bundler 2.4.19 → 2.4.22
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +83 -2
- data/README.md +1 -2
- data/lib/bundler/build_metadata.rb +3 -3
- data/lib/bundler/cli/check.rb +1 -1
- data/lib/bundler/cli/gem.rb +4 -3
- data/lib/bundler/cli/info.rb +1 -1
- data/lib/bundler/cli/install.rb +2 -2
- data/lib/bundler/cli/lock.rb +26 -23
- data/lib/bundler/cli/open.rb +5 -7
- data/lib/bundler/cli/update.rb +1 -0
- data/lib/bundler/definition.rb +43 -26
- data/lib/bundler/endpoint_specification.rb +1 -1
- data/lib/bundler/env.rb +2 -2
- data/lib/bundler/errors.rb +15 -0
- data/lib/bundler/fetcher/base.rb +2 -2
- data/lib/bundler/fetcher/compact_index.rb +1 -5
- data/lib/bundler/fetcher/dependency.rb +1 -1
- data/lib/bundler/fetcher.rb +31 -30
- data/lib/bundler/gem_helpers.rb +7 -0
- data/lib/bundler/gem_version_promoter.rb +2 -2
- data/lib/bundler/index.rb +62 -31
- data/lib/bundler/injector.rb +1 -1
- data/lib/bundler/installer/gem_installer.rb +5 -5
- data/lib/bundler/installer/parallel_installer.rb +0 -26
- data/lib/bundler/installer/standalone.rb +15 -1
- data/lib/bundler/lazy_specification.rb +4 -0
- data/lib/bundler/lockfile_parser.rb +32 -39
- data/lib/bundler/man/bundle-add.1 +1 -1
- data/lib/bundler/man/bundle-binstubs.1 +1 -1
- data/lib/bundler/man/bundle-cache.1 +1 -1
- data/lib/bundler/man/bundle-check.1 +1 -1
- data/lib/bundler/man/bundle-clean.1 +1 -1
- data/lib/bundler/man/bundle-config.1 +1 -1
- data/lib/bundler/man/bundle-console.1 +1 -1
- data/lib/bundler/man/bundle-doctor.1 +1 -1
- data/lib/bundler/man/bundle-exec.1 +2 -2
- data/lib/bundler/man/bundle-exec.1.ronn +2 -3
- data/lib/bundler/man/bundle-gem.1 +1 -1
- data/lib/bundler/man/bundle-help.1 +1 -1
- data/lib/bundler/man/bundle-info.1 +1 -1
- data/lib/bundler/man/bundle-init.1 +1 -1
- data/lib/bundler/man/bundle-inject.1 +1 -1
- data/lib/bundler/man/bundle-install.1 +1 -1
- data/lib/bundler/man/bundle-list.1 +1 -1
- data/lib/bundler/man/bundle-lock.1 +1 -1
- data/lib/bundler/man/bundle-open.1 +1 -1
- data/lib/bundler/man/bundle-outdated.1 +1 -1
- data/lib/bundler/man/bundle-platform.1 +1 -1
- data/lib/bundler/man/bundle-plugin.1 +17 -17
- data/lib/bundler/man/bundle-plugin.1.ronn +5 -5
- data/lib/bundler/man/bundle-pristine.1 +1 -1
- data/lib/bundler/man/bundle-remove.1 +1 -1
- data/lib/bundler/man/bundle-show.1 +1 -1
- data/lib/bundler/man/bundle-update.1 +1 -1
- data/lib/bundler/man/bundle-version.1 +1 -1
- data/lib/bundler/man/bundle-viz.1 +1 -1
- data/lib/bundler/man/bundle.1 +1 -1
- data/lib/bundler/man/gemfile.5 +12 -1
- data/lib/bundler/man/gemfile.5.ronn +5 -0
- data/lib/bundler/plugin/index.rb +8 -0
- data/lib/bundler/plugin.rb +10 -3
- data/lib/bundler/resolver/package.rb +5 -0
- data/lib/bundler/resolver.rb +45 -10
- data/lib/bundler/retry.rb +1 -1
- data/lib/bundler/ruby_dsl.rb +23 -2
- data/lib/bundler/ruby_version.rb +8 -1
- data/lib/bundler/rubygems_ext.rb +3 -4
- data/lib/bundler/rubygems_gem_installer.rb +23 -8
- data/lib/bundler/self_manager.rb +2 -0
- data/lib/bundler/settings.rb +86 -25
- data/lib/bundler/shared_helpers.rb +16 -1
- data/lib/bundler/source/git/git_proxy.rb +35 -6
- data/lib/bundler/source/metadata.rb +1 -1
- data/lib/bundler/source/rubygems.rb +22 -25
- data/lib/bundler/spec_set.rb +7 -4
- data/lib/bundler/stub_specification.rb +4 -2
- data/lib/bundler/templates/newgem/Rakefile.tt +6 -2
- data/lib/bundler/templates/newgem/github/workflows/main.yml.tt +1 -1
- data/lib/bundler/templates/newgem/newgem.gemspec.tt +1 -1
- data/lib/bundler/ui/shell.rb +1 -1
- data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +1 -0
- data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +21 -9
- data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +3 -2
- data/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +8 -10
- data/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +15 -4
- data/lib/bundler/vendor/thor/lib/thor/actions.rb +15 -15
- data/lib/bundler/vendor/thor/lib/thor/base.rb +140 -14
- data/lib/bundler/vendor/thor/lib/thor/command.rb +13 -4
- data/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +4 -0
- data/lib/bundler/vendor/thor/lib/thor/error.rb +16 -25
- data/lib/bundler/vendor/thor/lib/thor/group.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor/invocation.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor/nested_context.rb +2 -2
- data/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +20 -1
