bundler 2.6.3 → 2.6.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3feddb9042d8a7e98b180bdccc1fc1589782cbd67d813abb63aac8a84028a811
-  data.tar.gz: 2f8ed118d6ca1e4e4301e977e23bd94897bbb5fc79c8b4a5799fe47f3ee306f1
+  metadata.gz: e6db19c6c72f2c38f056adfac393dcfebd51e4ae14eee0fc6a1b8122ba5f9f92
+  data.tar.gz: a83020c6d99aef70bee13b2ea4ef794dc0a5804aba44baff57a9a90777070361
 SHA512:
-  metadata.gz: 628abd13ffccef88bb5eebf10c73bc40157b8cd0e5d1b07930be534b5b161732710c5794fd5efa830a7d493f2af0bf58bf1aa3601ea9ba0c56aee8f2ca0cdd77
-  data.tar.gz: fbca6f3eba226a373edce1d0987a31d07fbb0ea0ce8d8ebd05cda8a6184c22158a25090317173f4b1e839d6b45c31bfe9dee9f7cb8c26bbfb05670947fe8bf09
+  metadata.gz: 6ebc0d4dda2d618578455c0d322008014beb2c81671f271bed81d904ace7c6871fbf25b2aa584b5331244814987299fc6b0aebe69ed4d02c2411db41a819c47f
+  data.tar.gz: aacaaef051b9e0f1fd08b24892e3f1b995d7c88ed3e9b4b401c94f922e4632bef37b02f8fdaac4dcc2457dde8bb45bd558f5410a6e514f41a6a8ee42899ba7f1

data/CHANGELOG.md

@@ -1,3 +1,34 @@
+# 2.6.4 (February 17, 2025)
+
+## Enhancements:
+
+  - Make Bundler never instantiate development dependencies [#8486](https://github.com/rubygems/rubygems/pull/8486)
+  - Fix some invalid options to `gem` DSL not getting reported as invalid [#8480](https://github.com/rubygems/rubygems/pull/8480)
+  - Add `irb` to a Gemfile for a newly created gem [#8467](https://github.com/rubygems/rubygems/pull/8467)
+  - Auto-heal empty installation directory [#8457](https://github.com/rubygems/rubygems/pull/8457)
+  - Fix `bundle console` unnecessarily trying to load IRB twice [#8443](https://github.com/rubygems/rubygems/pull/8443)
+  - Add ruby_34 and ruby_35 as valid platform: [#8430](https://github.com/rubygems/rubygems/pull/8430)
+  - Consider gems under `platform: :windows` filter in Gemfile when running on Windows with ARM architecture [#8428](https://github.com/rubygems/rubygems/pull/8428)
+
+## Bug fixes:
+
+  - Fix regression when running `bundle update <foo>` would sometimes downgrade a top level dependency [#8491](https://github.com/rubygems/rubygems/pull/8491)
+  - Fix dependency locking when Bundler finds incorrect lockfile dependencies [#8489](https://github.com/rubygems/rubygems/pull/8489)
+  - Raise error when lockfile is missing deps in frozen mode [#8483](https://github.com/rubygems/rubygems/pull/8483)
+  - Fix `bundle install --prefer-local` sometimes installing very old versions [#8484](https://github.com/rubygems/rubygems/pull/8484)
+  - Fix incorrect error message when running `bundle update` in frozen mode [#8481](https://github.com/rubygems/rubygems/pull/8481)
+  - Keep platform variants in `vendor/cache` even if incompatible with the current Ruby version [#8471](https://github.com/rubygems/rubygems/pull/8471)
+  - Fix `bundle console` printing bug report template incorrectly [#8436](https://github.com/rubygems/rubygems/pull/8436)
+  - Fix `--prefer-local` not respecting default gems [#8412](https://github.com/rubygems/rubygems/pull/8412)
+
+## Performance:
+
+  - Improve resolution performance [#8458](https://github.com/rubygems/rubygems/pull/8458)
+
+## Documentation:
+
+  - Fix more broken links [#8416](https://github.com/rubygems/rubygems/pull/8416)
+
 # 2.6.3 (January 16, 2025)
 
