bundler 2.2.21 → 2.2.25

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of bundler might be problematic. Click here for more details.

Files changed (67) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +63 -0
  3. data/lib/bundler.rb +4 -9
  4. data/lib/bundler/build_metadata.rb +2 -2
  5. data/lib/bundler/cli.rb +7 -0
  6. data/lib/bundler/cli/cache.rb +1 -1
  7. data/lib/bundler/cli/doctor.rb +12 -2
  8. data/lib/bundler/cli/install.rb +5 -18
  9. data/lib/bundler/cli/list.rb +7 -1
  10. data/lib/bundler/cli/lock.rb +5 -1
  11. data/lib/bundler/cli/open.rb +1 -2
  12. data/lib/bundler/cli/update.rb +9 -4
  13. data/lib/bundler/current_ruby.rb +4 -4
  14. data/lib/bundler/definition.rb +48 -93
  15. data/lib/bundler/dsl.rb +23 -21
  16. data/lib/bundler/feature_flag.rb +0 -1
  17. data/lib/bundler/fetcher/downloader.rb +1 -2
  18. data/lib/bundler/index.rb +1 -5
  19. data/lib/bundler/installer.rb +4 -4
  20. data/lib/bundler/installer/gem_installer.rb +3 -16
  21. data/lib/bundler/installer/standalone.rb +1 -1
  22. data/lib/bundler/lockfile_parser.rb +3 -20
  23. data/lib/bundler/man/bundle-add.1 +1 -1
  24. data/lib/bundler/man/bundle-binstubs.1 +1 -1
  25. data/lib/bundler/man/bundle-cache.1 +1 -1
  26. data/lib/bundler/man/bundle-check.1 +1 -1
  27. data/lib/bundler/man/bundle-clean.1 +1 -1
  28. data/lib/bundler/man/bundle-config.1 +1 -4
  29. data/lib/bundler/man/bundle-config.1.ronn +0 -3
  30. data/lib/bundler/man/bundle-doctor.1 +1 -1
  31. data/lib/bundler/man/bundle-exec.1 +1 -1
  32. data/lib/bundler/man/bundle-gem.1 +1 -1
  33. data/lib/bundler/man/bundle-info.1 +1 -1
  34. data/lib/bundler/man/bundle-init.1 +1 -1
  35. data/lib/bundler/man/bundle-inject.1 +1 -1
  36. data/lib/bundler/man/bundle-install.1 +1 -1
  37. data/lib/bundler/man/bundle-list.1 +1 -1
  38. data/lib/bundler/man/bundle-lock.1 +1 -1
  39. data/lib/bundler/man/bundle-open.1 +1 -1
  40. data/lib/bundler/man/bundle-outdated.1 +1 -1
  41. data/lib/bundler/man/bundle-platform.1 +1 -1
  42. data/lib/bundler/man/bundle-pristine.1 +1 -1
  43. data/lib/bundler/man/bundle-remove.1 +1 -1
  44. data/lib/bundler/man/bundle-show.1 +1 -1
  45. data/lib/bundler/man/bundle-update.1 +4 -4
  46. data/lib/bundler/man/bundle-update.1.ronn +3 -3
  47. data/lib/bundler/man/bundle-viz.1 +1 -1
  48. data/lib/bundler/man/bundle.1 +1 -1
  49. data/lib/bundler/man/gemfile.5 +1 -1
  50. data/lib/bundler/plugin.rb +2 -0
  51. data/lib/bundler/plugin/index.rb +4 -1
  52. data/lib/bundler/plugin/installer.rb +1 -1
  53. data/lib/bundler/resolver.rb +1 -1
  54. data/lib/bundler/rubygems_ext.rb +22 -6
  55. data/lib/bundler/rubygems_gem_installer.rb +5 -1
  56. data/lib/bundler/runtime.rb +16 -9
  57. data/lib/bundler/settings.rb +4 -7
  58. data/lib/bundler/setup.rb +2 -2
  59. data/lib/bundler/shared_helpers.rb +0 -7
  60. data/lib/bundler/source/git/git_proxy.rb +1 -2
  61. data/lib/bundler/source/rubygems.rb +5 -14
  62. data/lib/bundler/source_list.rb +50 -20
  63. data/lib/bundler/spec_set.rb +15 -42
  64. data/lib/bundler/templates/Executable.bundler +6 -6
  65. data/lib/bundler/version.rb +1 -1
  66. data/lib/bundler/worker.rb +17 -2
  67. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 420be71d17b8361ff58b192c7d65aff87352858d123b6c30cbbc19eb582503b1
4
- data.tar.gz: 8d1b50e3080888aee87a46a11511f144fc27c9767eae003e0b09fe6a5b5def50
3
+ metadata.gz: 42284d8028f6f07937bba73b6c9e55c511c9d14c599b5b2e3b951599a6cff7e7
4
+ data.tar.gz: dcda6b29a424bc079333e3a9f5f02f679e7cae039b3dd07e25cb6da6ebf29b4c
5
5
  SHA512:
6
- metadata.gz: a97c3dbb69d51982f210c6c78ea5a987bf4fa6439a2925769794c2fad30f42c35efc57d2f2713f37be84ee08050526513bc12a9fddd09763fb7f9748e7e4673b
7
- data.tar.gz: 1faa09cb9aa4bcf42d15820bde1c0558e6b50709b7671750758f219d56058d02a57bb22f891b7d233941194ec2519d3c3dca193e5e07d1a9be8b22a4ae1a8d5f
6
+ metadata.gz: 9cb7f2e44d450503a5c0786dcc9e3972cfa830180a518de00c5733965c9fe790ab1090611e1da3d2a8cffbd911e2a3c7531b0707a3712efd8c162b95723e827b
7
