bundler 2.2.16 → 2.2.17
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of bundler might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +30 -6
- data/lib/bundler/build_metadata.rb +2 -2
- data/lib/bundler/cli.rb +2 -2
- data/lib/bundler/cli/common.rb +2 -0
- data/lib/bundler/compact_index_client/updater.rb +9 -5
- data/lib/bundler/current_ruby.rb +1 -0
- data/lib/bundler/definition.rb +2 -4
- data/lib/bundler/fetcher.rb +2 -1
- data/lib/bundler/fetcher/downloader.rb +8 -4
- data/lib/bundler/injector.rb +2 -2
- data/lib/bundler/inline.rb +1 -1
- data/lib/bundler/man/bundle-config.1 +18 -1
- data/lib/bundler/man/bundle-config.1.ronn +18 -1
- data/lib/bundler/plugin.rb +2 -2
- data/lib/bundler/retry.rb +1 -1
- data/lib/bundler/settings.rb +60 -9
- data/lib/bundler/source/rubygems.rb +2 -2
- data/lib/bundler/spec_set.rb +18 -7
- data/lib/bundler/templates/Gemfile +1 -1
- data/lib/bundler/templates/gems.rb +1 -1
- data/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +1 -1
- data/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +1 -1
- data/lib/bundler/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2c654f563fcfd784d65d2441b1cf8b5384f9e90ff8d7107de070e33dba2ee729
|
4
|
+
data.tar.gz: 4554510c934d22551680c26ff77f0b1a1073f7d35c0b21030d103fd40ade6baf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c4c62c6eb0c7fc78acc3317de4dbaed2d26de9859bffd8930a08e7368829a4acb9f1bea24ad290a57124983bab8ac372da21573b742f50f4d36fa6a054406189
|
7
|
+
data.tar.gz: 1862e00690b660a6d872324c6e2819c29a48ee9e9d7d97bd0cf35a92f0ea7d008fd4f7921c3f917564a3fc3279ead82bf24a360f80ad63205b37e50975b232c9
|
data/CHANGELOG.md
CHANGED
@@ -1,10 +1,34 @@
|
|
1
|
+
# 2.2.17 (May 5, 2021)
|
2
|
+
|
3
|
+
## Enhancements:
|
4
|
+
|
5
|
+
- Improve authentication required error message to include an alternative using `ENV` [#4565](https://github.com/rubygems/rubygems/pull/4565)
|
6
|
+
- Discard partial range responses without etag [#4563](https://github.com/rubygems/rubygems/pull/4563)
|
7
|
+
- Fix configuring ENV for a gem server with a name including dashes [#4571](https://github.com/rubygems/rubygems/pull/4571)
|
8
|
+
- Redact credentials from `bundle env` and `bundle config` [#4566](https://github.com/rubygems/rubygems/pull/4566)
|
9
|
+
- Redact all sources in verbose mode [#4564](https://github.com/rubygems/rubygems/pull/4564)
|
10
|
+
- Improve `bundle pristine` error if `BUNDLE_GEMFILE` does not exist [#4536](https://github.com/rubygems/rubygems/pull/4536)
|
11
|
+
- [CurrentRuby] Add 3.0 as a known minor [#4535](https://github.com/rubygems/rubygems/pull/4535)
|
12
|
+
- Prefer File.read instead of IO.read [#4530](https://github.com/rubygems/rubygems/pull/4530)
|
13
|
+
- Add space after open curly bracket in Gemfile and gems.rb template [#4518](https://github.com/rubygems/rubygems/pull/4518)
|
14
|
+
|
15
|
+
## Bug fixes:
|
16
|
+
|
17
|
+
- Make sure specs are fetched from the right source when materializing [#4562](https://github.com/rubygems/rubygems/pull/4562)
|
18
|
+
- Fix `bundle cache` with an up-to-date lockfile and specs not already installed [#4554](https://github.com/rubygems/rubygems/pull/4554)
|
19
|
+
- Ignore `deployment` setting in inline mode [#4523](https://github.com/rubygems/rubygems/pull/4523)
|
20
|
+
|
21
|
+
## Performance:
|
22
|
+
|
23
|
+
- Don't materialize resolutions when not necessary [#4556](https://github.com/rubygems/rubygems/pull/4556)
|
24
|
+
|
1
25
|
# 2.2.16 (April 8, 2021)
|
2
26
|
|
3
27
|
## Enhancements:
|
4
28
|
|
5
29
|
- Add `--github-username` option and config to `bundle gem` [#3687](https://github.com/rubygems/rubygems/pull/3687)
|
6
30
|
- Bump vendored `tmpdir` library copy [#4506](https://github.com/rubygems/rubygems/pull/4506)
|
7
|
-
- Add `rake build:checksum` task to build
|
31
|
+
- Add `rake build:checksum` task to build checksums for a gem package [#4156](https://github.com/rubygems/rubygems/pull/4156)
|
8
32
|
- Enable bundler-cache for GitHub Actions template [#4498](https://github.com/rubygems/rubygems/pull/4498)
