bundler 2.5.16 → 2.5.17

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 736fcd6d7bb9c8f0aaa8187d662846d4a17dc827b580d7912350e1e11f7b8c2a
-  data.tar.gz: 793b6ad42430c89e42202dc735637373f7e7e780e286c63ca603e05712cd4bc1
+  metadata.gz: 60cb5ee8526a6f8eb3c413e7d3d2ae8c9b32315685862943fc2a956f2fdcd5a1
+  data.tar.gz: 52aa4c3a435ed97c8dbc2adcfa51dc6d2113fefcb5020df0a5b0be3b605cc49f
 SHA512:
-  metadata.gz: 9246f1b4a399b0f70fc9309365922cd4759dab87cce71f1048c36c50ec5ebc2563c5942c72bf9815a1b9fe13656d3e59b9fd1b490b1f8e32db8f24769b5bdd02
-  data.tar.gz: d18554604463d8c50739086ee2c9587ca13d44fc24171ed8f4e4759be9a8f71902026a942cf7dcc6ecec74943f6b2c901d71c5455a152a21d5c304ccec87f70d
+  metadata.gz: afafe4e932d1840de3938e609f45555b1fbdf3fea481ee6d395a1f1458d579606d2f5ac64edc90d74799d9b117aae3fd1028b6d3a660df97e087bb9f6475d583
+  data.tar.gz: fd8907298e40c98124857ea7bf2594953d962946b66da695ce929db2623e67dacbee7dec6500a3dfb89cb6308377a26c305a25cd28a7083432ec10baf0d59810

data/CHANGELOG.md

@@ -1,3 +1,19 @@
+# 2.5.17 (August 1, 2024)
+
+## Enhancements:
+
+  - Print better log message when current platform is not present in the lockfile [#7891](https://github.com/rubygems/rubygems/pull/7891)
+  - Explicitly encode `Gem::Dependency` to yaml [#7867](https://github.com/rubygems/rubygems/pull/7867)
+  - Enable lockfile checksums on future Bundler 3 when there's no previous lockfile [#7805](https://github.com/rubygems/rubygems/pull/7805)
+
+## Bug fixes:
+
+  - Fix truffleruby removing gems from lockfile [#7795](https://github.com/rubygems/rubygems/pull/7795)
+  - Fix `bundle check` exit code when gem git source is not checked out [#7894](https://github.com/rubygems/rubygems/pull/7894)
+  - Generate gems.rb from Gemfile.tt template for `bundle-gem` [#7853](https://github.com/rubygems/rubygems/pull/7853)
+  - Fix git source cache being used as the install location [#4469](https://github.com/rubygems/rubygems/pull/4469)
+  - Fix `bundle exec gem uninstall` [#7886](https://github.com/rubygems/rubygems/pull/7886)
+
 # 2.5.16 (July 18, 2024)
 
 ## Bug fixes:

data/lib/bundler/build_metadata.rb

@@ -4,8 +4,8 @@ module Bundler
   # Represents metadata from when the Bundler gem was built.
   module BuildMetadata
     # begin ivars
-    @built_at = "2024-07-18".freeze
-    @git_commit_sha = "f49d3d48c9".freeze
+    @built_at = "2024-08-01".freeze
+    @git_commit_sha = "74d92b2502".freeze
     @release = true
     # end ivars
 

data/lib/bundler/cli/check.rb

@@ -17,7 +17,7 @@ module Bundler
       begin
         definition.resolve_only_locally!
         not_installed = definition.missing_specs
-      rescue GemNotFound, SolveFailure
+      rescue GemNotFound, GitError, SolveFailure
         Bundler.ui.error "Bundler can't satisfy your Gemfile's dependencies."
         Bundler.ui.warn "Install missing gems with `bundle install`."
         exit 1

data/lib/bundler/cli/gem.rb

@@ -79,7 +79,7 @@ module Bundler
       ensure_safe_gem_name(name, constant_array)
 
       templates = {
-        "#{Bundler.preferred_gemfile_name}.tt" => Bundler.preferred_gemfile_name,
+        "Gemfile.tt" => Bundler.preferred_gemfile_name,
         "lib/newgem.rb.tt" => "lib/#{namespaced_path}.rb",
         "lib/newgem/version.rb.tt" => "lib/#{namespaced_path}/version.rb",
         "sig/newgem.rbs.tt" => "sig/#{namespaced_path}.rbs",

