bundler 2.4.12 → 2.4.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +26 -0
- data/exe/bundle +5 -13
- data/lib/bundler/build_metadata.rb +2 -2
- data/lib/bundler/definition.rb +5 -5
- data/lib/bundler/installer.rb +1 -1
- data/lib/bundler/lockfile_parser.rb +1 -0
- data/lib/bundler/man/bundle-cache.1 +2 -2
- data/lib/bundler/man/bundle-cache.1.ronn +2 -2
- data/lib/bundler/safe_marshal.rb +31 -0
- data/lib/bundler/settings.rb +3 -2
- data/lib/bundler/source/rubygems.rb +7 -4
- data/lib/bundler/templates/newgem/newgem.gemspec.tt +2 -1
- data/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +9 -4
- data/lib/bundler/version.rb +1 -1
- data/lib/bundler.rb +6 -14
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9946bc6a889915e914f12ec576748b58edfa7a41732d242dcd0ea72736bf0c54
|
4
|
+
data.tar.gz: ac280b3666ae5967bee95dc98ee754d20efb52f390d0653b85cec9a38d3cae3f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a8433864b6208eb1ce25b83d7dfac39b2745f906e2590d99b10d71de48dfb28cf028e7b6a7731289f534bfe2cbade1cc79cb1502096278f14ed67d70e21edcb2
|
7
|
+
data.tar.gz: ec6c495bd7a6fdef3c7bb2ce703494c3aeebb3eb902fed8022c0ba22d72df746b38da610bfa0ea7598e1022963a44f13dbc16e3142a178762b235128063371f0
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,29 @@
|
|
1
|
+
# 2.4.14 (June 12, 2023)
|
2
|
+
|
3
|
+
## Enhancements:
|
4
|
+
|
5
|
+
- Stop publishing Gemfile in default gem template [#6723](https://github.com/rubygems/rubygems/pull/6723)
|
6
|
+
- Avoid infinite loops when hitting resolution bugs [#6722](https://github.com/rubygems/rubygems/pull/6722)
|
7
|
+
- Make `LockfileParser` usable with just a lockfile [#6694](https://github.com/rubygems/rubygems/pull/6694)
|
8
|
+
- Always rely on `$LOAD_PATH` when jumping from `exe/` to `lib/` [#6702](https://github.com/rubygems/rubygems/pull/6702)
|
9
|
+
- Make `frozen` setting take precedence over `deployment` setting [#6685](https://github.com/rubygems/rubygems/pull/6685)
|
10
|
+
- Show an error when trying to update bundler in frozen mode [#6684](https://github.com/rubygems/rubygems/pull/6684)
|
11
|
+
|
12
|
+
## Bug fixes:
|
13
|
+
|
14
|
+
- Fix `deployment` vs `path` precedence [#6703](https://github.com/rubygems/rubygems/pull/6703)
|
15
|
+
- Fix inline mode with multiple sources [#6699](https://github.com/rubygems/rubygems/pull/6699)
|
16
|
+
|
17
|
+
# 2.4.13 (May 9, 2023)
|
18
|
+
|
19
|
+
## Bug fixes:
|
20
|
+
|
21
|
+
- Fix unexpected fallbacks to full index by adding FalseClass and Time to the SafeMarshal list [#6655](https://github.com/rubygems/rubygems/pull/6655)
|
22
|
+
|
23
|
+
## Documentation:
|
24
|
+
|
25
|
+
- Fix broken hyperlinks in bundle cache documentation [#6606](https://github.com/rubygems/rubygems/pull/6606)
|
26
|
+
|
1
27
|
# 2.4.12 (April 11, 2023)
|
2
28
|
|
3
29
|
## Enhancements:
|
data/exe/bundle
CHANGED
@@ -10,11 +10,11 @@ end
|
|
10
10
|
base_path = File.expand_path("../lib", __dir__)
|
11
11
|
|
12
12
|
if File.exist?(base_path)
|
13
|
-
|
14
|
-
else
|
15
|
-
require "bundler"
|
13
|
+
$LOAD_PATH.unshift(base_path)
|
16
14
|
end
|
17
15
|
|
16
|
+
require "bundler"
|
17
|
+
|
18
18
|
if Gem.rubygems_version < Gem::Version.new("3.2.3") && Gem.ruby_version < Gem::Version.new("2.7.a") && !ENV["BUNDLER_NO_OLD_RUBYGEMS_WARNING"]
|
19
19
|
Bundler.ui.warn \
|
20
20
|
"Your RubyGems version (#{Gem::VERSION}) has a bug that prevents " \
|
@@ -24,18 +24,10 @@ if Gem.rubygems_version < Gem::Version.new("3.2.3") && Gem.ruby_version < Gem::V
|
|
24
24
|
"and silence this warning by running `gem update --system 3.2.3`"
|
25
25
|
end
|
26
26
|
|
27
|
-
|
28
|
-
require_relative "../lib/bundler/friendly_errors"
|
29
|
-
else
|
30
|
-
require "bundler/friendly_errors"
|
31
|
-
end
|
27
|
+
require "bundler/friendly_errors"
|
32
28
|
|
33
29
|
Bundler.with_friendly_errors do
|
34
|
-
|
35
|
-
require_relative "../lib/bundler/cli"
|
36
|
-
else
|
37
|
-
require "bundler/cli"
|
38
|
-
end
|
30
|
+
require "bundler/cli"
|
39
31
|
|
40
32
|
# Allow any command to use --help flag to show help for that command
|
41
33
|
help_flags = %w[--help -h]
