RubyGems - bundler - Versions diffs - 2.2.29 → 2.5.16 - Mend

bundler 2.2.29 → 2.5.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (330) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +1129 -4
data/README.md +4 -8
data/bundler.gemspec +11 -11
data/exe/bundle +5 -26
data/exe/bundler +1 -1
data/lib/bundler/.document +1 -0
data/lib/bundler/build_metadata.rb +4 -4
data/lib/bundler/capistrano.rb +1 -1
data/lib/bundler/checksum.rb +254 -0
data/lib/bundler/ci_detector.rb +75 -0
data/lib/bundler/cli/add.rb +4 -4
data/lib/bundler/cli/binstubs.rb +10 -6
data/lib/bundler/cli/cache.rb +1 -1
data/lib/bundler/cli/check.rb +3 -3
data/lib/bundler/cli/common.rb +13 -3
data/lib/bundler/cli/config.rb +18 -8
data/lib/bundler/cli/console.rb +5 -4
data/lib/bundler/cli/doctor.rb +12 -5
data/lib/bundler/cli/exec.rb +1 -1
data/lib/bundler/cli/fund.rb +1 -1
data/lib/bundler/cli/gem.rb +141 -48
data/lib/bundler/cli/info.rb +27 -17
data/lib/bundler/cli/init.rb +6 -2
data/lib/bundler/cli/install.rb +22 -39
data/lib/bundler/cli/issue.rb +5 -4
data/lib/bundler/cli/lock.rb +36 -29
data/lib/bundler/cli/open.rb +9 -9
data/lib/bundler/cli/outdated.rb +19 -12
data/lib/bundler/cli/platform.rb +8 -6
data/lib/bundler/cli/plugin.rb +9 -15
data/lib/bundler/cli/pristine.rb +38 -30
data/lib/bundler/cli/show.rb +3 -3
data/lib/bundler/cli/update.rb +12 -7
data/lib/bundler/cli/viz.rb +1 -1
data/lib/bundler/cli.rb +266 -285
data/lib/bundler/compact_index_client/cache.rb +53 -67
data/lib/bundler/compact_index_client/cache_file.rb +153 -0
data/lib/bundler/compact_index_client/gem_parser.rb +7 -3
data/lib/bundler/compact_index_client/parser.rb +84 -0
data/lib/bundler/compact_index_client/updater.rb +83 -76
data/lib/bundler/compact_index_client.rb +59 -87
data/lib/bundler/constants.rb +9 -2
data/lib/bundler/current_ruby.rb +12 -16
data/lib/bundler/definition.rb +509 -319
data/lib/bundler/dependency.rb +33 -71
data/lib/bundler/digest.rb +71 -0
data/lib/bundler/dsl.rb +88 -69
data/lib/bundler/endpoint_specification.rb +32 -15
data/lib/bundler/env.rb +5 -7
data/lib/bundler/environment_preserver.rb +8 -22
data/lib/bundler/errors.rb +101 -13
data/lib/bundler/feature_flag.rb +0 -2
data/lib/bundler/fetcher/base.rb +11 -11
data/lib/bundler/fetcher/compact_index.rb +32 -52
data/lib/bundler/fetcher/dependency.rb +3 -7
data/lib/bundler/fetcher/downloader.rb +17 -16
data/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
data/lib/bundler/fetcher/index.rb +2 -29
data/lib/bundler/fetcher.rb +87 -79
data/lib/bundler/force_platform.rb +18 -0
data/lib/bundler/friendly_errors.rb +29 -40
data/lib/bundler/gem_helper.rb +11 -23
data/lib/bundler/gem_helpers.rb +30 -6
data/lib/bundler/gem_version_promoter.rb +68 -109
data/lib/bundler/graph.rb +9 -9
data/lib/bundler/index.rb +71 -79
data/lib/bundler/injector.rb +23 -11
data/lib/bundler/inline.rb +11 -23
data/lib/bundler/installer/gem_installer.rb +18 -11
data/lib/bundler/installer/parallel_installer.rb +17 -65
data/lib/bundler/installer/standalone.rb +56 -15
data/lib/bundler/installer.rb +35 -61
data/lib/bundler/lazy_specification.rb +92 -61
data/lib/bundler/lockfile_generator.rb +12 -3
data/lib/bundler/lockfile_parser.rb +137 -70
data/lib/bundler/man/bundle-add.1 +19 -26
data/lib/bundler/man/bundle-add.1.ronn +16 -4
data/lib/bundler/man/bundle-binstubs.1 +4 -16
data/lib/bundler/man/bundle-cache.1 +9 -24
data/lib/bundler/man/bundle-cache.1.ronn +9 -2
data/lib/bundler/man/bundle-check.1 +5 -12
data/lib/bundler/man/bundle-check.1.ronn +3 -0
data/lib/bundler/man/bundle-clean.1 +4 -11
data/lib/bundler/man/bundle-clean.1.ronn +1 -1
data/lib/bundler/man/bundle-config.1 +47 -224
data/lib/bundler/man/bundle-config.1.ronn +40 -28
data/lib/bundler/man/bundle-console.1 +35 -0
data/lib/bundler/man/bundle-console.1.ronn +44 -0
data/lib/bundler/man/bundle-doctor.1 +4 -18
data/lib/bundler/man/bundle-exec.1 +16 -77
data/lib/bundler/man/bundle-exec.1.ronn +8 -9
data/lib/bundler/man/bundle-gem.1 +45 -72
data/lib/bundler/man/bundle-gem.1.ronn +32 -5
data/lib/bundler/man/bundle-help.1 +9 -0
data/lib/bundler/man/bundle-help.1.ronn +12 -0
data/lib/bundler/man/bundle-info.1 +5 -11
data/lib/bundler/man/bundle-info.1.ronn +3 -3
data/lib/bundler/man/bundle-init.1 +6 -11
data/lib/bundler/man/bundle-init.1.ronn +2 -0
data/lib/bundler/man/bundle-inject.1 +8 -18
data/lib/bundler/man/bundle-inject.1.ronn +3 -1
data/lib/bundler/man/bundle-install.1 +32 -155
data/lib/bundler/man/bundle-install.1.ronn +11 -33
data/lib/bundler/man/bundle-list.1 +4 -19
data/lib/bundler/man/bundle-lock.1 +5 -29
data/lib/bundler/man/bundle-open.1 +18 -18
data/lib/bundler/man/bundle-open.1.ronn +9 -1
data/lib/bundler/man/bundle-outdated.1 +17 -72
data/lib/bundler/man/bundle-outdated.1.ronn +13 -18
data/lib/bundler/man/bundle-platform.1 +16 -28
data/lib/bundler/man/bundle-platform.1.ronn +14 -7
data/lib/bundler/man/bundle-plugin.1 +58 -0
data/lib/bundler/man/bundle-plugin.1.ronn +63 -0
data/lib/bundler/man/bundle-pristine.1 +5 -16
data/lib/bundler/man/bundle-remove.1 +4 -14
data/lib/bundler/man/bundle-show.1 +3 -10
data/lib/bundler/man/bundle-update.1 +19 -138
data/lib/bundler/man/bundle-update.1.ronn +2 -1
data/lib/bundler/man/bundle-version.1 +22 -0
data/lib/bundler/man/bundle-version.1.ronn +24 -0
data/lib/bundler/man/bundle-viz.1 +6 -15
data/lib/bundler/man/bundle-viz.1.ronn +2 -0
data/lib/bundler/man/bundle.1 +17 -51
data/lib/bundler/man/bundle.1.ronn +12 -7
data/lib/bundler/man/gemfile.5 +130 -346
data/lib/bundler/man/gemfile.5.ronn +121 -86
data/lib/bundler/man/index.txt +4 -0
data/lib/bundler/match_metadata.rb +17 -0
data/lib/bundler/match_platform.rb +1 -2
data/lib/bundler/match_remote_metadata.rb +29 -0
data/lib/bundler/mirror.rb +8 -10
data/lib/bundler/plugin/api/source.rb +9 -13
data/lib/bundler/plugin/index.rb +13 -5
data/lib/bundler/plugin/installer/git.rb +0 -4
data/lib/bundler/plugin/installer/path.rb +18 -0
data/lib/bundler/plugin/installer/rubygems.rb +0 -8
data/lib/bundler/plugin/installer.rb +42 -19
data/lib/bundler/plugin/source_list.rb +4 -4
data/lib/bundler/plugin.rb +16 -7
data/lib/bundler/process_lock.rb +1 -1
data/lib/bundler/remote_specification.rb +11 -5
data/lib/bundler/resolver/base.rb +111 -0
data/lib/bundler/resolver/candidate.rb +82 -0
data/lib/bundler/resolver/incompatibility.rb +15 -0
data/lib/bundler/resolver/package.rb +81 -0
data/lib/bundler/resolver/root.rb +25 -0
data/lib/bundler/resolver/spec_group.rb +53 -66
data/lib/bundler/resolver.rb +419 -307
data/lib/bundler/retry.rb +1 -1
data/lib/bundler/ruby_dsl.rb +42 -7
data/lib/bundler/ruby_version.rb +16 -22
data/lib/bundler/rubygems_ext.rb +250 -64
data/lib/bundler/rubygems_gem_installer.rb +90 -64
data/lib/bundler/rubygems_integration.rb +81 -190
data/lib/bundler/runtime.rb +8 -13
data/lib/bundler/safe_marshal.rb +31 -0
data/lib/bundler/self_manager.rb +206 -0
data/lib/bundler/settings.rb +139 -57
data/lib/bundler/setup.rb +13 -1
data/lib/bundler/shared_helpers.rb +67 -36
data/lib/bundler/source/git/git_proxy.rb +285 -82
data/lib/bundler/source/git.rb +81 -41
data/lib/bundler/source/metadata.rb +17 -16
data/lib/bundler/source/path/installer.rb +1 -22
data/lib/bundler/source/path.rb +13 -25
data/lib/bundler/source/rubygems/remote.rb +1 -1
data/lib/bundler/source/rubygems.rb +164 -234
data/lib/bundler/source/rubygems_aggregate.rb +1 -1
data/lib/bundler/source.rb +7 -6
data/lib/bundler/source_list.rb +40 -32
data/lib/bundler/source_map.rb +15 -2
data/lib/bundler/spec_set.rb +156 -46