 ## Enhancements:

data/README.md

@@ -41,7 +41,7 @@ To get in touch with the Bundler core team and other Bundler users, please join
 
 ### Contributing
 
-If you'd like to contribute to Bundler, that's awesome, and we <3 you. We've put together [the Bundler contributor guide](https://github.com/rubygems/rubygems/blob/master/bundler/doc/contributing/README.md) with all of the information you need to get started.
+If you'd like to contribute to Bundler, that's awesome, and we <3 you. We've put together [the Bundler contributor guide](https://github.com/rubygems/rubygems/blob/master/doc/bundler/contributing/README.md) with all of the information you need to get started.
 
 If you'd like to request a substantial change to Bundler or its documentation, refer to the [Bundler RFC process](https://github.com/rubygems/rfcs) for more information.
 

data/lib/bundler/build_metadata.rb

@@ -4,8 +4,8 @@ module Bundler
   # Represents metadata from when the Bundler gem was built.
   module BuildMetadata
     # begin ivars
-    @built_at = "2025-01-16".freeze
-    @git_commit_sha = "3c7c4ff2d8f".freeze
+    @built_at = "2025-02-17".freeze
+    @git_commit_sha = "87f7bf0ac12".freeze
     @release = true
     # end ivars
 

data/lib/bundler/cli/console.rb

@@ -20,9 +20,14 @@ module Bundler
       require name
       get_constant(name)
     rescue LoadError
-      Bundler.ui.error "Couldn't load console #{name}, falling back to irb"
-      require "irb"
-      get_constant("irb")
+      if name == "irb"
+        Bundler.ui.error "#{name} is not available"
+        exit 1
+      else
+        Bundler.ui.error "Couldn't load console #{name}, falling back to irb"
+        name = "irb"
+        retry
+      end
     end
 
     def get_constant(name)
@@ -32,9 +37,6 @@ module Bundler
         "irb" => :IRB,
       }[name]
       Object.const_get(const_name)
-    rescue NameError
-      Bundler.ui.error "Could not find constant #{const_name}"
-      exit 1
     end
   end
 end

data/lib/bundler/cli/doctor.rb

@@ -2,7 +2,6 @@
 
 require "rbconfig"
 require "shellwords"
-require "fiddle"
 
 module Bundler
   class CLI::Doctor
@@ -57,6 +56,14 @@ module Bundler
       Dir.glob("#{spec.full_gem_path}/**/*.bundle")
     end
 
+    def lookup_with_fiddle(path)
+      require "fiddle"
+      Fiddle.dlopen(path)
+      false
+    rescue Fiddle::DLError
+      true
+    end
+
     def check!
       require_relative "check"
       Bundler::CLI::Check.new({}).run
@@ -73,10 +80,7 @@ module Bundler
       definition.specs.each do |spec|
         bundles_for_gem(spec).each do |bundle|
           bad_paths = dylibs(bundle).select do |f|
-            Fiddle.dlopen(f)
-            false
-          rescue Fiddle::DLError
-            true
+            lookup_with_fiddle(f)
           end
           if bad_paths.any?
             broken_links[spec] ||= []

data/lib/bundler/cli/info.rb

@@ -39,8 +39,8 @@ module Bundler
         path = File.expand_path("../../..", __dir__)
       else
         path = spec.full_gem_path
-        if spec.deleted_gem?
-          return Bundler.ui.warn "The gem #{name} has been deleted. It was installed at: #{path}"
+        if spec.installation_missing?
+          return Bundler.ui.warn "The gem #{name} is missing. It should be installed at #{path}, but was not found"
         end
       end
 
@@ -65,8 +65,8 @@ module Bundler
       gem_info << "\tDefault Gem: yes\n" if spec.respond_to?(:default_gem?) && spec.default_gem?
       gem_info << "\tReverse Dependencies: \n\t\t#{gem_dependencies.join("\n\t\t")}" if gem_dependencies.any?
 
