rubygems-update 2.6.3 → 2.7.7
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of rubygems-update might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/.travis.yml +17 -34
- data/CODE_OF_CONDUCT.md +36 -33
- data/CONTRIBUTING.rdoc +56 -55
- data/History.txt +467 -10
- data/Manifest.txt +276 -4
- data/POLICIES.rdoc +4 -4
- data/README.md +72 -0
- data/Rakefile +77 -10
- data/appveyor.yml +61 -31
- data/bin/gem +1 -1
- data/bin/update_rubygems +2 -2
- data/bundler/CHANGELOG.md +2910 -0
- data/bundler/CODE_OF_CONDUCT.md +42 -0
- data/bundler/CONTRIBUTING.md +17 -0
- data/bundler/LICENSE.md +23 -0
- data/bundler/README.md +63 -0
- data/bundler/bundler.gemspec +57 -0
- data/bundler/exe/bundle +31 -0
- data/bundler/exe/bundle_ruby +60 -0
- data/bundler/exe/bundler +4 -0
- data/bundler/lib/bundler/build_metadata.rb +36 -0
- data/bundler/lib/bundler/capistrano.rb +22 -0
- data/bundler/lib/bundler/cli/add.rb +25 -0
- data/bundler/lib/bundler/cli/binstubs.rb +43 -0
- data/bundler/lib/bundler/cli/cache.rb +36 -0
- data/bundler/lib/bundler/cli/check.rb +38 -0
- data/bundler/lib/bundler/cli/clean.rb +25 -0
- data/bundler/lib/bundler/cli/common.rb +102 -0
- data/bundler/lib/bundler/cli/config.rb +119 -0
- data/bundler/lib/bundler/cli/console.rb +43 -0
- data/bundler/lib/bundler/cli/doctor.rb +94 -0
- data/bundler/lib/bundler/cli/exec.rb +104 -0
- data/bundler/lib/bundler/cli/gem.rb +252 -0
- data/bundler/lib/bundler/cli/info.rb +50 -0
- data/bundler/lib/bundler/cli/init.rb +47 -0
- data/bundler/lib/bundler/cli/inject.rb +60 -0
- data/bundler/lib/bundler/cli/install.rb +214 -0
- data/bundler/lib/bundler/cli/issue.rb +40 -0
- data/bundler/lib/bundler/cli/list.rb +22 -0
- data/bundler/lib/bundler/cli/lock.rb +63 -0
- data/bundler/lib/bundler/cli/open.rb +26 -0
- data/bundler/lib/bundler/cli/outdated.rb +260 -0
- data/bundler/lib/bundler/cli/package.rb +49 -0
- data/bundler/lib/bundler/cli/platform.rb +46 -0
- data/bundler/lib/bundler/cli/plugin.rb +24 -0
- data/bundler/lib/bundler/cli/pristine.rb +43 -0
- data/bundler/lib/bundler/cli/show.rb +75 -0
- data/bundler/lib/bundler/cli/update.rb +91 -0
- data/bundler/lib/bundler/cli/viz.rb +31 -0
- data/bundler/lib/bundler/cli.rb +748 -0
- data/bundler/lib/bundler/compact_index_client/cache.rb +118 -0
- data/bundler/lib/bundler/compact_index_client/updater.rb +116 -0
- data/bundler/lib/bundler/compact_index_client.rb +109 -0
- data/bundler/lib/bundler/compatibility_guard.rb +14 -0
- data/bundler/lib/bundler/constants.rb +7 -0
- data/bundler/lib/bundler/current_ruby.rb +86 -0
- data/bundler/lib/bundler/definition.rb +989 -0
- data/bundler/lib/bundler/dep_proxy.rb +48 -0
- data/bundler/lib/bundler/dependency.rb +138 -0
- data/bundler/lib/bundler/deployment.rb +69 -0
- data/bundler/lib/bundler/deprecate.rb +43 -0
- data/bundler/lib/bundler/dsl.rb +599 -0
- data/bundler/lib/bundler/endpoint_specification.rb +141 -0
- data/bundler/lib/bundler/env.rb +153 -0
- data/bundler/lib/bundler/environment_preserver.rb +59 -0
- data/bundler/lib/bundler/errors.rb +158 -0
- data/bundler/lib/bundler/feature_flag.rb +67 -0
- data/bundler/lib/bundler/fetcher/base.rb +52 -0
- data/bundler/lib/bundler/fetcher/compact_index.rb +126 -0
- data/bundler/lib/bundler/fetcher/dependency.rb +82 -0
- data/bundler/lib/bundler/fetcher/downloader.rb +79 -0
- data/bundler/lib/bundler/fetcher/index.rb +52 -0
- data/bundler/lib/bundler/fetcher.rb +312 -0
- data/bundler/lib/bundler/friendly_errors.rb +131 -0
- data/bundler/lib/bundler/gem_helper.rb +202 -0
- data/bundler/lib/bundler/gem_helpers.rb +101 -0
- data/bundler/lib/bundler/gem_remote_fetcher.rb +43 -0
- data/bundler/lib/bundler/gem_tasks.rb +7 -0
- data/bundler/lib/bundler/gem_version_promoter.rb +176 -0
- data/bundler/lib/bundler/gemdeps.rb +29 -0
- data/bundler/lib/bundler/graph.rb +152 -0
- data/bundler/lib/bundler/index.rb +213 -0
- data/bundler/lib/bundler/injector.rb +94 -0
- data/bundler/lib/bundler/inline.rb +74 -0
- data/bundler/lib/bundler/installer/gem_installer.rb +83 -0
- data/bundler/lib/bundler/installer/parallel_installer.rb +228 -0
- data/bundler/lib/bundler/installer/standalone.rb +53 -0
- data/bundler/lib/bundler/installer.rb +295 -0
- data/bundler/lib/bundler/lazy_specification.rb +123 -0
- data/bundler/lib/bundler/lockfile_generator.rb +95 -0
- data/bundler/lib/bundler/lockfile_parser.rb +256 -0
- data/bundler/lib/bundler/match_platform.rb +24 -0
- data/bundler/lib/bundler/mirror.rb +223 -0
- data/bundler/lib/bundler/plugin/api/source.rb +306 -0
- data/bundler/lib/bundler/plugin/api.rb +81 -0
- data/bundler/lib/bundler/plugin/dsl.rb +53 -0
- data/bundler/lib/bundler/plugin/index.rb +162 -0
- data/bundler/lib/bundler/plugin/installer/git.rb +38 -0
- data/bundler/lib/bundler/plugin/installer/rubygems.rb +27 -0
- data/bundler/lib/bundler/plugin/installer.rb +96 -0
- data/bundler/lib/bundler/plugin/source_list.rb +27 -0
- data/bundler/lib/bundler/plugin.rb +285 -0
- data/bundler/lib/bundler/process_lock.rb +24 -0
- data/bundler/lib/bundler/psyched_yaml.rb +37 -0
- data/bundler/lib/bundler/remote_specification.rb +114 -0
