bundler 2.2.33 → 2.4.18

data/lib/bundler/ruby_dsl.rb

@@ -9,7 +9,7 @@ module Bundler
       raise GemfileError, "Please define :engine" if options[:engine_version] && options[:engine].nil?
 
       if options[:engine] == "ruby" && options[:engine_version] &&
-          ruby_version != Array(options[:engine_version])
+         ruby_version != Array(options[:engine_version])
         raise GemfileEvalError, "ruby_version must match the :engine_version for MRI"
       end
       @ruby_version = RubyVersion.new(ruby_version, options[:patchlevel], options[:engine], options[:engine_version])

data/lib/bundler/ruby_version.rb

@@ -32,12 +32,12 @@ module Bundler
       @engine             = engine && engine.to_s || "ruby"
       @engine_versions    = (engine_version && Array(engine_version)) || @versions
       @engine_gem_version = Gem::Requirement.create(@engine_versions.first).requirements.first.last
-      @patchlevel         = patchlevel
+      @patchlevel         = patchlevel || (@gem_version.prerelease? ? "-1" : nil)
     end
 
     def to_s(versions = self.versions)
       output = String.new("ruby #{versions_string(versions)}")
-      output << "p#{patchlevel}" if patchlevel
+      output << "p#{patchlevel}" if patchlevel && patchlevel != "-1"
       output << " (#{engine} #{versions_string(engine_versions)})" unless engine == "ruby"
 
       output
@@ -46,7 +46,7 @@ module Bundler
     # @private
     PATTERN = /
       ruby\s
-      ([\d.]+) # ruby version
+      (\d+\.\d+\.\d+(?:\.\S+)?) # ruby version
       (?:p(-?\d+))? # optional patchlevel
       (?:\s\((\S+)\s(.+)\))? # optional engine info
     /xo.freeze
@@ -103,24 +103,11 @@ module Bundler
 
     def self.system
       ruby_engine = RUBY_ENGINE.dup
-      ruby_version = ENV.fetch("BUNDLER_SPEC_RUBY_VERSION") { RUBY_VERSION }.dup
-      ruby_engine_version = RUBY_ENGINE_VERSION.dup
+      ruby_version = Gem.ruby_version.to_s
+      ruby_engine_version = RUBY_ENGINE == "ruby" ? ruby_version : RUBY_ENGINE_VERSION.dup
       patchlevel = RUBY_PATCHLEVEL.to_s
 
-      @ruby_version ||= RubyVersion.new(ruby_version, patchlevel, ruby_engine, ruby_engine_version)
-    end
-
-    def to_gem_version_with_patchlevel
-      @gem_version_with_patch ||= begin
-        Gem::Version.create("#{@gem_version}.#{@patchlevel}")
-      rescue ArgumentError
-        @gem_version
-      end
-    end
-
-    def exact?
-      return @exact if defined?(@exact)
-      @exact = versions.all? {|v| Gem::Requirement.create(v).exact? }
+      @system ||= RubyVersion.new(ruby_version, patchlevel, ruby_engine, ruby_engine_version)
     end
 
     private

data/lib/bundler/rubygems_ext.rb

@@ -4,14 +4,35 @@ require "pathname"
 
 require "rubygems/specification"
 
-# Possible use in Gem::Specification#source below and require
-# shouldn't be deferred.
+# We can't let `Gem::Source` be autoloaded in the `Gem::Specification#source`
+# redefinition below, so we need to load it upfront. The reason is that if
+# Bundler monkeypatches are loaded before RubyGems activates an executable (for
+# example, through `ruby -rbundler -S irb`), gem activation might end up calling
+# the redefined `Gem::Specification#source` and triggering the `Gem::Source`
+# autoload. That would result in requiring "rubygems/source" inside another
+# require, which would trigger a monitor error and cause the `autoload` to
+# eventually fail. A better solution is probably to completely avoid autoloading
+# `Gem::Source` from the redefined `Gem::Specification#source`.
 require "rubygems/source"
 
+require_relative "match_metadata"
+require_relative "force_platform"
 require_relative "match_platform"
 