data/lib/bundler/stub_specification.rb +18 -5
data/lib/bundler/templates/Executable +3 -5
data/lib/bundler/templates/Executable.bundler +7 -12
data/lib/bundler/templates/Executable.standalone +4 -4
data/lib/bundler/templates/Gemfile +0 -2
data/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +77 -29
data/lib/bundler/templates/newgem/Cargo.toml.tt +7 -0
data/lib/bundler/templates/newgem/Gemfile.tt +8 -2
data/lib/bundler/templates/newgem/README.md.tt +7 -11
data/lib/bundler/templates/newgem/Rakefile.tt +28 -4
data/lib/bundler/templates/newgem/bin/console.tt +0 -4
data/lib/bundler/templates/newgem/circleci/config.yml.tt +12 -0
data/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +15 -0
data/lib/bundler/templates/newgem/ext/newgem/extconf-c.rb.tt +10 -0
data/lib/bundler/templates/newgem/ext/newgem/extconf-rust.rb.tt +6 -0
data/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +1 -1
data/lib/bundler/templates/newgem/ext/newgem/src/lib.rs.tt +12 -0
data/lib/bundler/templates/newgem/github/workflows/main.yml.tt +13 -3
data/lib/bundler/templates/newgem/gitignore.tt +3 -0
data/lib/bundler/templates/newgem/gitlab-ci.yml.tt +13 -4
data/lib/bundler/templates/newgem/newgem.gemspec.tt +25 -17
data/lib/bundler/templates/newgem/rubocop.yml.tt +0 -5
data/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
data/lib/bundler/templates/newgem/standard.yml.tt +3 -0
data/lib/bundler/templates/newgem/test/minitest/{newgem_test.rb.tt → test_newgem.rb.tt} +1 -1
data/lib/bundler/ui/rg_proxy.rb +1 -1
data/lib/bundler/ui/shell.rb +38 -15
data/lib/bundler/ui/silent.rb +21 -5
data/lib/bundler/uri_credentials_filter.rb +2 -2
data/lib/bundler/uri_normalizer.rb +23 -0
data/lib/bundler/vendor/.document +1 -0
data/lib/bundler/vendor/connection_pool/.document +1 -0
data/lib/bundler/vendor/connection_pool/LICENSE +20 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +19 -21
data/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
data/lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb +56 -0
data/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +92 -78
data/lib/bundler/vendor/fileutils/.document +1 -0
data/lib/bundler/vendor/fileutils/LICENSE.txt +22 -0
data/lib/bundler/vendor/fileutils/lib/fileutils.rb +1340 -410
data/lib/bundler/vendor/net-http-persistent/.document +1 -0
data/lib/bundler/vendor/net-http-persistent/README.rdoc +82 -0
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +4 -3
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +23 -11
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +1 -1
data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +57 -57
data/lib/bundler/vendor/pub_grub/.document +1 -0
data/lib/bundler/vendor/pub_grub/LICENSE.txt +21 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb +20 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +189 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/failure_writer.rb +182 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/incompatibility.rb +150 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/package.rb +43 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/partial_solution.rb +121 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/rubygems.rb +45 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/solve_failure.rb +19 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +61 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/term.rb +105 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version.rb +3 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_constraint.rb +129 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +411 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +248 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb +178 -0
data/lib/bundler/vendor/pub_grub/lib/pub_grub.rb +31 -0
data/lib/bundler/vendor/thor/.document +1 -0
data/lib/bundler/vendor/thor/LICENSE.md +20 -0
data/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +3 -2
data/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +12 -14
data/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +16 -6
data/lib/bundler/vendor/thor/lib/thor/actions.rb +21 -17
data/lib/bundler/vendor/thor/lib/thor/base.rb +140 -14
data/lib/bundler/vendor/thor/lib/thor/command.rb +13 -4
data/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +10 -0
data/lib/bundler/vendor/thor/lib/thor/error.rb +16 -20
data/lib/bundler/vendor/thor/lib/thor/group.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/invocation.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor/nested_context.rb +2 -2
data/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +20 -1
data/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +33 -17
data/lib/bundler/vendor/thor/lib/thor/parser/option.rb +27 -8
data/lib/bundler/vendor/thor/lib/thor/parser/options.rb +63 -7
data/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +2 -2
data/lib/bundler/vendor/thor/lib/thor/runner.rb +40 -30
data/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +48 -154
data/lib/bundler/vendor/thor/lib/thor/shell/color.rb +1 -46
data/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
data/lib/bundler/vendor/thor/lib/thor/shell/html.rb +0 -45
data/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +134 -0
data/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
data/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
data/lib/bundler/vendor/thor/lib/thor/shell.rb +2 -2
data/lib/bundler/vendor/thor/lib/thor/util.rb +9 -8
data/lib/bundler/vendor/thor/lib/thor/version.rb +1 -1
data/lib/bundler/vendor/thor/lib/thor.rb +155 -8
data/lib/bundler/vendor/tsort/.document +1 -0
data/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
data/lib/bundler/vendor/tsort/lib/tsort.rb +455 -0
data/lib/bundler/vendor/uri/.document +1 -0
data/lib/bundler/vendor/uri/LICENSE.txt +22 -0
data/lib/bundler/vendor/uri/lib/uri/common.rb +316 -207
data/lib/bundler/vendor/uri/lib/uri/file.rb +7 -1
data/lib/bundler/vendor/uri/lib/uri/ftp.rb +2 -2
data/lib/bundler/vendor/uri/lib/uri/generic.rb +33 -13
data/lib/bundler/vendor/uri/lib/uri/http.rb +40 -3
data/lib/bundler/vendor/uri/lib/uri/https.rb +2 -2
data/lib/bundler/vendor/uri/lib/uri/ldap.rb +2 -2
data/lib/bundler/vendor/uri/lib/uri/ldaps.rb +2 -1
data/lib/bundler/vendor/uri/lib/uri/mailto.rb +2 -3
data/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +16 -23
data/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +105 -47
data/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
data/lib/bundler/vendor/uri/lib/uri/ws.rb +83 -0
data/lib/bundler/vendor/uri/lib/uri/wss.rb +23 -0
data/lib/bundler/vendor/uri/lib/uri.rb +3 -3
data/lib/bundler/vendored_net_http.rb +23 -0
data/lib/bundler/vendored_persistent.rb +0 -36
data/lib/bundler/{vendored_molinillo.rb → vendored_pub_grub.rb} +1 -1
data/lib/bundler/vendored_timeout.rb +12 -0
data/lib/bundler/{vendored_tmpdir.rb → vendored_tsort.rb} +1 -1
data/lib/bundler/vendored_uri.rb +18 -1
data/lib/bundler/version.rb +5 -1
data/lib/bundler/vlad.rb +1 -1
data/lib/bundler/worker.rb +7 -9
data/lib/bundler/yaml_serializer.rb +21 -12
data/lib/bundler.rb +114 -121
metadata +87 -41
data/lib/bundler/dep_proxy.rb +0 -55
data/lib/bundler/gemdeps.rb +0 -29
data/lib/bundler/psyched_yaml.rb +0 -22
data/lib/bundler/templates/gems.rb +0 -8
data/lib/bundler/templates/newgem/ext/newgem/extconf.rb.tt +0 -5
data/lib/bundler/templates/newgem/travis.yml.tt +0 -6
data/lib/bundler/vendor/connection_pool/lib/connection_pool/monotonic_time.rb +0 -66
