bundler 2.5.16 → 2.6.2

data/lib/bundler/templates/newgem/github/workflows/main.yml.tt

@@ -17,21 +17,21 @@ jobs:
           - '<%= RUBY_VERSION %>'
 
     steps:
-    - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 <%- if config[:ext] == 'rust' -%>
-    - name: Set up Ruby & Rust
-      uses: oxidize-rb/actions/setup-ruby-and-rust@v1
-      with:
-        ruby-version: ${{ matrix.ruby }}
-        bundler-cache: true
-        cargo-cache: true
-        rubygems: '<%= ::Gem.rubygems_version %>'
+      - name: Set up Ruby & Rust
+        uses: oxidize-rb/actions/setup-ruby-and-rust@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+          cargo-cache: true
+          rubygems: '<%= ::Gem.rubygems_version %>'
 <%- else -%>
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: ${{ matrix.ruby }}
-        bundler-cache: true
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
 <%- end -%>
-    - name: Run the default task
-      run: bundle exec rake
+      - name: Run the default task
+        run: bundle exec rake

data/lib/bundler/templates/newgem/newgem.gemspec.tt

@@ -37,15 +37,15 @@ Gem::Specification.new do |spec|
   spec.bindir = "exe"
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
-<%- if config[:ext] == 'c' -%>
+<%- if config[:ext] == 'c' || config[:ext] == 'rust' -%>
   spec.extensions = ["ext/<%= config[:underscored_name] %>/extconf.rb"]
 <%- end -%>
-<%- if config[:ext] == 'rust' -%>
-  spec.extensions = ["ext/<%= config[:underscored_name] %>/Cargo.toml"]
-<%- end -%>
 
   # Uncomment to register a new dependency of your gem
   # spec.add_dependency "example-gem", "~> 1.0"
+<%- if config[:ext] == 'rust' -%>
+  spec.add_dependency "rb_sys", "~> 0.9.91"
+<%- end -%>
 
   # For more information and examples about making a new gem, check out our
   # guide at: https://bundler.io/guides/creating_gem.html

data/lib/bundler/ui/shell.rb

@@ -6,14 +6,17 @@ module Bundler
   module UI
     class Shell
       LEVELS = %w[silent error warn confirm info debug].freeze
+      OUTPUT_STREAMS = [:stdout, :stderr].freeze
 
       attr_writer :shell
+      attr_reader :output_stream
 
       def initialize(options = {})
         Thor::Base.shell = options["no-color"] ? Thor::Shell::Basic : nil
         @shell = Thor::Base.shell.new
         @level = ENV["DEBUG"] ? "debug" : "info"
         @warning_history = []
+        @output_stream = :stdout
       end
 
       def add_color(string, *color)
@@ -84,7 +87,7 @@ module Bundler
         @shell.yes?(msg)
       end
 
-      def no?
+      def no?(msg)
         @shell.no?(msg)
       end
 
@@ -101,6 +104,11 @@ module Bundler
         index <= LEVELS.index(@level)
       end
 
+      def output_stream=(symbol)
+        raise ArgumentError unless OUTPUT_STREAMS.include?(symbol)
+        @output_stream = symbol
+      end
+
       def trace(e, newline = nil, force = false)
         return unless debug? || force
         msg = "#{e.class}: #{e.message}\n#{e.backtrace.join("\n  ")}"
@@ -111,6 +119,10 @@ module Bundler
         with_level("silent", &blk)
       end
 
+      def progress(&blk)
+        with_output_stream(:stderr, &blk)
+      end
+
       def unprinted_warnings
         []
       end
@@ -119,6 +131,8 @@ module Bundler
 
       # valimism
       def tell_me(msg, color = nil, newline = nil)
+        return tell_err(msg, color, newline) if output_stream == :stderr
+
         msg = word_wrap(msg) if newline.is_a?(Hash) && newline[:wrap]
         if newline.nil?
           @shell.say(msg, color)
@@ -130,7 +144,7 @@ module Bundler
       def tell_err(message, color = nil, newline = nil)
         return if @shell.send(:stderr).closed?
 