|
@@ -4,8 +4,8 @@ module Bundler
|
|
4
4
|
# Represents metadata from when the Bundler gem was built.
|
5
5
|
module BuildMetadata
|
6
6
|
# begin ivars
|
7
|
-
@built_at = "2023-
|
8
|
-
@git_commit_sha = "
|
7
|
+
@built_at = "2023-06-12".freeze
|
8
|
+
@git_commit_sha = "69f47cf53a".freeze
|
9
9
|
@release = true
|
10
10
|
# end ivars
|
11
11
|
|
data/lib/bundler/definition.rb
CHANGED
@@ -217,6 +217,7 @@ module Bundler
|
|
217
217
|
rescue BundlerError => e
|
218
218
|
@resolve = nil
|
219
219
|
@resolver = nil
|
220
|
+
@resolution_packages = nil
|
220
221
|
@specs = nil
|
221
222
|
@gem_version_promoter = nil
|
222
223
|
|
@@ -361,10 +362,8 @@ module Bundler
|
|
361
362
|
"updated #{Bundler.default_lockfile.relative_path_from(SharedHelpers.pwd)} to version control."
|
362
363
|
|
363
364
|
unless explicit_flag
|
364
|
-
suggested_command =
|
365
|
-
"bundle config
|
366
|
-
elsif Bundler.settings.locations("deployment").keys.&([:global, :local]).any?
|
367
|
-
"bundle config unset deployment"
|
365
|
+
suggested_command = unless Bundler.settings.locations("frozen").keys.include?(:env)
|
366
|
+
"bundle config set frozen false"
|
368
367
|
end
|
369
368
|
msg << "\n\nIf this is a development machine, remove the #{Bundler.default_gemfile} " \
|
370
369
|
"freeze \nby running `#{suggested_command}`." if suggested_command
|
@@ -886,7 +885,8 @@ module Bundler
|
|
886
885
|
if preserve_unknown_sections
|
887
886
|
sections_to_ignore = LockfileParser.sections_to_ignore(@locked_bundler_version)
|
888
887
|
sections_to_ignore += LockfileParser.unknown_sections_in_lockfile(current)
|
889
|
-
sections_to_ignore
|
888
|
+
sections_to_ignore << LockfileParser::RUBY
|
889
|
+
sections_to_ignore << LockfileParser::BUNDLED unless @unlocking_bundler
|
890
890
|
pattern = /#{Regexp.union(sections_to_ignore)}\n(\s{2,}.*\n)+/
|
891
891
|
whitespace_cleanup = /\n{2,}/
|
892
892
|
current = current.gsub(pattern, "\n").gsub(whitespace_cleanup, "\n\n").strip
|
data/lib/bundler/installer.rb
CHANGED
@@ -90,7 +90,7 @@ module Bundler
|
|
90
90
|
|
91
91
|
Gem::Specification.reset # invalidate gem specification cache so that installed gems are immediately available
|
92
92
|
|
93
|
-
lock
|
93
|
+
lock
|
94
94
|
Standalone.new(options[:standalone], @definition).generate if options[:standalone]
|
95
95
|
end
|
96
96
|
end
|
@@ -26,6 +26,7 @@ module Bundler
|
|
26
26
|
KNOWN_SECTIONS = SECTIONS_BY_VERSION_INTRODUCED.values.flatten.freeze
|
27
27
|
|
28
28
|
ENVIRONMENT_VERSION_SECTIONS = [BUNDLED, RUBY].freeze
|
29
|
+
deprecate_constant(:ENVIRONMENT_VERSION_SECTIONS)
|
29
30
|
|
30
31
|
def self.sections_in_lockfile(lockfile_contents)
|
31
32
|
lockfile_contents.scan(/^\w[\w ]*$/).uniq
|
@@ -13,7 +13,7 @@
|
|
13
13
|
alias: \fBpackage\fR, \fBpack\fR
|
14
14
|
.