- data/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +33 -17
- data/lib/bundler/vendor/thor/lib/thor/parser/option.rb +27 -8
- data/lib/bundler/vendor/thor/lib/thor/parser/options.rb +44 -6
- data/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +2 -2
- data/lib/bundler/vendor/thor/lib/thor/runner.rb +40 -30
- data/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +26 -150
- data/lib/bundler/vendor/thor/lib/thor/shell/color.rb +4 -46
- data/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb +29 -0
- data/lib/bundler/vendor/thor/lib/thor/shell/html.rb +3 -45
- data/lib/bundler/vendor/thor/lib/thor/shell/lcs_diff.rb +49 -0
- data/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +134 -0
- data/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb +42 -0
- data/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb +38 -0
- data/lib/bundler/vendor/thor/lib/thor/shell.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor/util.rb +8 -7
- data/lib/bundler/vendor/thor/lib/thor/version.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor.rb +155 -8
- data/lib/bundler/version.rb +1 -1
- data/lib/bundler/yaml_serializer.rb +12 -8
- data/lib/bundler.rb +0 -8
- metadata +8 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3f18e076341154326f22050b2bf57d7aa5f82278331f38079b4cb9ea53a13350
|
4
|
+
data.tar.gz: 5edcf31c166b6e65530b57c535c9e593a1cc24be7234a74b07eedbe448d775bf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 19f1201ce7d6a27379d5782373671a1fecfa6482bc699bdb89aa15ef9482f33659913874a5f22e8e3dece848350f411ebe96eb14f3fd3d6dc624455d85ba19de
|
7
|
+
data.tar.gz: 113401cf222bcf13bcda4424492b103f9bd9563c38f6dbdd7b7a7c4465e3971819a5ae77e1153987178d8353cf8d7aa79332484324bad00858a6f526b7f4a1b7
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,84 @@
|
|
1
|
+
# 2.4.22 (November 9, 2023)
|
2
|
+
|
3
|
+
## Enhancements:
|
4
|
+
|
5
|
+
- Add Bundler::Plugin.loaded? helper [#6964](https://github.com/rubygems/rubygems/pull/6964)
|
6
|
+
- Give better error when previous installation folder is insecure to remove [#7030](https://github.com/rubygems/rubygems/pull/7030)
|
7
|
+
- Set file path when eval-ing local specification in EndpointSpecification [#7106](https://github.com/rubygems/rubygems/pull/7106)
|
8
|
+
- Git ignore the proper files for the CI service selected for `bundle gem` [#7101](https://github.com/rubygems/rubygems/pull/7101)
|
9
|
+
- Update vendored thor to v1.3.0 [#7078](https://github.com/rubygems/rubygems/pull/7078)
|
10
|
+
- Restore using old way of passing Ruby version to resolver [#7066](https://github.com/rubygems/rubygems/pull/7066)
|
11
|
+
- Bump vendored net-http-persistent to 4.0.2 [#6787](https://github.com/rubygems/rubygems/pull/6787)
|
12
|
+
|
13
|
+
## Bug fixes:
|
14
|
+
|
15
|
+
- Fix regression when installing native extensions on universal rubies [#7077](https://github.com/rubygems/rubygems/pull/7077)
|
16
|
+
- Only remove bundler plugin gem when it's inside the cache [#7001](https://github.com/rubygems/rubygems/pull/7001)
|
17
|
+
- Don't show bug report template when GEM_HOME has no writable bit [#7113](https://github.com/rubygems/rubygems/pull/7113)
|
18
|
+
- Fix regression in old git versions [#7114](https://github.com/rubygems/rubygems/pull/7114)
|
19
|
+
- Handle empty array at built-in YAML serializer [#7099](https://github.com/rubygems/rubygems/pull/7099)
|
20
|
+
- Fix force_ruby_platform: when the lockfile only locks the ruby platform [#6936](https://github.com/rubygems/rubygems/pull/6936)
|
21
|
+
|
22
|
+
# 2.4.21 (October 17, 2023)
|
23
|
+
|
24
|
+
## Enhancements:
|
25
|
+
|
26
|
+
- Avoid duplicates -rbundler/setup in RUBYOPT with Ruby preview [#7002](https://github.com/rubygems/rubygems/pull/7002)
|
27
|
+
- Prevent gem activation in standalone mode [#6925](https://github.com/rubygems/rubygems/pull/6925)
|
28
|
+
- Support Ruby's preview version format (Ex: 3.3.0-preview2) in Gemfile [#7016](https://github.com/rubygems/rubygems/pull/7016)
|
29
|
+
- Fix `bundle install` when older revisions of git source [#6980](https://github.com/rubygems/rubygems/pull/6980)
|
30
|
+
- Remove usage of Dir.chdir that only execute a subprocess [#6930](https://github.com/rubygems/rubygems/pull/6930)
|
31
|
+
|
32
|
+
## Bug fixes:
|
33
|
+
|
34
|
+
- Don't delete the release version from pre-release string more than once [#7054](https://github.com/rubygems/rubygems/pull/7054)
