bundler 2.3.5 → 2.3.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5b0d885e627a0cd83ab152b691c763806970a6cc0b3660a58cada89848613b3c
-  data.tar.gz: be879e2e5d4bc4a5bdc9c34d12e1dd4644ca6a15a3cf109100a7717e4b84d7bf
+  metadata.gz: afa073e2d0f107d4d7c2c6906c399d5a04973d85c45416643a40ae23cf2acfe7
+  data.tar.gz: 7173281106d774a25a867f141a752e7b9617a36811375276d592f208e1dd7646
 SHA512:
-  metadata.gz: 5054958fd89192f4cf35e74b5c779e394e23e991f966cca3b4a4961ece6181ff0f0c7c17bfb52a0cd956ad45a110ea75597a96865d2f17f2dff9f4bcd5b84113
-  data.tar.gz: c8ec46b4b31b44b45f72f03ac076a8626d6075ac38069b676deb696051d220e761305a0f1c8432ef9b2556095eb2de4ce23fc42424ac453034e0cc80e88d4588
+  metadata.gz: 6c97e621ce961b554ce5a20ee0e78d4ada40fdf169994e9a67dd45bd1df4a29fe936dc79bfb3b4d01a3eb1bf91ae6d33b5028f291ba59cefaf506dccb9e4d53c
+  data.tar.gz: 6d58dbb998751182e6b9fb3f1b6cd41626202dfb92c76a7744346068b0e854d6813e8b62cf5288170f04f3744cc5ea5cb55fcf6da80b17c37ad7db3f15d0098a

data/CHANGELOG.md

@@ -1,3 +1,30 @@
+# 2.3.7 (February 9, 2022)
+
+## Enhancements:
+
+  - Don't activate `yaml` gem from Bundler [#5277](https://github.com/rubygems/rubygems/pull/5277)
+  - Add Reverse Dependencies section to info command [#3966](https://github.com/rubygems/rubygems/pull/3966)
+
+## Bug fixes:
+
+  - Don't silently persist `BUNDLE_WITH` and `BUNDLE_WITHOUT` envs locally [#5335](https://github.com/rubygems/rubygems/pull/5335)
+  - Fix `bundle config` inside an application saving configuration globally [#4152](https://github.com/rubygems/rubygems/pull/4152)
+
+# 2.3.6 (January 26, 2022)
+
+## Enhancements:
+
+  - Use `Gem::Platform.local` instead of `RUBY_PLATFORM` when displaying local platform [#5306](https://github.com/rubygems/rubygems/pull/5306)
+  - Lock standard.yml to the required ruby version [#5284](https://github.com/rubygems/rubygems/pull/5284)
+  - Use `Fiddle` in `bundle doctor` to check for dynamic library presence [#5173](https://github.com/rubygems/rubygems/pull/5173)
+
+## Bug fixes:
+
+  - Fix edge case where gems were incorrectly removed from the lockfile [#5302](https://github.com/rubygems/rubygems/pull/5302)
+  - Fix `force_ruby_platform` ignored when lockfile includes current specific platform [#5304](https://github.com/rubygems/rubygems/pull/5304)
+  - Create minitest file to underscored path in "bundle gem" command with dashed gem name [#5273](https://github.com/rubygems/rubygems/pull/5273)
+  - Fix regression with old marshaled specs having null `required_rubygems_version` [#5291](https://github.com/rubygems/rubygems/pull/5291)
+
 # 2.3.5 (January 12, 2022)
 
 ## Enhancements:

data/lib/bundler/build_metadata.rb

@@ -4,8 +4,8 @@ module Bundler
   # Represents metadata from when the Bundler gem was built.
   module BuildMetadata
     # begin ivars
-    @built_at = "2022-01-12".freeze
-    @git_commit_sha = "a13d015fcb".freeze
+    @built_at = "2022-02-09".freeze
+    @git_commit_sha = "bafe43c593".freeze
     @release = true
     # end ivars
 