|
9
33
|
- Improve `bundle info` error when gem is on a "disabled" group [#4492](https://github.com/rubygems/rubygems/pull/4492)
|
10
34
|
- Small tweak to yank message [#4494](https://github.com/rubygems/rubygems/pull/4494)
|
@@ -472,7 +496,7 @@
|
|
472
496
|
- Ignore `frozen` setting in inline mode ([#7125](https://github.com/rubygems/bundler/pull/7125))
|
473
497
|
- Fix incorrect "bundler attempted to update GEM but version stayed the same" message when updating git sourced gems ([#6325](https://github.com/rubygems/bundler/pull/6325))
|
474
498
|
- Don't check for existence of a writable home directory if `BUNDLE_USER_HOME` is set ([#6885](https://github.com/rubygems/bundler/pull/6885))
|
475
|
-
- Fix error message when server would respond to a bad username/password
|
499
|
+
- Fix error message when server would respond to a bad username/password request with a 401 ([#6928](https://github.com/rubygems/bundler/pull/6928))
|
476
500
|
- Fix `bundle outdated` pluralization when multiple groups are requested ([#7063](https://github.com/rubygems/bundler/pull/7063))
|
477
501
|
- Fix `bundle install` not updating conservatively when gemspec is changed ([#7143](https://github.com/rubygems/bundler/pull/7143))
|
478
502
|
- Fix `bundle exec` not respecting custom process titles inside scripts ([#7140](https://github.com/rubygems/bundler/pull/7140))
|
@@ -2117,7 +2141,7 @@ Changes
|
|
2117
2141
|
- fix Bundler.which for directories ([#2697](https://github.com/rubygems/bundler/issues/2697), @rhysd)
|
2118
2142
|
- properly require `Capistrano::Version` ([#2690](https://github.com/rubygems/bundler/issues/2690), @steveklabnik)
|
2119
2143
|
- search for git.exe and git
|
2120
|
-
- fix the bug that downloads every spec when API fetcher
|
2144
|
+
- fix the bug that downloads every spec when API fetcher encounters an error
|
2121
2145
|
- only retry network requests
|
2122
2146
|
|
2123
2147
|
# 1.4.0.rc.1 (September 29, 2013)
|
@@ -2741,7 +2765,7 @@ Changes
|
|
2741
2765
|
|
2742
2766
|
- Implement `to_ary` to avoid calls to method_missing (@tenderlove, [#1274](https://github.com/rubygems/bundler/issues/1274))
|
2743
2767
|
- bundle clean removes old .gem files (@cldwalker, [#1293](https://github.com/rubygems/bundler/issues/1293))
|
2744
|
-
-
|
2768
|
+
- Correctly identify missing child dependency in error message
|
2745
2769
|
- Run pre-install, post-build, and post-install gem hooks for git gems (@warhammerkid, [#1120](https://github.com/rubygems/bundler/issues/1120))
|
2746
2770
|
- create Gemfile.lock for empty Gemfile ([#1218](https://github.com/rubygems/bundler/issues/1218))
|
2747
2771
|
|
@@ -2892,7 +2916,7 @@ Changes
|
|
2892
2916
|
|
2893
2917
|
- Performance fix for MRI 1.9 (@efficientcloud, [#1288](https://github.com/rubygems/bundler/issues/1288))
|
2894
2918
|
- Shortcuts (like `bundle i`) for all commands (@amatsuda)
|
2895
|
-
-
|
2919
|
+
- Correctly identify missing child dependency in error message
|
2896
2920
|
|
2897
2921
|
## Bug fixes:
|
2898
2922
|
|
@@ -3128,7 +3152,7 @@ Changes
|
|
3128
3152
|
|
3129
3153
|
- Various bugfixes to the built-in rake helpers
|
3130
3154
|
- Fix a bug where shortrefs weren't unique enough and were
|
3131
|
-
|
3155
|
+
therefore colliding
|
3132
3156
|
- Fix a small bug involving checking whether a local git
|
3133
3157
|
clone is up to date
|
3134
3158
|
- Correctly handle explicit '=' dependencies with gems
|
@@ -4,8 +4,8 @@ module Bundler
|
|
4
4
|
# Represents metadata from when the Bundler gem was built.
|
5
5
|
module BuildMetadata
|
6
6
|
# begin ivars
|
7
|
-
@built_at = "2021-
|
8
|
-
@git_commit_sha = "
|
7
|
+
@built_at = "2021-05-05".freeze
|
8
|
+
@git_commit_sha = "69cbd6e10e".freeze
|
9
9
|
@release = true
|
10
10
|
# end ivars
|
11
11
|
|
data/lib/bundler/cli.rb
CHANGED
@@ -504,8 +504,8 @@ module Bundler
|
|
504
504
|
By default, setting a configuration value sets it for all projects
|
505
505
|
on the machine.