- data/bundler/lib/bundler/resolver/spec_group.rb +110 -0
- data/bundler/lib/bundler/resolver.rb +372 -0
- data/bundler/lib/bundler/retry.rb +66 -0
- data/bundler/lib/bundler/ruby_dsl.rb +18 -0
- data/bundler/lib/bundler/ruby_version.rb +152 -0
- data/bundler/lib/bundler/rubygems_ext.rb +210 -0
- data/bundler/lib/bundler/rubygems_gem_installer.rb +99 -0
- data/bundler/lib/bundler/rubygems_integration.rb +898 -0
- data/bundler/lib/bundler/runtime.rb +316 -0
- data/bundler/lib/bundler/settings/validator.rb +79 -0
- data/bundler/lib/bundler/settings.rb +442 -0
- data/bundler/lib/bundler/setup.rb +28 -0
- data/bundler/lib/bundler/shared_helpers.rb +356 -0
- data/bundler/lib/bundler/similarity_detector.rb +63 -0
- data/bundler/lib/bundler/source/gemspec.rb +18 -0
- data/bundler/lib/bundler/source/git/git_proxy.rb +262 -0
- data/bundler/lib/bundler/source/git.rb +329 -0
- data/bundler/lib/bundler/source/metadata.rb +63 -0
- data/bundler/lib/bundler/source/path/installer.rb +74 -0
- data/bundler/lib/bundler/source/path.rb +249 -0
- data/bundler/lib/bundler/source/rubygems/remote.rb +66 -0
- data/bundler/lib/bundler/source/rubygems.rb +535 -0
- data/bundler/lib/bundler/source.rb +94 -0
- data/bundler/lib/bundler/source_list.rb +186 -0
- data/bundler/lib/bundler/spec_set.rb +192 -0
- data/bundler/lib/bundler/ssl_certs/.document +1 -0
- data/bundler/lib/bundler/ssl_certs/certificate_manager.rb +66 -0
- data/bundler/lib/bundler/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +21 -0
- data/bundler/lib/bundler/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem +23 -0
- data/bundler/lib/bundler/stub_specification.rb +108 -0
- data/bundler/lib/bundler/templates/.document +1 -0
- data/bundler/lib/bundler/templates/Executable +29 -0
- data/bundler/lib/bundler/templates/Executable.bundler +105 -0
- data/bundler/lib/bundler/templates/Executable.standalone +14 -0
- data/bundler/lib/bundler/templates/Gemfile +7 -0
- data/bundler/lib/bundler/templates/gems.rb +8 -0
- data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +74 -0
- data/bundler/lib/bundler/templates/newgem/Gemfile.tt +6 -0
- data/bundler/lib/bundler/templates/newgem/LICENSE.txt.tt +21 -0
- data/bundler/lib/bundler/templates/newgem/README.md.tt +47 -0
- data/bundler/lib/bundler/templates/newgem/Rakefile.tt +29 -0
- data/bundler/lib/bundler/templates/newgem/bin/console.tt +14 -0
- data/bundler/lib/bundler/templates/newgem/bin/setup.tt +8 -0
- data/bundler/lib/bundler/templates/newgem/exe/newgem.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/extconf.rb.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.c.tt +9 -0
- data/bundler/lib/bundler/templates/newgem/ext/newgem/newgem.h.tt +6 -0
- data/bundler/lib/bundler/templates/newgem/gitignore.tt +20 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem/version.rb.tt +7 -0
- data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +12 -0
- data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +51 -0
- data/bundler/lib/bundler/templates/newgem/rspec.tt +3 -0
- data/bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt +9 -0
- data/bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt +14 -0
- data/bundler/lib/bundler/templates/newgem/test/newgem_test.rb.tt +11 -0
- data/bundler/lib/bundler/templates/newgem/test/test_helper.rb.tt +4 -0
- data/bundler/lib/bundler/templates/newgem/travis.yml.tt +5 -0
- data/bundler/lib/bundler/ui/rg_proxy.rb +19 -0
- data/bundler/lib/bundler/ui/shell.rb +146 -0
- data/bundler/lib/bundler/ui/silent.rb +69 -0
- data/bundler/lib/bundler/ui.rb +9 -0
- data/bundler/lib/bundler/uri_credentials_filter.rb +37 -0
- data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +1638 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/compatibility.rb +26 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/delegates/specification_provider.rb +81 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/action.rb +36 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +66 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +62 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +63 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +61 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/log.rb +126 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/set_payload.rb +46 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/tag.rb +36 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph/vertex.rb +126 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +223 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/errors.rb +138 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/gem_metadata.rb +6 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +101 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/modules/ui.rb +67 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/resolution.rb +837 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/resolver.rb +46 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/state.rb +58 -0