-        newline ||= !message.to_s.match?(/( |\t)\Z/)
+        newline = !message.to_s.match?(/( |\t)\Z/) if newline.nil?
         message = word_wrap(message) if newline.is_a?(Hash) && newline[:wrap]
 
         color = nil if color && !$stderr.tty?
@@ -160,6 +174,14 @@ module Bundler
       ensure
         @level = original
       end
+
+      def with_output_stream(symbol)
+        original = output_stream
+        self.output_stream = symbol
+        yield
+      ensure
+        @output_stream = original
+      end
     end
   end
 end

data/lib/bundler/ui/silent.rb

@@ -53,6 +53,13 @@ module Bundler
         false
       end
 
+      def output_stream=(_symbol)
+      end
+
+      def output_stream
+        nil
+      end
+
       def ask(message)
       end
 
@@ -60,7 +67,7 @@ module Bundler
         raise "Cannot ask yes? with a silent shell"
       end
 
-      def no?
+      def no?(msg)
         raise "Cannot ask no? with a silent shell"
       end
 
@@ -77,6 +84,10 @@ module Bundler
         yield
       end
 
+      def progress
+        yield
+      end
+
       def unprinted_warnings
         @warnings
       end

data/lib/bundler/uri_credentials_filter.rb

@@ -16,7 +16,7 @@ module Bundler
 
       if uri.userinfo
         # oauth authentication
-        if uri.password == "x-oauth-basic" || uri.password == "x"
+        if uri.password == "x-oauth-basic" || uri.password == "x" || uri.password.nil?
           # URI as string does not display with password if no user is set
           oauth_designation = uri.password
           uri.user = oauth_designation

data/lib/bundler/vendor/fileutils/COPYING

@@ -0,0 +1,56 @@
+Ruby is copyrighted free software by Yukihiro Matsumoto <matz@netlab.jp>.
+You can redistribute it and/or modify it under either the terms of the
+2-clause BSDL (see the file BSDL), or the conditions below:
+
+1. You may make and give away verbatim copies of the source form of the
+   software without restriction, provided that you duplicate all of the
+   original copyright notices and associated disclaimers.
+
+2. You may modify your copy of the software in any way, provided that
+   you do at least ONE of the following:
+
+   a. place your modifications in the Public Domain or otherwise
+      make them Freely Available, such as by posting said
+      modifications to Usenet or an equivalent medium, or by allowing
+      the author to include your modifications in the software.
+
+   b. use the modified software only within your corporation or
+      organization.
+
+   c. give non-standard binaries non-standard names, with
+      instructions on where to get the original software distribution.
+
+   d. make other distribution arrangements with the author.
+
+3. You may distribute the software in object code or binary form,
+   provided that you do at least ONE of the following:
+
+   a. distribute the binaries and library files of the software,
+      together with instructions (in the manual page or equivalent)
+      on where to get the original distribution.
+
+   b. accompany the distribution with the machine-readable source of
+      the software.
+
+   c. give non-standard binaries non-standard names, with
+      instructions on where to get the original software distribution.
+
+   d. make other distribution arrangements with the author.
+
+4. You may modify and include the part of the software into any other
+   software (possibly commercial).  But some files in the distribution
+   are not written by the author, so that they are not under these terms.
+
+   For the list of those files and their copying conditions, see the
+   file LEGAL.
+
+5. The scripts and library files supplied as input to or produced as
+   output from the software do not automatically fall under the
+   copyright of the software, but belong to whomever generated them,
+   and may be sold commercially, and may be aggregated with this
+   software.
+
+6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
+   IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+   PURPOSE.

data/lib/bundler/vendor/fileutils/lib/fileutils.rb

@@ -180,7 +180,8 @@ end
 # - {CVE-2004-0452}[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452].
 #
 module Bundler::FileUtils
-  VERSION = "1.7.2"
+  # The version number.
+  VERSION = "1.7.3"
 
   def self.private_module_function(name)   #:nodoc:
     module_function name
@@ -1651,7 +1652,7 @@ module Bundler::FileUtils
       when "a"
         mask | 07777
       else
-        raise ArgumentError, "invalid `who' symbol in file mode: #{chr}"
+        raise ArgumentError, "invalid 'who' symbol in file mode: #{chr}"
       end
     end
   end
@@ -1705,7 +1706,7 @@ module Bundler::FileUtils
             copy_mask = user_mask(chr)
             (current_mode & copy_mask) / (copy_mask & 0111) * (user_mask & 0111)
           else
-            raise ArgumentError, "invalid `perm' symbol in file mode: #{chr}"
+            raise ArgumentError, "invalid 'perm' symbol in file mode: #{chr}"
           end
         end
 