|
506
506
|
|
507
|
-
If a global setting is
|
508
|
-
will show the current value, as well as any
|
507
|
+
If a global setting is superseded by local configuration, this command
|
508
|
+
will show the current value, as well as any superseded values and
|
509
509
|
where they were specified.
|
510
510
|
D
|
511
511
|
require_relative "cli/config"
|
data/lib/bundler/cli/common.rb
CHANGED
@@ -94,6 +94,8 @@ module Bundler
|
|
94
94
|
end
|
95
95
|
|
96
96
|
def self.ensure_all_gems_in_lockfile!(names, locked_gems = Bundler.locked_gems)
|
97
|
+
return unless locked_gems
|
98
|
+
|
97
99
|
locked_names = locked_gems.specs.map(&:name).uniq
|
98
100
|
names.-(locked_names).each do |g|
|
99
101
|
raise GemNotFound, gem_not_found_message(g, locked_names)
|
@@ -50,16 +50,20 @@ module Bundler
|
|
50
50
|
|
51
51
|
content = response.body
|
52
52
|
|
53
|
-
|
53
|
+
etag = (response["ETag"] || "").gsub(%r{\AW/}, "")
|
54
|
+
correct_response = SharedHelpers.filesystem_access(local_temp_path) do
|
54
55
|
if response.is_a?(Net::HTTPPartialContent) && local_temp_path.size.nonzero?
|
55
56
|
local_temp_path.open("a") {|f| f << slice_body(content, 1..-1) }
|
57
|
+
|
58
|
+
etag_for(local_temp_path) == etag
|
56
59
|
else
|
57
60
|
local_temp_path.open("wb") {|f| f << content }
|
61
|
+
|
62
|
+
etag.length.zero? || etag_for(local_temp_path) == etag
|
58
63
|
end
|
59
64
|
end
|
60
65
|
|
61
|
-
|
62
|
-
if etag.length.zero? || etag_for(local_temp_path) == etag
|
66
|
+
if correct_response
|
63
67
|
SharedHelpers.filesystem_access(local_path) do
|
64
68
|
FileUtils.mv(local_temp_path, local_path)
|
65
69
|
end
|
@@ -92,11 +96,11 @@ module Bundler
|
|
92
96
|
|
93
97
|
def checksum_for_file(path)
|
94
98
|
return nil unless path.file?
|
95
|
-
# This must use
|
99
|
+
# This must use File.read instead of Digest.file().hexdigest
|
96
100
|
# because we need to preserve \n line endings on windows when calculating
|
97
101
|
# the checksum
|
98
102
|
SharedHelpers.filesystem_access(path, :read) do
|
99
|
-
SharedHelpers.digest(:MD5).hexdigest(
|
103
|
+
SharedHelpers.digest(:MD5).hexdigest(File.read(path))
|
100
104
|
end
|
101
105
|
end
|
102
106
|
end
|
data/lib/bundler/current_ruby.rb
CHANGED
data/lib/bundler/definition.rb
CHANGED
@@ -161,16 +161,14 @@ module Bundler
|
|
161
161
|
end
|
162
162
|
|
163
163
|
def resolve_with_cache!
|
164
|
-
raise "Specs already loaded" if @specs
|
165
164
|
sources.cached!
|
166
|
-
|
165
|
+
resolve
|
167
166
|
end
|
168
167
|
|
169
168
|
def resolve_remotely!
|
170
|
-
return if @specs
|
171
169
|
@remote = true
|
172
170
|
sources.remote!
|
173
|
-
|
171
|
+
resolve
|
174
172
|
end
|
175
173
|
|
176
174
|
# For given dependency list returns a SpecSet with Gemspec of all the required
|
data/lib/bundler/fetcher.rb
CHANGED
@@ -47,7 +47,8 @@ module Bundler
|
|
47
47
|
remote_uri = filter_uri(remote_uri)
|
48
48
|
super "Authentication is required for #{remote_uri}.\n" \
|
49
49
|
"Please supply credentials for this source. You can do this by running:\n" \
|
50
|
-
"
|
50
|
+
"`bundle config set --global #{remote_uri} username:password`\n" \
|
51
|
+
"or by storing the credentials in the `#{Settings.key_for(remote_uri)}` environment variable"