data/lib/bundler/cli.rb

@@ -110,8 +110,8 @@ module Bundler
     default_task(Bundler.feature_flag.default_cli_command)
 
     class_option "no-color", type: :boolean, desc: "Disable colorization in output"
-    class_option "retry",    type: :numeric, aliases: "-r", banner: "NUM",
-                             desc: "Specify the number of times you wish to attempt network commands"
+    class_option "retry", type: :numeric, aliases: "-r", banner: "NUM",
+                          desc: "Specify the number of times you wish to attempt network commands"
     class_option "verbose", type: :boolean, desc: "Enable verbose output mode", aliases: "-V"
 
     def help(cli = nil)
@@ -260,15 +260,15 @@ module Bundler
     method_option "gemfile", type: :string, banner: "Use the specified gemfile instead of Gemfile"
     method_option "group", aliases: "-g", type: :array, banner: "Update a specific group"
     method_option "jobs", aliases: "-j", type: :numeric, banner: "Specify the number of jobs to run in parallel"
-    method_option "local", type: :boolean, banner:       "Do not attempt to fetch gems remotely and use the gem cache instead"
-    method_option "quiet", type: :boolean, banner:       "Only output warnings and errors."
+    method_option "local", type: :boolean, banner: "Do not attempt to fetch gems remotely and use the gem cache instead"
+    method_option "quiet", type: :boolean, banner: "Only output warnings and errors."
     method_option "source", type: :array, banner: "Update a specific source (and all gems associated with it)"
     method_option "redownload", type: :boolean, aliases: "--force", banner: "Force downloading every gem."
     method_option "ruby", type: :boolean, banner: "Update ruby specified in Gemfile.lock"
     method_option "bundler", type: :string, lazy_default: "> 0.a", banner: "Update the locked version of bundler"
-    method_option "patch", type: :boolean, banner:       "Prefer updating only to next patch version"
-    method_option "minor", type: :boolean, banner:       "Prefer updating only to next minor version"
-    method_option "major", type: :boolean, banner:       "Prefer updating to next major version (default)"
+    method_option "patch", type: :boolean, banner: "Prefer updating only to next patch version"
+    method_option "minor", type: :boolean, banner: "Prefer updating only to next minor version"
+    method_option "major", type: :boolean, banner: "Prefer updating to next major version (default)"
     method_option "pre", type: :boolean, banner: "Always choose the highest allowed version when updating gems, regardless of prerelease status"
     method_option "strict", type: :boolean, banner: "Do not allow any gem to be updated past latest --patch | --minor | --major"
     method_option "conservative", type: :boolean, banner: "Use bundle install conservative update behavior and do not allow shared dependencies to be updated."
@@ -397,11 +397,11 @@ module Bundler
     end
 
     desc "cache [OPTIONS]", "Locks and then caches all of the gems into vendor/cache"
-    method_option "all",  type: :boolean,
-                          default: Bundler.feature_flag.cache_all?,
-                          banner: "Include all sources (including path and git)."
+    method_option "all", type: :boolean,
+                         default: Bundler.feature_flag.cache_all?,
+                         banner: "Include all sources (including path and git)."
     method_option "all-platforms", type: :boolean, banner: "Include gems for all platforms present in the lockfile, not only the current one"
-    method_option "cache-path", type: :string, banner:       "Specify a different cache path than the default (vendor/cache)."
+    method_option "cache-path", type: :string, banner: "Specify a different cache path than the default (vendor/cache)."
     method_option "gemfile", type: :string, banner: "Use the specified gemfile instead of Gemfile"
     method_option "no-install", type: :boolean, banner: "Don't install the gems, only update the cache."
     method_option "no-prune", type: :boolean, banner: "Don't remove stale gems from the cache."
@@ -605,7 +605,7 @@ module Bundler
     end
 