data/lib/bundler/vendor/molinillo/lib/molinillo/delegates/resolution_state.rb +0 -57
data/lib/bundler/vendor/molinillo/lib/molinillo/delegates/specification_provider.rb +0 -88
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/action.rb +0 -36
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +0 -66
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +0 -62
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +0 -63
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +0 -61
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/log.rb +0 -126
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/set_payload.rb +0 -46
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/tag.rb +0 -36
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb +0 -164
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +0 -255
data/lib/bundler/vendor/molinillo/lib/molinillo/errors.rb +0 -143
data/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb +0 -6
data/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +0 -112
data/lib/bundler/vendor/molinillo/lib/molinillo/modules/ui.rb +0 -67
data/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb +0 -839
data/lib/bundler/vendor/molinillo/lib/molinillo/resolver.rb +0 -46
data/lib/bundler/vendor/molinillo/lib/molinillo/state.rb +0 -58
data/lib/bundler/vendor/molinillo/lib/molinillo.rb +0 -11
data/lib/bundler/vendor/tmpdir/lib/tmpdir.rb +0 -154
data/lib/bundler/version_ranges.rb +0 -122

data/lib/bundler/definition.rb CHANGED Viewed

@@ -6,15 +6,20 @@ module Bundler
   class Definition
     include GemHelpers
+    class << self
+      # Do not create or modify a lockfile (Makes #lock a noop)
+      attr_accessor :no_lock
+    end
     attr_reader(
       :dependencies,
       :locked_deps,
       :locked_gems,
       :platforms,
-      :requires,
       :ruby_version,
       :lockfile,
-      :gemfiles
+      :gemfiles,
+      :locked_checksums
     )
     # Given a gemfile and lockfile creates a Bundler definition
@@ -64,29 +69,35 @@ module Bundler
       @sources         = sources
       @unlock          = unlock
       @optional_groups = optional_groups
-      @remote          = false
+      @prefer_local    = false
       @specs           = nil
       @ruby_version    = ruby_version
       @gemfiles        = gemfiles
       @lockfile               = lockfile
       @lockfile_contents      = String.new
       @locked_bundler_version = nil
-      @locked_ruby_version    = nil
-      @locked_specs_incomplete_for_platform = false
-      @new_platform = nil
+      @resolved_bundler_version = nil
-      if lockfile && File.exist?(lockfile)
+      @locked_ruby_version = nil
+      @new_platforms = []
+      @removed_platform = nil
+      if lockfile_exists?
         @lockfile_contents = Bundler.read_file(lockfile)
         @locked_gems = LockfileParser.new(@lockfile_contents)
         @locked_platforms = @locked_gems.platforms
         @platforms = @locked_platforms.dup
         @locked_bundler_version = @locked_gems.bundler_version
         @locked_ruby_version = @locked_gems.ruby_version
+        @originally_locked_deps = @locked_gems.dependencies
+        @originally_locked_specs = SpecSet.new(@locked_gems.specs)
+        @locked_checksums = @locked_gems.checksums
         if unlock != true
-          @locked_deps    = @locked_gems.dependencies
-          @locked_specs   = SpecSet.new(@locked_gems.specs)
+          @locked_deps    = @originally_locked_deps
+          @locked_specs   = @originally_locked_specs
           @locked_sources = @locked_gems.sources
         else
           @unlock         = {}
@@ -100,8 +111,11 @@ module Bundler
         @locked_gems    = nil
         @locked_deps    = {}
         @locked_specs   = SpecSet.new([])
+        @originally_locked_deps = {}
+        @originally_locked_specs = @locked_specs
         @locked_sources = []
         @locked_platforms = []
+        @locked_checksums = nil
       end
       locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
@@ -117,67 +131,58 @@ module Bundler
         @sources.merged_gem_lockfile_sections!(locked_gem_sources.first)
       end
-      @unlock[:sources] ||= []
+      @sources_to_unlock = @unlock.delete(:sources) || []
       @unlock[:ruby] ||= if @ruby_version && locked_ruby_version_object
         @ruby_version.diff(locked_ruby_version_object)
       end
       @unlocking ||= @unlock[:ruby] ||= (!@locked_ruby_version ^ !@ruby_version)
-      add_current_platform unless current_ruby_platform_locked? || Bundler.frozen_bundle?
+      add_current_platform unless Bundler.frozen_bundle?
       converge_path_sources_to_gemspec_sources
       @path_changes = converge_paths
       @source_changes = converge_sources
+      @explicit_unlocks = @unlock.delete(:gems) || []
       if @unlock[:conservative]
-        @unlock[:gems] ||= @dependencies.map(&:name)
+        @gems_to_unlock = @explicit_unlocks.any? ? @explicit_unlocks : @dependencies.map(&:name)
       else
-        eager_unlock = expand_dependencies(@unlock[:gems] || [], true)
-        @unlock[:gems] = @locked_specs.for(eager_unlock, false, false).map(&:name)
+        eager_unlock = @explicit_unlocks.map {|name| Dependency.new(name, ">= 0") }
+        @gems_to_unlock = @locked_specs.for(eager_unlock, false, platforms).map(&:name).uniq
       end
       @dependency_changes = converge_dependencies
       @local_changes = converge_locals
-      @requires = compute_requires
+      check_lockfile
     end
     def gem_version_promoter
-      @gem_version_promoter ||= begin
-        locked_specs =
-          if unlocking? && @locked_specs.empty? && !@lockfile_contents.empty?
-            # Definition uses an empty set of locked_specs to indicate all gems
-            # are unlocked, but GemVersionPromoter needs the locked_specs
-            # for conservative comparison.
-            Bundler::SpecSet.new(@locked_gems.specs)
-          else
-            @locked_specs
-          end
-        GemVersionPromoter.new(locked_specs, @unlock[:gems])
-      end
-    end
-    def multisource_allowed?
-      @multisource_allowed
+      @gem_version_promoter ||= GemVersionPromoter.new
     end
     def resolve_only_locally!
-      @remote = false
       sources.local_only!
       resolve
     end
     def resolve_with_cache!
+      sources.local!
       sources.cached!
       resolve
     end
     def resolve_remotely!
-      @remote = true
+      sources.cached!
       sources.remote!
       resolve
     end
+    def prefer_local!
+      @prefer_local = true
+    end
     # For given dependency list returns a SpecSet with Gemspec of all the required
     # dependencies.
     #  1. The method first resolves the dependencies specified in Gemfile
@@ -207,8 +212,9 @@ module Bundler
       true
     rescue BundlerError => e
       @resolve = nil
+      @resolver = nil
+      @resolution_packages = nil
       @specs = nil
-      @gem_version_promoter = nil
       Bundler.ui.debug "The definition is missing dependencies, failed to resolve & materialize locally (#{e})"
       true
@@ -223,22 +229,49 @@ module Bundler
     end
     def current_dependencies
+      filter_relevant(dependencies)
+    end
+    def current_locked_dependencies
+      filter_relevant(locked_dependencies)
+    end
+    def filter_relevant(dependencies)
+      platforms_array = [generic_local_platform].freeze
       dependencies.select do |d|
-        d.should_include? && !d.gem_platforms(@platforms).empty?