+ data.tar.gz: 0dc46959901b2edf345dbb4b0b448a9762caa91179011899d36939f927379af22b8406ddf4bb17e67c410a7d65c76c43f3c4fcb9c3ec6a4b92dcce82364cdf91
data/CHANGELOG.md CHANGED
@@ -1,3 +1,66 @@
1
+ # 2.2.25 (July 30, 2021)
2
+
3
+ ## Deprecations:
4
+
5
+ - Deprecate Gemfile without an explicit global source [#4779](https://github.com/rubygems/rubygems/pull/4779)
6
+ - Deprecate `bundle cache --path` [#4496](https://github.com/rubygems/rubygems/pull/4496)
7
+
8
+ ## Enhancements:
9
+
10
+ - Give better errors when materialization fails [#4788](https://github.com/rubygems/rubygems/pull/4788)
11
+ - Lazily load `shellwords` library [#4786](https://github.com/rubygems/rubygems/pull/4786)
12
+ - Show original error and backtrace directly on `bundle install` errors instead of a more brittle `gem install` hint [#4778](https://github.com/rubygems/rubygems/pull/4778)
13
+ - Remove LoadError message in regards to requiring a relative file [#4772](https://github.com/rubygems/rubygems/pull/4772)
14
+
15
+ ## Bug fixes:
16
+
17
+ - Fix `BUNDLE_USER_CONFIG` no longer respected as config location [#4797](https://github.com/rubygems/rubygems/pull/4797)
18
+ - Fix `--standalone` installation of default gems [#4782](https://github.com/rubygems/rubygems/pull/4782)
19
+ - Fix `--quiet` flag not printing warnings [#4781](https://github.com/rubygems/rubygems/pull/4781)
20
+ - Fix bundler binstub version selection [#4775](https://github.com/rubygems/rubygems/pull/4775)
21
+ - Fix interrupt handling in Bundler workers [#4767](https://github.com/rubygems/rubygems/pull/4767)
22
+
23
+ # 2.2.24 (July 15, 2021)
24
+
25
+ ## Bug fixes:
26
+
27
+ - Fix development gem unintentionally removed on an edge case [#4751](https://github.com/rubygems/rubygems/pull/4751)
28
+ - Fix dangling empty plugin hooks [#4755](https://github.com/rubygems/rubygems/pull/4755)
29
+ - Fix `bundle plugin install --help` showing `bundle install`'s help [#4756](https://github.com/rubygems/rubygems/pull/4756)
30
+ - Make sure `bundle check` shows uniq missing gems [#4749](https://github.com/rubygems/rubygems/pull/4749)
31
+
32
+ ## Performance:
33
+
34
+ - Slightly speed up `bundler/setup` [#4750](https://github.com/rubygems/rubygems/pull/4750)
35
+
36
+ # 2.2.23 (July 9, 2021)
37
+
38
+ ## Enhancements:
39
+
40
+ - Fix `bundle install` on truffleruby selecting incorrect variant for `sorbet-static` gem [#4625](https://github.com/rubygems/rubygems/pull/4625)
41
+ - Spare meaningless warning on read-only bundle invocations [#4724](https://github.com/rubygems/rubygems/pull/4724)
42
+
43
+ ## Bug fixes:
44
+
45
+ - Fix incorrect warning about duplicated gems in the Gemfile [#4732](https://github.com/rubygems/rubygems/pull/4732)
46
+ - Fix `bundle plugin install foo` crashing [#4734](https://github.com/rubygems/rubygems/pull/4734)
47
+
48
+ # 2.2.22 (July 6, 2021)
49
+
50
+ ## Enhancements:
51
+
52
+ - Never downgrade indirect dependencies when running `bundle update` [#4713](https://github.com/rubygems/rubygems/pull/4713)
53
+ - Fix `getaddrinfo` errors not treated as fatal on non darwin platforms [#4703](https://github.com/rubygems/rubygems/pull/4703)
54
+
55
+ ## Bug fixes:
56
+
57
+ - Fix `bundle update <gem>` sometimes hanging and `bundle lock --update` not being able to update an insecure lockfile to the new format if it requires downgrades [#4652](https://github.com/rubygems/rubygems/pull/4652)
58
+ - Fix edge case combination of DSL methods and duplicated sources causing gems to not be found [#4711](https://github.com/rubygems/rubygems/pull/4711)
59
+ - Fix `bundle doctor` crashing when finding a broken symlink [#4707](https://github.com/rubygems/rubygems/pull/4707)
60
+ - Fix incorrect re-resolve edge case [#4700](https://github.com/rubygems/rubygems/pull/4700)
61
+ - Fix some gems being unintentionally locked under multiple lockfile sections [#4701](https://github.com/rubygems/rubygems/pull/4701)
62
+ - Fix `--conservative` flag unexpectedly updating indirect dependencies [#4692](https://github.com/rubygems/rubygems/pull/4692)
63
+
1
64
  # 2.2.21 (June 23, 2021)
2
65
 