-      if name != "bundler" && spec.deleted_gem?
-        return Bundler.ui.warn "The gem #{name} has been deleted. Gemspec information is still available though:\n#{gem_info}"
+      if name != "bundler" && spec.installation_missing?
+        return Bundler.ui.warn "The gem #{name} is missing. Gemspec information is still available though:\n#{gem_info}"
       end
 
       Bundler.ui.info gem_info

data/lib/bundler/cli/issue.rb

@@ -10,7 +10,7 @@ module Bundler
         be sure to check out these resources:
 
         1. Check out our troubleshooting guide for quick fixes to common issues:
-        https://github.com/rubygems/rubygems/blob/master/bundler/doc/TROUBLESHOOTING.md
+        https://github.com/rubygems/rubygems/blob/master/doc/bundler/TROUBLESHOOTING.md
 
         2. Instructions for common Bundler uses can be found on the documentation
         site: https://bundler.io/

data/lib/bundler/cli/show.rb

@@ -24,7 +24,7 @@ module Bundler
           return unless spec
           path = spec.full_gem_path
           unless File.directory?(path)
-            return Bundler.ui.warn "The gem #{gem_name} has been deleted. It was installed at: #{path}"
+            return Bundler.ui.warn "The gem #{gem_name} is missing. It should be installed at #{path}, but was not found"
           end
         end
         return Bundler.ui.info(path)

data/lib/bundler/current_ruby.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require_relative "rubygems_ext"
+
 module Bundler
   # Returns current version of Ruby
   #
@@ -9,38 +11,25 @@ module Bundler
   end
 
   class CurrentRuby
-    KNOWN_MINOR_VERSIONS = %w[
-      1.8
-      1.9
-      2.0
-      2.1
-      2.2
-      2.3
-      2.4
-      2.5
-      2.6
-      2.7
-      3.0
-      3.1
-      3.2
-      3.3
-    ].freeze
-
-    KNOWN_MAJOR_VERSIONS = KNOWN_MINOR_VERSIONS.map {|v| v.split(".", 2).first }.uniq.freeze
-
-    KNOWN_PLATFORMS = %w[
-      jruby
-      maglev
-      mingw
-      mri
-      mswin
-      mswin64
-      rbx
-      ruby
-      truffleruby
-      windows
-      x64_mingw
-    ].freeze
+    ALL_RUBY_VERSIONS = (18..27).to_a.concat((30..35).to_a).freeze
+    KNOWN_MINOR_VERSIONS = ALL_RUBY_VERSIONS.map {|v| v.digits.reverse.join(".") }.freeze
+    KNOWN_MAJOR_VERSIONS = ALL_RUBY_VERSIONS.map {|v| v.digits.last.to_s }.uniq.freeze
+    PLATFORM_MAP = {
+      ruby: [Gem::Platform::RUBY, CurrentRuby::ALL_RUBY_VERSIONS],
+      mri: [Gem::Platform::RUBY, CurrentRuby::ALL_RUBY_VERSIONS],
+      rbx: [Gem::Platform::RUBY],
+      truffleruby: [Gem::Platform::RUBY],
+      jruby: [Gem::Platform::JAVA, [18, 19]],
+      windows: [Gem::Platform::WINDOWS, CurrentRuby::ALL_RUBY_VERSIONS],
+      # deprecated
+      mswin: [Gem::Platform::MSWIN, CurrentRuby::ALL_RUBY_VERSIONS],
+      mswin64: [Gem::Platform::MSWIN64, CurrentRuby::ALL_RUBY_VERSIONS - [18]],
+      mingw: [Gem::Platform::UNIVERSAL_MINGW, CurrentRuby::ALL_RUBY_VERSIONS],
+      x64_mingw: [Gem::Platform::UNIVERSAL_MINGW, CurrentRuby::ALL_RUBY_VERSIONS - [18, 19]],
+    }.each_with_object({}) do |(platform, spec), hash|
+      hash[platform] = spec[0]
+      spec[1]&.each {|version| hash[:"#{platform}_#{version}"] = spec[0] }
+    end.freeze
 
     def ruby?
       return true if Bundler::GemHelpers.generic_local_platform_is_ruby?
@@ -82,7 +71,8 @@ module Bundler
         RUBY_VERSION.start_with?("#{version}.")
       end
 