+        d.should_include? && !d.gem_platforms(platforms_array).empty?
       end
     end
+    def locked_dependencies
+      @locked_deps.values
+    end
+    def new_deps
+      @new_deps ||= @dependencies - locked_dependencies
+    end
+    def deleted_deps
+      @deleted_deps ||= locked_dependencies - @dependencies
+    end
     def specs_for(groups)
-      groups = requested_groups if groups.empty?
+      return specs if groups.empty?
       deps = dependencies_for(groups)
-      materialize(expand_dependencies(deps))
+      materialize(deps)
     end
     def dependencies_for(groups)
       groups.map!(&:to_sym)
-      current_dependencies.reject do |d|
-        (d.groups & groups).empty?
+      deps = current_dependencies # always returns a new array
+      deps.select! do |d|
+        if RUBY_VERSION >= "3.1"
+          d.groups.intersect?(groups)
+        else
+          !(d.groups & groups).empty?
+        end
       end
+      deps
     end
     # Resolve all the dependencies specified in Gemfile. It ensures that
@@ -247,20 +280,29 @@ module Bundler
     #
     # @return [SpecSet] resolved dependencies
     def resolve
-      @resolve ||= begin
-        last_resolve = converge_locked_specs
-        if Bundler.frozen_bundle?
-          Bundler.ui.debug "Frozen, using resolution from the lockfile"
-          last_resolve
-        elsif !unlocking? && nothing_changed?
-          Bundler.ui.debug("Found no changes, using resolution from the lockfile")
-          last_resolve
+      @resolve ||= if Bundler.frozen_bundle?
+        Bundler.ui.debug "Frozen, using resolution from the lockfile"
+        @locked_specs
+      elsif no_resolve_needed?
+        if deleted_deps.any?
+          Bundler.ui.debug "Some dependencies were deleted, using a subset of the resolution from the lockfile"
+          SpecSet.new(filter_specs(@locked_specs, @dependencies - deleted_deps))
         else
-          # Run a resolve against the locally available gems
-          Bundler.ui.debug("Found changes from the lockfile, re-resolving dependencies because #{change_reason}")
-          expanded_dependencies = expand_dependencies(dependencies + metadata_dependencies, @remote)
-          Resolver.resolve(expanded_dependencies, source_requirements, last_resolve, gem_version_promoter, additional_base_requirements_for_resolve, platforms)
+          Bundler.ui.debug "Found no changes, using resolution from the lockfile"
+          if @removed_platform || @locked_gems.may_include_redundant_platform_specific_gems?
+            SpecSet.new(filter_specs(@locked_specs, @dependencies))
+          else
+            @locked_specs
+          end
         end
+      else
+        if lockfile_exists?
+          Bundler.ui.debug "Found changes from the lockfile, re-resolving dependencies because #{change_reason}"
+        else
+          Bundler.ui.debug "Resolving dependencies because there's no lockfile"
+        end
+        start_resolution
       end
     end
@@ -272,43 +314,26 @@ module Bundler
       dependencies.map(&:groups).flatten.uniq
     end
-    def lock(file, preserve_unknown_sections = false)
-      contents = to_lock
-      # Convert to \r\n if the existing lock has them
-      # i.e., Windows with `git config core.autocrlf=true`
-      contents.gsub!(/\n/, "\r\n") if @lockfile_contents.match("\r\n")
-      if @locked_bundler_version
-        locked_major = @locked_bundler_version.segments.first
-        current_major = Gem::Version.create(Bundler::VERSION).segments.first
+    def lock(file_or_preserve_unknown_sections = false, preserve_unknown_sections_or_unused = false)
+      if [true, false, nil].include?(file_or_preserve_unknown_sections)
+        target_lockfile = lockfile || Bundler.default_lockfile
+        preserve_unknown_sections = file_or_preserve_unknown_sections
+      else
+        target_lockfile = file_or_preserve_unknown_sections
+        preserve_unknown_sections = preserve_unknown_sections_or_unused
-        if updating_major = locked_major < current_major
-          Bundler.ui.warn "Warning: the lockfile is being updated to Bundler #{current_major}, " \
-                          "after which you will be unable to return to Bundler #{@locked_bundler_version.segments.first}."
+        suggestion = if target_lockfile == lockfile
+          "To fix this warning, remove it from the `Definition#lock` call."
+        else
+          "Instead, instantiate a new definition passing `#{target_lockfile}`, and call `lock` without a file argument on that definition"
         end
-      end
-      preserve_unknown_sections ||= !updating_major && (Bundler.frozen_bundle? || !(unlocking? || @unlocking_bundler))
-      return if file && File.exist?(file) && lockfiles_equal?(@lockfile_contents, contents, preserve_unknown_sections)
-      if Bundler.frozen_bundle?
-        Bundler.ui.error "Cannot write a changed lockfile while frozen."
-        return
-      end
-      SharedHelpers.filesystem_access(file) do |p|
-        File.open(p, "wb") {|f| f.puts(contents) }
-      end
-    end
+        msg = "`Definition#lock` was passed a target file argument. #{suggestion}"
-    def locked_bundler_version
-      if @locked_bundler_version && @locked_bundler_version < Gem::Version.new(Bundler::VERSION)
-        new_version = Bundler::VERSION
+        Bundler::SharedHelpers.major_deprecation 2, msg
       end
-      new_version || @locked_bundler_version || Bundler::VERSION
+      write_lock(target_lockfile, preserve_unknown_sections)
     end
     def locked_ruby_version
@@ -332,26 +357,19 @@ module Bundler
       end
     end
+    def bundler_version_to_lock
+      @resolved_bundler_version || Bundler.gem_version
+    end
     def to_lock
       require_relative "lockfile_generator"
       LockfileGenerator.generate(self)
     end
     def ensure_equivalent_gemfile_and_lockfile(explicit_flag = false)
-      msg = String.new
-      msg << "You are trying to install in deployment mode after changing\n" \
-             "your Gemfile. Run `bundle install` elsewhere and add the\n" \
-             "updated #{Bundler.default_lockfile.relative_path_from(SharedHelpers.pwd)} to version control."
+      return unless Bundler.frozen_bundle?
-      unless explicit_flag
-        suggested_command = if Bundler.settings.locations("frozen").keys.&([:global, :local]).any?
-          "bundle config unset frozen"
-        elsif Bundler.settings.locations("deployment").keys.&([:global, :local]).any?
-          "bundle config unset deployment"
-        end
-        msg << "\n\nIf this is a development machine, remove the #{Bundler.default_gemfile} " \
-               "freeze \nby running `#{suggested_command}`."
-      end
+      raise ProductionError, "Frozen mode is set, but there's no lockfile" unless lockfile_exists?
       added =   []
       deleted = []
@@ -362,52 +380,40 @@ module Bundler
       added.concat new_platforms.map {|p| "* platform: #{p}" }
       deleted.concat deleted_platforms.map {|p| "* platform: #{p}" }
-      gemfile_sources = sources.lock_sources
-      new_sources = gemfile_sources - @locked_sources
-      deleted_sources = @locked_sources - gemfile_sources
-      new_deps = @dependencies - @locked_deps.values
-      deleted_deps = @locked_deps.values - @dependencies
-      # Check if it is possible that the source is only changed thing
-      if (new_deps.empty? && deleted_deps.empty?) && (!new_sources.empty? && !deleted_sources.empty?)
-        new_sources.reject! {|source| (source.path? && source.path.exist?) || equivalent_rubygems_remotes?(source) }
-        deleted_sources.reject! {|source| (source.path? && source.path.exist?) || equivalent_rubygems_remotes?(source) }
-      end
-      if @locked_sources != gemfile_sources
-        if new_sources.any?