|
15
15
|
.SH "DESCRIPTION"
|
16
|
-
Copy all of the \fB\.gem\fR files needed to run the application into the \fBvendor/cache\fR directory\. In the future, when running
|
16
|
+
Copy all of the \fB\.gem\fR files needed to run the application into the \fBvendor/cache\fR directory\. In the future, when running \fBbundle install(1)\fR \fIbundle\-install\.1\.html\fR, use the gems in the cache in preference to the ones on \fBrubygems\.org\fR\.
|
17
17
|
.
|
18
18
|
.SH "GIT AND PATH GEMS"
|
19
19
|
The \fBbundle cache\fR command can also package \fB:git\fR and \fB:path\fR dependencies besides \.gem files\. This needs to be explicitly enabled via the \fB\-\-all\fR option\. Once used, the \fB\-\-all\fR option will be remembered\.
|
@@ -22,7 +22,7 @@ The \fBbundle cache\fR command can also package \fB:git\fR and \fB:path\fR depen
|
|
22
22
|
When using gems that have different packages for different platforms, Bundler supports caching of gems for other platforms where the Gemfile has been resolved (i\.e\. present in the lockfile) in \fBvendor/cache\fR\. This needs to be enabled via the \fB\-\-all\-platforms\fR option\. This setting will be remembered in your local bundler configuration\.
|
23
23
|
.
|
24
24
|
.SH "REMOTE FETCHING"
|
25
|
-
By default, if you run \fBbundle install(1)\fR
|
25
|
+
By default, if you run \fBbundle install(1)\fR \fIbundle\-install\.1\.html\fR after running bundle cache(1) \fIbundle\-cache\.1\.html\fR, bundler will still connect to \fBrubygems\.org\fR to check whether a platform\-specific gem exists for any of the gems in \fBvendor/cache\fR\.
|
26
26
|
.
|
27
27
|
.P
|
28
28
|
For instance, consider this Gemfile(5):
|
@@ -10,7 +10,7 @@ alias: `package`, `pack`
|
|
10
10
|
## DESCRIPTION
|
11
11
|
|
12
12
|
Copy all of the `.gem` files needed to run the application into the
|
13
|
-
`vendor/cache` directory. In the future, when running [bundle install(1)]
|
13
|
+
`vendor/cache` directory. In the future, when running [`bundle install(1)`](bundle-install.1.html),
|
14
14
|
use the gems in the cache in preference to the ones on `rubygems.org`.
|
15
15
|
|
16
16
|
## GIT AND PATH GEMS
|
@@ -29,7 +29,7 @@ bundler configuration.
|
|
29
29
|
|
30
30
|
## REMOTE FETCHING
|
31
31
|
|
32
|
-
By default, if you run `bundle install(1)`](bundle-install.1.html) after running
|
32
|
+
By default, if you run [`bundle install(1)`](bundle-install.1.html) after running
|
33
33
|
[bundle cache(1)](bundle-cache.1.html), bundler will still connect to `rubygems.org`
|
34
34
|
to check whether a platform-specific gem exists for any of the gems
|
35
35
|
in `vendor/cache`.
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Bundler
|
4
|
+
module SafeMarshal
|
5
|
+
ALLOWED_CLASSES = [
|
6
|
+
Array,
|
7
|
+
FalseClass,
|
8
|
+
Gem::Specification,
|
9
|
+
Gem::Version,
|
10
|
+
Hash,
|
11
|
+
String,
|
12
|
+
Symbol,
|
13
|
+
Time,
|
14
|
+
TrueClass,
|
15
|
+
].freeze
|
16
|
+
|
17
|
+
ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed."
|
18
|
+
|
19
|
+
PROC = proc do |object|
|
20
|
+
object.tap do
|
21
|
+
unless ALLOWED_CLASSES.include?(object.class)
|
22
|
+
raise TypeError, format(ERROR, object.class, ALLOWED_CLASSES.join(", "))
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def self.proc
|
28
|
+
PROC
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
data/lib/bundler/settings.rb
CHANGED
@@ -219,7 +219,6 @@ module Bundler
|
|
219
219
|
def path
|
220
220
|
configs.each do |_level, settings|
|
221
221
|
path = value_for("path", settings)
|
222
|
-
path = "vendor/bundle" if value_for("deployment", settings) && path.nil?
