bundler 2.2.23 → 2.2.27

data/lib/bundler/settings.rb

@@ -419,7 +419,15 @@ module Bundler
       elsif is_credential(key)
         "[REDACTED]"
       elsif is_userinfo(converted)
-        converted.gsub(/:.*$/, ":[REDACTED]")
+        username, pass = converted.split(":", 2)
+
+        if pass == "x-oauth-basic"
+          username = "[REDACTED]"
+        else
+          pass = "[REDACTED]"
+        end
+
+        [username, pass].join(":")
       else
         converted
       end
@@ -428,6 +436,10 @@ module Bundler
     def global_config_file
       if ENV["BUNDLE_CONFIG"] && !ENV["BUNDLE_CONFIG"].empty?
         Pathname.new(ENV["BUNDLE_CONFIG"])
+      elsif ENV["BUNDLE_USER_CONFIG"] && !ENV["BUNDLE_USER_CONFIG"].empty?
+        Pathname.new(ENV["BUNDLE_USER_CONFIG"])
+      elsif ENV["BUNDLE_USER_HOME"] && !ENV["BUNDLE_USER_HOME"].empty?
+        Pathname.new(ENV["BUNDLE_USER_HOME"]).join("config")
       elsif Bundler.rubygems.user_home && !Bundler.rubygems.user_home.empty?
         Pathname.new(Bundler.rubygems.user_home).join(".bundle/config")
       end

data/lib/bundler/setup.rb

@@ -9,10 +9,10 @@ if Bundler::SharedHelpers.in_bundle?
     begin
       Bundler.ui.silence { Bundler.setup }
     rescue Bundler::BundlerError => e
-      Bundler.ui.warn "\e[31m#{e.message}\e[0m"
+      Bundler.ui.error e.message
       Bundler.ui.warn e.backtrace.join("\n") if ENV["DEBUG"]
       if e.is_a?(Bundler::GemNotFound)
-        Bundler.ui.warn "\e[33mRun `bundle install` to install missing gems.\e[0m"
+        Bundler.ui.warn "Run `bundle install` to install missing gems."
       end
       exit e.status_code
     end

data/lib/bundler/shared_helpers.rb

@@ -152,13 +152,6 @@ module Bundler
       Bundler.ui.warn message
     end
 
-    def trap(signal, override = false, &block)
-      prior = Signal.trap(signal) do
-        block.call
-        prior.call unless override
-      end
-    end
-
     def ensure_same_dependencies(spec, old_deps, new_deps)
       new_deps = new_deps.reject {|d| d.type == :development }
       old_deps = old_deps.reject {|d| d.type == :development }

data/lib/bundler/source/git/git_proxy.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "shellwords"
-
 module Bundler
   class Source
     class Git
@@ -224,6 +222,7 @@ module Bundler
         end
 
         def check_allowed(command)
+          require "shellwords"
           command_with_no_credentials = URICredentialsFilter.credential_filtered_string("git #{command.shelljoin}", uri)
           raise GitNotAllowedError.new(command_with_no_credentials) unless allow?
           command_with_no_credentials

data/lib/bundler/source/rubygems.rb

@@ -29,6 +29,7 @@ module Bundler
       def local_only!
         @specs = nil
         @allow_local = true
+        @allow_cached = false
         @allow_remote = false
       end
 
@@ -50,6 +51,7 @@ module Bundler
         return if @allow_cached
 
         @specs = nil
+        @allow_local = true
         @allow_cached = true
       end
 
@@ -71,6 +73,10 @@ module Bundler
         @remotes.size > 1
       end
 
+      def no_remotes?
+        @remotes.size == 0
+      end
+
       def can_lock?(spec)
         return super unless multiple_remotes?
         include?(spec.source)
@@ -92,11 +98,22 @@ module Bundler
         out << "  specs:\n"
       end
 
+      def to_err
+        if remotes.empty?
+          "locally installed gems"
+        elsif @allow_remote
+          "rubygems repository #{remote_names} or installed locally"
+        elsif @allow_cached
+          "cached gems from rubygems repository #{remote_names} or installed locally"
+        else
+          "locally installed gems"
+        end
+      end
+
       def to_s
         if remotes.empty?
           "locally installed gems"
         else
-          remote_names = remotes.map(&:to_s).join(", ")
           "rubygems repository #{remote_names} or installed locally"
         end
       end
@@ -127,7 +144,7 @@ module Bundler
           end
         end
 