-      KNOWN_PLATFORMS.each do |platform|
+      all_platforms = PLATFORM_MAP.keys << "maglev"
+      all_platforms.each do |platform|
         define_method(:"#{platform}_#{trimmed_version}?") do
           send(:"#{platform}?") && send(:"on_#{trimmed_version}?")
         end

data/lib/bundler/definition.rb

@@ -58,17 +58,28 @@ module Bundler
     # @param ruby_version [Bundler::RubyVersion, nil] Requested Ruby Version
     # @param optional_groups [Array(String)] A list of optional groups
     def initialize(lockfile, dependencies, sources, unlock, ruby_version = nil, optional_groups = [], gemfiles = [])
-      if [true, false].include?(unlock)
+      unlock ||= {}
+
+      if unlock == true
+        @unlocking_all = true
         @unlocking_bundler = false
         @unlocking = unlock
+        @sources_to_unlock = []
+        @unlocking_ruby = false
+        @explicit_unlocks = []
+        conservative = false
       else
+        @unlocking_all = false
         @unlocking_bundler = unlock.delete(:bundler)
         @unlocking = unlock.any? {|_k, v| !Array(v).empty? }
+        @sources_to_unlock = unlock.delete(:sources) || []
+        @unlocking_ruby = unlock.delete(:ruby)
+        @explicit_unlocks = unlock.delete(:gems) || []
+        conservative = unlock.delete(:conservative)
       end
 
       @dependencies    = dependencies
       @sources         = sources
-      @unlock          = unlock
       @optional_groups = optional_groups
       @prefer_local    = false
       @specs           = nil
@@ -93,29 +104,24 @@ module Bundler
         @platforms = @locked_platforms.dup
         @locked_bundler_version = @locked_gems.bundler_version
         @locked_ruby_version = @locked_gems.ruby_version
-        @originally_locked_deps = @locked_gems.dependencies
+        @locked_deps = @locked_gems.dependencies
         @originally_locked_specs = SpecSet.new(@locked_gems.specs)
         @locked_checksums = @locked_gems.checksums
 
-        if unlock != true
-          @locked_deps    = @originally_locked_deps
-          @locked_specs   = @originally_locked_specs
-          @locked_sources = @locked_gems.sources
-        else
-          @unlock         = {}
-          @locked_deps    = {}
+        if @unlocking_all
           @locked_specs   = SpecSet.new([])
           @locked_sources = []
+        else
+          @locked_specs   = @originally_locked_specs
+          @locked_sources = @locked_gems.sources
         end
       else
-        @unlock         = {}
-        @locked_gems    = nil
+        @locked_gems = nil
         @locked_platforms = []
         @most_specific_locked_platform = nil
         @platforms      = []
         @locked_deps    = {}
         @locked_specs   = SpecSet.new([])
-        @originally_locked_deps = {}
         @originally_locked_specs = @locked_specs
         @locked_sources = []
         @locked_checksums = Bundler.feature_flag.lockfile_checksums?
@@ -134,11 +140,10 @@ module Bundler
         @sources.merged_gem_lockfile_sections!(locked_gem_sources.first)
       end
 
-      @sources_to_unlock = @unlock.delete(:sources) || []
-      @unlock[:ruby] ||= if @ruby_version && locked_ruby_version_object
+      @unlocking_ruby ||= if @ruby_version && locked_ruby_version_object
         @ruby_version.diff(locked_ruby_version_object)
       end
-      @unlocking ||= @unlock[:ruby] ||= (!@locked_ruby_version ^ !@ruby_version)
+      @unlocking ||= @unlocking_ruby ||= (!@locked_ruby_version ^ !@ruby_version)
 
       @current_platform_missing = add_current_platform unless Bundler.frozen_bundle?
 