|
35
|
+
- Make the `lock` command not be affected by the `frozen` setting [#7034](https://github.com/rubygems/rubygems/pull/7034)
|
36
|
+
- Raise an error when adding a gem incompatible with some locked platform [#7035](https://github.com/rubygems/rubygems/pull/7035)
|
37
|
+
- Re-resolve when lockfile is invalid [#7020](https://github.com/rubygems/rubygems/pull/7020)
|
38
|
+
- Don't re-resolve with prereleases if unlocked gem has no prereleases [#7021](https://github.com/rubygems/rubygems/pull/7021)
|
39
|
+
- Include gemspec in ExtensionTask for native gem tasks [#7015](https://github.com/rubygems/rubygems/pull/7015)
|
40
|
+
- Avoid error reporting relative path when validating frozen [#5128](https://github.com/rubygems/rubygems/pull/5128)
|
41
|
+
- Fix `bundle lock --minor --update <dep>` edge case [#6992](https://github.com/rubygems/rubygems/pull/6992)
|
42
|
+
- Stop bundler eagerly loading all specs with exts [#6945](https://github.com/rubygems/rubygems/pull/6945)
|
43
|
+
|
44
|
+
## Performance:
|
45
|
+
|
46
|
+
- Reduce allocations when parsing lockfile [#6976](https://github.com/rubygems/rubygems/pull/6976)
|
47
|
+
- Stop allocating the same settings keys repeatedly [#6963](https://github.com/rubygems/rubygems/pull/6963)
|
48
|
+
|
49
|
+
## Documentation:
|
50
|
+
|
51
|
+
- Improve formatting and global source information in `bundle plugin` man page [#7045](https://github.com/rubygems/rubygems/pull/7045)
|
52
|
+
- Update man page of `bundle exec` to reflect default true of flag `--keep-file-descriptors` [#7033](https://github.com/rubygems/rubygems/pull/7033)
|
53
|
+
|
54
|
+
# 2.4.20 (September 27, 2023)
|
55
|
+
|
56
|
+
## Enhancements:
|
57
|
+
|
58
|
+
- Bump actions/checkout to v4 in bundler gem template [#6966](https://github.com/rubygems/rubygems/pull/6966)
|
59
|
+
- Add support for the `ruby-3.2.2` format in the `ruby file:` Gemfile directive, and explicitly test the `3.2.2@gemset` format as rejected [#6954](https://github.com/rubygems/rubygems/pull/6954)
|
60
|
+
- Support `ruby file: ".tool-versions"` in Gemfile [#6898](https://github.com/rubygems/rubygems/pull/6898)
|
61
|
+
- Unify LockfileParser loading of SPECS section [#6933](https://github.com/rubygems/rubygems/pull/6933)
|
62
|
+
- Only check circular deps when dependency api is available, not on full index sources [#6919](https://github.com/rubygems/rubygems/pull/6919)
|
63
|
+
|
64
|
+
## Bug fixes:
|
65
|
+
|
66
|
+
- Allow standalone mode to work on a Windows edge case [#6989](https://github.com/rubygems/rubygems/pull/6989)
|
67
|
+
- Fix `bundle outdated` crashing when both `ref` and `branch` specified for a git gem in Gemfile [#6959](https://github.com/rubygems/rubygems/pull/6959)
|
68
|
+
- Fix `bundle update --redownload` [#6924](https://github.com/rubygems/rubygems/pull/6924)
|
69
|
+
- Fixed malformed bundler version in lockfile making Bundler crash [#6920](https://github.com/rubygems/rubygems/pull/6920)
|
70
|
+
- Fix standalone install crashing when using legacy gemfiles with multiple global sources [#6918](https://github.com/rubygems/rubygems/pull/6918)
|
71
|
+
- Resolve ruby version file relative to bundle root [#6892](https://github.com/rubygems/rubygems/pull/6892)
|
72
|
+
|
73
|
+
## Performance:
|
74
|
+
|
75
|
+
- Lazily construct fetcher debug messages [#6973](https://github.com/rubygems/rubygems/pull/6973)
|
76
|
+
- Avoid allocating empty hashes in Index [#6962](https://github.com/rubygems/rubygems/pull/6962)
|
77
|
+
- Improve `Bundler::Index` efficiency by removing unnecessary creation and dups [#6931](https://github.com/rubygems/rubygems/pull/6931)
|
78
|
+
- (Further) Improve Bundler::Settings#[] performance and memory usage [#6923](https://github.com/rubygems/rubygems/pull/6923)
|
79
|
+
- Don't use full indexes unnecessarily on legacy Gemfiles [#6916](https://github.com/rubygems/rubygems/pull/6916)
|
80
|
+
- Improve memory usage in Bundler::Settings, and thus improve boot time [#6884](https://github.com/rubygems/rubygems/pull/6884)
|
81
|
+
|
1
82
|
# 2.4.19 (August 17, 2023)
|
2
83
|
|
3
84
|
## Enhancements:
|
@@ -2153,7 +2234,7 @@ Changes
|
|
2153
2234
|
|
2154
2235
|
- retry gem downloads ([#4846](https://github.com/rubygems/bundler/issues/4846), @jkeiser)
|
2155
2236
|
- improve the CompactIndex to handle capitalized legacy gems ([#4867](https://github.com/rubygems/bundler/issues/4867), @segiddins)
