bundler 1.14.5 → 1.14.6

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of bundler might be problematic. Click here for more details.

Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/lib/bundler/cli/outdated.rb +1 -2
  4. data/lib/bundler/compact_index_client/updater.rb +1 -1
  5. data/lib/bundler/friendly_errors.rb +1 -1
  6. data/lib/bundler/lazy_specification.rb +1 -1
  7. data/lib/bundler/plugin/api/source.rb +6 -0
  8. data/lib/bundler/rubygems_ext.rb +5 -1
  9. data/lib/bundler/rubygems_gem_installer.rb +1 -1
  10. data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +2 -1
  11. data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb +1 -1
  12. data/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb +1 -1
  13. data/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb +24 -15
  14. data/lib/bundler/version.rb +1 -1
  15. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2100f5dffe1a1a753faca372bf1c5f3838715580c2acb0aa9513e938100575cc
4
- data.tar.gz: c564d74033eefd53cdda1a9e5c8992e5090ac67c251c9c691ed2c51d692a0b6e
3
+ metadata.gz: 9de4004fd8e8958b8da52205f67cdbcc036ac1473a853c6864fc6d7164fd778c
4
+ data.tar.gz: 241a3dfbcbe6bd91cb27698ce07e2ad5b9a8dbe31fc63c6e1e6e0fe14b0a4671
5
5
  SHA512:
6
- metadata.gz: af14db114e66673f77255884adc891aa7c390d9f07ad8502c938b355b228e082f7a2babd0f29fc19bf2579a7fac2e2e6eeb8fca5a8867f147c556189410c3c90
7
- data.tar.gz: b58357e2fefceb182a35d350246633c840d78206ff7151cbc1d6149a11ebef17f01b599ae4d940b39921cfa49d19b9a6da8060f65fa330bb256b1abea7aeccf2
6
+ metadata.gz: 86c4e9d38389953287c939bfccd8eb9744928693f73dc67409d8ca24124ff07dc86eaa7aae3affcdc08fa3dde497a34b826a0b9478a5390225047d89377a7ee6
7
+ data.tar.gz: 4294b2ceb5a51da94dfe2d70efa248dfae19aec85f5084d7c15f58432f352f0c313796163ae2a015f80de5e7e2d7b464732ec9e5b5f74e401acc1308062931e7
data/CHANGELOG.md CHANGED
@@ -1,3 +1,13 @@
1
+ ## 1.14.6 (2017-03-03)
2
+
3
+ Bugfixes:
4
+
5
+ - avoid undefined constant `Bundler::Plugin::API::Source` exception (#5409, @segiddins)
6
+ - avoid incorrect warnings about needing to enable `specific_platform` (@segiddins)
7
+ - fail gracefully when the compact index does not send an ETag (#5463, @olleolleolle)
8
+ - ensure `bundle outdated --local` shows all outdated gems (#5430, @denniss)
9
+ - fix a case where ruby version requirements could lead to incorrect resolver conflicts (#5425, @segiddins)
10
+
1
11
  ## 1.14.5 (2017-02-22)
2
12
 
3
13
  Bugfixes:
data/lib/bundler/cli/outdated.rb CHANGED
@@ -49,8 +49,7 @@ module Bundler
49
49
  %w(filter-major filter-minor filter-patch)
50
50
 
51
51
  definition_resolution = proc do
52
- return definition.resolve_with_cache! if options[:local]
53
- definition.resolve_remotely!
52
+ options[:local] ? definition.resolve_with_cache! : definition.resolve_remotely!