@@ -2028,21 +2029,22 @@ module Bundler::FileUtils
 
   private
 
-  module StreamUtils_
+  module StreamUtils_ # :nodoc:
+
     private
 
     case (defined?(::RbConfig) ? ::RbConfig::CONFIG['host_os'] : ::RUBY_PLATFORM)
     when /mswin|mingw/
-      def fu_windows?; true end
+      def fu_windows?; true end #:nodoc:
     else
-      def fu_windows?; false end
+      def fu_windows?; false end #:nodoc:
     end
 
     def fu_copy_stream0(src, dest, blksize = nil)   #:nodoc:
       IO.copy_stream(src, dest)
     end
 
-    def fu_stream_blksize(*streams)
+    def fu_stream_blksize(*streams) #:nodoc:
       streams.each do |s|
         next unless s.respond_to?(:stat)
         size = fu_blksize(s.stat)
@@ -2051,14 +2053,14 @@ module Bundler::FileUtils
       fu_default_blksize()
     end
 
-    def fu_blksize(st)
+    def fu_blksize(st) #:nodoc:
       s = st.blksize
       return nil unless s
       return nil if s == 0
       s
     end
 
-    def fu_default_blksize
+    def fu_default_blksize #:nodoc:
       1024
     end
   end
@@ -2503,7 +2505,7 @@ module Bundler::FileUtils
   end
   private_module_function :fu_output_message
 
-  def fu_split_path(path)
+  def fu_split_path(path) #:nodoc:
     path = File.path(path)
     list = []
     until (parent, base = File.split(path); parent == path or parent == ".")
@@ -2524,7 +2526,7 @@ module Bundler::FileUtils
   end
   private_module_function :fu_relative_components_from
 
-  def fu_clean_components(*comp)
+  def fu_clean_components(*comp) #:nodoc:
     comp.shift while comp.first == "."
     return comp if comp.empty?
     clean = [comp.shift]
@@ -2543,11 +2545,11 @@ module Bundler::FileUtils
   private_module_function :fu_clean_components
 
   if fu_windows?
-    def fu_starting_path?(path)
+    def fu_starting_path?(path) #:nodoc:
       path&.start_with?(%r(\w:|/))
     end
   else
-    def fu_starting_path?(path)
+    def fu_starting_path?(path) #:nodoc:
       path&.start_with?("/")
     end
   end

data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb

@@ -68,6 +68,8 @@ autoload :OpenSSL, 'openssl'
 # #verify_callback    :: For server certificate verification
 # #verify_depth       :: Depth of certificate verification
 # #verify_mode        :: How connections should be verified
+# #verify_hostname    :: Use hostname verification for server certificate
+#                        during the handshake
 #
 # == Proxies
 #
@@ -174,7 +176,7 @@ class Gem::Net::HTTP::Persistent
   ##
   # The version of Gem::Net::HTTP::Persistent you are using
 
-  VERSION = '4.0.2'
+  VERSION = '4.0.4'
 
   ##
   # Error class for errors raised by Gem::Net::HTTP::Persistent.  Various
@@ -449,6 +451,21 @@ class Gem::Net::HTTP::Persistent
 
   attr_reader :verify_mode
 
+  ##
+  # HTTPS verify_hostname.
+  #
+  # If a client sets this to true and enables SNI with SSLSocket#hostname=,
+  # the hostname verification on the server certificate is performed
+  # automatically during the handshake using
+  # OpenSSL::SSL.verify_certificate_identity().
+  #
+  # You can set +verify_hostname+ as true to use hostname verification
+  # during the handshake.
+  #
+  # NOTE: This works with Ruby > 3.0.
+
+  attr_reader :verify_hostname
+
   ##
   # Creates a new Gem::Net::HTTP::Persistent.
   #
@@ -508,6 +525,7 @@ class Gem::Net::HTTP::Persistent
     @verify_callback    = nil
     @verify_depth       = nil
     @verify_mode        = nil
+    @verify_hostname    = nil
     @cert_store         = nil
 
     @generation         = 0 # incremented when proxy Gem::URI changes
@@ -607,13 +625,23 @@ class Gem::Net::HTTP::Persistent
 
     return yield connection
   rescue Errno::ECONNREFUSED
-    address = http.proxy_address || http.address
-    port    = http.proxy_port    || http.port
+    if http.proxy?
+      address = http.proxy_address
+      port    = http.proxy_port
+    else
+      address = http.address
+      port    = http.port
+    end
 
     raise Error, "connection refused: #{address}:#{port}"
   rescue Errno::EHOSTDOWN
-    address = http.proxy_address || http.address
-    port    = http.proxy_port    || http.port
+    if http.proxy?
+      address = http.proxy_address
+      port    = http.proxy_port
+    else
+      address = http.address
+      port    = http.port
+    end
 
     raise Error, "host down: #{address}:#{port}"
   ensure
@@ -948,8 +976,10 @@ class Gem::Net::HTTP::Persistent
     connection.min_version = @min_version if @min_version
     connection.max_version = @max_version if @max_version
 