3
66
  ## Security fixes:
data/lib/bundler.rb CHANGED
@@ -236,8 +236,9 @@ module Bundler
236
236
  end
237
237
 
238
238
  if warning
239
- user_home = tmp_home_path(warning)
240
- Bundler.ui.warn "#{warning}\nBundler will use `#{user_home}' as your home directory temporarily.\n"
239
+ Bundler.ui.warn "#{warning}\n"
240
+ user_home = tmp_home_path
241
+ Bundler.ui.warn "Bundler will use `#{user_home}' as your home directory temporarily.\n"
241
242
  user_home
242
243
  else
243
244
  Pathname.new(home)
@@ -652,10 +653,6 @@ EOF
652
653
  rescue ScriptError, StandardError => e
653
654
  msg = "There was an error while loading `#{path.basename}`: #{e.message}"
654
655
 
655
- if e.is_a?(LoadError)
656
- msg += "\nDoes it try to require a relative path? That's been removed in Ruby 1.9"
657
- end
658
-
659
656
  raise GemspecError, Dsl::DSLError.new(msg, path, e.backtrace, contents)
660
657
  end
661
658
 
@@ -684,15 +681,13 @@ EOF
684
681
  Bundler.rubygems.clear_paths
685
682
  end
686
683
 
687
- def tmp_home_path(warning)
684
+ def tmp_home_path
688
685
  Kernel.send(:require, "tmpdir")
689
686
  SharedHelpers.filesystem_access(Dir.tmpdir) do
690
687
  path = Bundler.tmp
691
688
  at_exit { Bundler.rm_rf(path) }
692
689
  path
693
690
  end
694
- rescue RuntimeError => e
695
- raise e.exception("#{warning}\nBundler also failed to create a temporary home directory':\n#{e}")
696
691
  end
697
692
 
698
693
  # @param env [Hash]
@@ -4,8 +4,8 @@ module Bundler
4
4
  # Represents metadata from when the Bundler gem was built.
5
5
  module BuildMetadata
6
6
  # begin ivars
7
- @built_at = "2021-06-23".freeze
8
- @git_commit_sha = "0b5db72094".freeze
7
+ @built_at = "2021-07-30".freeze
8
+ @git_commit_sha = "7f0f257c7a".freeze
9
9
  @release = true
10
10
  # end ivars
11
11
 
data/lib/bundler/cli.rb CHANGED
@@ -14,6 +14,7 @@ module Bundler
14
14
  COMMAND_ALIASES = {
15
15
  "check" => "c",
16
16
  "install" => "i",
17
+ "plugin" => "",
17
18
  "list" => "ls",
18
19
  "exec" => ["e", "ex", "exe"],
19
20
  "cache" => ["package", "pack"],
@@ -455,6 +456,12 @@ module Bundler
455
456
  "do in future versions. Instead please use `bundle config set cache_all true`, " \
456
457
  "and stop using this flag" if ARGV.include?("--all")
457
458
 
