bundler 2.2.14 → 2.2.15

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of bundler might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 31f2f45fcc46844af7ae85151dd04e9ddd20b8daaee6999b735813bc632b5e28
4
- data.tar.gz: 9fe8d309077af1c3d82794d8e020037b788995038c90674885ccb61ff595d4da
3
+ metadata.gz: 7969bf6c1c6e781cd3d6f06c9d832cc7604c9304ed19da98e52744f1ea22dac9
4
+ data.tar.gz: c4d0c758c8d71ad5de08b2ac6bfec61306e276dda94505a2942dc68657769571
5
5
  SHA512:
6
- metadata.gz: 55a040289f2f69a734b222d30fdd716e1789c8a2d18519dd225d16fa4e418748cab1f850888b290f92305fc8e07b02e30a8816ed756d0877ef7f286e6ec2393b
7
- data.tar.gz: c810e53e037eec801da65b145ff9ef34d556df32b128086c5f6242b228dc9a6df3595d23aae8f1513a410e54666adc23be8d152a3790346fa4ca97feb51c394b
6
+ metadata.gz: ed31592d981989e540c694657fdf663e4a53a8c635e797d5f85b1240f80dcefa30433e926459235d5614c42da2081c6a45304eeacb0f1bec963e4ab64702e19e
7
+ data.tar.gz: 6381ced4711505050ef620d25d9a6d693a98c70f2fd667d6e7ac506ade25ddbc9909d16e0715cbfeacb7cc07e1cd2a1655d48c91844d214bfd66a502f68b0072
data/CHANGELOG.md CHANGED
@@ -1,3 +1,15 @@
1
+ # 2.2.15 (March 18, 2021)
2
+
3
+ ## Enhancements:
4
+
5
+ - Add a hint about bundler installing executables for path gems [#4461](https://github.com/rubygems/rubygems/pull/4461)
6
+ - Warn lockfiles with incorrect resolutions [#4459](https://github.com/rubygems/rubygems/pull/4459)
7
+ - Don't generate duplicate redundant sources in the lockfile [#4456](https://github.com/rubygems/rubygems/pull/4456)
8
+
9
+ ## Bug fixes:
10
+
11
+ - Respect running ruby when resolving platforms [#4449](https://github.com/rubygems/rubygems/pull/4449)
12
+
1
13
  # 2.2.14 (March 8, 2021)
2
14
 
3
15
  ## Security fixes:
@@ -4,8 +4,8 @@ module Bundler
4
4
  # Represents metadata from when the Bundler gem was built.
5
5
  module BuildMetadata
6
6
  # begin ivars
7
- @built_at = "2021-03-08".freeze
8
- @git_commit_sha = "3a169d80c1".freeze
7
+ @built_at = "2021-03-19".freeze
8
+ @git_commit_sha = "3dbcc68293".freeze
9
9
  @release = true
10
10
  # end ivars
11
11
 
@@ -6,10 +6,11 @@ require_relative "gem_installer"
6
6
  module Bundler
7
7
  class ParallelInstaller
8
8
  class SpecInstallation
9
- attr_accessor :spec, :name, :post_install_message, :state, :error
9
+ attr_accessor :spec, :name, :full_name, :post_install_message, :state, :error
10
10
  def initialize(spec)
11
11
  @spec = spec
12
12
  @name = spec.name
13
+ @full_name = spec.full_name
13
14
  @state = :none
14
15
  @post_install_message = ""
15
16
  @error = nil
@@ -49,14 +50,11 @@ module Bundler
49
50
  # Represents only the non-development dependencies, the ones that are
50
51
  # itself and are in the total list.
51
52
  def dependencies
52
- @dependencies ||= begin
53
- all_dependencies.reject {|dep| ignorable_dependency? dep }
54
- end
53
+ @dependencies ||= all_dependencies.reject {|dep| ignorable_dependency? dep }
55
54
  end
56
55
 
57
56
  def missing_lockfile_dependencies(all_spec_names)
58
- deps = all_dependencies.reject {|dep| ignorable_dependency? dep }
59
- deps.reject {|dep| all_spec_names.include? dep.name }
57
+ dependencies.reject {|dep| all_spec_names.include? dep.name }
60
58
  end
61
59
 
62
60
  # Represents all dependencies
@@ -65,7 +63,7 @@ module Bundler
65
63
  end
66
64
 
67
65
  def to_s
68
- "#<#{self.class} #{@spec.full_name} (#{state})>"
66
+ "#<#{self.class} #{full_name} (#{state})>"
69
67
  end
70
68
  end
71
69
 