|
51
52
|
end
|
52
53
|
end
|
53
54
|
# This error is raised if HTTP authentication is provided, but incorrect.
|
@@ -14,8 +14,10 @@ module Bundler
|
|
14
14
|
def fetch(uri, headers = {}, counter = 0)
|
15
15
|
raise HTTPError, "Too many redirects" if counter >= redirect_limit
|
16
16
|
|
17
|
+
filtered_uri = URICredentialsFilter.credential_filtered_uri(uri)
|
18
|
+
|
17
19
|
response = request(uri, headers)
|
18
|
-
Bundler.ui.debug("HTTP #{response.code} #{response.message} #{
|
20
|
+
Bundler.ui.debug("HTTP #{response.code} #{response.message} #{filtered_uri}")
|
19
21
|
|
20
22
|
case response
|
21
23
|
when Net::HTTPSuccess, Net::HTTPNotModified
|
@@ -40,7 +42,7 @@ module Bundler
|
|
40
42
|
raise BadAuthenticationError, uri.host if uri.userinfo
|
41
43
|
raise AuthenticationRequiredError, uri.host
|
42
44
|
when Net::HTTPNotFound
|
43
|
-
raise FallbackError, "Net::HTTPNotFound: #{
|
45
|
+
raise FallbackError, "Net::HTTPNotFound: #{filtered_uri}"
|
44
46
|
else
|
45
47
|
raise HTTPError, "#{response.class}#{": #{response.body}" unless response.body.empty?}"
|
46
48
|
end
|
@@ -49,7 +51,9 @@ module Bundler
|
|
49
51
|
def request(uri, headers)
|
50
52
|
validate_uri_scheme!(uri)
|
51
53
|
|
52
|
-
|
54
|
+
filtered_uri = URICredentialsFilter.credential_filtered_uri(uri)
|
55
|
+
|
56
|
+
Bundler.ui.debug "HTTP GET #{filtered_uri}"
|
53
57
|
req = Net::HTTP::Get.new uri.request_uri, headers
|
54
58
|
if uri.user
|
55
59
|
user = CGI.unescape(uri.user)
|
@@ -69,7 +73,7 @@ module Bundler
|
|
69
73
|
raise NetworkDownError, "Could not reach host #{uri.host}. Check your network " \
|
70
74
|
"connection and try again."
|
71
75
|
else
|
72
|
-
raise HTTPError, "Network error while fetching #{
|
76
|
+
raise HTTPError, "Network error while fetching #{filtered_uri}" \
|
73
77
|
" (#{e})"
|
74
78
|
end
|
75
79
|
end
|
data/lib/bundler/injector.rb
CHANGED
@@ -128,7 +128,7 @@ module Bundler
|
|
128
128
|
# evaluates a gemfile to remove the specified gem
|
129
129
|
# from it.
|
130
130
|
def remove_deps(gemfile_path)
|
131
|
-
initial_gemfile =
|
131
|
+
initial_gemfile = File.readlines(gemfile_path)
|
132
132
|
|
133
133
|
Bundler.ui.info "Removing gems from #{gemfile_path}"
|
134
134
|
|
@@ -181,7 +181,7 @@ module Bundler
|
|
181
181
|
patterns = /gem\s+(['"])#{Regexp.union(gems)}\1|gem\s*\((['"])#{Regexp.union(gems)}\2\)/
|
182
182
|
new_gemfile = []
|
183
183
|
multiline_removal = false
|
184
|
-
|
184
|
+
File.readlines(gemfile_path).each do |line|
|
185
185
|
match_data = line.match(patterns)
|
186
186
|
if match_data && is_not_within_comment?(line, match_data)
|
187
187
|
multiline_removal = line.rstrip.end_with?(",")
|
data/lib/bundler/inline.rb
CHANGED
@@ -52,7 +52,7 @@ def gemfile(install = false, options = {}, &gemfile)
|
|
52
52
|
builder.instance_eval(&gemfile)
|
53
53
|
builder.check_primary_source_safety
|
54
54
|
|
55
|
-
Bundler.settings.temporary(:frozen => false) do
|
55
|
+
Bundler.settings.temporary(:deployment => false, :frozen => false) do
|
56
56
|
definition = builder.to_definition(nil, true)
|
57
57
|
def definition.lock(*); end
|
58
58
|
definition.validate_runtime!
|
@@ -199,7 +199,7 @@ The following is a list of all configuration keys and their purpose\. You can le
|
|
199
199
|
\fBfrozen\fR (\fBBUNDLE_FROZEN\fR): Disallow changes to the \fBGemfile\fR\. When the \fBGemfile\fR is changed and the lockfile has not been updated, running Bundler commands will be blocked\. Defaults to \fBtrue\fR when \fB\-\-deployment\fR is used\.
|
200
200
|
.