54
53
  end
55
54
 
56
55
  if options[:parseable]
data/lib/bundler/compact_index_client/updater.rb CHANGED
@@ -53,7 +53,7 @@ module Bundler
53
53
  local_temp_path.open(mode) {|f| f << content }
54
54
  end
55
55
 
56
- response_etag = response["ETag"].gsub(%r{\AW/}, "")
56
+ response_etag = (response["ETag"] || "").gsub(%r{\AW/}, "")
57
57
  if etag_for(local_temp_path) == response_etag
58
58
  SharedHelpers.filesystem_access(local_path) do
59
59
  FileUtils.mv(local_temp_path, local_path)
data/lib/bundler/friendly_errors.rb CHANGED
@@ -92,7 +92,7 @@ module Bundler
92
92
  #{e.backtrace && e.backtrace.join("\n ").chomp}
93
93
  ```
94
94
 
95
- #{Bundler::Env.new.report(:print_gemfile => false, :print_gemspecs => false)}
95
+ #{Bundler::Env.new.report}
96
96
  --- TEMPLATE END ----------------------------------------------------------------
97
97
 
98
98
  EOS
data/lib/bundler/lazy_specification.rb CHANGED
@@ -73,7 +73,7 @@ module Bundler
73
73
  source.gemspec.tap {|s| s.source = source }
74
74
  else
75
75
  search = source.specs.search(search_object).last
76
- if search && search.platform != platform && !search.runtime_dependencies.-(dependencies.reject {|d| d.type == :development }).empty?
76
+ if search && Gem::Platform.new(search.platform) != Gem::Platform.new(platform) && !search.runtime_dependencies.-(dependencies.reject {|d| d.type == :development }).empty?
77
77
  Bundler.ui.warn "Unable to use the platform-specific (#{search.platform}) version of #{name} (#{version}) " \
78
78
  "because it has different dependencies from the #{platform} version. " \
79
79
  "To use the platform-specific version of the gem, run `bundle config specific_platform true` and install again."
data/lib/bundler/plugin/api/source.rb CHANGED
@@ -287,6 +287,12 @@ module Bundler
287
287
  def root
288
288
  Bundler.root
289
289
  end
290
+
291
+ # @private
292
+ # Returns true
293
+ def bundler_plugin_api_source?
294
+ true
295
+ end
290
296
  end
291
297
  end
292
298
  end
data/lib/bundler/rubygems_ext.rb CHANGED
@@ -42,7 +42,11 @@ module Gem
42
42
  attr_writer :full_gem_path unless instance_methods.include?(:full_gem_path=)
43
43
 
44
44
  def full_gem_path
45
- if source.respond_to?(:path) || source.is_a?(Bundler::Plugin::API::Source)
45
+ # this cannot check source.is_a?(Bundler::Plugin::API::Source)
46
+ # because that _could_ trip the autoload, and if there are unresolved
47
+ # gems at that time, this method could be called inside another require,
48
+ # thus raising with that constant being undefined. Better to check a method
49
+ if source.respond_to?(:path) || (source.respond_to?(:bundler_plugin_api_source?) && source.bundler_plugin_api_source?)
46
50
  Pathname.new(loaded_from).dirname.expand_path(source.root).to_s.untaint
47
51
  else
48
52
  rg_full_gem_path
data/lib/bundler/rubygems_gem_installer.rb CHANGED
@@ -43,7 +43,7 @@ module Bundler
43
43
 
44
44
  If you wish to continue installing the downloaded gem, and are certain it does not pose a \
45
45
  security issue despite the mismatching checksum, do the following:
46
- 1. run `bundle config disable.checksum_validation true` to turn off checksum verification
46
+ 1. run `bundle config disable_checksum_validation true` to turn off checksum verification
47
47
  2. run `bundle install`
48
48
 
49
49
  (More info: The expected SHA256 checksum was #{checksum.inspect}, but the \
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb CHANGED
@@ -132,7 +132,8 @@ module Bundler::Molinillo
132
132
  vertices.each do |name, vertex|
133
133
  other_vertex = other.vertex_named(name)
134
134
  return false unless other_vertex
135
- return false unless other_vertex.successors.map(&:name).to_set == vertex.successors.map(&:name).to_set
135
+ return false unless vertex.payload == other_vertex.payload
136
+ return false unless other_vertex.successors.to_set == vertex.successors.to_set
136
137
  end
137
138
  end
138
139
 
data/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb CHANGED
@@ -10,7 +10,7 @@ module Bundler::Molinillo
10
10
  # @return [Object] the payload the vertex holds
11
11
  attr_accessor :payload
12
12
 
13
- # @return [Arrary<Object>] the explicit requirements that required
13
+ # @return [Array<Object>] the explicit requirements that required
14
14
  # this vertex
15
15
  attr_reader :explicit_requirements
16
16
 