+# Cherry-pick fixes to `Gem.ruby_version` to be useful for modern Bundler
+# versions and ignore patchlevels
+# (https://github.com/rubygems/rubygems/pull/5472,
+# https://github.com/rubygems/rubygems/pull/5486). May be removed once RubyGems
+# 3.3.12 support is dropped.
+unless Gem.ruby_version.to_s == RUBY_VERSION || RUBY_PATCHLEVEL == -1
+  Gem.instance_variable_set(:@ruby_version, Gem::Version.new(RUBY_VERSION))
+end
+
 module Gem
   class Specification
+    include ::Bundler::MatchMetadata
+    include ::Bundler::MatchPlatform
+
     attr_accessor :remote, :location, :relative_loaded_from
 
     remove_method :source
@@ -24,12 +45,8 @@ module Gem
     alias_method :rg_loaded_from,   :loaded_from
 
     def full_gem_path
-      # this cannot check source.is_a?(Bundler::Plugin::API::Source)
-      # because that _could_ trip the autoload, and if there are unresolved
-      # gems at that time, this method could be called inside another require,
-      # thus raising with that constant being undefined. Better to check a method
-      if source.respond_to?(:path) || (source.respond_to?(:bundler_plugin_api_source?) && source.bundler_plugin_api_source?)
-        Pathname.new(loaded_from).dirname.expand_path(source.root).to_s.tap{|x| x.untaint if RUBY_VERSION < "2.7" }
+      if source.respond_to?(:root)
+        Pathname.new(loaded_from).dirname.expand_path(source.root).to_s.tap {|x| x.untaint if RUBY_VERSION < "2.7" }
       else
         rg_full_gem_path
       end
@@ -49,7 +66,9 @@ module Gem
 
     alias_method :rg_extension_dir, :extension_dir
     def extension_dir
-      @bundler_extension_dir ||= if source.respond_to?(:extension_dir_name)
+      # following instance variable is already used in original method
+      # and that is the reason to prefix it with bundler_ and add rubocop exception
+      @bundler_extension_dir ||= if source.respond_to?(:extension_dir_name) # rubocop:disable Naming/MemoizedInstanceVariableName
         unique_extension_dir = [source.extension_dir_name, File.basename(full_gem_path)].uniq.join("-")
         File.expand_path(File.join(extensions_dir, unique_extension_dir))
       else
@@ -62,6 +81,23 @@ module Gem
       full_gem_path
     end
 
+    unless const_defined?(:LATEST_RUBY_WITHOUT_PATCH_VERSIONS)
+      LATEST_RUBY_WITHOUT_PATCH_VERSIONS = Gem::Version.new("2.1")
+
+      alias_method :rg_required_ruby_version=, :required_ruby_version=
+      def required_ruby_version=(req)
+        self.rg_required_ruby_version = req
+
+        @required_ruby_version.requirements.map! do |op, v|
+          if v >= LATEST_RUBY_WITHOUT_PATCH_VERSIONS && v.release.segments.size == 4
+            [op == "~>" ? "=" : op, Gem::Version.new(v.segments.tap {|s| s.delete_at(3) }.join("."))]
+          else
+            [op, v]
+          end
+        end
+      end
+    end
+
     def groups
       @groups ||= []
     end
@@ -81,6 +117,17 @@ module Gem
       gemfile
     end
 
+    # Backfill missing YAML require when not defined. Fixed since 3.1.0.pre1.
+    module YamlBackfiller
+      def to_yaml(opts = {})
+        Gem.load_yaml unless defined?(::YAML)
+
+        super(opts)
+      end
+    end
+
+    prepend YamlBackfiller
+
     def nondevelopment_dependencies
       dependencies - development_dependencies
     end
@@ -109,10 +156,18 @@ module Gem
   end
 
   class Dependency
+    include ::Bundler::ForcePlatform
+
     attr_accessor :source, :groups
 
     alias_method :eql?, :==
 
+    def force_ruby_platform
+      return @force_ruby_platform if defined?(@force_ruby_platform) && !@force_ruby_platform.nil?
+
+      @force_ruby_platform = default_force_ruby_platform
+    end
+
     def encode_with(coder)
       to_yaml_properties.each do |ivar|
         coder[ivar.to_s.sub(/^@/, "")] = instance_variable_get(ivar)
@@ -138,6 +193,8 @@ module Gem
     class Requirement
       module OrderIndependentComparison
         def ==(other)
+          return unless Gem::Requirement === other
+
           if _requirements_sorted? && other._requirements_sorted?
             super
           else
@@ -148,9 +205,9 @@ module Gem
         protected
 