|
2156
|
-
-
|
2237
|
+
- reuse persistent HTTP connections for CompactIndex (@NickLaMuro)
|
2157
2238
|
- respect `required_ruby_version` when Gemfile contains `ruby` version (@indirect)
|
2158
2239
|
- allow `rake release` to sign git tags ([#4743](https://github.com/rubygems/bundler/issues/4743), @eagletmt)
|
2159
2240
|
- set process titles when using `#load` during `exec` (@yob)
|
@@ -3349,7 +3430,7 @@ Changes
|
|
3349
3430
|
- `gem` option --test can generate rspec stubs (@MafcoCinco)
|
3350
3431
|
- `gem` option --test can generate minitest stubs (@kcurtin)
|
3351
3432
|
- `gem` command generates MIT license (@BrentWheeldon)
|
3352
|
-
- gem rake task 'release'
|
3433
|
+
- gem rake task 'release' reuses existing tags (@shtirlic)
|
3353
3434
|
|
3354
3435
|
## Bug fixes:
|
3355
3436
|
|
data/README.md
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
[![Version ](https://img.shields.io/gem/v/bundler.svg?style=flat)](https://rubygems.org/gems/bundler)
|
2
|
-
[![Slack ](https://bundler-slackin.herokuapp.com/badge.svg)](https://bundler-slackin.herokuapp.com)
|
3
2
|
|
4
3
|
# Bundler: a gem to bundle gems
|
5
4
|
|
@@ -38,7 +37,7 @@ Still stuck? Try [filing an issue](https://github.com/rubygems/rubygems/issues/n
|
|
38
37
|
|
39
38
|
To see what has changed in recent versions of Bundler, see the [CHANGELOG](CHANGELOG.md).
|
40
39
|
|
41
|
-
To get in touch with the Bundler core team and other Bundler users, please join [the Bundler slack](https://slack.bundler
|
40
|
+
To get in touch with the Bundler core team and other Bundler users, please join [the Bundler slack](https://join.slack.com/t/bundler/shared_invite/zt-1rrsuuv3m-OmXKWQf8K6iSla4~F1DBjQ).
|
42
41
|
|
43
42
|
### Contributing
|
44
43
|
|
@@ -4,8 +4,8 @@ module Bundler
|
|
4
4
|
# Represents metadata from when the Bundler gem was built.
|
5
5
|
module BuildMetadata
|
6
6
|
# begin ivars
|
7
|
-
@built_at = "2023-
|
8
|
-
@git_commit_sha = "
|
7
|
+
@built_at = "2023-11-09".freeze
|
8
|
+
@git_commit_sha = "ec2089640".freeze
|
9
9
|
@release = true
|
10
10
|
# end ivars
|
11
11
|
|
@@ -31,7 +31,7 @@ module Bundler
|
|
31
31
|
# commit instance variable then we can't determine its commits SHA.
|
32
32
|
git_dir = File.expand_path("../../../.git", __dir__)
|
33
33
|
if File.directory?(git_dir)
|
34
|
-
return @git_commit_sha =
|
34
|
+
return @git_commit_sha = IO.popen(%w[git rev-parse --short HEAD], { :chdir => git_dir }, &:read).strip.freeze
|
35
35
|
end
|
36
36
|
|
37
37
|
@git_commit_sha ||= "unknown"
|
data/lib/bundler/cli/check.rb
CHANGED
@@ -29,7 +29,7 @@ module Bundler
|
|
29
29
|
Bundler.ui.warn "Install missing gems with `bundle install`"
|
30
30
|
exit 1
|
31
31
|
elsif !Bundler.default_lockfile.file? && Bundler.frozen_bundle?
|
32
|
-
Bundler.ui.error "This bundle has been frozen, but there is no #{
|
32
|
+
Bundler.ui.error "This bundle has been frozen, but there is no #{SharedHelpers.relative_lockfile_path} present"
|
33
33
|
exit 1
|
34
34
|
else
|
35
35
|
Bundler.load.lock(:preserve_unknown_sections => true) unless options[:"dry-run"]
|
data/lib/bundler/cli/gem.rb
CHANGED
@@ -137,10 +137,13 @@ module Bundler
|
|
137
137
|
case config[:ci]
|
138
138
|
when "github"
|
139
139
|
templates.merge!("github/workflows/main.yml.tt" => ".github/workflows/main.yml")
|
140
|
+
config[:ci_config_path] = ".github "
|
140
141
|
when "gitlab"
|
141
142
|
templates.merge!("gitlab-ci.yml.tt" => ".gitlab-ci.yml")
|
143
|
+
config[:ci_config_path] = ".gitlab-ci.yml "
|
142
144
|
when "circle"
|
143
145
|
templates.merge!("circleci/config.yml.tt" => ".circleci/config.yml")
|
146
|
+
config[:ci_config_path] = ".circleci "
|
144
147
|
end
|
145
148
|
|
146
149
|
if ask_and_set(:mit, "Do you want to license your code permissively under the MIT license?",
|
@@ -233,9 +236,7 @@ module Bundler
|
|
233
236
|
end
|
234
237
|
|
235
238
|
if use_git
|
236
|
-
|
237
|
-
`git add .`
|
238
|
-
end
|
239
|
+
IO.popen(%w[git add .], { :chdir => target }, &:read)
|
239
240
|
end
|
240
241
|
|
241
242
|
# Open gemspec in editor
|
data/lib/bundler/cli/info.rb
CHANGED
@@ -33,7 +33,7 @@ module Bundler
|
|
33
33
|
def default_gem_spec(gem_name)
|
34
34
|
return unless Gem::Specification.respond_to?(:find_all_by_name)
|
35
35
|
gem_spec = Gem::Specification.find_all_by_name(gem_name).last
|
36
|
-
|
36
|
+
gem_spec if gem_spec&.default_gem?