-        if (installed?(spec) || Plugin.installed?(spec.name)) && !force
+        if installed?(spec) && !force
           print_using_message "Using #{version_message(spec)}"
           return nil # no post-install message
         end
@@ -315,6 +332,10 @@ module Bundler
 
       protected
 
+      def remote_names
+        remotes.map(&:to_s).join(", ")
+      end
+
       def credless_remotes
         remotes.map(&method(:suppress_configured_credentials))
       end

data/lib/bundler/source/rubygems_aggregate.rb

@@ -16,6 +16,10 @@ module Bundler
         @index
       end
 
+      def to_err
+        to_s
+      end
+
       def to_s
         "any of the sources"
       end

data/lib/bundler/source.rb

@@ -67,6 +67,10 @@ module Bundler
       "#<#{self.class}:0x#{object_id} #{self}>"
     end
 
+    def to_err
+      to_s
+    end
+
     def path?
       instance_of?(Bundler::Source::Path)
     end

data/lib/bundler/source_list.rb

@@ -37,6 +37,10 @@ module Bundler
       global_rubygems_source.multiple_remotes?
     end
 
+    def implicit_global_source?
+      global_rubygems_source.no_remotes?
+    end
+
     def add_path_source(options = {})
       if options["gemspec"]
         add_source_to_list Source::Gemspec.new(options), path_sources
@@ -117,7 +121,8 @@ module Bundler
     def replace_sources!(replacement_sources)
       return false if replacement_sources.empty?
 
-      @path_sources, @git_sources, @plugin_sources = map_sources(replacement_sources)
+      @rubygems_sources, @path_sources, @git_sources, @plugin_sources = map_sources(replacement_sources)
+      @global_rubygems_source = global_replacement_source(replacement_sources)
 
       different_sources?(lock_sources, replacement_sources)
     end
@@ -152,13 +157,21 @@ module Bundler
     end
 
     def map_sources(replacement_sources)
-      [path_sources, git_sources, plugin_sources].map do |sources|
+      [@rubygems_sources, @path_sources, @git_sources, @plugin_sources].map do |sources|
         sources.map do |source|
           replacement_sources.find {|s| s == source } || source
         end
       end
     end
 
+    def global_replacement_source(replacement_sources)
+      replacement_source = replacement_sources.find {|s| s == global_rubygems_source }
+      return global_rubygems_source unless replacement_source
+
+      replacement_source.local!
+      replacement_source
+    end
+
     def different_sources?(lock_sources, replacement_sources)
       !equal_sources?(lock_sources, replacement_sources) && !equivalent_sources?(lock_sources, replacement_sources)
     end
@@ -202,7 +215,7 @@ module Bundler
     end
 
     def equal_source?(source, other_source)
-      return source.include?(other_source) if source.is_a?(Source::Rubygems) && other_source.is_a?(Source::Rubygems) && !merged_gem_lockfile_sections?
+      return source.include?(other_source) if source.is_a?(Source::Rubygems) && other_source.is_a?(Source::Rubygems)
 
       source == other_source
     end

data/lib/bundler/spec_set.rb

@@ -11,21 +11,20 @@ module Bundler
       @specs = specs
     end
 
-    def for(dependencies, skip = [], check = false, match_current_platform = false, raise_on_missing = true)
+    def for(dependencies, check = false, match_current_platform = false)
       handled = []
       deps = dependencies.dup
       specs = []
-      skip += ["bundler"]
 
       loop do
         break unless dep = deps.shift
-        next if handled.include?(dep) || skip.include?(dep.name)
+        next if handled.any?{|d| d.name == dep.name && (match_current_platform || d.__platform == dep.__platform) } || dep.name == "bundler"
 
         handled << dep
 
         specs_for_dep = spec_for_dependency(dep, match_current_platform)
         if specs_for_dep.any?
-          specs += specs_for_dep
+          match_current_platform ? specs += specs_for_dep : specs |= specs_for_dep
 
           specs_for_dep.first.dependencies.each do |d|
             next if d.type == :development
@@ -34,11 +33,6 @@ module Bundler
           end
         elsif check
           return false
-        elsif raise_on_missing
-          others = lookup[dep.name] if match_current_platform
-          message = "Unable to find a spec satisfying #{dep} in the set. Perhaps the lockfile is corrupted?"
-          message += " Found #{others.join(", ")} that did not match the current platform." if others && !others.empty?
-          raise GemNotFound, message
         end
       end
 
@@ -72,52 +66,35 @@ module Bundler
       lookup.dup
     end
 
-    def materialize(deps, missing_specs = nil)
-      materialized = self.for(deps, [], false, true, !missing_specs)
-
-      materialized.group_by(&:source).each do |source, specs|
-        next unless specs.any?{|s| s.is_a?(LazySpecification) }
-
-        source.local!
-        names = -> { specs.map(&:name).uniq }
-        source.double_check_for(names)
-      end
+    def materialize(deps)
+      materialized = self.for(deps, false, true)
 
       materialized.map! do |s|
         next s unless s.is_a?(LazySpecification)
-        spec = s.__materialize__
-        unless spec
-          unless missing_specs
-            raise GemNotFound, "Could not find #{s.full_name} in any of the sources"
-          end
-          missing_specs << s
-        end
-        spec
+        s.source.local!
+        s.__materialize__ || s
       end
-      SpecSet.new(missing_specs ? materialized.compact : materialized)
+      SpecSet.new(materialized)
     end
 