@@ -146,9 +151,7 @@ module Bundler
       @path_changes = converge_paths
       @source_changes = converge_sources
 
-      @explicit_unlocks = @unlock.delete(:gems) || []
-
-      if @unlock[:conservative]
+      if conservative
         @gems_to_unlock = @explicit_unlocks.any? ? @explicit_unlocks : @dependencies.map(&:name)
       else
         eager_unlock = @explicit_unlocks.map {|name| Dependency.new(name, ">= 0") }
@@ -220,6 +223,8 @@ module Bundler
 
     def prefer_local!
       @prefer_local = true
+
+      sources.prefer_local!
     end
 
     # For given dependency list returns a SpecSet with Gemspec of all the required
@@ -374,7 +379,7 @@ module Bundler
 
     def locked_ruby_version
       return unless ruby_version
-      if @unlock[:ruby] || !@locked_ruby_version
+      if @unlocking_ruby || !@locked_ruby_version
         Bundler::RubyVersion.system
       else
         @locked_ruby_version
@@ -435,23 +440,23 @@ module Bundler
         changed << "* #{name} from `#{lockfile_source_name}` to `#{gemfile_source_name}`"
       end
 
-      reason = nothing_changed? ? "some dependencies were deleted from your gemfile" : change_reason
+      reason = resolve_needed? ? change_reason : "some dependencies were deleted from your gemfile"
       msg = String.new
       msg << "#{reason.capitalize.strip}, but the lockfile can't be updated because frozen mode is set"
       msg << "\n\nYou have added to the Gemfile:\n" << added.join("\n") if added.any?
       msg << "\n\nYou have deleted from the Gemfile:\n" << deleted.join("\n") if deleted.any?
       msg << "\n\nYou have changed in the Gemfile:\n" << changed.join("\n") if changed.any?
-      msg << "\n\nRun `bundle install` elsewhere and add the updated #{SharedHelpers.relative_gemfile_path} to version control.\n"
+      msg << "\n\nRun `bundle install` elsewhere and add the updated #{SharedHelpers.relative_gemfile_path} to version control.\n" unless unlocking?
 
       unless explicit_flag
         suggested_command = unless Bundler.settings.locations("frozen").keys.include?(:env)
           "bundle config set frozen false"
         end
-        msg << "If this is a development machine, remove the #{SharedHelpers.relative_lockfile_path} " \
+        msg << "\n\nIf this is a development machine, remove the #{SharedHelpers.relative_lockfile_path} " \
                "freeze by running `#{suggested_command}`." if suggested_command
       end
 
-      raise ProductionError, msg if added.any? || deleted.any? || changed.any? || !nothing_changed?
+      raise ProductionError, msg if added.any? || deleted.any? || changed.any? || resolve_needed?
     end
 
     def validate_runtime!
@@ -620,8 +625,8 @@ module Bundler
       @resolution_packages ||= begin
         last_resolve = converge_locked_specs
         remove_invalid_platforms!
-        packages = Resolver::Base.new(source_requirements, expanded_dependencies, last_resolve, @platforms, locked_specs: @originally_locked_specs, unlock: @gems_to_unlock, prerelease: gem_version_promoter.pre?, prefer_local: @prefer_local)
-        packages = additional_base_requirements_to_prevent_downgrades(packages, last_resolve)
+        packages = Resolver::Base.new(source_requirements, expanded_dependencies, last_resolve, @platforms, locked_specs: @originally_locked_specs, unlock: @unlocking_all || @gems_to_unlock, prerelease: gem_version_promoter.pre?, prefer_local: @prefer_local, new_platforms: @new_platforms)
+        packages = additional_base_requirements_to_prevent_downgrades(packages)
         packages = additional_base_requirements_to_force_updates(packages)
         packages
       end
@@ -639,6 +644,8 @@ module Bundler
       specs = begin
         resolve.materialize(dependencies)
       rescue IncorrectLockfileDependencies => e
+        raise if Bundler.frozen_bundle?
+
         spec = e.spec
         raise "Infinite loop while fixing lockfile dependencies" if incorrect_spec == spec
 