         def _requirements_sorted?
-          return @_are_requirements_sorted if defined?(@_are_requirements_sorted)
+          return @_requirements_sorted if defined?(@_requirements_sorted)
           strings = as_list
-          @_are_requirements_sorted = strings == strings.sort
+          @_requirements_sorted = strings == strings.sort
         end
 
         def _with_sorted_requirements
@@ -181,11 +238,56 @@ module Gem
   require "rubygems/platform"
 
   class Platform
-    JAVA  = Gem::Platform.new("java") unless defined?(JAVA)
-    MSWIN = Gem::Platform.new("mswin32") unless defined?(MSWIN)
-    MSWIN64 = Gem::Platform.new("mswin64") unless defined?(MSWIN64)
-    MINGW = Gem::Platform.new("x86-mingw32") unless defined?(MINGW)
-    X64_MINGW = Gem::Platform.new("x64-mingw32") unless defined?(X64_MINGW)
+    JAVA  = Gem::Platform.new("java")
+    MSWIN = Gem::Platform.new("mswin32")
+    MSWIN64 = Gem::Platform.new("mswin64")
+    MINGW = Gem::Platform.new("x86-mingw32")
+    X64_MINGW = [Gem::Platform.new("x64-mingw32"),
+                 Gem::Platform.new("x64-mingw-ucrt")].freeze
+    WINDOWS = [MSWIN, MSWIN64, MINGW, X64_MINGW].flatten.freeze
+    X64_LINUX = Gem::Platform.new("x86_64-linux")
+    X64_LINUX_MUSL = Gem::Platform.new("x86_64-linux-musl")
+
+    if X64_LINUX === X64_LINUX_MUSL
+      remove_method :===
+
+      def ===(other)
+        return nil unless Gem::Platform === other
+
+        # universal-mingw32 matches x64-mingw-ucrt
+        return true if (@cpu == "universal" || other.cpu == "universal") &&
+                       @os.start_with?("mingw") && other.os.start_with?("mingw")
+
+        # cpu
+        ([nil,"universal"].include?(@cpu) || [nil, "universal"].include?(other.cpu) || @cpu == other.cpu ||
+        (@cpu == "arm" && other.cpu.start_with?("arm"))) &&
+
+          # os
+          @os == other.os &&
+
+          # version
+          (
+            (@os != "linux" && (@version.nil? || other.version.nil?)) ||
+            (@os == "linux" && (normalized_linux_version_ext == other.normalized_linux_version_ext || ["musl#{@version}", "musleabi#{@version}", "musleabihf#{@version}"].include?(other.version))) ||
+            @version == other.version
+          )
+      end
+
+      # This is a copy of RubyGems 3.3.23 or higher `normalized_linux_method`.
+      # Once only 3.3.23 is supported, we can use the method in RubyGems.
+      def normalized_linux_version_ext
+        return nil unless @version
+
+        without_gnu_nor_abi_modifiers = @version.sub(/\Agnu/, "").sub(/eabi(hf)?\Z/, "")
+        return nil if without_gnu_nor_abi_modifiers.empty?
+
+        without_gnu_nor_abi_modifiers
+      end
+    end
+
+    if RUBY_ENGINE == "truffleruby" && !defined?(REUSE_AS_BINARY_ON_TRUFFLERUBY)
+      REUSE_AS_BINARY_ON_TRUFFLERUBY = %w[libv8 libv8-node sorbet-static].freeze
+    end
   end
 
   Platform.singleton_class.module_eval do
@@ -197,14 +299,43 @@ module Gem
       def match_gem?(platform, gem_name)
         match_platforms?(platform, Gem.platforms)
       end
+    end
+
+    match_platforms_defined = Gem::Platform.respond_to?(:match_platforms?, true)
+
+    if !match_platforms_defined || Gem::Platform.send(:match_platforms?, Gem::Platform::X64_LINUX_MUSL, [Gem::Platform::X64_LINUX])
 