data/lib/bundler/cli/config.rb

@@ -180,7 +180,7 @@ module Bundler
         scopes = %w[global local].select {|s| options[s] }
         case scopes.size
         when 0
-          @scope = "global"
+          @scope = inside_app? ? "local" : "global"
           @explicit_scope = false
         when 1
           @scope = scopes.first
@@ -189,6 +189,15 @@ module Bundler
             "The options #{scopes.join " and "} were specified. Please only use one of the switches at a time."
         end
       end
+
+      private
+
+      def inside_app?
+        Bundler.root
+        true
+      rescue GemfileNotFound
+        false
+      end
     end
   end
 end

data/lib/bundler/cli/doctor.rb

@@ -2,6 +2,7 @@
 
 require "rbconfig"
 require "shellwords"
+require "fiddle"
 
 module Bundler
   class CLI::Doctor
@@ -71,7 +72,14 @@ module Bundler
 
       definition.specs.each do |spec|
         bundles_for_gem(spec).each do |bundle|
-          bad_paths = dylibs(bundle).select {|f| !File.exist?(f) }
+          bad_paths = dylibs(bundle).select do |f|
+            begin
+              Fiddle.dlopen(f)
+              false
+            rescue Fiddle::DLError
+              true
+            end
+          end
           if bad_paths.any?
             broken_links[spec] ||= []
             broken_links[spec].concat(bad_paths)

data/lib/bundler/cli/gem.rb

@@ -38,6 +38,7 @@ module Bundler
       namespaced_path = name.tr("-", "/")
       constant_name = name.gsub(/-[_-]*(?![_-]|$)/) { "::" }.gsub(/([_-]+|(::)|^)(.|$)/) { $2.to_s + $3.upcase }
       constant_array = constant_name.split("::")
+      minitest_constant_name = constant_array.clone.tap {|a| a[-1] = "Test#{a[-1]}" }.join("::") # Foo::Bar => Foo::TestBar
 
       use_git = Bundler.git_present? && options[:git]
 
@@ -69,6 +70,7 @@ module Bundler
         :git              => use_git,
         :github_username  => github_username.empty? ? "[USERNAME]" : github_username,
         :required_ruby_version => required_ruby_version,
+        :minitest_constant_name => minitest_constant_name,
       }
       ensure_safe_gem_name(name, constant_array)
 
@@ -104,9 +106,17 @@ module Bundler
           )
           config[:test_task] = :spec
         when "minitest"
+          # Generate path for minitest target file (FileList["test/**/test_*.rb"])
+          #   foo     => test/test_foo.rb
+          #   foo-bar => test/foo/test_bar.rb
+          #   foo_bar => test/test_foo_bar.rb
+          paths = namespaced_path.rpartition("/")
+          paths[2] = "test_#{paths[2]}"
+          minitest_namespaced_path = paths.join("")
+
           templates.merge!(
             "test/minitest/test_helper.rb.tt" => "test/test_helper.rb",
-            "test/minitest/test_newgem.rb.tt" => "test/test_#{namespaced_path}.rb"
+            "test/minitest/test_newgem.rb.tt" => "test/#{minitest_namespaced_path}.rb"
           )
           config[:test_task] = :test
         when "test-unit"

data/lib/bundler/cli/info.rb

@@ -73,7 +73,8 @@ module Bundler
       gem_info << "\tBug Tracker: #{metadata["bug_tracker_uri"]}\n" if metadata.key?("bug_tracker_uri")
       gem_info << "\tMailing List: #{metadata["mailing_list_uri"]}\n" if metadata.key?("mailing_list_uri")
       gem_info << "\tPath: #{spec.full_gem_path}\n"
-      gem_info << "\tDefault Gem: yes" if spec.respond_to?(:default_gem?) && spec.default_gem?
+      gem_info << "\tDefault Gem: yes\n" if spec.respond_to?(:default_gem?) && spec.default_gem?
+      gem_info << "\tReverse Dependencies: \n\t\t#{gem_dependencies.join("\n\t\t")}" if gem_dependencies.any?
 
       if name != "bundler" && spec.deleted_gem?
         return Bundler.ui.warn "The gem #{name} has been deleted. Gemspec information is still available though:\n#{gem_info}"
@@ -81,5 +82,13 @@ module Bundler
 