-    connection.verify_depth = @verify_depth
-    connection.verify_mode  = @verify_mode
+    connection.verify_depth    = @verify_depth
+    connection.verify_mode     = @verify_mode
+    connection.verify_hostname = @verify_hostname if
+      @verify_hostname != nil && connection.respond_to?(:verify_hostname=)
 
     if OpenSSL::SSL::VERIFY_PEER == OpenSSL::SSL::VERIFY_NONE and
        not Object.const_defined?(:I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG) then
@@ -1058,6 +1088,15 @@ application:
     reconnect_ssl
   end
 
+  ##
+  # Sets the HTTPS verify_hostname.
+
+  def verify_hostname= verify_hostname
+    @verify_hostname = verify_hostname
+
+    reconnect_ssl
+  end
+
   ##
   # SSL verification callback.
 
@@ -1070,4 +1109,3 @@ end
 
 require_relative 'persistent/connection'
 require_relative 'persistent/pool'
-

data/lib/bundler/vendor/securerandom/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/vendor/securerandom/COPYING

@@ -0,0 +1,56 @@
+Ruby is copyrighted free software by Yukihiro Matsumoto <matz@netlab.jp>.
+You can redistribute it and/or modify it under either the terms of the
+2-clause BSDL (see the file BSDL), or the conditions below:
+
+1. You may make and give away verbatim copies of the source form of the
+   software without restriction, provided that you duplicate all of the
+   original copyright notices and associated disclaimers.
+
+2. You may modify your copy of the software in any way, provided that
+   you do at least ONE of the following:
+
+   a. place your modifications in the Public Domain or otherwise
+      make them Freely Available, such as by posting said
+      modifications to Usenet or an equivalent medium, or by allowing
+      the author to include your modifications in the software.
+
+   b. use the modified software only within your corporation or
+      organization.
+
+   c. give non-standard binaries non-standard names, with
+      instructions on where to get the original software distribution.
+
+   d. make other distribution arrangements with the author.
+
+3. You may distribute the software in object code or binary form,
+   provided that you do at least ONE of the following:
+
+   a. distribute the binaries and library files of the software,
+      together with instructions (in the manual page or equivalent)
+      on where to get the original distribution.
+
+   b. accompany the distribution with the machine-readable source of
+      the software.
+
+   c. give non-standard binaries non-standard names, with
+      instructions on where to get the original software distribution.
+
+   d. make other distribution arrangements with the author.
+
+4. You may modify and include the part of the software into any other
+   software (possibly commercial).  But some files in the distribution
+   are not written by the author, so that they are not under these terms.
+
+   For the list of those files and their copying conditions, see the
+   file LEGAL.
+
+5. The scripts and library files supplied as input to or produced as
+   output from the software do not automatically fall under the
+   copyright of the software, but belong to whomever generated them,
+   and may be sold commercially, and may be aggregated with this
+   software.
+
+6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
+   IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+   PURPOSE.