459
+ SharedHelpers.major_deprecation 2,
460
+ "The `--path` flag is deprecated because its semantics are unclear. " \
461
+ "Use `bundle config cache_path` to configure the path of your cache of gems, " \
462
+ "and `bundle config path` to configure the path where your gems are installed, " \
463
+ "and stop using this flag" if ARGV.include?("--path")
464
+
458
465
  require_relative "cli/cache"
459
466
  Cache.new(options).run
460
467
  end
@@ -9,7 +9,7 @@ module Bundler
9
9
  end
10
10
 
11
11
  def run
12
- Bundler.ui.level = "error" if options[:quiet]
12
+ Bundler.ui.level = "warn" if options[:quiet]
13
13
  Bundler.settings.set_command_option_if_given :path, options[:path]
14
14
  Bundler.settings.set_command_option_if_given :cache_path, options["cache-path"]
15
15
 
@@ -61,7 +61,7 @@ module Bundler
61
61
  end
62
62
 
63
63
  def run
64
- Bundler.ui.level = "error" if options[:quiet]
64
+ Bundler.ui.level = "warn" if options[:quiet]
65
65
  Bundler.settings.validate!
66
66
  check!
67
67
 
@@ -100,8 +100,11 @@ module Bundler
100
100
  files_not_readable_or_writable = []
101
101
  files_not_rw_and_owned_by_different_user = []
102
102
  files_not_owned_by_current_user_but_still_rw = []
103
+ broken_symlinks = []
103
104
  Find.find(Bundler.bundle_path.to_s).each do |f|
104
- if !File.writable?(f) || !File.readable?(f)
105
+ if !File.exist?(f)
106
+ broken_symlinks << f
107
+ elsif !File.writable?(f) || !File.readable?(f)
105
108
  if File.stat(f).uid != Process.uid
106
109
  files_not_rw_and_owned_by_different_user << f
107
110
  else
@@ -113,6 +116,13 @@ module Bundler
113
116
  end
114
117
 
115
118
  ok = true
119
+
120
+ if broken_symlinks.any?
121
+ Bundler.ui.warn "Broken links exist in the Bundler home. Please report them to the offending gem's upstream repo. These files are:\n - #{broken_symlinks.join("\n - ")}"
122
+
123
+ ok = false
124
+ end
125
+
116
126
  if files_not_owned_by_current_user_but_still_rw.any?
117
127
  Bundler.ui.warn "Files exist in the Bundler home that are owned by another " \
118
128
  "user, but are still readable/writable. These files are:\n - #{files_not_owned_by_current_user_but_still_rw.join("\n - ")}"
@@ -8,7 +8,7 @@ module Bundler
8
8
  end
9
9
 
10
10
  def run
11
- Bundler.ui.level = "error" if options[:quiet]
11
+ Bundler.ui.level = "warn" if options[:quiet]
12
12
 
13
13
  warn_if_root
14
14
 
@@ -60,7 +60,7 @@ module Bundler
60
60
  installer = Installer.install(Bundler.root, definition, options)
61
61
 
62
62
  Bundler.settings.temporary(:cache_all_platforms => options[:local] ? false : Bundler.settings[:cache_all_platforms]) do
63
- Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle?
63
+ Bundler.load.cache(nil, options[:local]) if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle?
64
64
  end
65
65
 
66
66
  Bundler.ui.confirm "Bundle complete! #{dependencies_count_for(definition)}, #{gems_installed_for(definition)}."
@@ -83,28 +83,15 @@ module Bundler
83
83
  end
84
84
 
85
85
  Bundler::CLI::Common.output_fund_metadata_summary
86
- rescue GemNotFound, VersionConflict => e
87
- if options[:local] && Bundler.app_cache.exist?
88
- Bundler.ui.warn "Some gems seem to be missing from your #{Bundler.settings.app_cache_path} directory."
89
- end
90
-
91
- unless Bundler.definition.has_rubygems_remotes?
92
- Bundler.ui.warn <<-WARN, :wrap => true
93
- Your Gemfile has no gem server sources. If you need gems that are \
94
- not already on your machine, add a line like this to your Gemfile:
95
- source 'https://rubygems.org'
96
- WARN
97
- end
98
- raise e
99
- rescue Gem::InvalidSpecificationException => e
86
+ rescue Gem::InvalidSpecificationException
100
87
  Bundler.ui.warn "You have one or more invalid gemspecs that need to be fixed."
101
- raise e
88
+ raise
102
89
  end
103
90
 