-          added.concat new_sources.map {|source| "* source: #{source}" }
-        end
-        if deleted_sources.any?
-          deleted.concat deleted_sources.map {|source| "* source: #{source}" }
-        end
-      end
       added.concat new_deps.map {|d| "* #{pretty_dep(d)}" } if new_deps.any?
-      if deleted_deps.any?
-        deleted.concat deleted_deps.map {|d| "* #{pretty_dep(d)}" }
-      end
+      deleted.concat deleted_deps.map {|d| "* #{pretty_dep(d)}" } if deleted_deps.any?
       both_sources = Hash.new {|h, k| h[k] = [] }
-      @dependencies.each {|d| both_sources[d.name][0] = d }
-      @locked_deps.each  {|name, d| both_sources[name][1] = d.source }
+      current_dependencies.each {|d| both_sources[d.name][0] = d }
+      current_locked_dependencies.each {|d| both_sources[d.name][1] = d }
+      both_sources.each do |name, (dep, lock_dep)|
+        next if dep.nil? || lock_dep.nil?
-      both_sources.each do |name, (dep, lock_source)|
-        next if lock_source.nil? || (dep && lock_source.can_lock?(dep))
-        gemfile_source_name = (dep && dep.source) || "no specified source"
-        lockfile_source_name = lock_source
-        changed << "* #{name} from `#{gemfile_source_name}` to `#{lockfile_source_name}`"
+        gemfile_source = dep.source || default_source
+        lock_source = lock_dep.source || default_source
+        next if lock_source.include?(gemfile_source)
+        gemfile_source_name = dep.source ? gemfile_source.to_gemfile : "no specified source"
+        lockfile_source_name = lock_dep.source ? lock_source.to_gemfile : "no specified source"
+        changed << "* #{name} from `#{lockfile_source_name}` to `#{gemfile_source_name}`"
       end
-      reason = change_reason
-      msg << "\n\n#{reason.split(", ").map(&:capitalize).join("\n")}" unless reason.strip.empty?
+      reason = nothing_changed? ? "some dependencies were deleted from your gemfile" : change_reason
+      msg = String.new
+      msg << "#{reason.capitalize.strip}, but the lockfile can't be updated because frozen mode is set"
       msg << "\n\nYou have added to the Gemfile:\n" << added.join("\n") if added.any?
       msg << "\n\nYou have deleted from the Gemfile:\n" << deleted.join("\n") if deleted.any?
       msg << "\n\nYou have changed in the Gemfile:\n" << changed.join("\n") if changed.any?
-      msg << "\n"
+      msg << "\n\nRun `bundle install` elsewhere and add the updated #{SharedHelpers.relative_gemfile_path} to version control.\n"
+      unless explicit_flag
+        suggested_command = unless Bundler.settings.locations("frozen").keys.include?(:env)
+          "bundle config set frozen false"
+        end
+        msg << "If this is a development machine, remove the #{SharedHelpers.relative_lockfile_path} " \
+               "freeze by running `#{suggested_command}`." if suggested_command
+      end
       raise ProductionError, msg if added.any? || deleted.any? || changed.any? || !nothing_changed?
     end
@@ -446,17 +452,21 @@ module Bundler
       return if current_platform_locked?
       raise ProductionError, "Your bundle only supports platforms #{@platforms.map(&:to_s)} " \
-        "but your local platform is #{Bundler.local_platform}. " \
-        "Add the current platform to the lockfile with `bundle lock --add-platform #{Bundler.local_platform}` and try again."
+        "but your local platform is #{local_platform}. " \
+        "Add the current platform to the lockfile with\n`bundle lock --add-platform #{local_platform}` and try again."
     end
     def add_platform(platform)
-      @new_platform ||= !@platforms.include?(platform)
-      @platforms |= [platform]
+      return if @platforms.include?(platform)
+      @new_platforms << platform
+      @platforms << platform
     end
     def remove_platform(platform)
-      return if @platforms.delete(Gem::Platform.new(platform))
+      removed_platform = @platforms.delete(Gem::Platform.new(platform))
+      @removed_platform ||= removed_platform
+      return if removed_platform
       raise InvalidOption, "Unable to remove the platform `#{platform}` since the only platforms are #{@platforms.join ", "}"
     end
@@ -470,7 +480,21 @@ module Bundler
     private :sources
     def nothing_changed?
-      !@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@locked_specs_incomplete_for_platform
+      return false unless lockfile_exists?
+      !@source_changes &&
+        !@dependency_changes &&
+        @new_platforms.empty? &&
+        !@path_changes &&
+        !@local_changes &&
+        !@missing_lockfile_dep &&
+        !@unlocking_bundler &&
+        !@locked_spec_with_missing_deps &&
+        !@locked_spec_with_invalid_deps
+    end
+    def no_resolve_needed?
+      !unlocking? && nothing_changed?
     end
     def unlocking?
@@ -479,6 +503,82 @@ module Bundler
     private
+    def should_add_extra_platforms?
+      !lockfile_exists? && generic_local_platform_is_ruby? && !Bundler.settings[:force_ruby_platform]
+    end
+    def lockfile_exists?
+      file_exists?(lockfile)
+    end
+    def file_exists?(file)
+      file && File.exist?(file)
+    end
+    def write_lock(file, preserve_unknown_sections)
+      return if Definition.no_lock
+      contents = to_lock
+      # Convert to \r\n if the existing lock has them
+      # i.e., Windows with `git config core.autocrlf=true`
+      contents.gsub!(/\n/, "\r\n") if @lockfile_contents.match?("\r\n")
+      if @locked_bundler_version
+        locked_major = @locked_bundler_version.segments.first
+        current_major = bundler_version_to_lock.segments.first
+        updating_major = locked_major < current_major
+      end
+      preserve_unknown_sections ||= !updating_major && (Bundler.frozen_bundle? || !(unlocking? || @unlocking_bundler))
+      if file_exists?(file) && lockfiles_equal?(@lockfile_contents, contents, preserve_unknown_sections)
+        return if Bundler.frozen_bundle?
+        SharedHelpers.filesystem_access(file) { FileUtils.touch(file) }
+        return
+      end
+      if Bundler.frozen_bundle?
+        Bundler.ui.error "Cannot write a changed lockfile while frozen."
+        return
+      end
+      SharedHelpers.filesystem_access(file) do |p|
+        File.open(p, "wb") {|f| f.puts(contents) }
+      end
+    end
+    def resolver
+      @resolver ||= Resolver.new(resolution_packages, gem_version_promoter)
+    end
+    def expanded_dependencies
+      dependencies_with_bundler + metadata_dependencies
+    end
+    def dependencies_with_bundler
+      return dependencies unless @unlocking_bundler
+      return dependencies if dependencies.map(&:name).include?("bundler")
+      [Dependency.new("bundler", @unlocking_bundler)] + dependencies
+    end
+    def resolution_packages
+      @resolution_packages ||= begin
+        last_resolve = converge_locked_specs
+        remove_invalid_platforms!
+        packages = Resolver::Base.new(source_requirements, expanded_dependencies, last_resolve, @platforms, locked_specs: @originally_locked_specs, unlock: @gems_to_unlock, prerelease: gem_version_promoter.pre?)
+        packages = additional_base_requirements_to_prevent_downgrades(packages, last_resolve)
+        packages = additional_base_requirements_to_force_updates(packages)
+        packages
+      end
+    end
+    def filter_specs(specs, deps)
+      SpecSet.new(specs).for(deps, false, platforms)
+    end
     def materialize(dependencies)
       specs = resolve.materialize(dependencies)
       missing_specs = specs.missing_specs
@@ -486,68 +586,137 @@ module Bundler
       if missing_specs.any?
         missing_specs.each do |s|
           locked_gem = @locked_specs[s.name].last
-          next if locked_gem.nil? || locked_gem.version != s.version || !@remote
+          next if locked_gem.nil? || locked_gem.version != s.version || sources.local_mode?
           raise GemNotFound, "Your bundle is locked to #{locked_gem} from #{locked_gem.source}, but that version can " \
                              "no longer be found in that source. That means the author of #{locked_gem} has removed it. " \
                              "You'll need to update your bundle to a version other than #{locked_gem} that hasn't been " \
                              "removed in order to install."
         end
-        raise GemNotFound, "Could not find #{missing_specs.map(&:full_name).join(", ")} in any of the sources"
+        missing_specs_list = missing_specs.group_by(&:source).map do |source, missing_specs_for_source|
+          "#{missing_specs_for_source.map(&:full_name).join(", ")} in #{source}"
+        end
+        raise GemNotFound, "Could not find #{missing_specs_list.join(" nor ")}"
       end
-      unless specs["bundler"].any?