- data/bundler/lib/bundler/vendor/molinillo/lib/molinillo.rb +12 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/faster.rb +27 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/ssl_reuse.rb +129 -0
- data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +1233 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb +104 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_link.rb +60 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb +118 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb +143 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +364 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +109 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/actions.rb +321 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/base.rb +679 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/command.rb +135 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +97 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/io_binary_read.rb +12 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/core_ext/ordered_hash.rb +129 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/error.rb +32 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +281 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/invocation.rb +177 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/basic.rb +37 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/line_editor.rb +17 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +70 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/arguments.rb +175 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +146 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +221 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/parser.rb +4 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/rake_compat.rb +71 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/runner.rb +324 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +437 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb +149 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +126 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/shell.rb +81 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +268 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +3 -0
- data/bundler/lib/bundler/vendor/thor/lib/thor.rb +509 -0
- data/bundler/lib/bundler/vendored_fileutils.rb +9 -0
- data/bundler/lib/bundler/vendored_molinillo.rb +4 -0
- data/bundler/lib/bundler/vendored_persistent.rb +52 -0
- data/bundler/lib/bundler/vendored_thor.rb +8 -0
- data/bundler/lib/bundler/version.rb +28 -0
- data/bundler/lib/bundler/version_ranges.rb +76 -0
- data/bundler/lib/bundler/vlad.rb +17 -0
- data/bundler/lib/bundler/worker.rb +106 -0
- data/bundler/lib/bundler/yaml_serializer.rb +90 -0
- data/bundler/lib/bundler.rb +545 -0
- data/bundler/man/bundle-add.ronn +29 -0
- data/bundler/man/bundle-binstubs.ronn +43 -0
- data/bundler/man/bundle-check.ronn +26 -0
- data/bundler/man/bundle-clean.ronn +18 -0
- data/bundler/man/bundle-config.ronn +376 -0
- data/bundler/man/bundle-doctor.ronn +33 -0
- data/bundler/man/bundle-exec.ronn +152 -0
- data/bundler/man/bundle-gem.ronn +78 -0
- data/bundler/man/bundle-info.ronn +17 -0
- data/bundler/man/bundle-init.ronn +29 -0
- data/bundler/man/bundle-inject.ronn +22 -0
- data/bundler/man/bundle-install.ronn +369 -0
- data/bundler/man/bundle-list.ronn +15 -0
- data/bundler/man/bundle-lock.ronn +94 -0
- data/bundler/man/bundle-open.ronn +19 -0
- data/bundler/man/bundle-outdated.ronn +107 -0
- data/bundler/man/bundle-package.ronn +72 -0
- data/bundler/man/bundle-platform.ronn +42 -0
- data/bundler/man/bundle-pristine.ronn +34 -0
- data/bundler/man/bundle-show.ronn +20 -0
- data/bundler/man/bundle-update.ronn +346 -0
- data/bundler/man/bundle-viz.ronn +30 -0
- data/bundler/man/bundle.ronn +108 -0
- data/bundler/man/gemfile.5.ronn +506 -0
- data/lib/rubygems/basic_specification.rb +8 -4
- data/lib/rubygems/bundler_version_finder.rb +116 -0
- data/lib/rubygems/command.rb +10 -2
- data/lib/rubygems/command_manager.rb +3 -1
- data/lib/rubygems/commands/cert_command.rb +31 -6
- data/lib/rubygems/commands/cleanup_command.rb +10 -3
- data/lib/rubygems/commands/generate_index_command.rb +1 -1
- data/lib/rubygems/commands/help_command.rb +1 -1
- data/lib/rubygems/commands/open_command.rb +1 -1
- data/lib/rubygems/commands/owner_command.rb +4 -2
- data/lib/rubygems/commands/pristine_command.rb +11 -8
- data/lib/rubygems/commands/push_command.rb +3 -2
- data/lib/rubygems/commands/query_command.rb +17 -17
- data/lib/rubygems/commands/setup_command.rb +175 -70
- data/lib/rubygems/commands/signin_command.rb +33 -0
- data/lib/rubygems/commands/signout_command.rb +33 -0
- data/lib/rubygems/commands/sources_command.rb +1 -1
- data/lib/rubygems/commands/uninstall_command.rb +4 -3
- data/lib/rubygems/commands/unpack_command.rb +19 -7
- data/lib/rubygems/commands/update_command.rb +2 -2
- data/lib/rubygems/commands/which_command.rb +1 -1
- data/lib/rubygems/commands/yank_command.rb +4 -11
- data/lib/rubygems/config_file.rb +21 -28
- data/lib/rubygems/core_ext/kernel_require.rb +10 -9
- data/lib/rubygems/defaults.rb +18 -0
- data/lib/rubygems/dependency.rb +10 -4