|
223
222
|
path_system = value_for("path.system", settings)
|
224
223
|
disabled_shared_gems = value_for("disable_shared_gems", settings)
|
225
224
|
next if path.nil? && path_system.nil? && disabled_shared_gems.nil?
|
@@ -227,7 +226,9 @@ module Bundler
|
|
227
226
|
return Path.new(path, system_path)
|
228
227
|
end
|
229
228
|
|
230
|
-
|
229
|
+
path = "vendor/bundle" if self[:deployment]
|
230
|
+
|
231
|
+
Path.new(path, false)
|
231
232
|
end
|
232
233
|
|
233
234
|
Path = Struct.new(:explicit_path, :system_path) do
|
@@ -10,7 +10,7 @@ module Bundler
|
|
10
10
|
# Ask for X gems per API request
|
11
11
|
API_REQUEST_SIZE = 50
|
12
12
|
|
13
|
-
attr_reader :remotes
|
13
|
+
attr_reader :remotes
|
14
14
|
|
15
15
|
def initialize(options = {})
|
16
16
|
@options = options
|
@@ -19,11 +19,14 @@ module Bundler
|
|
19
19
|
@allow_remote = false
|
20
20
|
@allow_cached = false
|
21
21
|
@allow_local = options["allow_local"] || false
|
22
|
-
@caches = [cache_path, *Bundler.rubygems.gem_cache]
|
23
22
|
|
24
23
|
Array(options["remotes"]).reverse_each {|r| add_remote(r) }
|
25
24
|
end
|
26
25
|
|
26
|
+
def caches
|
27
|
+
@caches ||= [cache_path, *Bundler.rubygems.gem_cache]
|
28
|
+
end
|
29
|
+
|
27
30
|
def local_only!
|
28
31
|
@specs = nil
|
29
32
|
@allow_local = true
|
@@ -324,9 +327,9 @@ module Bundler
|
|
324
327
|
|
325
328
|
def cached_path(spec)
|
326
329
|
global_cache_path = download_cache_path(spec)
|
327
|
-
|
330
|
+
caches << global_cache_path if global_cache_path
|
328
331
|
|
329
|
-
possibilities =
|
332
|
+
possibilities = caches.map {|p| package_path(p, spec) }
|
330
333
|
possibilities.find {|p| File.exist?(p) }
|
331
334
|
end
|
332
335
|
|
@@ -29,7 +29,8 @@ Gem::Specification.new do |spec|
|
|
29
29
|
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
30
30
|
spec.files = Dir.chdir(__dir__) do
|
31
31
|
`git ls-files -z`.split("\x0").reject do |f|
|
32
|
-
(File.expand_path(f) == __FILE__) ||
|
32
|
+
(File.expand_path(f) == __FILE__) ||
|
33
|
+
f.start_with?(*%w[bin/ test/ spec/ features/ .git .circleci appveyor Gemfile])
|
33
34
|
end
|
34
35
|
end
|
35
36
|
spec.bindir = "exe"
|
@@ -162,7 +162,7 @@ module Bundler::PubGrub
|
|
162
162
|
def resolve_conflict(incompatibility)
|
163
163
|
logger.info { "conflict: #{incompatibility}" }
|
164
164
|
|
165
|
-
new_incompatibility =
|
165
|
+
new_incompatibility = nil
|
166
166
|
|
167
167
|
while !incompatibility.failure?
|
168
168
|
most_recent_term = nil
|
@@ -204,7 +204,7 @@ module Bundler::PubGrub
|
|
204
204
|
solution.backtrack(previous_level)
|
205
205
|
|
206
206
|
if new_incompatibility
|
207
|
-
add_incompatibility(
|
207
|
+
add_incompatibility(new_incompatibility)
|
208
208
|
end
|
209
209
|
|
210
210
|
return incompatibility
|
@@ -219,9 +219,14 @@ module Bundler::PubGrub
|
|
219
219
|
new_terms << difference.invert
|
220
220
|
end
|
221
221
|
|
222
|
-
|
222
|
+
new_incompatibility = Incompatibility.new(new_terms, cause: Incompatibility::ConflictCause.new(incompatibility, most_recent_satisfier.cause))
|
223
223
|
|
224
|
-
|
224
|
+
if incompatibility.to_s == new_incompatibility.to_s
|
225
|
+
logger.info { "!! failed to resolve conflicts, this shouldn't have happened" }
|
226
|
+
break
|
227
|
+
end
|
228
|
+
|
229
|
+
incompatibility = new_incompatibility
|
225
230
|
|
226
231
|
partially = difference ? " partially" : ""
|
227
232
|
logger.info { "! #{most_recent_term} is#{partially} satisfied by #{most_recent_satisfier.term}" }
|
data/lib/bundler/version.rb
CHANGED
data/lib/bundler.rb
CHANGED
@@ -39,16 +39,6 @@ module Bundler
|
|
39
39
|
environment_preserver.replace_with_backup
|
40
40
|
SUDO_MUTEX = Thread::Mutex.new
|
41
41
|
|
42
|
-
SAFE_MARSHAL_CLASSES = [Symbol, TrueClass, String, Array, Hash, Gem::Version, Gem::Specification].freeze
|
43
|
-
SAFE_MARSHAL_ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed."