104
91
  private
105
92
 
106
93
  def warn_if_root
107
- return if Bundler.settings[:silence_root_warning] || Bundler::WINDOWS || !Process.uid.zero?
94
+ return if Bundler.settings[:silence_root_warning] || Gem.win_platform? || !Process.uid.zero?
108
95
  Bundler.ui.warn "Don't run Bundler as root. Bundler can ask for sudo " \
109
96
  "if it is needed, and installing your bundle as root will break this " \
110
97
  "application for all non-root users on this machine.", :wrap => true
@@ -16,7 +16,13 @@ module Bundler
16
16
  specs = if @only_group.any? || @without_group.any?
17
17
  filtered_specs_by_groups
18
18
  else
19
- Bundler.load.specs
19
+ begin
20
+ Bundler.load.specs
21
+ rescue GemNotFound => e
22
+ Bundler.ui.error e.message
23
+ Bundler.ui.warn "Install missing gems with `bundle install`."
24
+ exit 1
25
+ end
20
26
  end.reject {|s| s.name == "bundler" }.sort_by(&:name)
21
27
 
22
28
  return Bundler.ui.info "No gems in the Gemfile" if specs.empty?
@@ -21,9 +21,13 @@ module Bundler
21
21
  Bundler::Fetcher.disable_endpoint = options["full-index"]
22
22
 
23
23
  update = options[:update]
24
+ conservative = options[:conservative]
25
+
24
26
  if update.is_a?(Array) # unlocking specific gems
25
27
  Bundler::CLI::Common.ensure_all_gems_in_lockfile!(update)
26
- update = { :gems => update, :lock_shared_dependencies => options[:conservative] }
28
+ update = { :gems => update, :conservative => conservative }
29
+ elsif update
30
+ update = { :conservative => conservative } if conservative
27
31
  end
28
32
  definition = Bundler.definition(update)
29
33
 
@@ -1,7 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require "shellwords"
4
-
5
3
  module Bundler
6
4
  class CLI::Open
7
5
  attr_reader :options, :name
@@ -19,6 +17,7 @@ module Bundler
19
17
  else
20
18
  path = spec.full_gem_path
21
19
  Dir.chdir(path) do
20
+ require "shellwords"
22
21
  command = Shellwords.split(editor) + [path]
23
22
  Bundler.with_original_env do
24
23
  system(*command)
@@ -9,7 +9,7 @@ module Bundler
9
9
  end
10
10
 
11
11
  def run
12
- Bundler.ui.level = "error" if options[:quiet]
12
+ Bundler.ui.level = "warn" if options[:quiet]
13
13
 
14
14
  Plugin.gemfile_install(Bundler.default_gemfile) if Bundler.feature_flag.plugins?
15
15
 
@@ -27,9 +27,14 @@ module Bundler
27
27
  raise InvalidOption, "Cannot specify --all along with specific options."
28
28
  end
29
29
 
30
+ conservative = options[:conservative]
31
+
30
32
  if full_update
31
- # We're doing a full update
32
- Bundler.definition(true)
33
+ if conservative
34
+ Bundler.definition(:conservative => conservative)
35
+ else
36
+ Bundler.definition(true)
37
+ end
33
38
  else
34
39
  unless Bundler.default_lockfile.exist?
35
40
  raise GemfileLockNotFound, "This Bundle hasn't been installed yet. " \
@@ -43,7 +48,7 @@ module Bundler
43
48
  end
44
49
 
45
50
  Bundler.definition(:gems => gems, :sources => sources, :ruby => options[:ruby],
46
- :lock_shared_dependencies => options[:conservative],
51
+ :conservative => conservative,
47
52
  :bundler => options[:bundler])
48
53
  end
49
54
 
@@ -65,19 +65,19 @@ module Bundler
65
65
  end
66
66
 
67
67
  def mswin?
68
- Bundler::WINDOWS
68
+ Gem.win_platform?
69
69
  end
70
70
 
71
71
  def mswin64?
72
- Bundler::WINDOWS && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mswin64" && Bundler.local_platform.cpu == "x64"
72
+ Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mswin64" && Bundler.local_platform.cpu == "x64"
73
73
  end
74
74
 
75
75
  def mingw?
76
- Bundler::WINDOWS && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu != "x64"
76
+ Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu != "x64"
77
77
  end
78
78
 