       private
 
+      remove_method :match_platforms? if match_platforms_defined
+
       def match_platforms?(platform, platforms)
         platforms.any? do |local_platform|
           platform.nil? ||
             local_platform == platform ||
-            (local_platform != Gem::Platform::RUBY && local_platform =~ platform)
+            (local_platform != Gem::Platform::RUBY && platform =~ local_platform)
+        end
+      end
+    end
+  end
+
+  # On universal Rubies, resolve the "universal" arch to the real CPU arch, without changing the extension directory.
+  class Specification
+    if /^universal\.(?<arch>.*?)-/ =~ (CROSS_COMPILING || RUBY_PLATFORM)
+      local_platform = Platform.local
+      if local_platform.cpu == "universal"
+        ORIGINAL_LOCAL_PLATFORM = local_platform.to_s.freeze
+
+        local_platform.cpu = if arch == "arm64e" # arm64e is only permitted for Apple system binaries
+          "arm64"
+        else
+          arch
+        end
+
+        def extensions_dir
+          Gem.default_ext_dir_for(base_dir) ||
+            File.join(base_dir, "extensions", ORIGINAL_LOCAL_PLATFORM,
+                      Gem.extension_api_version)
         end
       end
     end
@@ -218,17 +349,7 @@ module Gem
     end
 
     def glob_files_in_dir(glob, base_path)
-      if RUBY_VERSION >= "2.5"
-        Dir.glob(glob, :base => base_path).map! {|f| File.expand_path(f, base_path) }
-      else
-        Dir.glob(File.join(base_path.to_s.gsub(/[\[\]]/, '\\\\\\&'), glob)).map! {|f| File.expand_path(f) }
-      end
+      Dir.glob(glob, :base => base_path).map! {|f| File.expand_path(f, base_path) }
     end
   end
 end
-
-module Gem
-  class Specification
-    include ::Bundler::MatchPlatform
-  end
-end

data/lib/bundler/rubygems_gem_installer.rb

@@ -25,7 +25,7 @@ module Bundler
 
       extract_files
 
-      build_extensions
+      build_extensions if spec.extensions.any?
       write_build_info_file
       run_post_build_hooks
 
@@ -66,41 +66,53 @@ module Bundler
 
     def build_extensions
       extension_cache_path = options[:bundler_extension_cache_path]
-      unless extension_cache_path && extension_dir = spec.extension_dir
-        require "shellwords" # compensate missing require in rubygems before version 3.2.25
+      extension_dir = spec.extension_dir
+      unless extension_cache_path && extension_dir
+        prepare_extension_build(extension_dir)
         return super
       end
 
-      extension_dir = Pathname.new(extension_dir)
       build_complete = SharedHelpers.filesystem_access(extension_cache_path.join("gem.build_complete"), :read, &:file?)
       if build_complete && !options[:force]
-        SharedHelpers.filesystem_access(extension_dir.parent, &:mkpath)
+        SharedHelpers.filesystem_access(File.dirname(extension_dir)) do |p|
+          FileUtils.mkpath p
+        end
         SharedHelpers.filesystem_access(extension_cache_path) do
-          FileUtils.cp_r extension_cache_path, spec.extension_dir
+          FileUtils.cp_r extension_cache_path, extension_dir
         end
       else
-        require "shellwords" # compensate missing require in rubygems before version 3.2.25
+        prepare_extension_build(extension_dir)
         super
-        if extension_dir.directory? # not made for gems without extensions
-          SharedHelpers.filesystem_access(extension_cache_path.parent, &:mkpath)
-          SharedHelpers.filesystem_access(extension_cache_path) do
-            FileUtils.cp_r extension_dir, extension_cache_path
-          end
+        SharedHelpers.filesystem_access(extension_cache_path.parent, &:mkpath)
+        SharedHelpers.filesystem_access(extension_cache_path) do
+          FileUtils.cp_r extension_dir, extension_cache_path
         end
       end
     end
 
+    def spec
+      if Bundler.rubygems.provides?("< 3.3.12") # RubyGems implementation rescues and re-raises errors before 3.3.12 and we don't want that
+        @package.spec
+      else
+        super
+      end
+    end
+
     private
 
+    def prepare_extension_build(extension_dir)
+      SharedHelpers.filesystem_access(extension_dir, :create) do
+        FileUtils.mkdir_p extension_dir
+      end
+      require "shellwords" unless Bundler.rubygems.provides?(">= 3.2.25")
+    end
+
     def strict_rm_rf(dir)
-      # FileUtils.rm_rf should probably rise in case of permission issues like
-      # `rm -rf` does. However, it fails to delete the folder silently due to
-      # https://github.com/ruby/fileutils/issues/57. It should probably be fixed
-      # inside `fileutils` but for now I`m checking whether the folder was
-      # removed after it completes, and raising otherwise.
-      FileUtils.rm_rf dir
-
-      raise PermissionError.new(dir, :delete) if File.directory?(dir)
+      Bundler.rm_rf dir
+    rescue StandardError => e
+      raise unless File.exist?(dir)
+
+      raise DirectoryRemovalError.new(e, "Could not delete previous installation of `#{dir}`")
     end
 