       Bundler.ui.info gem_info
     end
+
+    def gem_dependencies
+      @gem_dependencies ||= Bundler.definition.specs.map do |spec|
+        dependency = spec.dependencies.find {|dep| dep.name == gem_name }
+        next unless dependency
+        "#{spec.name} (#{spec.version}) depends on #{gem_name} (#{dependency.requirements_list.join(", ")})"
+      end.compact.sort
+    end
   end
 end

data/lib/bundler/cli/install.rb

@@ -135,32 +135,13 @@ module Bundler
     end
 
     def normalize_groups
-      options[:with] &&= options[:with].join(":").tr(" ", ":").split(":")
-      options[:without] &&= options[:without].join(":").tr(" ", ":").split(":")
-
       check_for_group_conflicts_in_cli_options
 
-      Bundler.settings.set_command_option :with, nil if options[:with] == []
-      Bundler.settings.set_command_option :without, nil if options[:without] == []
-
-      with = options.fetch(:with, [])
-      with |= Bundler.settings[:with].map(&:to_s)
-      with -= options[:without] if options[:without]
-
-      without = options.fetch(:without, [])
-      without |= Bundler.settings[:without].map(&:to_s)
-      without -= options[:with] if options[:with]
-
-      options[:with]    = with
-      options[:without] = without
-
-      unless Bundler.settings[:without] == options[:without] && Bundler.settings[:with] == options[:with]
-        # need to nil them out first to get around validation for backwards compatibility
-        Bundler.settings.set_command_option :without, nil
-        Bundler.settings.set_command_option :with,    nil
-        Bundler.settings.set_command_option :without, options[:without] - options[:with]
-        Bundler.settings.set_command_option :with,    options[:with]
-      end
+      # need to nil them out first to get around validation for backwards compatibility
+      Bundler.settings.set_command_option :without, nil
+      Bundler.settings.set_command_option :with,    nil
+      Bundler.settings.set_command_option :without, options[:without]
+      Bundler.settings.set_command_option :with,    options[:with]
     end
 
     def normalize_settings
@@ -184,7 +165,7 @@ module Bundler
 
       Bundler.settings.set_command_option_if_given :clean, options["clean"]
 
-      normalize_groups
+      normalize_groups if options[:without] || options[:with]
 
       options[:force] = options[:redownload]
     end

data/lib/bundler/cli/platform.rb

@@ -23,7 +23,7 @@ module Bundler
           output << "No ruby version specified"
         end
       else
-        output << "Your platform is: #{RUBY_PLATFORM}"
+        output << "Your platform is: #{Gem::Platform.local}"
         output << "Your app has gems that work on these platforms:\n#{platforms.join("\n")}"
 
         if ruby_version

data/lib/bundler/definition.rb

@@ -265,7 +265,7 @@ module Bundler
         else
           # Run a resolve against the locally available gems
           Bundler.ui.debug("Found changes from the lockfile, re-resolving dependencies because #{change_reason}")
-          expanded_dependencies = expand_dependencies(dependencies + metadata_dependencies, @remote)
+          expanded_dependencies = expand_dependencies(dependencies + metadata_dependencies, true)
           Resolver.resolve(expanded_dependencies, source_requirements, last_resolve, gem_version_promoter, additional_base_requirements_for_resolve, platforms)
         end
       end
@@ -495,6 +495,7 @@ module Bundler
 
     def current_ruby_platform_locked?
       return false unless generic_local_platform == Gem::Platform::RUBY
+      return false if Bundler.settings[:force_ruby_platform] && !@platforms.include?(Gem::Platform::RUBY)
 
       current_platform_locked?
     end

data/lib/bundler/env.rb

@@ -71,7 +71,7 @@ module Bundler
     def self.ruby_version
       str = String.new(RUBY_VERSION)
       str << "p#{RUBY_PATCHLEVEL}" if defined? RUBY_PATCHLEVEL
-      str << " (#{RUBY_RELEASE_DATE} revision #{RUBY_REVISION}) [#{RUBY_PLATFORM}]"
+      str << " (#{RUBY_RELEASE_DATE} revision #{RUBY_REVISION}) [#{Gem::Platform.local}]"
     end
 
     def self.git_version

data/lib/bundler/fetcher.rb

@@ -240,7 +240,7 @@ module Bundler
         raise SSLError if needs_ssl && !defined?(OpenSSL::SSL)
 
         con = PersistentHTTP.new :name => "bundler", :proxy => :ENV
-        if gem_proxy = Bundler.rubygems.configuration[:http_proxy]
+        if gem_proxy = Gem.configuration[:http_proxy]
           con.proxy = Bundler::URI.parse(gem_proxy) if gem_proxy != :no_proxy
         end
 