data/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
  module Bundler::Molinillo
3
3
  # The version of Bundler::Molinillo.
4
- VERSION = '0.5.6'.freeze
4
+ VERSION = '0.5.7'.freeze
5
5
  end
data/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb CHANGED
@@ -52,7 +52,7 @@ module Bundler::Molinillo
52
52
  @base = base
53
53
  @states = []
54
54
  @iteration_counter = 0
55
- @parent_of = {}
55
+ @parents_of = Hash.new { |h, k| h[k] = [] }
56
56
  end
57
57
 
58
58
  # Resolves the {#original_requested} dependencies into a full dependency
@@ -105,7 +105,7 @@ module Bundler::Molinillo
105
105
 
106
106
  handle_missing_or_push_dependency_state(initial_state)
107
107
 
108
- debug { "Starting resolution (#{@started_at})" }
108
+ debug { "Starting resolution (#{@started_at})\nUser-requested dependencies: #{original_requested}" }
109
109
  resolver_ui.before_resolution
110
110
  end
111
111
 
@@ -178,14 +178,14 @@ module Bundler::Molinillo
178
178
  # Unwinds the states stack because a conflict has been encountered
179
179
  # @return [void]
180
180
  def unwind_for_conflict
181
- debug(depth) { "Unwinding for conflict: #{requirement}" }
181
+ debug(depth) { "Unwinding for conflict: #{requirement} to #{state_index_for_unwind / 2}" }
182
182
  conflicts.tap do |c|
183
183
  sliced_states = states.slice!((state_index_for_unwind + 1)..-1)
184
184
  raise VersionConflict.new(c) unless state
185
185
  activated.rewind_to(sliced_states.first || :initial_state) if sliced_states
186
186
  state.conflicts = c
187
187
  index = states.size - 1
188
- @parent_of.reject! { |_, i| i >= index }
188
+ @parents_of.each { |_, a| a.reject! { |i| i >= index } }
189
189
  end
190
190
  end
191
191
 
@@ -214,7 +214,7 @@ module Bundler::Molinillo
214
214
  # to the list of requirements.
215
215
  def parent_of(requirement)
216
216
  return unless requirement
217
- return unless index = @parent_of[requirement]
217
+ return unless index = @parents_of[requirement].last
218
218
  return unless parent_state = @states[index]
219
219
  parent_state.requirement
220
220
  end
@@ -361,18 +361,20 @@ module Bundler::Molinillo
361
361
  deps = dependencies_for(payload).group_by(&method(:name_for))
362
362
  vertex.outgoing_edges.each do |outgoing_edge|
363
363
  requirement = outgoing_edge.requirement
364
- parent_index = @parent_of[requirement]
364
+ parent_index = @parents_of[requirement].last
365
365
  succ = outgoing_edge.destination
366
366
  matching_deps = Array(deps[succ.name])
367
367
  dep_matched = matching_deps.include?(requirement)
368
368
 
369
- # only reset the parent index when it was originally required by the
369
+ # only push the current index when it was originally required by the
370
370
  # same named spec
371
- @parent_of[requirement] = states.size - 1 if parent_index && states[parent_index].name == name
371
+ if parent_index && states[parent_index].name == name
372
+ @parents_of[requirement].push(states.size - 1)
373
+ end
372
374
 
373
375
  if matching_deps.empty? && !succ.root? && succ.predecessors.to_a == [vertex]
374
376
  debug(depth) { "Removing orphaned spec #{succ.name} after swapping #{name}" }
375
- succ.requirements.each { |r| @parent_of.delete(r) }
377
+ succ.requirements.each { |r| @parents_of.delete(r) }
376
378
 
377
379
  removed_names = activated.detach_vertex_named(succ.name).map(&:name)
378
380
  requirements.delete_if do |r|
@@ -381,9 +383,10 @@ module Bundler::Molinillo
381
383
  removed_names.include?(name_for(r))
382
384
  end
383
385
  elsif !dep_matched
386
+ debug(depth) { "Removing orphaned dependency #{requirement} after swapping #{name}" }
384
387
  # also reset if we're removing the edge, but only if its parent has
385
388
  # already been fixed up
386
- @parent_of[requirement] = states.size - 1 if @parent_of[requirement].nil?