|
37
37
|
end
|
38
38
|
|
39
39
|
def spec_not_found(gem_name)
|
data/lib/bundler/cli/install.rb
CHANGED
@@ -28,8 +28,8 @@ module Bundler
|
|
28
28
|
flag = "--deployment flag" if options[:deployment]
|
29
29
|
flag ||= "--frozen flag" if options[:frozen]
|
30
30
|
flag ||= "deployment setting"
|
31
|
-
raise ProductionError, "The #{flag} requires a
|
32
|
-
"sure you have checked your #{
|
31
|
+
raise ProductionError, "The #{flag} requires a lockfile. Please make " \
|
32
|
+
"sure you have checked your #{SharedHelpers.relative_lockfile_path} into version control " \
|
33
33
|
"before deploying."
|
34
34
|
end
|
35
35
|
|
data/lib/bundler/cli/lock.rb
CHANGED
@@ -32,36 +32,39 @@ module Bundler
|
|
32
32
|
elsif update && bundler
|
33
33
|
update = { :bundler => bundler }
|
34
34
|
end
|
35
|
-
definition = Bundler.definition(update)
|
36
35
|
|
37
|
-
Bundler
|
36
|
+
Bundler.settings.temporary(:frozen => false) do
|
37
|
+
definition = Bundler.definition(update)
|
38
38
|
|
39
|
-
|
40
|
-
definition.remove_platform(platform)
|
41
|
-
end
|
39
|
+
Bundler::CLI::Common.configure_gem_version_promoter(definition, options) if options[:update]
|
42
40
|
|
43
|
-
|
44
|
-
|
45
|
-
if platform.to_s == "unknown"
|
46
|
-
Bundler.ui.warn "The platform `#{platform_string}` is unknown to RubyGems " \
|
47
|
-
"and adding it will likely lead to resolution errors"
|
41
|
+
options["remove-platform"].each do |platform|
|
42
|
+
definition.remove_platform(platform)
|
48
43
|
end
|
49
|
-
definition.add_platform(platform)
|
50
|
-
end
|
51
44
|
|
52
|
-
|
53
|
-
|
54
|
-
|
45
|
+
options["add-platform"].each do |platform_string|
|
46
|
+
platform = Gem::Platform.new(platform_string)
|
47
|
+
if platform.to_s == "unknown"
|
48
|
+
Bundler.ui.warn "The platform `#{platform_string}` is unknown to RubyGems " \
|
49
|
+
"and adding it will likely lead to resolution errors"
|
50
|
+
end
|
51
|
+
definition.add_platform(platform)
|
52
|
+
end
|
55
53
|
|
56
|
-
|
54
|
+
if definition.platforms.empty?
|
55
|
+
raise InvalidOption, "Removing all platforms from the bundle is not allowed"
|
56
|
+
end
|
57
|
+
|
58
|
+
definition.resolve_remotely! unless options[:local]
|
57
59
|
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
60
|
+
if print
|
61
|
+
puts definition.to_lock
|
62
|
+
else
|
63
|
+
file = options[:lockfile]
|
64
|
+
file = file ? File.expand_path(file) : Bundler.default_lockfile
|
65
|
+
puts "Writing lockfile to #{file}"
|
66
|
+
definition.lock(file)
|
67
|
+
end
|
65
68
|
end
|
66
69
|
|
67
70
|
Bundler.ui.level = previous_ui_level
|
data/lib/bundler/cli/open.rb
CHANGED
@@ -18,13 +18,11 @@ module Bundler
|
|
18
18
|
Bundler.ui.info "Unable to open #{name} because it's a default gem, so the directory it would normally be installed to does not exist."
|
19
19
|
else
|
20
20
|
root_path = spec.full_gem_path
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
end || Bundler.ui.info("Could not run '#{command.join(" ")}'")
|
27
|
-
end
|
21
|
+
require "shellwords"
|
22
|
+
command = Shellwords.split(editor) << File.join([root_path, path].compact)
|
23
|
+
Bundler.with_original_env do
|
24
|
+
system(*command, { :chdir => root_path })
|
25
|
+
end || Bundler.ui.info("Could not run '#{command.join(" ")}'")
|
28
26
|
end
|
29
27
|
end
|
30
28
|
end
|
data/lib/bundler/cli/update.rb
CHANGED
data/lib/bundler/definition.rb
CHANGED
@@ -149,7 +149,7 @@ module Bundler
|
|
149
149
|
@dependency_changes = converge_dependencies
|
150
150
|
@local_changes = converge_locals
|
151
151
|
|
152
|
-
|
152
|
+
check_lockfile
|
153
153
|
end
|
154
154
|
|
155
155
|
def gem_version_promoter
|
@@ -405,13 +405,13 @@ module Bundler
|
|
405
405
|
msg << "\n\nYou have added to the Gemfile:\n" << added.join("\n") if added.any?
|
406
406
|
msg << "\n\nYou have deleted from the Gemfile:\n" << deleted.join("\n") if deleted.any?