|
201
201
|
.IP "\(bu" 4
|
202
|
-
\fBgem\.github_username\fR (\fBBUNDLE_GEM__GITHUB_USERNAME\fR): Sets a GitHub username or organization to be used in \fBREADME\fR file when you create a new gem via \fBbundle gem\fR command\. It can be
|
202
|
+
\fBgem\.github_username\fR (\fBBUNDLE_GEM__GITHUB_USERNAME\fR): Sets a GitHub username or organization to be used in \fBREADME\fR file when you create a new gem via \fBbundle gem\fR command\. It can be overridden by passing an explicit \fB\-\-github\-username\fR flag to \fBbundle gem\fR\.
|
203
203
|
.
|
204
204
|
.IP "\(bu" 4
|
205
205
|
\fBgem\.push_key\fR (\fBBUNDLE_GEM__PUSH_KEY\fR): Sets the \fB\-\-key\fR parameter for \fBgem push\fR when using the \fBrake release\fR command with a private gemstash server\.
|
@@ -470,6 +470,23 @@ export BUNDLE_GITHUB__COM=abcd0123generatedtoken:x\-oauth\-basic
|
|
470
470
|
.
|
471
471
|
.IP "" 0
|
472
472
|
.
|
473
|
+
.P
|
474
|
+
Note that any configured credentials will be redacted by informative commands such as \fBbundle config list\fR or \fBbundle config get\fR, unless you use the \fB\-\-parseable\fR flag\. This is to avoid unintentially leaking credentials when copy\-pasting bundler output\.
|
475
|
+
.
|
476
|
+
.P
|
477
|
+
Also note that to guarantee a sane mapping between valid environment variable names and valid host names, bundler makes the following transformations:
|
478
|
+
.
|
479
|
+
.IP "\(bu" 4
|
480
|
+
Any \fB\-\fR characters in a host name are mapped to a triple dash (\fB___\fR) in the corresponding enviroment variable\.
|
481
|
+
.
|
482
|
+
.IP "\(bu" 4
|
483
|
+
Any \fB\.\fR characters in a host name are mapped to a double dash (\fB__\fR) in the corresponding environment variable\.
|
484
|
+
.
|
485
|
+
.IP "" 0
|
486
|
+
.
|
487
|
+
.P
|
488
|
+
This means that if you have a gem server named \fBmy\.gem\-host\.com\fR, you\'ll need to use the \fBBUNDLE_MY__GEM___HOST__COM\fR variable to configure credentials for it through ENV\.
|
489
|
+
.
|
473
490
|
.SH "CONFIGURE BUNDLER DIRECTORIES"
|
474
491
|
Bundler\'s home, config, cache and plugin directories are able to be configured through environment variables\. The default location for Bundler\'s home directory is \fB~/\.bundle\fR, which all directories inherit from by default\. The following outlines the available environment variables and their default values
|
475
492
|
.
|
@@ -196,7 +196,7 @@ learn more about their operation in [bundle install(1)](bundle-install.1.html).
|
|
196
196
|
Defaults to `true` when `--deployment` is used.
|
197
197
|
* `gem.github_username` (`BUNDLE_GEM__GITHUB_USERNAME`):
|
198
198
|
Sets a GitHub username or organization to be used in `README` file when you
|
199
|
-
create a new gem via `bundle gem` command. It can be
|
199
|
+
create a new gem via `bundle gem` command. It can be overridden by passing an
|
200
200
|
explicit `--github-username` flag to `bundle gem`.
|
201
201
|
* `gem.push_key` (`BUNDLE_GEM__PUSH_KEY`):
|
202
202
|
Sets the `--key` parameter for `gem push` when using the `rake release`
|
@@ -376,6 +376,23 @@ where you can use personal OAuth tokens:
|
|
376
376
|
|
377
377
|
export BUNDLE_GITHUB__COM=abcd0123generatedtoken:x-oauth-basic
|
378
378
|
|
379
|
+
Note that any configured credentials will be redacted by informative commands
|
380
|
+
such as `bundle config list` or `bundle config get`, unless you use the
|
381
|
+
`--parseable` flag. This is to avoid unintentially leaking credentials when
|
382
|
+
copy-pasting bundler output.
|
383
|
+
|
384
|
+
Also note that to guarantee a sane mapping between valid environment variable
|
385
|
+
names and valid host names, bundler makes the following transformations:
|
386
|
+
|
387
|
+
* Any `-` characters in a host name are mapped to a triple dash (`___`) in the
|
388
|
+
corresponding enviroment variable.
|
389
|
+
|
390
|
+
* Any `.` characters in a host name are mapped to a double dash (`__`) in the
|
391
|
+
corresponding environment variable.