data/lib/bundler/vendor/securerandom/lib/securerandom.rb

@@ -0,0 +1,102 @@
+# -*- coding: us-ascii -*-
+# frozen_string_literal: true
+
+require 'random/formatter'
+
+# == Secure random number generator interface.
+#
+# This library is an interface to secure random number generators which are
+# suitable for generating session keys in HTTP cookies, etc.
+#
+# You can use this library in your application by requiring it:
+#
+#   require 'bundler/vendor/securerandom/lib/securerandom'
+#
+# It supports the following secure random number generators:
+#
+# * openssl
+# * /dev/urandom
+# * Win32
+#
+# Bundler::SecureRandom is extended by the Random::Formatter module which
+# defines the following methods:
+#
+# * alphanumeric
+# * base64
+# * choose
+# * gen_random
+# * hex
+# * rand
+# * random_bytes
+# * random_number
+# * urlsafe_base64
+# * uuid
+#
+# These methods are usable as class methods of Bundler::SecureRandom such as
+# +Bundler::SecureRandom.hex+.
+#
+# If a secure random number generator is not available,
+# +NotImplementedError+ is raised.
+
+module Bundler::SecureRandom
+
+  # The version
+  VERSION = "0.4.1"
+
+  class << self
+    # Returns a random binary string containing +size+ bytes.
+    #
+    # See Random.bytes
+    def bytes(n)
+      return gen_random(n)
+    end
+
+    # Compatibility methods for Ruby 3.2, we can remove this after dropping to support Ruby 3.2
+    def alphanumeric(n = nil, chars: ALPHANUMERIC)
+      n = 16 if n.nil?
+      choose(chars, n)
+    end if RUBY_VERSION < '3.3'
+
+    private
+
+    # :stopdoc:
+
+    # Implementation using OpenSSL
+    def gen_random_openssl(n)
+      return OpenSSL::Random.random_bytes(n)
+    end
+
+    # Implementation using system random device
+    def gen_random_urandom(n)
+      ret = Random.urandom(n)
+      unless ret
+        raise NotImplementedError, "No random device"
+      end
+      unless ret.length == n
+        raise NotImplementedError, "Unexpected partial read from random device: only #{ret.length} for #{n} bytes"
+      end
+      ret
+    end
+
+    begin
+      # Check if Random.urandom is available
+      Random.urandom(1)
+      alias gen_random gen_random_urandom
+    rescue RuntimeError
+      begin
+        require 'openssl'
+      rescue NoMethodError
+        raise NotImplementedError, "No random device"
+      else
+        alias gen_random gen_random_openssl
+      end
+    end
+
+    # :startdoc:
+
+    # Generate random data bytes for Random::Formatter
+    public :gen_random
+  end
+end
+
+Bundler::SecureRandom.extend(Random::Formatter)

data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb

@@ -10,7 +10,6 @@ class Bundler::Thor
     # destination<String>:: the relative path to the destination root.
     # config<Hash>:: give :verbose => false to not log the status, and
     #                :mode => :preserve, to preserve the file mode from the source.
-
     #
     # ==== Examples
     #
@@ -275,9 +274,8 @@ class Bundler::Thor
       end
     end
 
-    # Uncomment all lines matching a given regex.  It will leave the space
-    # which existed before the comment hash in tact but will remove any spacing
-    # between the comment hash and the beginning of the line.
+    # Uncomment all lines matching a given regex. Preserves indentation before
+    # the comment hash and removes the hash and any immediate following space.
     #
     # ==== Parameters
     # path<String>:: path of the file to be changed
@@ -291,7 +289,7 @@ class Bundler::Thor
     def uncomment_lines(path, flag, *args)
       flag = flag.respond_to?(:source) ? flag.source : flag
 
-      gsub_file(path, /^(\s*)#[[:blank:]]*(.*#{flag})/, '\1\2', *args)
+      gsub_file(path, /^(\s*)#[[:blank:]]?(.*#{flag})/, '\1\2', *args)
     end
 
     # Comment all lines matching a given regex.  It will leave the space

data/lib/bundler/vendor/thor/lib/thor/group.rb

@@ -211,6 +211,17 @@ class Bundler::Thor::Group
       raise error, msg
     end
 
+    # Checks if a specified command exists.
+    #
+    # ==== Parameters
+    # command_name<String>:: The name of the command to check for existence.
+    #
+    # ==== Returns
+    # Boolean:: +true+ if the command exists, +false+ otherwise.
+    def command_exists?(command_name) #:nodoc:
+      commands.keys.include?(command_name)
+    end
+
   protected
 
     # The method responsible for dispatching given the args.

data/lib/bundler/vendor/thor/lib/thor/parser/argument.rb

@@ -26,10 +26,7 @@ class Bundler::Thor
 
     def print_default
       if @type == :array and @default.is_a?(Array)
-        @default.map { |x|
-          p = x.gsub('"','\\"')
-          "\"#{p}\""
-        }.join(" ")
+        @default.map(&:dump).join(" ")
       else
         @default
       end

data/lib/bundler/vendor/thor/lib/thor/parser/option.rb

@@ -89,8 +89,8 @@ class Bundler::Thor
 
       sample = "[#{sample}]".dup unless required?
 
-      if boolean?
-        sample << ", [#{dasherize('no-' + human_name)}]" unless (name == "force") || name.match(/\Ano[\-_]/)
+      if boolean? && name != "force" && !name.match(/\A(no|skip)[\-_]/)
+        sample << ", [#{dasherize('no-' + human_name)}], [#{dasherize('skip-' + human_name)}]"
       end
 
       aliases_for_usage.ljust(padding) + sample