- data/lib/rubygems/dependency_installer.rb +8 -2
- data/lib/rubygems/dependency_list.rb +1 -1
- data/lib/rubygems/errors.rb +4 -0
- data/lib/rubygems/exceptions.rb +11 -1
- data/lib/rubygems/ext/builder.rb +2 -2
- data/lib/rubygems/ext/ext_conf_builder.rb +7 -7
- data/lib/rubygems/ext/rake_builder.rb +2 -2
- data/lib/rubygems/gem_runner.rb +5 -1
- data/lib/rubygems/indexer.rb +6 -5
- data/lib/rubygems/install_update_options.rb +5 -28
- data/lib/rubygems/installer.rb +53 -22
- data/lib/rubygems/installer_test_case.rb +6 -3
- data/lib/rubygems/package/file_source.rb +2 -2
- data/lib/rubygems/package/old.rb +3 -3
- data/lib/rubygems/package/tar_header.rb +14 -9
- data/lib/rubygems/package/tar_writer.rb +12 -16
- data/lib/rubygems/package.rb +48 -9
- data/lib/rubygems/platform.rb +1 -1
- data/lib/rubygems/remote_fetcher.rb +13 -18
- data/lib/rubygems/request.rb +47 -1
- data/lib/rubygems/request_set/gem_dependency_api.rb +3 -3
- data/lib/rubygems/request_set/lockfile/tokenizer.rb +1 -1
- data/lib/rubygems/request_set/lockfile.rb +1 -1
- data/lib/rubygems/request_set.rb +22 -3
- data/lib/rubygems/requirement.rb +5 -1
- data/lib/rubygems/resolver/installer_set.rb +4 -6
- data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +50 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb +80 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb +35 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +65 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +61 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +62 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +60 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb +125 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb +45 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb +35 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb +125 -0
- data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +78 -147
- data/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb +1 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +1 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb +1 -1
- data/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb +110 -75
- data/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb +4 -2
- data/lib/rubygems/resolver/set.rb +1 -1
- data/lib/rubygems/resolver.rb +61 -5
- data/lib/rubygems/safe_yaml.rb +51 -0
- data/lib/rubygems/security/signer.rb +2 -0
- data/lib/rubygems/security/trust_dir.rb +1 -1
- data/lib/rubygems/security.rb +12 -5
- data/lib/rubygems/security_option.rb +43 -0
- data/lib/rubygems/server.rb +49 -40
- data/lib/rubygems/source/git.rb +2 -1
- data/lib/rubygems/source/local.rb +38 -35
- data/lib/rubygems/source/lock.rb +4 -1
- data/lib/rubygems/source.rb +9 -6
- data/lib/rubygems/source_local.rb +3 -1
- data/lib/rubygems/source_specific_file.rb +3 -2
- data/lib/rubygems/spec_fetcher.rb +7 -3
- data/lib/rubygems/specification.rb +317 -251
- data/lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +21 -0
- data/lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem +25 -0
- data/lib/rubygems/stub_specification.rb +10 -4
- data/lib/rubygems/test_case.rb +51 -11
- data/lib/rubygems/test_utilities.rb +2 -2
- data/lib/rubygems/text.rb +14 -1
- data/lib/rubygems/user_interaction.rb +22 -20
- data/lib/rubygems/util/licenses.rb +37 -0
- data/lib/rubygems/util.rb +6 -16
- data/lib/rubygems/validator.rb +3 -3
- data/lib/rubygems/version.rb +24 -5
- data/lib/rubygems/version_option.rb +6 -1
- data/lib/rubygems.rb +147 -45
- data/lib/ubygems.rb +3 -0
- data/setup.rb +1 -1
- data/test/rubygems/alternate_cert.pem +10 -9
- data/test/rubygems/alternate_cert_32.pem +10 -9
- data/test/rubygems/child_cert.pem +11 -9
- data/test/rubygems/child_cert_32.pem +11 -9
- data/test/rubygems/encrypted_private_key.pem +26 -26
- data/test/rubygems/expired_cert.pem +9 -8
- data/test/rubygems/future_cert.pem +9 -8
- data/test/rubygems/future_cert_32.pem +9 -8
- data/test/rubygems/grandchild_cert.pem +11 -9
- data/test/rubygems/grandchild_cert_32.pem +11 -9
- data/test/rubygems/invalid_issuer_cert.pem +11 -9
- data/test/rubygems/invalid_issuer_cert_32.pem +11 -9
- data/test/rubygems/invalid_signer_cert.pem +10 -9
- data/test/rubygems/invalid_signer_cert_32.pem +10 -9
- data/test/rubygems/invalidchild_cert.pem +11 -9
- data/test/rubygems/invalidchild_cert_32.pem +11 -9
- data/test/rubygems/private3072_key.pem +40 -0
- data/test/rubygems/public3072_cert.pem +25 -0
- data/test/rubygems/public_cert.pem +11 -9
- data/test/rubygems/public_cert_32.pem +10 -9
- data/test/rubygems/rubygems_plugin.rb +4 -0
- data/test/rubygems/test_bundled_ca.rb +1 -1
- data/test/rubygems/test_config.rb +1 -1
- data/test/rubygems/test_gem.rb +168 -55
- data/test/rubygems/test_gem_bundler_version_finder.rb +125 -0
- data/test/rubygems/test_gem_command.rb +7 -1
- data/test/rubygems/test_gem_commands_build_command.rb +27 -1
- data/test/rubygems/test_gem_commands_cert_command.rb +64 -0
- data/test/rubygems/test_gem_commands_cleanup_command.rb +44 -1
- data/test/rubygems/test_gem_commands_install_command.rb +36 -2