     # Materialize for all the specs in the spec set, regardless of what platform they're for
     # This is in contrast to how for does platform filtering (and specifically different from how `materialize` calls `for` only for the current platform)
     # @return [Array<Gem::Specification>]
     def materialized_for_all_platforms
-      @specs.group_by(&:source).each do |source, specs|
-        next unless specs.any?{|s| s.is_a?(LazySpecification) }
-
-        source.local!
-        source.remote!
-        names = -> { specs.map(&:name).uniq }
-        source.double_check_for(names)
-      end
-
       @specs.map do |s|
         next s unless s.is_a?(LazySpecification)
+        s.source.local!
+        s.source.remote!
         spec = s.__materialize__
         raise GemNotFound, "Could not find #{s.full_name} in any of the sources" unless spec
         spec
       end
     end
 
+    def missing_specs
+      @specs.select {|s| s.is_a?(LazySpecification) }
+    end
+
     def merge(set)
       arr = sorted.dup
       set.each do |set_spec|

data/lib/bundler/templates/Executable.bundler

@@ -60,16 +60,16 @@ m = Module.new do
     Regexp.last_match(1)
   end
 
-  def bundler_version
-    @bundler_version ||=
+  def bundler_requirement
+    @bundler_requirement ||=
       env_var_version || cli_arg_version ||
-        lockfile_version
+        bundler_requirement_for(lockfile_version)
   end
 
-  def bundler_requirement
-    return "#{Gem::Requirement.default}.a" unless bundler_version
+  def bundler_requirement_for(version)
+    return "#{Gem::Requirement.default}.a" unless version
 
-    bundler_gem_version = Gem::Version.new(bundler_version)
+    bundler_gem_version = Gem::Version.new(version)
 
     requirement = bundler_gem_version.approximate_recommendation
 

data/lib/bundler/templates/newgem/github/workflows/main.yml.tt

@@ -1,16 +1,27 @@
 name: Ruby
 
-on: [push,pull_request]
+on:
+  push:
+    branches:
+      - <%= config[:git_default_branch] %>
+
+  pull_request:
 
 jobs:
   build:
     runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        ruby:
+          - <%= RUBY_VERSION %>
+
     steps:
     - uses: actions/checkout@v2
     - name: Set up Ruby
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: <%= RUBY_VERSION %>
+        ruby-version: ${{ matrix.ruby }}
         bundler-cache: true
     - name: Run the default task
       run: bundle exec rake

data/lib/bundler/templates/newgem/newgem.gemspec.tt

@@ -25,7 +25,9 @@ Gem::Specification.new do |spec|
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
-    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{\A(?:test|spec|features)/}) }
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+    end
   end
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }

data/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.2.23".freeze
+  VERSION = "2.2.27".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i

data/lib/bundler/worker.rb

@@ -26,7 +26,7 @@ module Bundler
       @func = func
       @size = size
       @threads = nil
-      SharedHelpers.trap("INT") { abort_threads }
+      @previous_interrupt_handler = nil
     end
 
     # Enqueue a request to be executed in the worker pool
@@ -68,13 +68,16 @@ module Bundler
     # so as worker threads after retrieving it, shut themselves down
     def stop_threads
       return unless @threads
+
       @threads.each { @request_queue.enq POISON }
       @threads.each(&:join)
+
+      remove_interrupt_handler
+
       @threads = nil
     end
 
     def abort_threads
-      return unless @threads
       Bundler.ui.debug("\n#{caller.join("\n")}")
       @threads.each(&:exit)
       exit 1
@@ -94,11 +97,23 @@ module Bundler
         end
       end.compact
 
+      add_interrupt_handler unless @threads.empty?
+
       return if creation_errors.empty?
 
       message = "Failed to create threads for the #{name} worker: #{creation_errors.map(&:to_s).uniq.join(", ")}"
       raise ThreadCreationError, message if @threads.empty?
       Bundler.ui.info message
     end
+
+    def add_interrupt_handler
+      @previous_interrupt_handler = trap("INT") { abort_threads }
+    end
+
+    def remove_interrupt_handler
+      return unless @previous_interrupt_handler
+
+      trap "INT", @previous_interrupt_handler
+    end
   end
 end