |s|
|
488
|
+
locked_gem = @locked_specs[s.name].last
|
489
|
+
next if locked_gem.nil? || locked_gem.version != s.version || !@remote
|
490
|
+
raise GemNotFound, "Your bundle is locked to #{locked_gem} from #{locked_gem.source}, but that version can " \
|
491
|
+
"no longer be found in that source. That means the author of #{locked_gem} has removed it. " \
|
492
|
+
"You'll need to update your bundle to a version other than #{locked_gem} that hasn't been " \
|
493
|
+
"removed in order to install."
|
494
|
+
end
|
495
|
+
|
496
|
+
raise GemNotFound, "Could not find #{missing_specs.map(&:full_name).join(", ")} in any of the sources"
|
497
|
+
end
|
498
|
+
|
499
|
+
unless specs["bundler"].any?
|
500
|
+
bundler = sources.metadata_source.specs.search(Gem::Dependency.new("bundler", VERSION)).last
|
501
|
+
specs["bundler"] = bundler
|
502
|
+
end
|
503
|
+
|
504
|
+
specs
|
505
|
+
end
|
506
|
+
|
514
507
|
def precompute_source_requirements_for_indirect_dependencies?
|
515
508
|
sources.non_global_rubygems_sources.all?(&:dependency_api_available?) && !sources.aggregate_global_source?
|
516
509
|
end
|
@@ -628,35 +621,11 @@ module Bundler
|
|
628
621
|
end
|
629
622
|
end
|
630
623
|
|
631
|
-
def converge_rubygems_sources
|
632
|
-
return false unless multisource_allowed?
|
633
|
-
|
634
|
-
return false if locked_gem_sources.empty?
|
635
|
-
|
636
|
-
# Get the RubyGems remotes from the Gemfile
|
637
|
-
actual_remotes = sources.rubygems_remotes
|
638
|
-
return false if actual_remotes.empty?
|
639
|
-
|
640
|
-
changes = false
|
641
|
-
|
642
|
-
# If there is a RubyGems source in both
|
643
|
-
locked_gem_sources.each do |locked_gem_source|
|
644
|
-
# Merge the remotes from the Gemfile into the Gemfile.lock
|
645
|
-
changes |= locked_gem_source.replace_remotes(actual_remotes, Bundler.settings[:allow_deployment_source_credential_changes])
|
646
|
-
end
|
647
|
-
|
648
|
-
changes
|
649
|
-
end
|
650
|
-
|
651
624
|
def converge_sources
|
652
|
-
changes = false
|
653
|
-
|
654
|
-
changes |= converge_rubygems_sources
|
655
|
-
|
656
625
|
# Replace the sources from the Gemfile with the sources from the Gemfile.lock,
|
657
626
|
# if they exist in the Gemfile.lock and are `==`. If you can't find an equivalent
|
658
627
|
# source in the Gemfile.lock, use the one from the Gemfile.
|
659
|
-
changes
|
628
|
+
changes = sources.replace_sources!(@locked_sources)
|
660
629
|
|
661
630
|
sources.all_sources.each do |source|
|
662
631
|
# If the source is unlockable and the current command allows an unlock of
|
@@ -741,24 +710,17 @@ module Bundler
|
|
741
710
|
end
|
742
711
|
end
|
743
712
|
|
744
|
-
unlock_source_unlocks_spec = Bundler.feature_flag.unlock_source_unlocks_spec?
|
745
|
-
|
746
713
|
converged = []
|
747
714
|
@locked_specs.each do |s|
|
748
715
|
# Replace the locked dependency's source with the equivalent source from the Gemfile
|
749
716
|
dep = @dependencies.find {|d| s.satisfies?(d) }
|
750
|
-
s.source = (dep && dep.source) || sources.get(s.source)
|
717
|
+
s.source = (dep && dep.source) || sources.get(s.source) unless multisource_allowed?