|
392
|
+
|
393
|
+
This means that if you have a gem server named `my.gem-host.com`, you'll need to
|
394
|
+
use the `BUNDLE_MY__GEM___HOST__COM` variable to configure credentials for it
|
395
|
+
through ENV.
|
379
396
|
|
380
397
|
## CONFIGURE BUNDLER DIRECTORIES
|
381
398
|
|
data/lib/bundler/plugin.rb
CHANGED
@@ -164,7 +164,7 @@ module Bundler
|
|
164
164
|
end
|
165
165
|
|
166
166
|
# To be called from Cli class to pass the command and argument to
|
167
|
-
#
|
167
|
+
# appropriate plugin class
|
168
168
|
def exec_command(command, args)
|
169
169
|
raise UndefinedCommandError, "Command `#{command}` not found" unless command? command
|
170
170
|
|
@@ -183,7 +183,7 @@ module Bundler
|
|
183
183
|
!index.source_plugin(name.to_s).nil?
|
184
184
|
end
|
185
185
|
|
186
|
-
# @return [Class] that handles the source. The
|
186
|
+
# @return [Class] that handles the source. The class includes API::Source
|
187
187
|
def source(name)
|
188
188
|
raise UnknownSourceError, "Source #{name} not found" unless source? name
|
189
189
|
|
data/lib/bundler/retry.rb
CHANGED
@@ -49,7 +49,7 @@ module Bundler
|
|
49
49
|
raise e
|
50
50
|
end
|
51
51
|
return true unless name
|
52
|
-
Bundler.ui.info "" unless Bundler.ui.debug? # Add new line
|
52
|
+
Bundler.ui.info "" unless Bundler.ui.debug? # Add new line in case dots preceded this
|
53
53
|
Bundler.ui.warn "Retrying #{name} due to error (#{current_run.next}/#{total_runs}): #{e.class} #{e.message}", Bundler.ui.debug?
|
54
54
|
end
|
55
55
|
|
data/lib/bundler/settings.rb
CHANGED
@@ -13,6 +13,7 @@ module Bundler
|
|
13
13
|
auto_install
|
14
14
|
cache_all
|
15
15
|
cache_all_platforms
|
16
|
+
clean
|
16
17
|
default_install_uses_path
|
17
18
|
deployment
|
18
19
|
deployment_means_frozen
|
@@ -26,11 +27,14 @@ module Bundler
|
|
26
27
|
force_ruby_platform
|
27
28
|
forget_cli_options
|
28
29
|
frozen
|
30
|
+
gem.changelog
|
29
31
|
gem.coc
|
30
32
|
gem.mit
|
33
|
+
git.allow_insecure
|
31
34
|
global_gem_cache
|
32
35
|
ignore_messages
|
33
36
|
init_gems_rb
|
37
|
+
inline
|
34
38
|
no_install
|
35
39
|
no_prune
|
36
40
|
path_relative_to_cwd
|
@@ -60,6 +64,22 @@ module Bundler
|
|
60
64
|
without
|
61
65
|
].freeze
|
62
66
|
|
67
|
+
STRING_KEYS = %w[
|
68
|
+
bin
|
69
|
+
cache_path
|
70
|
+
console
|
71
|
+
gem.ci
|
72
|
+
gem.github_username
|
73
|
+
gem.linter
|
74
|
+
gem.rubocop
|
75
|
+
gem.test
|
76
|
+
gemfile
|
77
|
+
path
|
78
|
+
shebang
|
79
|
+
system_bindir
|
80
|
+
trust-policy
|
81
|
+
].freeze
|
82
|
+
|
63
83
|
DEFAULT_CONFIG = {
|
64
84
|
"BUNDLE_SILENCE_DEPRECATIONS" => false,
|
65
85
|
"BUNDLE_DISABLE_VERSION_CHECK" => true,
|
@@ -125,8 +145,8 @@ module Bundler
|
|
125
145
|
keys = @temporary.keys | @global_config.keys | @local_config.keys | @env_config.keys
|
126
146
|
|
127
147
|
keys.map do |key|
|
128
|
-
key.sub(/^BUNDLE_/, "").gsub(/__/, ".").downcase
|
129
|
-
end
|
148
|
+
key.sub(/^BUNDLE_/, "").gsub(/___/, "-").gsub(/__/, ".").downcase
|
149
|
+
end.sort
|
130
150
|
end
|
131
151
|
|
132
152
|
def local_overrides
|
@@ -172,19 +192,19 @@ module Bundler
|
|
172
192
|
locations = []
|
173
193
|
|
174
194
|
if value = @temporary[key]
|
175
|
-
locations << "Set for the current command: #{
|
195
|
+
locations << "Set for the current command: #{printable_value(value, exposed_key).inspect}"
|
176
196
|
end
|
177
197
|
|
178
198
|
if value = @local_config[key]
|
179
|
-
locations << "Set for your local app (#{local_config_file}): #{
|
199
|
+
locations << "Set for your local app (#{local_config_file}): #{printable_value(value, exposed_key).inspect}"
|
180
200
|
end
|
181
201
|
|
182
202
|
if value = @env_config[key]
|
183
|
-
locations << "Set via #{key}: #{
|
203
|
+
locations << "Set via #{key}: #{printable_value(value, exposed_key).inspect}"
|
184
204
|
end
|
185
205
|
|
186
206
|
if value = @global_config[key]
|
187
|
-
locations << "Set for the current user (#{global_config_file}): #{
|
207
|
+
locations << "Set for the current user (#{global_config_file}): #{printable_value(value, exposed_key).inspect}"
|
188
208
|
end
|
189
209
|
|
190
210
|
return ["You have not configured a value for `#{exposed_key}`"] if locations.empty?