     desc "inject GEM VERSION", "Add the named gem, with version requirements, to the resolved Gemfile", hide: true
-    method_option "source", type: :string, banner:      "Install gem from the given source"
+    method_option "source", type: :string, banner: "Install gem from the given source"
     method_option "group", type: :string, banner: "Install gem into a bundler group"
     def inject(name, version)
       SharedHelpers.major_deprecation 2, "The `inject` command has been replaced by the `add` command"
@@ -615,16 +615,16 @@ module Bundler
 
     desc "lock", "Creates a lockfile without installing"
     method_option "update", type: :array, lazy_default: true, banner: "ignore the existing lockfile, update all gems by default, or update list of given gems"
-    method_option "local", type: :boolean, default: false, banner:       "do not attempt to fetch remote gemspecs and use the local gem cache only"
-    method_option "print", type: :boolean, default: false, banner:       "print the lockfile to STDOUT instead of writing to the file system"
+    method_option "local", type: :boolean, default: false, banner: "do not attempt to fetch remote gemspecs and use the local gem cache only"
+    method_option "print", type: :boolean, default: false, banner: "print the lockfile to STDOUT instead of writing to the file system"
     method_option "gemfile", type: :string, banner: "Use the specified gemfile instead of Gemfile"
     method_option "lockfile", type: :string, default: nil, banner: "the path the lockfile should be written to"
     method_option "full-index", type: :boolean, default: false, banner: "Fall back to using the single-file index of all gems"
     method_option "add-platform", type: :array, default: [], banner: "Add a new platform to the lockfile"
-    method_option "remove-platform", type: :array, default: [], banner:       "Remove a platform from the lockfile"
-    method_option "patch", type: :boolean, banner:       "If updating, prefer updating only to next patch version"
-    method_option "minor", type: :boolean, banner:       "If updating, prefer updating only to next minor version"
-    method_option "major", type: :boolean, banner:       "If updating, prefer updating to next major version (default)"
+    method_option "remove-platform", type: :array, default: [], banner: "Remove a platform from the lockfile"
+    method_option "patch", type: :boolean, banner: "If updating, prefer updating only to next patch version"
+    method_option "minor", type: :boolean, banner: "If updating, prefer updating only to next minor version"
+    method_option "major", type: :boolean, banner: "If updating, prefer updating to next major version (default)"
     method_option "pre", type: :boolean, banner: "If updating, always choose the highest allowed version, regardless of prerelease status"
     method_option "strict", type: :boolean, banner: "If updating, do not allow any gem to be updated past latest --patch | --minor | --major"
     method_option "conservative", type: :boolean, banner: "If updating, use bundle install conservative update behavior and do not allow shared dependencies to be updated"

data/lib/bundler/definition.rb

@@ -115,7 +115,7 @@ module Bundler
         @originally_locked_specs = @locked_specs
         @locked_sources = []
         @locked_platforms = []
-        @locked_checksums = nil
+        @locked_checksums = Bundler.feature_flag.bundler_3_mode?
       end
 
       locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
@@ -137,7 +137,7 @@ module Bundler
       end
       @unlocking ||= @unlock[:ruby] ||= (!@locked_ruby_version ^ !@ruby_version)
 
-      add_current_platform unless Bundler.frozen_bundle?
+      @current_platform_missing = add_current_platform unless Bundler.frozen_bundle?
 
       converge_path_sources_to_gemspec_sources
       @path_changes = converge_paths
@@ -484,6 +484,7 @@ module Bundler
 
       !@source_changes &&
         !@dependency_changes &&
+        !@current_platform_missing &&
         @new_platforms.empty? &&
         !@path_changes &&
         !@local_changes &&
@@ -629,6 +630,7 @@ module Bundler
     def start_resolution
       local_platform_needed_for_resolvability = @most_specific_non_local_locked_ruby_platform && !@platforms.include?(local_platform)
       @platforms << local_platform if local_platform_needed_for_resolvability
+      add_platform(Gem::Platform::RUBY) if RUBY_ENGINE == "truffleruby"
 
       result = SpecSet.new(resolver.start)
 
@@ -671,19 +673,19 @@ module Bundler
     end
 
     def add_current_platform
-      @most_specific_non_local_locked_ruby_platform = find_most_specific_non_local_locked_ruby_platform
+      return if @platforms.include?(local_platform)
+
+      @most_specific_non_local_locked_ruby_platform = find_most_specific_locked_ruby_platform
       return if @most_specific_non_local_locked_ruby_platform
 
-      add_platform(local_platform)
+      @platforms << local_platform
+      true
     end
 
-    def find_most_specific_non_local_locked_ruby_platform
+    def find_most_specific_locked_ruby_platform
       return unless generic_local_platform_is_ruby? && current_platform_locked?
 