-        bundler = sources.metadata_source.specs.search(Gem::Dependency.new("bundler", VERSION)).last
-        specs["bundler"] = bundler
+      incomplete_specs = specs.incomplete_specs
+      loop do
+        break if incomplete_specs.empty?
+        Bundler.ui.debug("The lockfile does not have all gems needed for the current platform though, Bundler will still re-resolve dependencies")
+        sources.remote!
+        resolution_packages.delete(incomplete_specs)
+        @resolve = start_resolution
+        specs = resolve.materialize(dependencies)
+        still_incomplete_specs = specs.incomplete_specs
+        if still_incomplete_specs == incomplete_specs
+          package = resolution_packages.get_package(incomplete_specs.first.name)
+          resolver.raise_not_found! package
+        end
+        incomplete_specs = still_incomplete_specs
       end
+      bundler = sources.metadata_source.specs.search(["bundler", Bundler.gem_version]).last
+      specs["bundler"] = bundler
       specs
     end
+    def start_resolution
+      local_platform_needed_for_resolvability = @most_specific_non_local_locked_ruby_platform && !@platforms.include?(local_platform)
+      @platforms << local_platform if local_platform_needed_for_resolvability
+      result = SpecSet.new(resolver.start)
+      @resolved_bundler_version = result.find {|spec| spec.name == "bundler" }&.version
+      if @most_specific_non_local_locked_ruby_platform
+        if spec_set_incomplete_for_platform?(result, @most_specific_non_local_locked_ruby_platform)
+          @platforms.delete(@most_specific_non_local_locked_ruby_platform)
+        elsif local_platform_needed_for_resolvability
+          @platforms.delete(local_platform)
+        end
+      end
+      @platforms = result.add_extra_platforms!(platforms) if should_add_extra_platforms?
+      SpecSet.new(result.for(dependencies, false, @platforms))
+    end
     def precompute_source_requirements_for_indirect_dependencies?
-      @remote && sources.non_global_rubygems_sources.all?(&:dependency_api_available?) && !sources.aggregate_global_source?
+      sources.non_global_rubygems_sources.all?(&:dependency_api_available?) && !sources.aggregate_global_source?
     end
-    def current_ruby_platform_locked?
-      return false unless generic_local_platform == Gem::Platform::RUBY
+    def pin_locally_available_names(source_requirements)
+      source_requirements.each_with_object({}) do |(name, original_source), new_source_requirements|
+        local_source = original_source.dup
+        local_source.local_only!
-      current_platform_locked?
+        new_source_requirements[name] = if local_source.specs.search(name).any?
+          local_source
+        else
+          original_source
+        end
+      end
     end
     def current_platform_locked?
       @platforms.any? do |bundle_platform|
-        MatchPlatform.platforms_match?(bundle_platform, Bundler.local_platform)
+        MatchPlatform.platforms_match?(bundle_platform, local_platform)
       end
     end
     def add_current_platform
+      @most_specific_non_local_locked_ruby_platform = find_most_specific_non_local_locked_ruby_platform
+      return if @most_specific_non_local_locked_ruby_platform
       add_platform(local_platform)
     end
+    def find_most_specific_non_local_locked_ruby_platform
+      return unless generic_local_platform_is_ruby? && current_platform_locked?
+      most_specific_locked_ruby_platform = most_specific_locked_platform
+      return unless most_specific_locked_ruby_platform != local_platform
+      most_specific_locked_ruby_platform
+    end
     def change_reason
       if unlocking?
-        unlock_reason = @unlock.reject {|_k, v| Array(v).empty? }.map do |k, v|
-          if v == true
-            k.to_s
-          else
-            v = Array(v)
-            "#{k}: (#{v.join(", ")})"
-          end
-        end.join(", ")
+        unlock_targets = if @gems_to_unlock.any?
+          ["gems", @gems_to_unlock]
+        elsif @sources_to_unlock.any?
+          ["sources", @sources_to_unlock]
+        end
+        unlock_reason = if unlock_targets
+          "#{unlock_targets.first}: (#{unlock_targets.last.join(", ")})"
+        else
+          @unlock[:ruby] ? "ruby" : ""
+        end
         return "bundler is unlocking #{unlock_reason}"
       end
       [
         [@source_changes, "the list of sources changed"],
         [@dependency_changes, "the dependencies in your gemfile changed"],
-        [@new_platform, "you added a new platform to your gemfile"],
+        [@new_platforms.any?, "you added a new platform to your gemfile"],
         [@path_changes, "the gemspecs for path gems changed"],
         [@local_changes, "the gemspecs for git local gems changed"],
-        [@locked_specs_incomplete_for_platform, "the lockfile does not have all gems needed for the current platform"],
+        [@missing_lockfile_dep, "your lock file is missing \"#{@missing_lockfile_dep}\""],
+        [@unlocking_bundler, "an update to the version of Bundler itself was requested"],
+        [@locked_spec_with_missing_deps, "your lock file includes \"#{@locked_spec_with_missing_deps}\" but not some of its dependencies"],
+        [@locked_spec_with_invalid_deps, "your lockfile does not satisfy dependencies of \"#{@locked_spec_with_invalid_deps}\""],
       ].select(&:first).map(&:last).join(", ")
     end
-    def pretty_dep(dep, source = false)
-      SharedHelpers.pretty_dependency(dep, source)
+    def pretty_dep(dep)
+      SharedHelpers.pretty_dependency(dep)
     end
     # Check if the specs of the given source changed
@@ -560,7 +729,7 @@ module Bundler
     def dependencies_for_source_changed?(source, locked_source = source)
       deps_for_source = @dependencies.select {|s| s.source == source }
-      locked_deps_for_source = @locked_deps.values.select {|dep| dep.source == locked_source }
+      locked_deps_for_source = locked_dependencies.select {|dep| dep.source == locked_source }
       deps_for_source.uniq.sort != locked_deps_for_source.sort
     end
@@ -569,8 +738,7 @@ module Bundler
       locked_index = Index.new
       locked_index.use(@locked_specs.select {|s| source.can_lock?(s) })
-      # order here matters, since Index#== is checking source.specs.include?(locked_index)
-      locked_index != source.specs
+      !locked_index.subset?(source.specs)
     rescue PathError, GitError => e
       Bundler.ui.debug "Assuming that #{source} has not changed since fetching its specs errored (#{e})"
       false
@@ -584,9 +752,9 @@ module Bundler
       Bundler.settings.local_overrides.map do |k, v|
         spec   = @dependencies.find {|s| s.name == k }
-        source = spec && spec.source
-        if source && source.respond_to?(:local_override!)
-          source.unlock! if @unlock[:gems].include?(spec.name)
+        source = spec&.source
+        if source&.respond_to?(:local_override!)
+          source.unlock! if @gems_to_unlock.include?(spec.name)
           locals << [source, source.local_override!(v)]
         end
       end
@@ -594,7 +762,40 @@ module Bundler
       sources_with_changes = locals.select do |source, changed|
         changed || specs_changed?(source)
       end.map(&:first)
-      !sources_with_changes.each {|source| @unlock[:sources] << source.name }.empty?
+      !sources_with_changes.each {|source| @sources_to_unlock << source.name }.empty?
+    end
+    def check_lockfile
+      @missing_lockfile_dep = nil
+      @locked_spec_with_invalid_deps = nil
+      @locked_spec_with_missing_deps = nil
+      missing = []
+      invalid = []
+      @locked_specs.each do |s|
+        validation = @locked_specs.validate_deps(s)
+        missing << s if validation == :missing
+        invalid << s if validation == :invalid
+      end
+      if missing.any?