389
+ @parents_of[requirement].push(states.size - 1) if @parents_of[requirement].empty?
387
390
 
388
391
  activated.delete_edge(outgoing_edge)
389
392
  requirements.delete(requirement)
@@ -406,13 +409,18 @@ module Bundler::Molinillo
406
409
  # @return [Boolean] whether the current spec is satisfied as a new
407
410
  # possibility.
408
411
  def new_spec_satisfied?
412
+ unless requirement_satisfied_by?(requirement, activated, possibility)
413
+ debug(depth) { 'Unsatisfied by requested spec' }
414
+ return false
415
+ end
416
+
409
417
  locked_requirement = locked_requirement_named(name)
410
- requested_spec_satisfied = requirement_satisfied_by?(requirement, activated, possibility)
418
+
411
419
  locked_spec_satisfied = !locked_requirement ||
412
420
  requirement_satisfied_by?(locked_requirement, activated, possibility)
413
- debug(depth) { 'Unsatisfied by requested spec' } unless requested_spec_satisfied
414
421
  debug(depth) { 'Unsatisfied by locked spec' } unless locked_spec_satisfied
415
- requested_spec_satisfied && locked_spec_satisfied
422
+
423
+ locked_spec_satisfied
416
424
  end
417
425
 
418
426
  # @param [String] requirement_name the spec name to search for
@@ -428,7 +436,7 @@ module Bundler::Molinillo
428
436
  # @return [void]
429
437
  def activate_spec
430
438
  conflicts.delete(name)
431
- debug(depth) { 'Activated ' + name + ' at ' + possibility.to_s }
439
+ debug(depth) { "Activated #{name} at #{possibility}" }
432
440
  activated.set_payload(name, possibility)
433
441
  require_nested_dependencies_for(possibility)
434
442
  end
@@ -443,7 +451,8 @@ module Bundler::Molinillo
443
451
  nested_dependencies.each do |d|
444
452
  activated.add_child_vertex(name_for(d), nil, [name_for(activated_spec)], d)
445
453
  parent_index = states.size - 1
446
- @parent_of[d] ||= parent_index
454
+ parents = @parents_of[d]
455
+ parents << parent_index if parents.empty?
447
456
  end
448
457
 
449
458
  push_state_for_requirements(requirements + nested_dependencies, !nested_dependencies.empty?)
data/lib/bundler/version.rb CHANGED
@@ -7,5 +7,5 @@ module Bundler
7
7
  # We're doing this because we might write tests that deal
8
8
  # with other versions of bundler and we are unsure how to
9
9
  # handle this better.
10
- VERSION = "1.14.5" unless defined?(::Bundler::VERSION)
10
+ VERSION = "1.14.6" unless defined?(::Bundler::VERSION)
11
11
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.14.5
4
+ version: 1.14.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - André Arko
@@ -17,7 +17,7 @@ authors:
17
17
  autorequire:
18
18
  bindir: exe
19
19
  cert_chain: []
20
- date: 2017-02-22 00:00:00.000000000 Z
20
+ date: 2017-03-03 00:00:00.000000000 Z
21
21
  dependencies:
22
22
  - !ruby/object:Gem::Dependency
23
23
  name: automatiek