|
751
718
|
|
752
719
|
# Don't add a spec to the list if its source is expired. For example,
|
753
720
|
# if you change a Git gem to RubyGems.
|
754
721
|
next if s.source.nil?
|
755
722
|
next if @unlock[:sources].include?(s.source.name)
|
756
723
|
|
757
|
-
# XXX This is a backwards-compatibility fix to preserve the ability to
|
758
|
-
# unlock a single gem by passing its name via `--source`. See issue #3759
|
759
|
-
# TODO: delete in Bundler 2
|
760
|
-
next if unlock_source_unlocks_spec && @unlock[:sources].include?(s.name)
|
761
|
-
|
762
724
|
# If the spec is from a path source and it doesn't exist anymore
|
763
725
|
# then we unlock it.
|
764
726
|
|
@@ -770,7 +732,7 @@ module Bundler
|
|
770
732
|
# if we won't need the source (according to the lockfile),
|
771
733
|
# don't error if the path/git source isn't available
|
772
734
|
next if @locked_specs.
|
773
|
-
for(requested_dependencies,
|
735
|
+
for(requested_dependencies, false, true).
|
774
736
|
none? {|locked_spec| locked_spec.source == s.source }
|
775
737
|
|
776
738
|
raise
|
@@ -789,8 +751,8 @@ module Bundler
|
|
789
751
|
end
|
790
752
|
|
791
753
|
resolve = SpecSet.new(converged)
|
792
|
-
@locked_specs_incomplete_for_platform = !resolve.for(expand_dependencies(requested_dependencies & deps),
|
793
|
-
resolve = resolve.for(expand_dependencies(deps, true), @unlock[:gems]
|
754
|
+
@locked_specs_incomplete_for_platform = !resolve.for(expand_dependencies(requested_dependencies & deps), true, true)
|
755
|
+
resolve = SpecSet.new(resolve.for(expand_dependencies(deps, true), false, false).reject{|s| @unlock[:gems].include?(s.name) })
|
794
756
|
diff = nil
|
795
757
|
|
796
758
|
# Now, we unlock any sources that do not have anymore gems pinned to it
|
@@ -894,12 +856,6 @@ module Bundler
|
|
894
856
|
current == proposed
|
895
857
|
end
|
896
858
|
|
897
|
-
def extract_gem_info(error)
|
898
|
-
# This method will extract the error message like "Could not find foo-1.2.3 in any of the sources"
|
899
|
-
# to an array. The first element will be the gem name (e.g. foo), the second will be the version number.
|
900
|
-
error.message.scan(/Could not find (\w+)-(\d+(?:\.\d+)+)/).flatten
|
901
|
-
end
|
902
|
-
|
903
859
|
def compute_requires
|
904
860
|
dependencies.reduce({}) do |requires, dep|
|
905
861
|
next requires unless dep.should_include?
|
@@ -912,14 +868,13 @@ module Bundler
|
|
912
868
|
end
|
913
869
|
|
914
870
|
def additional_base_requirements_for_resolve
|
915
|
-
return [] unless @locked_gems
|
871
|
+
return [] unless @locked_gems && unlocking? && !sources.expired_sources?(@locked_gems.sources)
|
916
872
|
dependencies_by_name = dependencies.inject({}) {|memo, dep| memo.update(dep.name => dep) }
|
917
873
|
@locked_gems.specs.reduce({}) do |requirements, locked_spec|
|
918
874
|
name = locked_spec.name
|
919
875
|
dependency = dependencies_by_name[name]
|
920
|
-
next requirements unless dependency
|
921
876
|
next requirements if @locked_gems.dependencies[name] != dependency
|
922
|
-
next requirements if dependency.source.is_a?(Source::Path)
|
877
|
+
next requirements if dependency && dependency.source.is_a?(Source::Path)
|
923
878
|
dep = Gem::Dependency.new(name, ">= #{locked_spec.version}")
|
924
879
|
requirements[name] = DepProxy.get_proxy(dep, locked_spec.platform)
|
925
880
|
requirements
|