+        @locked_specs.delete(missing)
+        @locked_spec_with_missing_deps = missing.first.name
+      elsif !@dependency_changes
+        @missing_lockfile_dep = current_dependencies.find do |d|
+          @locked_specs[d.name].empty? && d.name != "bundler"
+        end&.name
+      end
+      if invalid.any?
+        @locked_specs.delete(invalid)
+        @locked_spec_with_invalid_deps = invalid.first.name
+      end
     end
     def converge_paths
@@ -628,12 +829,17 @@ module Bundler
       changes = sources.replace_sources!(@locked_sources)
       sources.all_sources.each do |source|
+        # has to be done separately, because we want to keep the locked checksum
+        # store for a source, even when doing a full update
+        if @locked_checksums && @locked_gems && locked_source = @locked_gems.sources.find {|s| s == source && !s.equal?(source) }
+          source.checksum_store.merge!(locked_source.checksum_store)
+        end
         # If the source is unlockable and the current command allows an unlock of
         # the source (for example, you are doing a `bundle update <foo>` of a git-pinned
         # gem), unlock it. For git sources, this means to unlock the revision, which
         # will cause the `ref` used to be the most recent for the branch (or master) if
         # an explicit `ref` is not used.
-        if source.respond_to?(:unlock!) && @unlock[:sources].include?(source.name)
+        if source.respond_to?(:unlock!) && @sources_to_unlock.include?(source.name)
           source.unlock!
           changes = true
         end
@@ -643,25 +849,14 @@ module Bundler
     end
     def converge_dependencies
-      frozen = Bundler.frozen_bundle?
-      (@dependencies + @locked_deps.values).each do |dep|
-        locked_source = @locked_deps[dep.name]
-        # This is to make sure that if bundler is installing in deployment mode and
-        # after locked_source and sources don't match, we still use locked_source.
-        if frozen && !locked_source.nil? &&
-            locked_source.respond_to?(:source) && locked_source.source.instance_of?(Source::Path) && locked_source.source.path.exist?
-          dep.source = locked_source.source
-        elsif dep.source
+      changes = false
+      @dependencies.each do |dep|
+        if dep.source
           dep.source = sources.get(dep.source)
         end
-      end
-      changes = false
-      # We want to know if all match, but don't want to check all entries
-      # This means we need to return false if any dependency doesn't match
-      # the lock or doesn't exist in the lock.
-      @dependencies.each do |dependency|
-        unless locked_dep = @locked_deps[dependency.name]
+        unless locked_dep = @originally_locked_deps[dep.name]
           changes = true
           next
         end
@@ -672,11 +867,11 @@ module Bundler
         # directive, the lockfile dependencies and resolved dependencies end up
         # with a mismatch on #type. Work around that by setting the type on the
         # dep from the lockfile.
-        locked_dep.instance_variable_set(:@type, dependency.type)
+        locked_dep.instance_variable_set(:@type, dep.type)
         # We already know the name matches from the hash lookup
         # so we only need to check the requirement now
-        changes ||= dependency.requirement != locked_dep.requirement
+        changes ||= dep.requirement != locked_dep.requirement
       end
       changes
@@ -686,140 +881,91 @@ module Bundler
     # commonly happen if the Gemfile has changed since the lockfile was last
     # generated
     def converge_locked_specs
-      deps = []
+      converged = converge_specs(@locked_specs)
-      # Build a list of dependencies that are the same in the Gemfile
-      # and Gemfile.lock. If the Gemfile modified a dependency, but
-      # the gem in the Gemfile.lock still satisfies it, this is fine
-      # too.
-      @dependencies.each do |dep|
-        locked_dep = @locked_deps[dep.name]
+      resolve = SpecSet.new(converged.reject {|s| @gems_to_unlock.include?(s.name) })
-        # If the locked_dep doesn't match the dependency we're looking for then we ignore the locked_dep
-        locked_dep = nil unless locked_dep == dep
+      diff = nil
-        if in_locked_deps?(dep, locked_dep) || satisfies_locked_spec?(dep)
-          deps << dep
-        elsif dep.source.is_a?(Source::Path) && dep.current_platform? && (!locked_dep || dep.source != locked_dep.source)
-          @locked_specs.each do |s|
-            @unlock[:gems] << s.name if s.source == dep.source
-          end
+      # Now, we unlock any sources that do not have anymore gems pinned to it
+      sources.all_sources.each do |source|
+        next unless source.respond_to?(:unlock!)
-          dep.source.unlock! if dep.source.respond_to?(:unlock!)
-          dep.source.specs.each {|s| @unlock[:gems] << s.name }
+        unless resolve.any? {|s| s.source == source }
+          diff ||= @locked_specs.to_a - resolve.to_a
+          source.unlock! if diff.any? {|s| s.source == source }
         end
       end
+      resolve
+    end
+    def converge_specs(specs)
       converged = []
-      @locked_specs.each do |s|
-        # Replace the locked dependency's source with the equivalent source from the Gemfile
+      deps = []
+      @specs_that_changed_sources = []
+      specs.each do |s|
+        name = s.name
         dep = @dependencies.find {|d| s.satisfies?(d) }
-        s.source = (dep && dep.source) || sources.get(s.source) unless multisource_allowed?
+        lockfile_source = s.source
-        # Don't add a spec to the list if its source is expired. For example,
-        # if you change a Git gem to RubyGems.
-        next if s.source.nil?
-        next if @unlock[:sources].include?(s.source.name)
+        if dep
+          gemfile_source = dep.source || default_source
+          @specs_that_changed_sources << s if gemfile_source != lockfile_source
+          deps << dep if !dep.source || lockfile_source.include?(dep.source)
+          @gems_to_unlock << name if lockfile_source.include?(dep.source) && lockfile_source != gemfile_source
+          # Replace the locked dependency's source with the equivalent source from the Gemfile
+          s.source = gemfile_source
+        else
+          # Replace the locked dependency's source with the default source, if the locked source is no longer in the Gemfile
+          s.source = default_source unless sources.get(lockfile_source)
+        end
-        # If the spec is from a path source and it doesn't exist anymore
-        # then we unlock it.
+        next if @sources_to_unlock.include?(s.source.name)
         # Path sources have special logic
         if s.source.instance_of?(Source::Path) || s.source.instance_of?(Source::Gemspec)
           new_specs = begin
             s.source.specs
-          rescue PathError, GitError
+          rescue PathError
             # if we won't need the source (according to the lockfile),
-            # don't error if the path/git source isn't available
-            next if @locked_specs.
-                    for(requested_dependencies, false, true).
+            # don't error if the path source isn't available
+            next if specs.
+                    for(requested_dependencies, false).
                     none? {|locked_spec| locked_spec.source == s.source }
             raise
           end
           new_spec = new_specs[s].first
-          # If the spec is no longer in the path source, unlock it. This
-          # commonly happens if the version changed in the gemspec
-          next unless new_spec
-          s.dependencies.replace(new_spec.dependencies)
+          if new_spec
+            s.dependencies.replace(new_spec.dependencies)
+          else
+            # If the spec is no longer in the path source, unlock it. This
+            # commonly happens if the version changed in the gemspec
+            @gems_to_unlock << name
+          end
         end
-        converged << s
-      end
-      resolve = SpecSet.new(converged)
-      @locked_specs_incomplete_for_platform = !resolve.for(expand_dependencies(requested_dependencies & deps), true, true)
-      resolve = SpecSet.new(resolve.for(expand_dependencies(deps, true), false, false).reject{|s| @unlock[:gems].include?(s.name) })
-      diff    = nil
-      # Now, we unlock any sources that do not have anymore gems pinned to it
-      sources.all_sources.each do |source|
-        next unless source.respond_to?(:unlock!)
-        unless resolve.any? {|s| s.source == source }
-          diff ||= @locked_specs.to_a - resolve.to_a
-          source.unlock! if diff.any? {|s| s.source == source }
+        if dep.nil? && requested_dependencies.find {|d| name == d.name }
+          @gems_to_unlock << s.name
+        else
+          converged << s
         end
       end
-      resolve
-    end
-    def in_locked_deps?(dep, locked_dep)
-      # Because the lockfile can't link a dep to a specific remote, we need to
-      # treat sources as equivalent anytime the locked dep has all the remotes
-      # that the Gemfile dep does.