79
79
  def x64_mingw?
80
- Bundler::WINDOWS && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu == "x64"
80
+ Gem.win_platform? && Bundler.local_platform != Gem::Platform::RUBY && Bundler.local_platform.os == "mingw32" && Bundler.local_platform.cpu == "x64"
81
81
  end
82
82
 
83
83
  (KNOWN_MINOR_VERSIONS + KNOWN_MAJOR_VERSIONS).each do |version|
@@ -56,10 +56,8 @@ module Bundler
56
56
  @unlocking_bundler = false
57
57
  @unlocking = unlock
58
58
  else
59
- unlock = unlock.dup
60
59
  @unlocking_bundler = unlock.delete(:bundler)
61
- unlock.delete_if {|_k, v| Array(v).empty? }
62
- @unlocking = !unlock.empty?
60
+ @unlocking = unlock.any? {|_k, v| !Array(v).empty? }
63
61
  end
64
62
 
65
63
  @dependencies = dependencies
@@ -106,8 +104,8 @@ module Bundler
106
104
  @locked_platforms = []
107
105
  end
108
106
 
109
- @locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
110
- @multisource_allowed = @locked_gem_sources.any?(&:multiple_remotes?) && (sources.aggregate_global_source? || Bundler.frozen_bundle?)
107
+ locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
108
+ @multisource_allowed = locked_gem_sources.size == 1 && locked_gem_sources.first.multiple_remotes? && Bundler.frozen_bundle?
111
109
 
112
110
  if @multisource_allowed
113
111
  unless sources.aggregate_global_source?
@@ -116,10 +114,9 @@ module Bundler
116
114
  Bundler::SharedHelpers.major_deprecation 2, msg
117
115
  end
118
116
 
119
- @sources.merged_gem_lockfile_sections!
117
+ @sources.merged_gem_lockfile_sections!(locked_gem_sources.first)
120
118
  end
121
119
 
122
- @unlock[:gems] ||= []
123
120
  @unlock[:sources] ||= []
124
121
  @unlock[:ruby] ||= if @ruby_version && locked_ruby_version_object
125
122
  @ruby_version.diff(locked_ruby_version_object)
@@ -132,9 +129,11 @@ module Bundler
132
129
  @path_changes = converge_paths
133
130
  @source_changes = converge_sources
134
131
 
135
- unless @unlock[:lock_shared_dependencies]
136
- eager_unlock = expand_dependencies(@unlock[:gems], true)
137
- @unlock[:gems] = @locked_specs.for(eager_unlock, [], false, false, false).map(&:name)
132
+ if @unlock[:conservative]
133
+ @unlock[:gems] ||= @dependencies.map(&:name)
134
+ else
135
+ eager_unlock = expand_dependencies(@unlock[:gems] || [], true)
136
+ @unlock[:gems] = @locked_specs.for(eager_unlock, false, false).map(&:name)
138
137
  end
139
138
 
140
139
  @dependency_changes = converge_dependencies
@@ -186,25 +185,7 @@ module Bundler
186
185
  #
187
186
  # @return [Bundler::SpecSet]
188
187
  def specs
189
- @specs ||= begin
190
- begin
191
- specs = resolve.materialize(requested_dependencies)
192
- rescue GemNotFound => e # Handle yanked gem
193
- gem_name, gem_version = extract_gem_info(e)
194
- locked_gem = @locked_specs[gem_name].last
195
- raise if locked_gem.nil? || locked_gem.version.to_s != gem_version || !@remote
196
- raise GemNotFound, "Your bundle is locked to #{locked_gem} from #{locked_gem.source}, but that version can " \
197
- "no longer be found in that source. That means the author of #{locked_gem} has removed it. " \
198
- "You'll need to update your bundle to a version other than #{locked_gem} that hasn't been " \
199
- "removed in order to install."
200
- end
201
- unless specs["bundler"].any?
202
- bundler = sources.metadata_source.specs.search(Gem::Dependency.new("bundler", VERSION)).last
203
- specs["bundler"] = bundler
204
- end
205
-
206
- specs
207
- end
188
+ @specs ||= materialize(requested_dependencies)
208
189
  end
209
190
 
210
191
  def new_specs
@@ -216,9 +197,7 @@ module Bundler
216
197
  end
217
198
 
218
199
  def missing_specs
219
- missing = []
220
- resolve.materialize(requested_dependencies, missing)
221
- missing
200
+ resolve.materialize(requested_dependencies).missing_specs
222
201
  end
223
202
 