-      most_specific_locked_ruby_platform = most_specific_locked_platform
-      return unless most_specific_locked_ruby_platform != local_platform
-
-      most_specific_locked_ruby_platform
+      most_specific_locked_platform
     end
 
     def change_reason
@@ -705,6 +707,7 @@ module Bundler
       [
         [@source_changes, "the list of sources changed"],
         [@dependency_changes, "the dependencies in your gemfile changed"],
+        [@current_platform_missing, "your lockfile does not include the current platform"],
         [@new_platforms.any?, "you added a new platform to your gemfile"],
         [@path_changes, "the gemspecs for path gems changed"],
         [@local_changes, "the gemspecs for git local gems changed"],

data/lib/bundler/force_platform.rb

@@ -2,8 +2,6 @@
 
 module Bundler
   module ForcePlatform
-    private
-
     # The `:force_ruby_platform` value used by dependencies for resolution, and
     # by locked specifications for materialization is `false` by default, except
     # for TruffleRuby. TruffleRuby generally needs to force the RUBY platform

data/lib/bundler/plugin/api/source.rb

@@ -196,6 +196,7 @@ module Bundler
 
           FileUtils.rm_rf(new_cache_path)
           FileUtils.cp_r(install_path, new_cache_path)
+          FileUtils.rm_rf(app_cache_path.join(".git"))
           FileUtils.touch(app_cache_path.join(".bundlecache"))
         end
 

data/lib/bundler/rubygems_ext.rb

@@ -237,26 +237,20 @@ module Gem
 
     include ::Bundler::ForcePlatform
 
+    attr_reader :force_ruby_platform
+
     attr_accessor :source, :groups
 
     alias_method :eql?, :==
 
-    def force_ruby_platform
-      return @force_ruby_platform if defined?(@force_ruby_platform) && !@force_ruby_platform.nil?
-
-      @force_ruby_platform = default_force_ruby_platform
-    end
-
-    def encode_with(coder)
-      to_yaml_properties.each do |ivar|
-        coder[ivar.to_s.sub(/^@/, "")] = instance_variable_get(ivar)
+    unless method_defined?(:encode_with, false)
+      def encode_with(coder)
+        [:@name, :@requirement, :@type, :@prerelease, :@version_requirements].each do |ivar|
+          coder[ivar.to_s.sub(/^@/, "")] = instance_variable_get(ivar)
+        end
       end
     end
 
-    def to_yaml_properties
-      instance_variables.reject {|p| ["@source", "@groups"].include?(p.to_s) }
-    end
-
     def to_lock
       out = String.new("  #{name}")
       unless requirement.none?

data/lib/bundler/runtime.rb

@@ -128,11 +128,6 @@ module Bundler
         spec.source.cache(spec, custom_path) if spec.source.respond_to?(:cache)
       end
 
-      Dir[cache_path.join("*/.git")].each do |git_dir|
-        FileUtils.rm_rf(git_dir)
-        FileUtils.touch(File.expand_path("../.bundlecache", git_dir))
-      end
-
       prune_cache(cache_path) unless Bundler.settings[:no_prune]
     end
 

data/lib/bundler/source/git.rb

@@ -164,7 +164,8 @@ module Bundler
             "does not exist. Run `bundle config unset local.#{override_for(original_path)}` to remove the local override"
         end
 
-        set_local!(path)
+        @local = true
+        set_paths!(path)
 
         # Create a new git proxy without the cached revision
         # so the Gemfile.lock always picks up the new revision.
@@ -187,13 +188,11 @@ module Bundler
       end
 
       def specs(*)
-        set_local!(app_cache_path) if has_app_cache? && !local?
+        set_cache_path!(app_cache_path) if has_app_cache? && !local?
 