- data/test/rubygems/test_gem_commands_open_command.rb +2 -1
- data/test/rubygems/test_gem_commands_owner_command.rb +25 -0
- data/test/rubygems/test_gem_commands_pristine_command.rb +1 -1
- data/test/rubygems/test_gem_commands_push_command.rb +5 -5
- data/test/rubygems/test_gem_commands_query_command.rb +154 -1
- data/test/rubygems/test_gem_commands_setup_command.rb +140 -10
- data/test/rubygems/test_gem_commands_signin_command.rb +98 -0
- data/test/rubygems/test_gem_commands_signout_command.rb +37 -0
- data/test/rubygems/test_gem_commands_sources_command.rb +52 -0
- data/test/rubygems/test_gem_commands_uninstall_command.rb +14 -2
- data/test/rubygems/test_gem_commands_update_command.rb +1 -7
- data/test/rubygems/test_gem_commands_which_command.rb +3 -3
- data/test/rubygems/test_gem_config_file.rb +1 -2
- data/test/rubygems/test_gem_dependency.rb +28 -0
- data/test/rubygems/test_gem_dependency_installer.rb +1 -1
- data/test/rubygems/test_gem_doctor.rb +2 -2
- data/test/rubygems/test_gem_ext_builder.rb +8 -8
- data/test/rubygems/test_gem_ext_configure_builder.rb +1 -1
- data/test/rubygems/test_gem_ext_ext_conf_builder.rb +23 -0
- data/test/rubygems/test_gem_ext_rake_builder.rb +33 -16
- data/test/rubygems/test_gem_gemcutter_utilities.rb +4 -4
- data/test/rubygems/test_gem_indexer.rb +1 -2
- data/test/rubygems/test_gem_install_update_options.rb +4 -1
- data/test/rubygems/test_gem_installer.rb +230 -32
- data/test/rubygems/test_gem_package.rb +156 -29
- data/test/rubygems/test_gem_package_old.rb +1 -1
- data/test/rubygems/test_gem_package_tar_header.rb +21 -0
- data/test/rubygems/test_gem_package_tar_writer.rb +24 -0
- data/test/rubygems/test_gem_rdoc.rb +2 -0
- data/test/rubygems/test_gem_remote_fetcher.rb +38 -19
- data/test/rubygems/test_gem_request.rb +132 -0
- data/test/rubygems/test_gem_request_connection_pools.rb +6 -7
- data/test/rubygems/test_gem_request_set.rb +7 -7
- data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +3 -3
- data/test/rubygems/test_gem_request_set_lockfile.rb +4 -4
- data/test/rubygems/test_gem_request_set_lockfile_parser.rb +1 -1
- data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -1
- data/test/rubygems/test_gem_requirement.rb +6 -0
- data/test/rubygems/test_gem_resolver.rb +29 -3
- data/test/rubygems/test_gem_resolver_conflict.rb +1 -1
- data/test/rubygems/test_gem_resolver_git_specification.rb +1 -1
- data/test/rubygems/test_gem_security.rb +5 -0
- data/test/rubygems/test_gem_security_policy.rb +27 -27
- data/test/rubygems/test_gem_security_signer.rb +14 -6
- data/test/rubygems/test_gem_security_trust_dir.rb +2 -2
- data/test/rubygems/test_gem_server.rb +210 -12
- data/test/rubygems/test_gem_source.rb +12 -3
- data/test/rubygems/test_gem_source_fetch_problem.rb +8 -0
- data/test/rubygems/test_gem_source_git.rb +1 -1
- data/test/rubygems/test_gem_spec_fetcher.rb +20 -0
- data/test/rubygems/test_gem_specification.rb +163 -32
- data/test/rubygems/test_gem_stream_ui.rb +6 -6
- data/test/rubygems/test_gem_stub_specification.rb +85 -6
- data/test/rubygems/test_gem_text.rb +11 -0
- data/test/rubygems/test_gem_util.rb +26 -0
- data/test/rubygems/test_gem_version.rb +46 -7
- data/test/rubygems/test_gem_version_option.rb +15 -0
- data/test/rubygems/test_kernel.rb +30 -0
- data/test/rubygems/test_remote_fetch_error.rb +21 -0
- data/test/rubygems/test_require.rb +95 -21
- data/test/rubygems/wrong_key_cert.pem +10 -9
- data/test/rubygems/wrong_key_cert_32.pem +10 -9
- data/util/ci +74 -0
- data/util/create_certs.rb +64 -49
- data/util/generate_spdx_license_list.rb +2 -1
- data/util/patch_with_prs.rb +77 -0
- data/util/update_bundled_ca_certificates.rb +23 -2
- data/util/update_changelog.rb +67 -0
- metadata +301 -48
- data/README.rdoc +0 -54
- data/lib/gauntlet_rubygems.rb +0 -51
- data/lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRoot.pem +0 -18
- /data/{lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot-2048.pem → bundler/lib/bundler/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem} +0 -0
@@ -0,0 +1,989 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "bundler/lockfile_parser"
|
4
|
+
require "set"
|
5
|
+
|
6
|
+
module Bundler
|
7
|
+
class Definition
|
8
|
+
include GemHelpers
|
9
|
+
|
10
|
+
attr_reader(
|
11
|
+
:dependencies,
|
12
|
+
:gem_version_promoter,
|
13
|
+
:locked_deps,
|
14
|
+
:locked_gems,
|
15
|
+
:platforms,
|
16
|
+
:requires,
|
17
|
+
:ruby_version,
|
18
|
+
:lockfile,
|
19
|
+
:gemfiles
|
20
|
+
)
|
21
|
+
|
22
|
+
# Given a gemfile and lockfile creates a Bundler definition
|
23
|
+
#
|
24
|
+
# @param gemfile [Pathname] Path to Gemfile
|
25
|
+
# @param lockfile [Pathname,nil] Path to Gemfile.lock
|
26
|
+
# @param unlock [Hash, Boolean, nil] Gems that have been requested
|
27
|
+
# to be updated or true if all gems should be updated
|
28
|
+
# @return [Bundler::Definition]
|
29
|
+
def self.build(gemfile, lockfile, unlock)
|
30
|
+
unlock ||= {}
|
31
|
+
gemfile = Pathname.new(gemfile).expand_path
|
32
|
+
|
33
|
+
raise GemfileNotFound, "#{gemfile} not found" unless gemfile.file?