224
203
  def missing_specs?
@@ -236,17 +215,11 @@ module Bundler
236
215
  end
237
216
 
238
217
  def requested_specs
239
- @requested_specs ||= begin
240
- groups = requested_groups
241
- groups.map!(&:to_sym)
242
- specs_for(groups)
243
- end
218
+ specs_for(requested_groups)
244
219
  end
245
220
 
246
221
  def requested_dependencies
247
- groups = requested_groups
248
- groups.map!(&:to_sym)
249
- dependencies_for(groups)
222
+ dependencies_for(requested_groups)
250
223
  end
251
224
 
252
225
  def current_dependencies
@@ -256,11 +229,13 @@ module Bundler
256
229
  end
257
230
 
258
231
  def specs_for(groups)
232
+ groups = requested_groups if groups.empty?
259
233
  deps = dependencies_for(groups)
260
- specs.for(expand_dependencies(deps))
234
+ materialize(expand_dependencies(deps))
261
235
  end
262
236
 
263
237
  def dependencies_for(groups)
238
+ groups.map!(&:to_sym)
264
239
  current_dependencies.reject do |d|
265
240
  (d.groups & groups).empty?
266
241
  end
@@ -289,10 +264,6 @@ module Bundler
289
264
  end
290
265
  end
291
266
 
292
- def has_rubygems_remotes?
293
- sources.rubygems_sources.any? {|s| s.remotes.any? }
294
- end
295
-
296
267
  def spec_git_paths
297
268
  sources.git_sources.map {|s| File.realpath(s.path) if File.exist?(s.path) }.compact
298
269
  end
@@ -498,9 +469,6 @@ module Bundler
498
469
  attr_reader :sources
499
470
  private :sources
500
471
 
501
- attr_reader :locked_gem_sources
502
- private :locked_gem_sources
503
-
504
472
  def nothing_changed?
505
473
  !@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@locked_specs_incomplete_for_platform
506
474
  end
@@ -511,6 +479,31 @@ module Bundler
511
479
 
512
480
  private
513
481
 
482
+ def materialize(dependencies)
483
+ specs = resolve.materialize(dependencies)
484
+ missing_specs = specs.missing_specs
485
+
486
+ if missing_specs.any?
487
+ missing_specs.each do |s|
488
+ locked_gem = @locked_specs[s.name].last
489
+ next if locked_gem.nil? || locked_gem.version != s.version || !@remote
490
+ raise GemNotFound, "Your bundle is locked to #{locked_gem} from #{locked_gem.source}, but that version can " \
491
+ "no longer be found in that source. That means the author of #{locked_gem} has removed it. " \
492
+ "You'll need to update your bundle to a version other than #{locked_gem} that hasn't been " \
493
+ "removed in order to install."
494
+ end
495
+
496
+ raise GemNotFound, "Could not find #{missing_specs.map(&:full_name).join(", ")} in any of the sources"
497
+ end
498
+
499
+ unless specs["bundler"].any?
500
+ bundler = sources.metadata_source.specs.search(Gem::Dependency.new("bundler", VERSION)).last
501
+ specs["bundler"] = bundler
502
+ end
503
+
504
+ specs
505
+ end
506
+
514
507
  def precompute_source_requirements_for_indirect_dependencies?
515
508
  sources.non_global_rubygems_sources.all?(&:dependency_api_available?) && !sources.aggregate_global_source?
516
509
  end
@@ -628,35 +621,11 @@ module Bundler
628
621
  end
629
622
  end
630
623
 
631
- def converge_rubygems_sources
632
- return false unless multisource_allowed?
633
-
634
- return false if locked_gem_sources.empty?
635
-
636
- # Get the RubyGems remotes from the Gemfile
637
- actual_remotes = sources.rubygems_remotes
638
- return false if actual_remotes.empty?
639
-
640
- changes = false
641
-
642
- # If there is a RubyGems source in both
643
- locked_gem_sources.each do |locked_gem_source|
644
- # Merge the remotes from the Gemfile into the Gemfile.lock
645
- changes |= locked_gem_source.replace_remotes(actual_remotes, Bundler.settings[:allow_deployment_source_credential_changes])
646
- end
647
-
648
- changes
649
- end
650
-
651
624
  def converge_sources
652
- changes = false
653
-
654
- changes |= converge_rubygems_sources
655
-
656
625
  # Replace the sources from the Gemfile with the sources from the Gemfile.lock,
657
626
  # if they exist in the Gemfile.lock and are `==`. If you can't find an equivalent
658
627
  # source in the Gemfile.lock, use the one from the Gemfile.
659
- changes |= sources.replace_sources!(@locked_sources)
628
+ changes = sources.replace_sources!(@locked_sources)
660
629
 