|
407
407
|
msg << "\n\nYou have changed in the Gemfile:\n" << changed.join("\n") if changed.any?
|
408
|
-
msg << "\n\nRun `bundle install` elsewhere and add the updated #{
|
408
|
+
msg << "\n\nRun `bundle install` elsewhere and add the updated #{SharedHelpers.relative_gemfile_path} to version control.\n"
|
409
409
|
|
410
410
|
unless explicit_flag
|
411
411
|
suggested_command = unless Bundler.settings.locations("frozen").keys.include?(:env)
|
412
412
|
"bundle config set frozen false"
|
413
413
|
end
|
414
|
-
msg << "If this is a development machine, remove the #{
|
414
|
+
msg << "If this is a development machine, remove the #{SharedHelpers.relative_lockfile_path} " \
|
415
415
|
"freeze by running `#{suggested_command}`." if suggested_command
|
416
416
|
end
|
417
417
|
|
@@ -452,8 +452,8 @@ module Bundler
|
|
452
452
|
return if current_platform_locked?
|
453
453
|
|
454
454
|
raise ProductionError, "Your bundle only supports platforms #{@platforms.map(&:to_s)} " \
|
455
|
-
"but your local platform is #{
|
456
|
-
"Add the current platform to the lockfile with\n`bundle lock --add-platform #{
|
455
|
+
"but your local platform is #{local_platform}. " \
|
456
|
+
"Add the current platform to the lockfile with\n`bundle lock --add-platform #{local_platform}` and try again."
|
457
457
|
end
|
458
458
|
|
459
459
|
def add_platform(platform)
|
@@ -478,7 +478,7 @@ module Bundler
|
|
478
478
|
private :sources
|
479
479
|
|
480
480
|
def nothing_changed?
|
481
|
-
!@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@missing_lockfile_dep && !@unlocking_bundler
|
481
|
+
!@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@missing_lockfile_dep && !@unlocking_bundler && !@invalid_lockfile_dep
|
482
482
|
end
|
483
483
|
|
484
484
|
def no_resolve_needed?
|
@@ -509,7 +509,7 @@ module Bundler
|
|
509
509
|
def resolution_packages
|
510
510
|
@resolution_packages ||= begin
|
511
511
|
last_resolve = converge_locked_specs
|
512
|
-
|
512
|
+
remove_invalid_platforms!(current_dependencies)
|
513
513
|
packages = Resolver::Base.new(source_requirements, expanded_dependencies, last_resolve, @platforms, :locked_specs => @originally_locked_specs, :unlock => @unlock[:gems], :prerelease => gem_version_promoter.pre?)
|
514
514
|
additional_base_requirements_for_resolve(packages, last_resolve)
|
515
515
|
end
|
@@ -600,7 +600,7 @@ module Bundler
|
|
600
600
|
|
601
601
|
def current_platform_locked?
|
602
602
|
@platforms.any? do |bundle_platform|
|
603
|
-
MatchPlatform.platforms_match?(bundle_platform,
|
603
|
+
MatchPlatform.platforms_match?(bundle_platform, local_platform)
|
604
604
|
end
|
605
605
|
end
|
606
606
|
|
@@ -630,6 +630,7 @@ module Bundler
|
|
630
630
|
[@local_changes, "the gemspecs for git local gems changed"],
|
631
631
|
[@missing_lockfile_dep, "your lock file is missing \"#{@missing_lockfile_dep}\""],
|
632
632
|
[@unlocking_bundler, "an update to the version of Bundler itself was requested"],
|
633
|
+
[@invalid_lockfile_dep, "your lock file has an invalid dependency \"#{@invalid_lockfile_dep}\""],
|
633
634
|
].select(&:first).map(&:last).join(", ")
|
634
635
|
end
|
635
636
|
|
@@ -684,24 +685,38 @@ module Bundler
|
|
684
685
|
!sources_with_changes.each {|source| @unlock[:sources] << source.name }.empty?
|
685
686
|
end
|
686
687
|
|
687
|
-
def
|
688
|
-
|
688
|
+
def check_lockfile
|
689
|
+
@invalid_lockfile_dep = nil
|
690
|
+
@missing_lockfile_dep = nil
|
689
691
|
|
690
|
-
|
691
|
-
|
692
|
+
locked_names = @locked_specs.map(&:name)
|
693
|
+
missing = []
|
694
|
+
invalid = []
|
695
|
+
|
696
|
+
@locked_specs.each do |s|
|
697
|
+
s.dependencies.each do |dep|
|
698
|
+
next if dep.name == "bundler"
|
699
|
+
|
700
|
+
missing << s unless locked_names.include?(dep.name)
|
701
|
+
invalid << s if @locked_specs.none? {|spec| dep.matches_spec?(spec) }
|
702
|
+
end
|
692
703
|
end
|
693
704
|
|
694
705
|
if missing.any?
|
695
706
|
@locked_specs.delete(missing)
|
696
707
|
|
697
|
-
|
708
|
+
@missing_lockfile_dep = missing.first.name
|
709
|
+
elsif !@dependency_changes
|
710
|
+
@missing_lockfile_dep = current_dependencies.find do |d|
|
711
|
+
@locked_specs[d.name].empty? && d.name != "bundler"
|
712
|
+
end&.name
|
698
713
|
end
|
699
714
|
|
700
|
-
|
715
|
+
if invalid.any?