     def validate_bundler_checksum(checksum)

data/lib/bundler/rubygems_integration.rb

@@ -12,25 +12,21 @@ module Bundler
       EXT_LOCK = Monitor.new
     end
 
-    def self.version
-      @version ||= Gem::Version.new(Gem::VERSION)
-    end
-
-    def self.provides?(req_str)
-      Gem::Requirement.new(req_str).satisfied_by?(version)
-    end
-
     def initialize
       @replaced_methods = {}
       backport_ext_builder_monitor
     end
 
     def version
-      self.class.version
+      @version ||= Gem.rubygems_version
     end
 
     def provides?(req_str)
-      self.class.provides?(req_str)
+      Gem::Requirement.new(req_str).satisfied_by?(version)
+    end
+
+    def supports_bundler_trampolining?
+      provides?(">= 3.3.0.a")
     end
 
     def build_args
@@ -108,18 +104,6 @@ module Bundler
       obj.to_s
     end
 
-    def configuration
-      require_relative "psyched_yaml"
-      Gem.configuration
-    rescue Gem::SystemExitException, LoadError => e
-      Bundler.ui.error "#{e.class}: #{e.message}"
-      Bundler.ui.trace e
-      raise
-    rescue YamlLibrarySyntaxError => e
-      raise YamlSyntaxError.new(e, "Your RubyGems configuration, which is " \
-        "usually located in ~/.gemrc, contains invalid YAML syntax.")
-    end
-
     def ruby_engine
       Gem.ruby_engine
     end
@@ -142,19 +126,6 @@ module Bundler
       end
     end
 
-    def sources=(val)
-      # Gem.configuration creates a new Gem::ConfigFile, which by default will read ~/.gemrc
-      # If that file exists, its settings (including sources) will overwrite the values we
-      # are about to set here. In order to avoid that, we force memoizing the config file now.
-      configuration
-
-      Gem.sources = val
-    end
-
-    def sources
-      Gem.sources
-    end
-
     def gem_dir
       Gem.dir
     end
@@ -232,32 +203,9 @@ module Bundler
       EXT_LOCK
     end
 
-    def with_build_args(args)
-      ext_lock.synchronize do
-        old_args = build_args
-        begin
-          self.build_args = args
-          yield
-        ensure
-          self.build_args = old_args
-        end
-      end
-    end
-
-    def spec_from_gem(path, policy = nil)
-      require "rubygems/security"
-      require_relative "psyched_yaml"
-      gem_from_path(path, security_policies[policy]).spec
-    rescue Exception, Gem::Exception, Gem::Security::Exception => e # rubocop:disable Lint/RescueException
-      if e.is_a?(Gem::Security::Exception) ||
-          e.message =~ /unknown trust policy|unsigned gem/i ||
-          e.message =~ /couldn't verify (meta)?data signature/i
-        raise SecurityError,
-          "The gem #{File.basename(path, ".gem")} can't be installed because " \
-          "the security policy didn't allow it, with the message: #{e.message}"
-      else
-        raise e
-      end
+    def spec_from_gem(path)
+      require "rubygems/package"
+      Gem::Package.new(path).spec
     end
 
     def build_gem(gem_dir, spec)
@@ -279,10 +227,14 @@ module Bundler
 
     def reverse_rubygems_kernel_mixin
       # Disable rubygems' gem activation system
-      kernel = (class << ::Kernel; self; end)
-      [kernel, ::Kernel].each do |k|
-        if k.private_method_defined?(:gem_original_require)
-          redefine_method(k, :require, k.instance_method(:gem_original_require))
+      if Gem.respond_to?(:discover_gems_on_require=)
+        Gem.discover_gems_on_require = false
+      else
+        kernel = (class << ::Kernel; self; end)
+        [kernel, ::Kernel].each do |k|
+          if k.private_method_defined?(:gem_original_require)
+            redefine_method(k, :require, k.instance_method(:gem_original_require))
+          end
         end
       end
     end
@@ -324,11 +276,7 @@ module Bundler
 
           e = Gem::LoadError.new(message)
           e.name = dep.name
-          if e.respond_to?(:requirement=)
-            e.requirement = dep.requirement
-          elsif e.respond_to?(:version_requirement=)
-            e.version_requirement = dep.requirement
-          end
+          e.requirement = dep.requirement
           raise e
         end
 