|
34
|
+
|
35
|
+
Dsl.evaluate(gemfile, lockfile, unlock)
|
36
|
+
end
|
37
|
+
|
38
|
+
#
|
39
|
+
# How does the new system work?
|
40
|
+
#
|
41
|
+
# * Load information from Gemfile and Lockfile
|
42
|
+
# * Invalidate stale locked specs
|
43
|
+
# * All specs from stale source are stale
|
44
|
+
# * All specs that are reachable only through a stale
|
45
|
+
# dependency are stale.
|
46
|
+
# * If all fresh dependencies are satisfied by the locked
|
47
|
+
# specs, then we can try to resolve locally.
|
48
|
+
#
|
49
|
+
# @param lockfile [Pathname] Path to Gemfile.lock
|
50
|
+
# @param dependencies [Array(Bundler::Dependency)] array of dependencies from Gemfile
|
51
|
+
# @param sources [Bundler::SourceList]
|
52
|
+
# @param unlock [Hash, Boolean, nil] Gems that have been requested
|
53
|
+
# to be updated or true if all gems should be updated
|
54
|
+
# @param ruby_version [Bundler::RubyVersion, nil] Requested Ruby Version
|
55
|
+
# @param optional_groups [Array(String)] A list of optional groups
|
56
|
+
def initialize(lockfile, dependencies, sources, unlock, ruby_version = nil, optional_groups = [], gemfiles = [])
|
57
|
+
if [true, false].include?(unlock)
|
58
|
+
@unlocking_bundler = false
|
59
|
+
@unlocking = unlock
|
60
|
+
else
|
61
|
+
unlock = unlock.dup
|
62
|
+
@unlocking_bundler = unlock.delete(:bundler)
|
63
|
+
unlock.delete_if {|_k, v| Array(v).empty? }
|
64
|
+
@unlocking = !unlock.empty?
|
65
|
+
end
|
66
|
+
|
67
|
+
@dependencies = dependencies
|
68
|
+
@sources = sources
|
69
|
+
@unlock = unlock
|
70
|
+
@optional_groups = optional_groups
|
71
|
+
@remote = false
|
72
|
+
@specs = nil
|
73
|
+
@ruby_version = ruby_version
|
74
|
+
@gemfiles = gemfiles
|
75
|
+
|
76
|
+
@lockfile = lockfile
|
77
|
+
@lockfile_contents = String.new
|
78
|
+
@locked_bundler_version = nil
|
79
|
+
@locked_ruby_version = nil
|
80
|
+
@locked_specs_incomplete_for_platform = false
|
81
|
+
|
82
|
+
if lockfile && File.exist?(lockfile)
|
83
|
+
@lockfile_contents = Bundler.read_file(lockfile)
|
84
|
+
@locked_gems = LockfileParser.new(@lockfile_contents)
|
85
|
+
@locked_platforms = @locked_gems.platforms
|
86
|
+
@platforms = @locked_platforms.dup
|
87
|
+
@locked_bundler_version = @locked_gems.bundler_version
|
88
|
+
@locked_ruby_version = @locked_gems.ruby_version
|
89
|
+
|
90
|
+
if unlock != true
|
91
|
+
@locked_deps = @locked_gems.dependencies
|
92
|
+
@locked_specs = SpecSet.new(@locked_gems.specs)
|
93
|
+
@locked_sources = @locked_gems.sources
|
94
|
+
else
|
95
|
+
@unlock = {}
|
96
|
+
@locked_deps = {}
|
97
|
+
@locked_specs = SpecSet.new([])
|
98
|
+
@locked_sources = []
|
99
|
+
end
|
100
|
+
else
|
101
|
+
@unlock = {}
|
102
|
+
@platforms = []
|
103
|
+
@locked_gems = nil
|
104
|
+
@locked_deps = {}
|
105
|
+
@locked_specs = SpecSet.new([])
|
106
|
+
@locked_sources = []
|
107
|
+
@locked_platforms = []
|
108
|
+
end
|
109
|
+
|
110
|
+
@unlock[:gems] ||= []
|
111
|
+
@unlock[:sources] ||= []
|
112
|
+
@unlock[:ruby] ||= if @ruby_version && locked_ruby_version_object
|
113
|
+
@ruby_version.diff(locked_ruby_version_object)
|
114
|
+
end
|
115
|
+
@unlocking ||= @unlock[:ruby] ||= (!@locked_ruby_version ^ !@ruby_version)
|
116
|
+
|
117
|
+
add_current_platform unless Bundler.frozen_bundle?
|
118
|
+
|
119
|
+
converge_path_sources_to_gemspec_sources
|
120
|
+
@path_changes = converge_paths
|
121
|
+
@source_changes = converge_sources
|
122
|
+
|
123
|
+
unless @unlock[:lock_shared_dependencies]
|
124
|
+
eager_unlock = expand_dependencies(@unlock[:gems], true)
|
125
|
+
@unlock[:gems] = @locked_specs.for(eager_unlock, [], false, false, false).map(&:name)
|
126
|
+
end
|
127
|
+
|
128
|
+
@gem_version_promoter = create_gem_version_promoter
|
129
|
+
|
130
|
+
@dependency_changes = converge_dependencies
|
131
|
+
@local_changes = converge_locals
|
132
|
+
|
133
|
+
@requires = compute_requires
|
134
|
+
end
|
135
|
+
|
136
|
+
def create_gem_version_promoter
|
137
|
+
locked_specs =
|
138
|
+
if unlocking? && @locked_specs.empty? && !@lockfile_contents.empty?