|
@@ -276,9 +296,7 @@ module Bundler
|
|
276
296
|
end
|
277
297
|
|
278
298
|
def key_for(key)
|
279
|
-
|
280
|
-
key = key.to_s.gsub(".", "__").upcase
|
281
|
-
"BUNDLE_#{key}"
|
299
|
+
self.class.key_for(key)
|
282
300
|
end
|
283
301
|
|
284
302
|
private
|
@@ -313,6 +331,10 @@ module Bundler
|
|
313
331
|
BOOL_KEYS.include?(name.to_s) || BOOL_KEYS.include?(parent_setting_for(name.to_s))
|
314
332
|
end
|
315
333
|
|
334
|
+
def is_string(name)
|
335
|
+
STRING_KEYS.include?(name.to_s) || name.to_s.start_with?("local.") || name.to_s.start_with?("mirror.") || name.to_s.start_with?("build.")
|
336
|
+
end
|
337
|
+
|
316
338
|
def to_bool(value)
|
317
339
|
case value
|
318
340
|
when nil, /\A(false|f|no|n|0|)\z/i, false
|
@@ -330,6 +352,14 @@ module Bundler
|
|
330
352
|
ARRAY_KEYS.include?(key.to_s)
|
331
353
|
end
|
332
354
|
|
355
|
+
def is_credential(key)
|
356
|
+
key == "gem.push_key"
|
357
|
+
end
|
358
|
+
|
359
|
+
def is_userinfo(value)
|
360
|
+
value.include?(":")
|
361
|
+
end
|
362
|
+
|
333
363
|
def to_array(value)
|
334
364
|
return [] unless value
|
335
365
|
value.split(":").map(&:to_sym)
|
@@ -376,6 +406,21 @@ module Bundler
|
|
376
406
|
end
|
377
407
|
end
|
378
408
|
|
409
|
+
def printable_value(value, key)
|
410
|
+
converted = converted_value(value, key)
|
411
|
+
return converted unless converted.is_a?(String)
|
412
|
+
|
413
|
+
if is_string(key)
|
414
|
+
converted
|
415
|
+
elsif is_credential(key)
|
416
|
+
"[REDACTED]"
|
417
|
+
elsif is_userinfo(converted)
|
418
|
+
converted.gsub(/:.*$/, ":[REDACTED]")
|
419
|
+
else
|
420
|
+
converted
|
421
|
+
end
|
422
|
+
end
|
423
|
+
|
379
424
|
def global_config_file
|
380
425
|
if ENV["BUNDLE_CONFIG"] && !ENV["BUNDLE_CONFIG"].empty?
|
381
426
|
Pathname.new(ENV["BUNDLE_CONFIG"])
|
@@ -415,6 +460,12 @@ module Bundler
|
|
415
460
|
\z
|
416
461
|
/ix.freeze
|
417
462
|
|
463
|
+
def self.key_for(key)
|
464
|
+
key = normalize_uri(key).to_s if key.is_a?(String) && /https?:/ =~ key
|
465
|
+
key = key.to_s.gsub(".", "__").gsub("-", "___").upcase
|
466
|
+
"BUNDLE_#{key}"
|
467
|
+
end
|
468
|
+
|
418
469
|
# TODO: duplicates Rubygems#normalize_uri
|
419
470
|
# TODO: is this the correct place to validate mirror URIs?
|
420
471
|
def self.normalize_uri(uri)
|
@@ -423,11 +423,11 @@ module Bundler
|
|
423
423
|
def fetch_names(fetchers, dependency_names, index, override_dupes)
|
424
424
|
fetchers.each do |f|
|
425
425
|
if dependency_names
|
426
|
-
Bundler.ui.info "Fetching gem metadata from #{f.uri}", Bundler.ui.debug?
|
426
|
+
Bundler.ui.info "Fetching gem metadata from #{URICredentialsFilter.credential_filtered_uri(f.uri)}", Bundler.ui.debug?