         if requires_checkout? && !@copied
           fetch
-          git_proxy.copy_to(install_path, submodules)
-          serialize_gemspecs_in(install_path)
-          @copied = true
+          checkout
         end
 
         local_specs
@@ -206,10 +205,7 @@ module Bundler
         print_using_message "Using #{version_message(spec, options[:previous_spec])} from #{self}"
 
         if (requires_checkout? && !@copied) || force
-          Bundler.ui.debug "  * Checking out revision: #{ref}"
-          git_proxy.copy_to(install_path, submodules)
-          serialize_gemspecs_in(install_path)
-          @copied = true
+          checkout
         end
 
         generate_bin_options = { disable_extensions: !Bundler.rubygems.spec_missing_extensions?(spec), build_args: options[:build_args] }
@@ -221,12 +217,13 @@ module Bundler
       def cache(spec, custom_path = nil)
         app_cache_path = app_cache_path(custom_path)
         return unless Bundler.feature_flag.cache_all?
-        return if path == app_cache_path
+        return if install_path == app_cache_path
+        return if cache_path == app_cache_path
         cached!
         FileUtils.rm_rf(app_cache_path)
         git_proxy.checkout if requires_checkout?
-        git_proxy.copy_to(app_cache_path, @submodules)
-        serialize_gemspecs_in(app_cache_path)
+        FileUtils.cp_r("#{cache_path}/.", app_cache_path)
+        FileUtils.touch(app_cache_path.join(".bundlecache"))
       end
 
       def load_spec_files
@@ -270,6 +267,13 @@ module Bundler
 
       private
 
+      def checkout
+        Bundler.ui.debug "  * Checking out revision: #{ref}"
+        git_proxy.copy_to(install_path, submodules)
+        serialize_gemspecs_in(install_path)
+        @copied = true
+      end
+
       def humanized_ref
         if local?
           path
@@ -298,10 +302,19 @@ module Bundler
         end
       end
 
-      def set_local!(path)
-        @local       = true
-        @local_specs = @git_proxy = nil
-        @cache_path  = @install_path = path
+      def set_paths!(path)
+        set_cache_path!(path)
+        set_install_path!(path)
+      end
+
+      def set_cache_path!(path)
+        @git_proxy = nil
+        @cache_path = path
+      end
+
+      def set_install_path!(path)
+        @local_specs = nil
+        @install_path = path
       end
 
       def has_app_cache?

data/lib/bundler/spec_set.rb

@@ -94,7 +94,7 @@ module Bundler
     end
 
     def delete(specs)
-      specs.each {|spec| @specs.delete(spec) }
+      Array(specs).each {|spec| @specs.delete(spec) }
 
       reset!
     end
@@ -280,7 +280,7 @@ module Bundler
       if platform
         GemHelpers.select_best_platform_match(specs_for_name, platform, force_ruby: dep.force_ruby_platform)
       else
-        GemHelpers.select_best_local_platform_match(specs_for_name, force_ruby: dep.force_ruby_platform)
+        GemHelpers.select_best_local_platform_match(specs_for_name, force_ruby: dep.force_ruby_platform || dep.default_force_ruby_platform)
       end
     end
 

data/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.5.16".freeze
+  VERSION = "2.5.17".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i

data/lib/bundler/yaml_serializer.rb

@@ -41,7 +41,7 @@ module Bundler
     HASH_REGEX = /
       ^
       ([ ]*) # indentations
-      (.+) # key
+      ([^#]+) # key excludes comment char '#'
       (?::(?=(?:\s|$))) # :  (without the lookahead the #key includes this when : is present in value)
       [ ]?
       (['"]?) # optional opening quote

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: bundler
 version: !ruby/object:Gem::Version
-  version: 2.5.16
+  version: 2.5.17
 platform: ruby
 authors:
 - André Arko
@@ -22,7 +22,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-07-18 00:00:00.000000000 Z
+date: 2024-08-01 00:00:00.000000000 Z
 dependencies: []
 description: Bundler manages an application's dependencies through its entire life,
   across many machines, systematically and repeatably
@@ -400,7 +400,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 3.2.3
 requirements: []
-rubygems_version: 3.5.16
+rubygems_version: 3.5.17
 signing_key:
 specification_version: 4
 summary: The best way to manage your application's dependencies