@@ -251,8 +251,8 @@ module Bundler
         end
 
         ssl_client_cert = Bundler.settings[:ssl_client_cert] ||
-          (Bundler.rubygems.configuration.ssl_client_cert if
-            Bundler.rubygems.configuration.respond_to?(:ssl_client_cert))
+          (Gem.configuration.ssl_client_cert if
+            Gem.configuration.respond_to?(:ssl_client_cert))
         if ssl_client_cert
           pem = File.read(ssl_client_cert)
           con.cert = OpenSSL::X509::Certificate.new(pem)
@@ -283,8 +283,8 @@ module Bundler
     def bundler_cert_store
       store = OpenSSL::X509::Store.new
       ssl_ca_cert = Bundler.settings[:ssl_ca_cert] ||
-        (Bundler.rubygems.configuration.ssl_ca_cert if
-          Bundler.rubygems.configuration.respond_to?(:ssl_ca_cert))
+        (Gem.configuration.ssl_ca_cert if
+          Gem.configuration.respond_to?(:ssl_ca_cert))
       if ssl_ca_cert
         if File.directory? ssl_ca_cert
           store.add_path ssl_ca_cert

data/lib/bundler/remote_specification.rb

@@ -27,6 +27,13 @@ module Bundler
       @platform = _remote_specification.platform
     end
 
+    # A fallback is included because the original version of the specification
+    # API didn't include that field, so some marshalled specs in the index have it
+    # set to +nil+.
+    def required_rubygems_version
+      @required_rubygems_version ||= _remote_specification.required_rubygems_version || Gem::Requirement.default
+    end
+
     def full_name
       if platform == Gem::Platform::RUBY || platform.nil?
         "#{@name}-#{@version}"

data/lib/bundler/resolver.rb

@@ -249,10 +249,11 @@ module Bundler
     end
 
     def verify_gemfile_dependencies_are_found!(requirements)
-      requirements.each do |requirement|
+      requirements.map! do |requirement|
         name = requirement.name
-        next if name == "bundler"
-        next unless search_for(requirement).empty?
+        next requirement if name == "bundler"
+        next requirement unless search_for(requirement).empty?
+        next unless requirement.current_platform?
 
         if (base = @base[name]) && !base.empty?
           version = base.first.version
@@ -266,7 +267,7 @@ module Bundler
           message = gem_not_found_message(name, requirement, source_for(name))
         end
         raise GemNotFound, message
-      end
+      end.compact!
     end
 
     def gem_not_found_message(name, requirement, source, extra_message = "")

data/lib/bundler/rubygems_ext.rb

@@ -4,14 +4,12 @@ require "pathname"
 
 require "rubygems/specification"
 
-# Possible use in Gem::Specification#source below and require
-# shouldn't be deferred.
-require "rubygems/source"
-
 require_relative "match_platform"
 
 module Gem
   class Specification
+    include ::Bundler::MatchPlatform
+
     attr_accessor :remote, :location, :relative_loaded_from
 
     remove_method :source
@@ -81,6 +79,17 @@ module Gem
       gemfile
     end
 
+    # Backfill missing YAML require when not defined. Fixed since 3.1.0.pre1.
+    module YamlBackfiller
+      def to_yaml(opts = {})
+        Gem.load_yaml unless defined?(::YAML)
+
+        super(opts)
+      end
+    end
+
+    prepend YamlBackfiller
+
     def nondevelopment_dependencies
       dependencies - development_dependencies
     end
@@ -228,9 +237,3 @@ module Gem
     end
   end
 end
-
-module Gem
-  class Specification
-    include ::Bundler::MatchPlatform
-  end
-end