|
427
427
|
index.use f.specs_with_retry(dependency_names, self), override_dupes
|
428
428
|
Bundler.ui.info "" unless Bundler.ui.debug? # new line now that the dots are over
|
429
429
|
else
|
430
|
-
Bundler.ui.info "Fetching source index from #{f.uri}"
|
430
|
+
Bundler.ui.info "Fetching source index from #{URICredentialsFilter.credential_filtered_uri(f.uri)}"
|
431
431
|
index.use f.specs_with_retry(nil, self), override_dupes
|
432
432
|
end
|
433
433
|
end
|
data/lib/bundler/spec_set.rb
CHANGED
@@ -78,11 +78,17 @@ module Bundler
|
|
78
78
|
|
79
79
|
def materialize(deps, missing_specs = nil)
|
80
80
|
materialized = self.for(deps, [], false, true, !missing_specs).to_a
|
81
|
-
|
81
|
+
|
82
|
+
materialized.group_by(&:source).each do |source, specs|
|
83
|
+
next unless specs.any?{|s| s.is_a?(LazySpecification) }
|
84
|
+
|
85
|
+
source.local!
|
86
|
+
names = -> { specs.map(&:name).uniq }
|
87
|
+
source.double_check_for(names)
|
88
|
+
end
|
89
|
+
|
82
90
|
materialized.map! do |s|
|
83
91
|
next s unless s.is_a?(LazySpecification)
|
84
|
-
s.source.dependency_names = deps if s.source.respond_to?(:dependency_names=)
|
85
|
-
s.source.local!
|
86
92
|
spec = s.__materialize__
|
87
93
|
unless spec
|
88
94
|
unless missing_specs
|
@@ -99,12 +105,17 @@ module Bundler
|
|
99
105
|
# This is in contrast to how for does platform filtering (and specifically different from how `materialize` calls `for` only for the current platform)
|
100
106
|
# @return [Array<Gem::Specification>]
|
101
107
|
def materialized_for_all_platforms
|
102
|
-
|
108
|
+
@specs.group_by(&:source).each do |source, specs|
|
109
|
+
next unless specs.any?{|s| s.is_a?(LazySpecification) }
|
110
|
+
|
111
|
+
source.local!
|
112
|
+
source.remote!
|
113
|
+
names = -> { specs.map(&:name).uniq }
|
114
|
+
source.double_check_for(names)
|
115
|
+
end
|
116
|
+
|
103
117
|
@specs.map do |s|
|
104
118
|
next s unless s.is_a?(LazySpecification)
|
105
|
-
s.source.dependency_names = names if s.source.respond_to?(:dependency_names=)
|
106
|
-
s.source.local!
|
107
|
-
s.source.remote!
|
108
119
|
spec = s.__materialize__
|
109
120
|
raise GemNotFound, "Could not find #{s.full_name} in any of the sources" unless spec
|
110
121
|
spec
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Bundler::Molinillo
|
4
|
-
# Provides information about
|
4
|
+
# Provides information about specifications and dependencies to the resolver,
|
5
5
|
# allowing the {Resolver} class to remain generic while still providing power
|
6
6
|
# and flexibility.
|
7
7
|
#
|
@@ -252,7 +252,7 @@ class Bundler::Thor
|
|
252
252
|
# flag<Regexp|String>:: the regexp or string to be replaced
|
253
253
|
# replacement<String>:: the replacement, can be also given as a block
|
254
254
|
# config<Hash>:: give :verbose => false to not log the status, and
|
255
|
-
# :force => true, to force the replacement
|
255
|
+
# :force => true, to force the replacement regardless of runner behavior.
|
256
256
|
#
|
257
257
|
# ==== Example
|
258
258
|
#
|
data/lib/bundler/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bundler
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.2.
|
4
|
+
version: 2.2.17
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- André Arko
|
@@ -22,7 +22,7 @@ authors:
|
|
22
22
|
autorequire:
|
23
23
|
bindir: exe
|
24
24
|
cert_chain: []
|
25
|
-
date: 2021-
|
25
|
+
date: 2021-05-05 00:00:00.000000000 Z
|
26
26
|
dependencies: []
|
27
27
|
description: Bundler manages an application's dependencies through its entire life,
|
28
28
|
across many machines, systematically and repeatably
|
@@ -352,7 +352,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
352
352
|
- !ruby/object:Gem::Version
|
353
353
|
version: 2.5.2
|
354
354
|
requirements: []
|
355
|
-
rubygems_version: 3.2.
|
355
|
+
rubygems_version: 3.2.17
|
356
356
|
signing_key:
|
357
357
|
specification_version: 4
|
358
358
|
summary: The best way to manage your application's dependencies
|