|
139
|
+
# Definition uses an empty set of locked_specs to indicate all gems
|
140
|
+
# are unlocked, but GemVersionPromoter needs the locked_specs
|
141
|
+
# for conservative comparison.
|
142
|
+
Bundler::SpecSet.new(@locked_gems.specs)
|
143
|
+
else
|
144
|
+
@locked_specs
|
145
|
+
end
|
146
|
+
GemVersionPromoter.new(locked_specs, @unlock[:gems])
|
147
|
+
end
|
148
|
+
|
149
|
+
def resolve_with_cache!
|
150
|
+
raise "Specs already loaded" if @specs
|
151
|
+
sources.cached!
|
152
|
+
specs
|
153
|
+
end
|
154
|
+
|
155
|
+
def resolve_remotely!
|
156
|
+
raise "Specs already loaded" if @specs
|
157
|
+
@remote = true
|
158
|
+
sources.remote!
|
159
|
+
specs
|
160
|
+
end
|
161
|
+
|
162
|
+
# For given dependency list returns a SpecSet with Gemspec of all the required
|
163
|
+
# dependencies.
|
164
|
+
# 1. The method first resolves the dependencies specified in Gemfile
|
165
|
+
# 2. After that it tries and fetches gemspec of resolved dependencies
|
166
|
+
#
|
167
|
+
# @return [Bundler::SpecSet]
|
168
|
+
def specs
|
169
|
+
@specs ||= begin
|
170
|
+
begin
|
171
|
+
specs = resolve.materialize(Bundler.settings[:cache_all_platforms] ? dependencies : requested_dependencies)
|
172
|
+
rescue GemNotFound => e # Handle yanked gem
|
173
|
+
gem_name, gem_version = extract_gem_info(e)
|
174
|
+
locked_gem = @locked_specs[gem_name].last
|
175
|
+
raise if locked_gem.nil? || locked_gem.version.to_s != gem_version || !@remote
|
176
|
+
raise GemNotFound, "Your bundle is locked to #{locked_gem}, but that version could not " \
|
177
|
+
"be found in any of the sources listed in your Gemfile. If you haven't changed sources, " \
|
178
|
+
"that means the author of #{locked_gem} has removed it. You'll need to update your bundle " \
|
179
|
+
"to a version other than #{locked_gem} that hasn't been removed in order to install."
|
180
|
+
end
|
181
|
+
unless specs["bundler"].any?
|
182
|
+
bundler = sources.metadata_source.specs.search(Gem::Dependency.new("bundler", VERSION)).last
|
183
|
+
specs["bundler"] = bundler
|
184
|
+
end
|
185
|
+
|
186
|
+
specs
|
187
|
+
end
|
188
|
+
end
|
189
|
+
|
190
|
+
def new_specs
|
191
|
+
specs - @locked_specs
|
192
|
+
end
|
193
|
+
|
194
|
+
def removed_specs
|
195
|
+
@locked_specs - specs
|
196
|
+
end
|
197
|
+
|
198
|
+
def new_platform?
|
199
|
+
@new_platform
|
200
|
+
end
|
201
|
+
|
202
|
+
def missing_specs
|
203
|
+
missing = []
|
204
|
+
resolve.materialize(requested_dependencies, missing)
|
205
|
+
missing
|
206
|
+
end
|
207
|
+
|
208
|
+
def missing_specs?
|
209
|
+
missing = missing_specs
|
210
|
+
return false if missing.empty?
|
211
|
+
Bundler.ui.debug "The definition is missing #{missing.map(&:full_name)}"
|
212
|
+
true
|
213
|
+
rescue BundlerError => e
|
214
|
+
@index = nil
|
215
|
+
@resolve = nil
|
216
|
+
@specs = nil
|
217
|
+
@gem_version_promoter = create_gem_version_promoter
|
218
|
+
|
219
|
+
Bundler.ui.debug "The definition is missing dependencies, failed to resolve & materialize locally (#{e})"
|
220
|
+
true
|
221
|
+
end
|
222
|
+
|
223
|
+
def requested_specs
|
224
|
+
@requested_specs ||= begin
|
225
|
+
groups = requested_groups
|
226
|
+
groups.map!(&:to_sym)
|
227
|
+
specs_for(groups)
|
228
|
+
end
|
229
|
+
end
|
230
|
+
|
231
|
+
def current_dependencies
|
232
|
+
dependencies.select(&:should_include?)
|
233
|
+
end
|
234
|
+
|
235
|
+
def specs_for(groups)
|
236
|
+
deps = dependencies.select {|d| (d.groups & groups).any? }
|
237
|
+
deps.delete_if {|d| !d.should_include? }
|
238
|
+
specs.for(expand_dependencies(deps))
|
239
|
+
end
|
240
|
+
|
241
|
+
# Resolve all the dependencies specified in Gemfile. It ensures that
|
242
|
+
# dependencies that have been already resolved via locked file and are fresh
|
243
|
+
# are reused when resolving dependencies
|
244
|
+
#
|
245
|
+
# @return [SpecSet] resolved dependencies
|
246
|
+
def resolve
|
247
|
+
@resolve ||= begin
|
248
|
+
last_resolve = converge_locked_specs
|
249
|
+
if Bundler.frozen_bundle?