data/lib/bundler/rubygems_integration.rb

@@ -104,18 +104,6 @@ module Bundler
       obj.to_s
     end
 
-    def configuration
-      require_relative "psyched_yaml"
-      Gem.configuration
-    rescue Gem::SystemExitException, LoadError => e
-      Bundler.ui.error "#{e.class}: #{e.message}"
-      Bundler.ui.trace e
-      raise
-    rescue ::Psych::SyntaxError => e
-      raise YamlSyntaxError.new(e, "Your RubyGems configuration, which is " \
-        "usually located in ~/.gemrc, contains invalid YAML syntax.")
-    end
-
     def ruby_engine
       Gem.ruby_engine
     end
@@ -217,7 +205,7 @@ module Bundler
 
     def spec_from_gem(path, policy = nil)
       require "rubygems/security"
-      require_relative "psyched_yaml"
+      require "psych"
       gem_from_path(path, security_policies[policy]).spec
     rescue Exception, Gem::Exception, Gem::Security::Exception => e # rubocop:disable Lint/RescueException
       if e.is_a?(Gem::Security::Exception) ||
@@ -522,7 +510,7 @@ module Bundler
 
     def gem_remote_fetcher
       require "rubygems/remote_fetcher"
-      proxy = configuration[:http_proxy]
+      proxy = Gem.configuration[:http_proxy]
       Gem::RemoteFetcher.new(proxy)
     end
 

data/lib/bundler/settings.rb

@@ -367,7 +367,7 @@ module Bundler
 
     def to_array(value)
       return [] unless value
-      value.split(":").map(&:to_sym)
+      value.tr(" ", ":").split(":").map(&:to_sym)
     end
 
     def array_to_s(array)

data/lib/bundler/templates/newgem/standard.yml.tt

@@ -1,2 +1,3 @@
 # For available configuration options, see:
 #   https://github.com/testdouble/standard
+ruby_version: <%= ::Gem::Version.new(config[:required_ruby_version]).segments[0..1].join(".") %>

data/lib/bundler/templates/newgem/test/minitest/test_newgem.rb.tt

@@ -2,7 +2,7 @@
 
 require "test_helper"
 
-class Test<%= config[:constant_name] %> < Minitest::Test
+class <%= config[:minitest_constant_name] %> < Minitest::Test
   def test_that_it_has_a_version_number
     refute_nil ::<%= config[:constant_name] %>::VERSION
   end

data/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.3.5".freeze
+  VERSION = "2.3.7".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i

data/lib/bundler.rb

@@ -654,7 +654,7 @@ EOF
     private
 
     def eval_yaml_gemspec(path, contents)
-      require_relative "bundler/psyched_yaml"
+      Kernel.require "psych"
 
       Gem::Specification.from_yaml(contents)
     rescue ::Psych::SyntaxError, ArgumentError, Gem::EndOfYAMLException, Gem::Exception

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: bundler
 version: !ruby/object:Gem::Version
-  version: 2.3.5
+  version: 2.3.7
 platform: ruby
 authors:
 - André Arko
@@ -22,7 +22,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-01-12 00:00:00.000000000 Z
+date: 2022-02-09 00:00:00.000000000 Z
 dependencies: []
 description: Bundler manages an application's dependencies through its entire life,
   across many machines, systematically and repeatably
@@ -178,7 +178,6 @@ files:
 - lib/bundler/plugin/installer/rubygems.rb
 - lib/bundler/plugin/source_list.rb
 - lib/bundler/process_lock.rb
-- lib/bundler/psyched_yaml.rb
 - lib/bundler/remote_specification.rb
 - lib/bundler/resolver.rb
 - lib/bundler/resolver/spec_group.rb
@@ -370,7 +369,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 2.5.2
 requirements: []
-rubygems_version: 3.3.5
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: The best way to manage your application's dependencies

data/lib/bundler/psyched_yaml.rb

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-begin
-  require "psych"
-rescue LoadError
-  # Apparently Psych wasn't available. Oh well.
-end
-
-# At least load the YAML stdlib, whatever that may be
-require "yaml" unless defined?(YAML.dump)