|
716
|
+
@locked_specs.delete(invalid)
|
701
717
|
|
702
|
-
|
703
|
-
|
704
|
-
end&.name
|
718
|
+
@invalid_lockfile_dep = invalid.first.name
|
719
|
+
end
|
705
720
|
end
|
706
721
|
|
707
722
|
def converge_paths
|
@@ -866,7 +881,7 @@ module Bundler
|
|
866
881
|
|
867
882
|
def metadata_dependencies
|
868
883
|
@metadata_dependencies ||= [
|
869
|
-
Dependency.new("Ruby\0",
|
884
|
+
Dependency.new("Ruby\0", Bundler::RubyVersion.system.gem_version),
|
870
885
|
Dependency.new("RubyGems\0", Gem::VERSION),
|
871
886
|
]
|
872
887
|
end
|
@@ -941,17 +956,19 @@ module Bundler
|
|
941
956
|
resolution_packages
|
942
957
|
end
|
943
958
|
|
944
|
-
def
|
945
|
-
return if Bundler.frozen_bundle?
|
946
|
-
|
947
|
-
|
948
|
-
|
959
|
+
def remove_invalid_platforms!(dependencies)
|
960
|
+
return if Bundler.frozen_bundle?
|
961
|
+
|
962
|
+
platforms.each do |platform|
|
963
|
+
next if local_platform == platform ||
|
964
|
+
(@new_platform && platforms.last == platform) ||
|
949
965
|
@path_changes ||
|
950
966
|
@dependency_changes ||
|
951
|
-
!@originally_locked_specs.
|
967
|
+
!@originally_locked_specs.incomplete_for_platform?(dependencies, platform)
|
952
968
|
|
953
|
-
|
954
|
-
|
969
|
+
remove_platform(platform)
|
970
|
+
add_current_platform if platform == Gem::Platform::RUBY
|
971
|
+
end
|
955
972
|
end
|
956
973
|
|
957
974
|
def source_map
|
@@ -94,7 +94,7 @@ module Bundler
|
|
94
94
|
|
95
95
|
def _local_specification
|
96
96
|
return unless @loaded_from && File.exist?(local_specification_path)
|
97
|
-
eval(File.read(local_specification_path)).tap do |spec|
|
97
|
+
eval(File.read(local_specification_path), nil, local_specification_path).tap do |spec|
|
98
98
|
spec.loaded_from = @loaded_from
|
99
99
|
end
|
100
100
|
end
|
data/lib/bundler/env.rb
CHANGED
@@ -40,11 +40,11 @@ module Bundler
|
|
40
40
|
|
41
41
|
out << "\n## Gemfile\n"
|
42
42
|
gemfiles.each do |gemfile|
|
43
|
-
out << "\n### #{
|
43
|
+
out << "\n### #{SharedHelpers.relative_path_to(gemfile)}\n\n"
|
44
44
|
out << "```ruby\n" << read_file(gemfile).chomp << "\n```\n"
|
45
45
|
end
|
46
46
|
|
47
|
-
out << "\n### #{Bundler.default_lockfile
|
47
|
+
out << "\n### #{SharedHelpers.relative_path_to(Bundler.default_lockfile)}\n\n"
|
48
48
|
out << "```\n" << read_file(Bundler.default_lockfile).chomp << "\n```\n"
|
49
49
|
end
|
50
50
|
|
data/lib/bundler/errors.rb
CHANGED
@@ -172,4 +172,19 @@ module Bundler
|
|
172
172
|
|
173
173
|
status_code(36)
|
174
174
|
end
|
175
|
+
|
176
|
+
class InsecureInstallPathError < BundlerError
|
177
|
+
def initialize(path)
|
178
|
+
@path = path
|
179
|
+
end
|
180
|
+
|
181
|
+
def message
|
182
|
+
"The installation path is insecure. Bundler cannot continue.\n" \
|
183
|
+
"#{@path} is world-writable (without sticky bit).\n" \
|
184
|
+
"Bundler cannot safely replace gems in world-writeable directories due to potential vulnerabilities.\n" \
|
185
|
+
"Please change the permissions of this directory or choose a different install path."
|
186
|
+
end
|
187
|
+
|
188
|
+
status_code(38)
|
189
|
+
end
|
175
190
|
end
|
data/lib/bundler/fetcher/base.rb
CHANGED
@@ -35,7 +35,7 @@ module Bundler
|
|
35
35
|
remaining_gems = gem_names.dup
|
36
36
|
|
37
37
|
until remaining_gems.empty?
|
38
|
-
log_specs "Looking up gems #{remaining_gems.inspect}"
|
38
|
+
log_specs { "Looking up gems #{remaining_gems.inspect}" }
|
39
39
|
|
40
40
|
deps = begin
|
41
41
|
parallel_compact_index_client.dependencies(remaining_gems)
|
@@ -60,10 +60,6 @@ module Bundler
|
|
60
60
|
Bundler.ui.debug("FIPS mode is enabled, bundler can't use the CompactIndex API")
|
61
61
|
return nil
|
62
62
|
end
|
63
|
-
if fetch_uri.scheme == "file"
|
64
|
-
Bundler.ui.debug("Using a local server, bundler won't use the CompactIndex API")
|
65
|
-
return false
|
66
|
-
end
|
67
63
|
# Read info file checksums out of /versions, so we can know if gems are up to date
|
68
64
|
compact_index_client.update_and_parse_checksums!