@@ -761,6 +768,7 @@ module Bundler
       @most_specific_non_local_locked_ruby_platform = find_most_specific_locked_ruby_platform
       return if @most_specific_non_local_locked_ruby_platform
 
+      @new_platforms << local_platform
       @platforms << local_platform
       true
     end
@@ -782,7 +790,7 @@ module Bundler
         unlock_reason = if unlock_targets
           "#{unlock_targets.first}: (#{unlock_targets.last.join(", ")})"
         else
-          @unlock[:ruby] ? "ruby" : ""
+          @unlocking_ruby ? "ruby" : ""
         end
 
         return "bundler is unlocking #{unlock_reason}"
@@ -852,8 +860,6 @@ module Bundler
     end
 
     def check_lockfile
-      @missing_lockfile_dep = nil
-
       @locked_spec_with_invalid_deps = nil
       @locked_spec_with_missing_deps = nil
 
@@ -871,10 +877,6 @@ module Bundler
         @locked_specs.delete(missing)
 
         @locked_spec_with_missing_deps = missing.first.name
-      elsif !@dependency_changes
-        @missing_lockfile_dep = current_dependencies.find do |d|
-          @locked_specs[d.name].empty? && d.name != "bundler"
-        end&.name
       end
 
       if invalid.any?
@@ -935,32 +937,33 @@ module Bundler
     end
 
     def converge_dependencies
-      changes = false
+      @missing_lockfile_dep = nil
+      @changed_dependencies = []
 
-      @dependencies.each do |dep|
+      current_dependencies.each do |dep|
         if dep.source
           dep.source = sources.get(dep.source)
         end
 
-        unless locked_dep = @originally_locked_deps[dep.name]
-          changes = true
-          next
+        name = dep.name
+
+        dep_changed = @locked_deps[name].nil?
+
+        unless name == "bundler"
+          locked_specs = @originally_locked_specs[name]
+
+          if locked_specs.any? && !dep.matches_spec?(locked_specs.first)
+            @gems_to_unlock << name
+            dep_changed = true
+          elsif locked_specs.empty? && dep_changed == false
+            @missing_lockfile_dep = name
+          end
         end
 
-        # Gem::Dependency#== matches Gem::Dependency#type. As the lockfile
-        # doesn't carry a notion of the dependency type, if you use
-        # add_development_dependency in a gemspec that's loaded with the gemspec
-        # directive, the lockfile dependencies and resolved dependencies end up
-        # with a mismatch on #type. Work around that by setting the type on the
-        # dep from the lockfile.
-        locked_dep.instance_variable_set(:@type, dep.type)
-
-        # We already know the name matches from the hash lookup
-        # so we only need to check the requirement now
-        changes ||= dep.requirement != locked_dep.requirement
+        @changed_dependencies << name if dep_changed
       end
 
-      changes
+      @changed_dependencies.any?
     end
 
     # Remove elements from the locked specs that are expired. This will most
@@ -1022,11 +1025,6 @@ module Bundler
           end
         end
 
-        if dep.nil? && requested_dep = requested_dependencies.find {|d| name == d.name }
-          @gems_to_unlock << name
-          deps << requested_dep
-        end
-
         converged << s
       end
 
@@ -1095,11 +1093,15 @@ module Bundler
       current == proposed
     end
 
-    def additional_base_requirements_to_prevent_downgrades(resolution_packages, last_resolve)
+    def additional_base_requirements_to_prevent_downgrades(resolution_packages)
       return resolution_packages unless @locked_gems && !sources.expired_sources?(@locked_gems.sources)
-      converge_specs(@originally_locked_specs - last_resolve).each do |locked_spec|
+      @originally_locked_specs.each do |locked_spec|
         next if locked_spec.source.is_a?(Source::Path)
-        resolution_packages.base_requirements[locked_spec.name] = Gem::Requirement.new(">= #{locked_spec.version}")
+
+        name = locked_spec.name
+        next if @changed_dependencies.include?(name)
+
+        resolution_packages.base_requirements[name] = Gem::Requirement.new(">= #{locked_spec.version}")
       end
       resolution_packages
     end