@@ -99,12 +97,37 @@ module Bundler
99
97
  install_serially
100
98
  end
101
99
 
100
+ check_for_unmet_dependencies
101
+
102
102
  handle_error if failed_specs.any?
103
103
  @specs
104
104
  ensure
105
105
  worker_pool && worker_pool.stop
106
106
  end
107
107
 
108
+ def check_for_unmet_dependencies
109
+ unmet_dependencies = @specs.map do |s|
110
+ [
111
+ s,
112
+ s.dependencies.reject {|dep| @specs.any? {|spec| dep.matches_spec?(spec.spec) } },
113
+ ]
114
+ end.reject {|a| a.last.empty? }
115
+ return if unmet_dependencies.empty?
116
+
117
+ warning = []
118
+ warning << "Your lockfile doesn't include a valid resolution."
119
+ warning << "You can fix this by regenerating your lockfile or trying to manually editing the bad locked gems to a version that satisfies all dependencies."
120
+ warning << "The unmet dependencies are:"
121
+
122
+ unmet_dependencies.each do |spec, unmet_spec_dependencies|
123
+ unmet_spec_dependencies.each do |unmet_spec_dependency|
124
+ warning << "* #{unmet_spec_dependency}, depended upon #{spec.full_name}, unsatisfied by #{@specs.find {|s| s.name == unmet_spec_dependency.name && !unmet_spec_dependency.matches_spec?(s.spec) }.full_name}"
125
+ end
126
+ end
127
+
128
+ Bundler.ui.warn(warning.join("\n"))
129
+ end
130
+
108
131
  def check_for_corrupt_lockfile
109
132
  missing_dependencies = @specs.map do |s|
110
133
  [
@@ -73,7 +73,12 @@ module Bundler
73
73
  same_platform_candidates = candidates.select do |spec|
74
74
  MatchPlatform.platforms_match?(spec.platform, platform_object)
75
75
  end
76
- search = same_platform_candidates.last || candidates.last
76
+ installable_candidates = same_platform_candidates.select do |spec|
77
+ !spec.is_a?(RemoteSpecification) &&
78
+ spec.required_ruby_version.satisfied_by?(Gem.ruby_version) &&
79
+ spec.required_rubygems_version.satisfied_by?(Gem.rubygems_version)
80
+ end
81
+ search = installable_candidates.last || same_platform_candidates.last
77
82
  search.dependencies = dependencies if search && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification))
78
83
  search
79
84
  end
@@ -82,7 +82,9 @@ module Bundler
82
82
  end
83
83
 
84
84
  def install(spec, options = {})
85
- print_using_message "Using #{version_message(spec)} from #{self}"
85
+ using_message = "Using #{version_message(spec)} from #{self}"
86
+ using_message += " and installing its executables" unless spec.executables.empty?
87
+ print_using_message using_message
86
88
  generate_bin(spec, :disable_extensions => true)
87
89
  nil # no post-install message
88
90
  end
@@ -35,7 +35,7 @@ module Bundler
35
35
  run_hooks(:post_build)
36
36
  end
37
37
 
38
- generate_bin unless spec.executables.nil? || spec.executables.empty?
38
+ generate_bin unless spec.executables.empty?
39
39
 
40
40
  run_hooks(:post_install)
41
41
  ensure
@@ -88,7 +88,7 @@ module Bundler
88
88
  def lock_sources
89
89
  lock_sources = (path_sources + git_sources + plugin_sources).sort_by(&:to_s)
90
90
  if disable_multisource?
91
- lock_sources + rubygems_sources.sort_by(&:to_s)
91
+ lock_sources + rubygems_sources.sort_by(&:to_s).uniq
92
92
  else
93
93
  lock_sources << combine_rubygems_sources
94
94
  end
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: false
2
2
 
3
3
  module Bundler
4
- VERSION = "2.2.14".freeze
4
+ VERSION = "2.2.15".freeze
5
5
 
6
6
  def self.bundler_major_version
7
7
  @bundler_major_version ||= VERSION.split(".").first.to_i
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.14
4
+ version: 2.2.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - André Arko
@@ -22,7 +22,7 @@ authors:
22
22
  autorequire:
23
23
  bindir: exe
24
24
  cert_chain: []
25
- date: 2021-03-08 00:00:00.000000000 Z
25
+ date: 2021-03-19 00:00:00.000000000 Z
26
26
  dependencies: []
27
27
  description: Bundler manages an application's dependencies through its entire life,
28
28
  across many machines, systematically and repeatably
@@ -352,7 +352,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
352
352
  - !ruby/object:Gem::Version
353
353
  version: 2.5.2
354
354
  requirements: []
355
- rubygems_version: 3.2.14
355
+ rubygems_version: 3.2.15
356
356
  signing_key:
357
357
  specification_version: 4
358
358
  summary: The best way to manage your application's dependencies