661
630
  sources.all_sources.each do |source|
662
631
  # If the source is unlockable and the current command allows an unlock of
@@ -741,24 +710,17 @@ module Bundler
741
710
  end
742
711
  end
743
712
 
744
- unlock_source_unlocks_spec = Bundler.feature_flag.unlock_source_unlocks_spec?
745
-
746
713
  converged = []
747
714
  @locked_specs.each do |s|
748
715
  # Replace the locked dependency's source with the equivalent source from the Gemfile
749
716
  dep = @dependencies.find {|d| s.satisfies?(d) }
750
- s.source = (dep && dep.source) || sources.get(s.source)
717
+ s.source = (dep && dep.source) || sources.get(s.source) unless multisource_allowed?
751
718
 
752
719
  # Don't add a spec to the list if its source is expired. For example,
753
720
  # if you change a Git gem to RubyGems.
754
721
  next if s.source.nil?
755
722
  next if @unlock[:sources].include?(s.source.name)
756
723
 
757
- # XXX This is a backwards-compatibility fix to preserve the ability to
758
- # unlock a single gem by passing its name via `--source`. See issue #3759
759
- # TODO: delete in Bundler 2
760
- next if unlock_source_unlocks_spec && @unlock[:sources].include?(s.name)
761
-
762
724
  # If the spec is from a path source and it doesn't exist anymore
763
725
  # then we unlock it.
764
726
 
@@ -770,7 +732,7 @@ module Bundler
770
732
  # if we won't need the source (according to the lockfile),
771
733
  # don't error if the path/git source isn't available
772
734
  next if @locked_specs.
773
- for(requested_dependencies, [], false, true, false).
735
+ for(requested_dependencies, false, true).
774
736
  none? {|locked_spec| locked_spec.source == s.source }
775
737
 
776
738
  raise
@@ -789,8 +751,8 @@ module Bundler
789
751
  end
790
752
 
791
753
  resolve = SpecSet.new(converged)
792
- @locked_specs_incomplete_for_platform = !resolve.for(expand_dependencies(requested_dependencies & deps), @unlock[:gems], true, true)
793
- resolve = resolve.for(expand_dependencies(deps, true), @unlock[:gems], false, false, false)
754
+ @locked_specs_incomplete_for_platform = !resolve.for(expand_dependencies(requested_dependencies & deps), true, true)
755
+ resolve = SpecSet.new(resolve.for(expand_dependencies(deps, true), false, false).reject{|s| @unlock[:gems].include?(s.name) })
794
756
  diff = nil
795
757
 
796
758
  # Now, we unlock any sources that do not have anymore gems pinned to it
@@ -894,12 +856,6 @@ module Bundler
894
856
  current == proposed
895
857
  end
896
858
 
897
- def extract_gem_info(error)
898
- # This method will extract the error message like "Could not find foo-1.2.3 in any of the sources"
899
- # to an array. The first element will be the gem name (e.g. foo), the second will be the version number.
900
- error.message.scan(/Could not find (\w+)-(\d+(?:\.\d+)+)/).flatten
901
- end
902
-
903
859
  def compute_requires
904
860
  dependencies.reduce({}) do |requires, dep|
905
861
  next requires unless dep.should_include?
@@ -912,14 +868,13 @@ module Bundler
912
868
  end
913
869
 
914
870
  def additional_base_requirements_for_resolve
915
- return [] unless @locked_gems
871
+ return [] unless @locked_gems && unlocking? && !sources.expired_sources?(@locked_gems.sources)
916
872
  dependencies_by_name = dependencies.inject({}) {|memo, dep| memo.update(dep.name => dep) }
917
873
  @locked_gems.specs.reduce({}) do |requirements, locked_spec|
918
874
  name = locked_spec.name
919
875
  dependency = dependencies_by_name[name]
920
- next requirements unless dependency
921
876
  next requirements if @locked_gems.dependencies[name] != dependency
922
- next requirements if dependency.source.is_a?(Source::Path)
877
+ next requirements if dependency && dependency.source.is_a?(Source::Path)
923
878
  dep = Gem::Dependency.new(name, ">= #{locked_spec.version}")
924
879
  requirements[name] = DepProxy.get_proxy(dep, locked_spec.platform)
925
880
  requirements