|
69
65
|
rescue CompactIndexClient::Updater::MisMatchedChecksumError => e
|
@@ -24,7 +24,7 @@ module Bundler
|
|
24
24
|
def specs(gem_names, full_dependency_list = [], last_spec_list = [])
|
25
25
|
query_list = gem_names.uniq - full_dependency_list
|
26
26
|
|
27
|
-
log_specs "Query List: #{query_list.inspect}"
|
27
|
+
log_specs { "Query List: #{query_list.inspect}" }
|
28
28
|
|
29
29
|
return last_spec_list if query_list.empty?
|
30
30
|
|
data/lib/bundler/fetcher.rb
CHANGED
@@ -9,6 +9,7 @@ require "rubygems/request"
|
|
9
9
|
module Bundler
|
10
10
|
# Handles all the fetching with the rubygems server
|
11
11
|
class Fetcher
|
12
|
+
autoload :Base, File.expand_path("fetcher/base", __dir__)
|
12
13
|
autoload :CompactIndex, File.expand_path("fetcher/compact_index", __dir__)
|
13
14
|
autoload :Downloader, File.expand_path("fetcher/downloader", __dir__)
|
14
15
|
autoload :Dependency, File.expand_path("fetcher/dependency", __dir__)
|
@@ -134,18 +135,7 @@ module Bundler
|
|
134
135
|
def specs(gem_names, source)
|
135
136
|
index = Bundler::Index.new
|
136
137
|
|
137
|
-
|
138
|
-
@use_api = false
|
139
|
-
specs = fetchers.last.specs(gem_names)
|
140
|
-
else
|
141
|
-
specs = []
|
142
|
-
@fetchers = fetchers.drop_while do |f|
|
143
|
-
!f.available? || (f.api_fetcher? && !gem_names) || !specs = f.specs(gem_names)
|
144
|
-
end
|
145
|
-
@use_api = false if fetchers.none?(&:api_fetcher?)
|
146
|
-
end
|
147
|
-
|
148
|
-
specs.each do |name, version, platform, dependencies, metadata|
|
138
|
+
fetch_specs(gem_names).each do |name, version, platform, dependencies, metadata|
|
149
139
|
spec = if dependencies
|
150
140
|
EndpointSpecification.new(name, version, platform, self, dependencies, metadata)
|
151
141
|
else
|
@@ -158,22 +148,10 @@ module Bundler
|
|
158
148
|
|
159
149
|
index
|
160
150
|
rescue CertificateFailureError
|
161
|
-
Bundler.ui.info "" if gem_names &&
|
151
|
+
Bundler.ui.info "" if gem_names && api_fetcher? # newline after dots
|
162
152
|
raise
|
163
153
|
end
|
164
154
|
|
165
|
-
def use_api
|
166
|
-
return @use_api if defined?(@use_api)
|
167
|
-
|
168
|
-
fetchers.shift until fetchers.first.available?
|
169
|
-
|
170
|
-
@use_api = if remote_uri.scheme == "file" || Bundler::Fetcher.disable_endpoint
|
171
|
-
false
|
172
|
-
else
|
173
|
-
fetchers.first.api_fetcher?
|
174
|
-
end
|
175
|
-
end
|
176
|
-
|
177
155
|
def user_agent
|
178
156
|
@user_agent ||= begin
|
179
157
|
ruby = Bundler::RubyVersion.system
|
@@ -209,10 +187,6 @@ module Bundler
|
|
209
187
|
end
|
210
188
|
end
|
211
189
|
|
212
|
-
def fetchers
|
213
|
-
@fetchers ||= FETCHERS.map {|f| f.new(downloader, @remote, uri) }
|
214
|
-
end
|
215
|
-
|
216
190
|
def http_proxy
|
217
191
|
return unless uri = connection.proxy_uri
|
218
192
|
uri.to_s
|
@@ -222,9 +196,36 @@ module Bundler
|
|
222
196
|
"#<#{self.class}:0x#{object_id} uri=#{uri}>"
|
223
197
|
end
|
224
198
|
|
199
|
+
def api_fetcher?
|
200
|
+
fetchers.first.api_fetcher?
|
201
|
+
end
|
202
|
+
|
225
203
|
private
|
226
204
|
|
227
|
-
|
205
|
+
def available_fetchers
|
206
|
+
if Bundler::Fetcher.disable_endpoint
|
207
|
+
[Index]
|
208
|
+
elsif remote_uri.scheme == "file"
|
209
|
+
Bundler.ui.debug("Using a local server, bundler won't use the CompactIndex API")
|
210
|
+
[Index]
|
211
|
+
else
|
212
|
+
[CompactIndex, Dependency, Index]
|
213
|
+
end
|
214
|
+
end
|
215
|
+
|
216
|
+
def fetchers
|
217
|
+
@fetchers ||= available_fetchers.map {|f| f.new(downloader, @remote, uri) }.drop_while {|f| !f.available? }
|
218
|
+
end
|
219
|
+
|
220
|
+
def fetch_specs(gem_names)
|
221
|
+
fetchers.reject!(&:api_fetcher?) unless gem_names
|
222
|
+
fetchers.reject! do |f|
|
223
|
+
specs = f.specs(gem_names)
|
224
|
+
return specs if specs
|
225
|
+
true
|
226
|
+
end
|
227
|
+
[]
|
228
|
+
end
|
228
229
|
|
229
230
|
def cis
|
230
231
|
env_cis = {
|