|
44
|
-
SAFE_MARSHAL_PROC = proc do |object|
|
45
|
-
object.tap do
|
46
|
-
unless SAFE_MARSHAL_CLASSES.include?(object.class)
|
47
|
-
raise TypeError, format(SAFE_MARSHAL_ERROR, object.class, SAFE_MARSHAL_CLASSES.join(", "))
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
52
42
|
autoload :Definition, File.expand_path("bundler/definition", __dir__)
|
53
43
|
autoload :Dependency, File.expand_path("bundler/dependency", __dir__)
|
54
44
|
autoload :Deprecate, File.expand_path("bundler/deprecate", __dir__)
|
@@ -86,6 +76,7 @@ module Bundler
|
|
86
76
|
autoload :UI, File.expand_path("bundler/ui", __dir__)
|
87
77
|
autoload :URICredentialsFilter, File.expand_path("bundler/uri_credentials_filter", __dir__)
|
88
78
|
autoload :URINormalizer, File.expand_path("bundler/uri_normalizer", __dir__)
|
79
|
+
autoload :SafeMarshal, File.expand_path("bundler/safe_marshal", __dir__)
|
89
80
|
|
90
81
|
class << self
|
91
82
|
def configure
|
@@ -219,9 +210,10 @@ module Bundler
|
|
219
210
|
end
|
220
211
|
|
221
212
|
def frozen_bundle?
|
222
|
-
frozen = settings[:
|
223
|
-
frozen
|
224
|
-
|
213
|
+
frozen = settings[:frozen]
|
214
|
+
return frozen unless frozen.nil?
|
215
|
+
|
216
|
+
settings[:deployment]
|
225
217
|
end
|
226
218
|
|
227
219
|
def locked_gems
|
@@ -523,7 +515,7 @@ EOF
|
|
523
515
|
end
|
524
516
|
|
525
517
|
def safe_load_marshal(data)
|
526
|
-
load_marshal(data, :marshal_proc =>
|
518
|
+
load_marshal(data, :marshal_proc => SafeMarshal.proc)
|
527
519
|
end
|
528
520
|
|
529
521
|
def load_gemspec(file, validate = false)
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.4.
|
4
|
+
version: 2.4.14
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- André Arko
|
@@ -22,7 +22,7 @@ authors:
|
|
22
22
|
autorequire:
|
23
23
|
bindir: exe
|
24
24
|
cert_chain: []
|
25
|
-
date: 2023-
|
25
|
+
date: 2023-06-12 00:00:00.000000000 Z
|
26
26
|
dependencies: []
|
27
27
|
description: Bundler manages an application's dependencies through its entire life,
|
28
28
|
across many machines, systematically and repeatably
|
@@ -203,6 +203,7 @@ files:
|
|
203
203
|
- lib/bundler/rubygems_gem_installer.rb
|
204
204
|
- lib/bundler/rubygems_integration.rb
|
205
205
|
- lib/bundler/runtime.rb
|
206
|
+
- lib/bundler/safe_marshal.rb
|
206
207
|
- lib/bundler/self_manager.rb
|
207
208
|
- lib/bundler/settings.rb
|
208
209
|
- lib/bundler/settings/validator.rb
|
@@ -380,7 +381,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
380
381
|
- !ruby/object:Gem::Version
|
381
382
|
version: 3.0.1
|
382
383
|
requirements: []
|
383
|
-
rubygems_version: 3.4.
|
384
|
+
rubygems_version: 3.4.14
|
384
385
|
signing_key:
|
385
386
|
specification_version: 4
|
386
387
|
summary: The best way to manage your application's dependencies
|