@@ -505,7 +453,7 @@ module Bundler
       fetcher = gem_remote_fetcher
       fetcher.headers = { "X-Gemfile-Source" => remote.original_uri.to_s } if remote.original_uri
       string = fetcher.fetch_path(path)
-      Bundler.load_marshal(string)
+      Bundler.safe_load_marshal(string)
     rescue Gem::RemoteFetcher::FetchError
       # it's okay for prerelease to fail
       raise unless name == "prerelease_specs"
@@ -551,30 +499,15 @@ module Bundler
 
     def gem_remote_fetcher
       require "rubygems/remote_fetcher"
-      proxy = configuration[:http_proxy]
+      proxy = Gem.configuration[:http_proxy]
       Gem::RemoteFetcher.new(proxy)
     end
 
-    def gem_from_path(path, policy = nil)
-      require "rubygems/package"
-      p = Gem::Package.new(path)
-      p.security_policy = policy if policy
-      p
-    end
-
     def build(spec, skip_validation = false)
       require "rubygems/package"
       Gem::Package.build(spec, skip_validation)
     end
 
-    def repository_subdirectories
-      Gem::REPOSITORY_SUBDIRECTORIES
-    end
-
-    def install_with_build_args(args)
-      yield
-    end
-
     def path_separator
       Gem.path_separator
     end
@@ -604,6 +537,10 @@ module Bundler
       end
     end
 
+    def find_bundler(version)
+      find_name("bundler").find {|s| s.version.to_s == version }
+    end
+
     def find_name(name)
       Gem::Specification.stubs_for(name).map(&:to_spec)
     end
@@ -617,14 +554,6 @@ module Bundler
         Gem::Specification.send(:default_stubs, "*.gemspec")
       end
     end
-
-    def use_gemdeps(gemfile)
-      ENV["BUNDLE_GEMFILE"] ||= File.expand_path(gemfile)
-      require_relative "gemdeps"
-      runtime = Bundler.setup
-      activated_spec_names = runtime.requested_specs.map(&:to_spec).sort_by(&:name)
-      [Gemdeps.new(runtime), activated_spec_names]
-    end
   end
 
   def self.rubygems

data/lib/bundler/runtime.rb

@@ -94,7 +94,7 @@ module Bundler
     definition_method :requires
 
     def lock(opts = {})
-      return if @definition.nothing_changed? && !@definition.unlocking?
+      return if @definition.no_resolve_needed?
       @definition.lock(Bundler.default_lockfile, opts[:preserve_unknown_sections])
     end
 
@@ -125,7 +125,6 @@ module Bundler
       specs_to_cache.each do |spec|
         next if spec.name == "bundler"
         next if spec.source.is_a?(Source::Gemspec)
-        spec.source.send(:fetch_gem, spec) if Bundler.settings[:cache_all_platforms] && spec.source.respond_to?(:fetch_gem, true)
         spec.source.cache(spec, custom_path) if spec.source.respond_to?(:cache)
       end
 
@@ -301,11 +300,7 @@ module Bundler
       e = Gem::LoadError.new "You have already activated #{activated_spec.name} #{activated_spec.version}, " \
                              "but your Gemfile requires #{spec.name} #{spec.version}. #{suggestion}"
       e.name = spec.name
-      if e.respond_to?(:requirement=)
-        e.requirement = Gem::Requirement.new(spec.version.to_s)
-      else
-        e.version_requirement = Gem::Requirement.new(spec.version.to_s)
-      end
+      e.requirement = Gem::Requirement.new(spec.version.to_s)
       raise e
     end
   end

data/lib/bundler/safe_marshal.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Bundler
+  module SafeMarshal
+    ALLOWED_CLASSES = [
+      Array,
+      FalseClass,
+      Gem::Specification,
+      Gem::Version,
+      Hash,
+      String,
+      Symbol,
+      Time,
+      TrueClass,
+    ].freeze
+
+    ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed."
+
+    PROC = proc do |object|
+      object.tap do
+        unless ALLOWED_CLASSES.include?(object.class)
+          raise TypeError, format(ERROR, object.class, ALLOWED_CLASSES.join(", "))
+        end
+      end
+    end
+
+    def self.proc
+      PROC
+    end
+  end
+end