-      locked_dep && locked_dep.source && dep.source && locked_dep.source.include?(dep.source)
-    end
-    def satisfies_locked_spec?(dep)
-      @locked_specs[dep].any? {|s| s.satisfies?(dep) && (!dep.source || s.source.include?(dep.source)) }
+      filter_specs(converged, deps)
     end
     def metadata_dependencies
-      @metadata_dependencies ||= begin
-        ruby_versions = ruby_version_requirements(@ruby_version)
-        [
-          Dependency.new("Ruby\0", ruby_versions),
-          Dependency.new("RubyGems\0", Gem::VERSION),
-        ]
-      end
-    end
-    def ruby_version_requirements(ruby_version)
-      return [] unless ruby_version
-      if ruby_version.patchlevel
-        [ruby_version.to_gem_version_with_patchlevel]
-      else
-        ruby_version.versions.map do |version|
-          requirement = Gem::Requirement.new(version)
-          if requirement.exact?
-            "~> #{version}.0"
-          else
-            requirement
-          end
-        end
-      end
-    end
-    def expand_dependencies(dependencies, remote = false)
-      deps = []
-      dependencies.each do |dep|
-        dep = Dependency.new(dep, ">= 0") unless dep.respond_to?(:name)
-        next unless remote || dep.current_platform?
-        target_platforms = dep.gem_platforms(remote ? @platforms : [generic_local_platform])
-        deps += expand_dependency_with_platforms(dep, target_platforms)
-      end
-      deps
-    end
-    def expand_dependency_with_platforms(dep, platforms)
-      platforms.map do |p|
-        DepProxy.get_proxy(dep, p)
-      end
+      @metadata_dependencies ||= [
+        Dependency.new("Ruby\0", Bundler::RubyVersion.system.gem_version),
+        Dependency.new("RubyGems\0", Gem::VERSION),
+      ]
     end
     def source_requirements
@@ -827,27 +973,54 @@ module Bundler
       # specs will be available later when the resolver knows where to
       # look for that gemspec (or its dependencies)
       source_requirements = if precompute_source_requirements_for_indirect_dependencies?
-        { :default => sources.default_source }.merge(source_map.all_requirements)
+        all_requirements = source_map.all_requirements
+        all_requirements = pin_locally_available_names(all_requirements) if @prefer_local
+        { default: default_source }.merge(all_requirements)
       else
-        { :default => Source::RubygemsAggregate.new(sources, source_map) }.merge(source_map.direct_requirements)
+        { default: Source::RubygemsAggregate.new(sources, source_map) }.merge(source_map.direct_requirements)
       end
+      source_requirements.merge!(source_map.locked_requirements) if nothing_changed?
       metadata_dependencies.each do |dep|
         source_requirements[dep.name] = sources.metadata_source
       end
-      source_requirements[:default_bundler] = source_requirements["bundler"] || sources.default_source
-      source_requirements["bundler"] = sources.metadata_source # needs to come last to override
+      default_bundler_source = source_requirements["bundler"] || default_source
+      if @unlocking_bundler
+        default_bundler_source.add_dependency_names("bundler")
+      else
+        source_requirements[:default_bundler] = default_bundler_source
+        source_requirements["bundler"] = sources.metadata_source # needs to come last to override
+      end
+      verify_changed_sources!
       source_requirements
     end
+    def default_source
+      sources.default_source
+    end
+    def verify_changed_sources!
+      @specs_that_changed_sources.each do |s|
+        if s.source.specs.search(s.name).empty?
+          raise GemNotFound, "Could not find gem '#{s.name}' in #{s.source}"
+        end
+      end
+    end
     def requested_groups
-      groups - Bundler.settings[:without] - @optional_groups + Bundler.settings[:with]
+      values = groups - Bundler.settings[:without] - @optional_groups + Bundler.settings[:with]
+      values &= Bundler.settings[:only] unless Bundler.settings[:only].empty?
+      values
     end
     def lockfiles_equal?(current, proposed, preserve_unknown_sections)
       if preserve_unknown_sections
         sections_to_ignore = LockfileParser.sections_to_ignore(@locked_bundler_version)
         sections_to_ignore += LockfileParser.unknown_sections_in_lockfile(current)
-        sections_to_ignore += LockfileParser::ENVIRONMENT_VERSION_SECTIONS
+        sections_to_ignore << LockfileParser::RUBY
+        sections_to_ignore << LockfileParser::BUNDLED unless @unlocking_bundler
         pattern = /#{Regexp.union(sections_to_ignore)}\n(\s{2,}.*\n)+/
         whitespace_cleanup = /\n{2,}/
         current = current.gsub(pattern, "\n").gsub(whitespace_cleanup, "\n\n").strip
@@ -856,39 +1029,56 @@ module Bundler
       current == proposed
     end
-    def compute_requires
-      dependencies.reduce({}) do |requires, dep|
-        next requires unless dep.should_include?
-        requires[dep.name] = Array(dep.autorequire || dep.name).map do |file|
-          # Allow `require: true` as an alias for `require: <name>`
-          file == true ? dep.name : file
-        end
-        requires
+    def additional_base_requirements_to_prevent_downgrades(resolution_packages, last_resolve)
+      return resolution_packages unless @locked_gems && !sources.expired_sources?(@locked_gems.sources)
+      converge_specs(@originally_locked_specs - last_resolve).each do |locked_spec|
+        next if locked_spec.source.is_a?(Source::Path)
+        resolution_packages.base_requirements[locked_spec.name] = Gem::Requirement.new(">= #{locked_spec.version}")
       end
+      resolution_packages
     end
-    def additional_base_requirements_for_resolve
-      return [] unless @locked_gems && unlocking? && !sources.expired_sources?(@locked_gems.sources)
-      dependencies_by_name = dependencies.inject({}) {|memo, dep| memo.update(dep.name => dep) }
-      @locked_gems.specs.reduce({}) do |requirements, locked_spec|
-        name = locked_spec.name
-        dependency = dependencies_by_name[name]
-        next requirements if @locked_gems.dependencies[name] != dependency
-        next requirements if dependency && dependency.source.is_a?(Source::Path)
-        dep = Gem::Dependency.new(name, ">= #{locked_spec.version}")
-        requirements[name] = DepProxy.get_proxy(dep, locked_spec.platform)
-        requirements
-      end.values
+    def additional_base_requirements_to_force_updates(resolution_packages)
+      return resolution_packages if @explicit_unlocks.empty?
+      full_update = dup_for_full_unlock.resolve
+      @explicit_unlocks.each do |name|
+        version = full_update[name].first&.version
+        resolution_packages.base_requirements[name] = Gem::Requirement.new("= #{version}") if version
+      end
+      resolution_packages
+    end
+    def dup_for_full_unlock
+      unlocked_definition = self.class.new(@lockfile, @dependencies, @sources, true, @ruby_version, @optional_groups, @gemfiles)
+      unlocked_definition.gem_version_promoter.tap do |gvp|
+        gvp.level = gem_version_promoter.level
+        gvp.strict = gem_version_promoter.strict
+        gvp.pre = gem_version_promoter.pre
+      end
+      unlocked_definition
     end
-    def equivalent_rubygems_remotes?(source)
-      return false unless source.is_a?(Source::Rubygems)
+    def remove_invalid_platforms!
+      return if Bundler.frozen_bundle?
+      platforms.reverse_each do |platform|
+        next if local_platform == platform ||
+                @new_platforms.include?(platform) ||
+                @path_changes ||
+                @dependency_changes ||
+                @locked_spec_with_invalid_deps ||
+                !spec_set_incomplete_for_platform?(@originally_locked_specs, platform)
+        remove_platform(platform)
+      end
+    end
-      Bundler.settings[:allow_deployment_source_credential_changes] && source.equivalent_remotes?(sources.rubygems_remotes)
+    def spec_set_incomplete_for_platform?(spec_set, platform)
+      spec_set.incomplete_for_platform?(current_dependencies, platform)
     end
     def source_map
-      @source_map ||= SourceMap.new(sources, dependencies)
+      @source_map ||= SourceMap.new(sources, dependencies, @locked_specs)
     end
   end
 end