|
250
|
+
Bundler.ui.debug "Frozen, using resolution from the lockfile"
|
251
|
+
last_resolve
|
252
|
+
elsif !unlocking? && nothing_changed?
|
253
|
+
Bundler.ui.debug("Found no changes, using resolution from the lockfile")
|
254
|
+
last_resolve
|
255
|
+
else
|
256
|
+
# Run a resolve against the locally available gems
|
257
|
+
Bundler.ui.debug("Found changes from the lockfile, re-resolving dependencies because #{change_reason}")
|
258
|
+
last_resolve.merge Resolver.resolve(expanded_dependencies, index, source_requirements, last_resolve, gem_version_promoter, additional_base_requirements_for_resolve, platforms)
|
259
|
+
end
|
260
|
+
end
|
261
|
+
end
|
262
|
+
|
263
|
+
def index
|
264
|
+
@index ||= Index.build do |idx|
|
265
|
+
dependency_names = @dependencies.map(&:name)
|
266
|
+
|
267
|
+
sources.all_sources.each do |source|
|
268
|
+
source.dependency_names = dependency_names - pinned_spec_names(source)
|
269
|
+
idx.add_source source.specs
|
270
|
+
dependency_names.concat(source.unmet_deps).uniq!
|
271
|
+
end
|
272
|
+
|
273
|
+
double_check_for_index(idx, dependency_names)
|
274
|
+
end
|
275
|
+
end
|
276
|
+
|
277
|
+
# Suppose the gem Foo depends on the gem Bar. Foo exists in Source A. Bar has some versions that exist in both
|
278
|
+
# sources A and B. At this point, the API request will have found all the versions of Bar in source A,
|
279
|
+
# but will not have found any versions of Bar from source B, which is a problem if the requested version
|
280
|
+
# of Foo specifically depends on a version of Bar that is only found in source B. This ensures that for
|
281
|
+
# each spec we found, we add all possible versions from all sources to the index.
|
282
|
+
def double_check_for_index(idx, dependency_names)
|
283
|
+
pinned_names = pinned_spec_names
|
284
|
+
loop do
|
285
|
+
idxcount = idx.size
|
286
|
+
|
287
|
+
names = :names # do this so we only have to traverse to get dependency_names from the index once
|
288
|
+
unmet_dependency_names = lambda do
|
289
|
+
return names unless names == :names
|
290
|
+
new_names = sources.all_sources.map(&:dependency_names_to_double_check)
|
291
|
+
return names = nil if new_names.compact!
|
292
|
+
names = new_names.flatten(1).concat(dependency_names)
|
293
|
+
names.uniq!
|
294
|
+
names -= pinned_names
|
295
|
+
names
|
296
|
+
end
|
297
|
+
|
298
|
+
sources.all_sources.each do |source|
|
299
|
+
source.double_check_for(unmet_dependency_names)
|
300
|
+
end
|
301
|
+
|
302
|
+
break if idxcount == idx.size
|
303
|
+
end
|
304
|
+
end
|
305
|
+
private :double_check_for_index
|
306
|
+
|
307
|
+
def has_rubygems_remotes?
|
308
|
+
sources.rubygems_sources.any? {|s| s.remotes.any? }
|
309
|
+
end
|
310
|
+
|
311
|
+
def has_local_dependencies?
|
312
|
+
!sources.path_sources.empty? || !sources.git_sources.empty?
|
313
|
+
end
|
314
|
+
|
315
|
+
def spec_git_paths
|
316
|
+
sources.git_sources.map {|s| s.path.to_s }
|
317
|
+
end
|
318
|
+
|
319
|
+
def groups
|
320
|
+
dependencies.map(&:groups).flatten.uniq
|
321
|
+
end
|
322
|
+
|
323
|
+
def lock(file, preserve_unknown_sections = false)
|
324
|
+
contents = to_lock
|
325
|
+
|
326
|
+
# Convert to \r\n if the existing lock has them
|
327
|
+
# i.e., Windows with `git config core.autocrlf=true`
|
328
|
+
contents.gsub!(/\n/, "\r\n") if @lockfile_contents.match("\r\n")
|
329
|
+
|
330
|
+
if @locked_bundler_version
|
331
|
+
locked_major = @locked_bundler_version.segments.first
|
332
|
+
current_major = Gem::Version.create(Bundler::VERSION).segments.first
|
333
|
+
|
334
|
+
if updating_major = locked_major < current_major
|
335
|
+
Bundler.ui.warn "Warning: the lockfile is being updated to Bundler #{current_major}, " \
|
336
|
+
"after which you will be unable to return to Bundler #{@locked_bundler_version.segments.first}."
|
337
|
+
end
|
338
|
+
end
|
339
|
+
|
340
|
+
preserve_unknown_sections ||= !updating_major && (Bundler.frozen_bundle? || !(unlocking? || @unlocking_bundler))
|
341
|
+
|
342
|
+
return if file && File.exist?(file) && lockfiles_equal?(@lockfile_contents, contents, preserve_unknown_sections)
|
343
|
+
|
344
|
+
if Bundler.frozen_bundle?
|
345
|
+
Bundler.ui.error "Cannot write a changed lockfile while frozen."
|
346
|
+
return
|
347
|
+
end
|
348
|
+
|
349
|
+
SharedHelpers.filesystem_access(file) do |p|
|
350
|
+
File.open(p, "wb") {|f| f.puts(contents) }
|
351
|
+
end
|
352
|
+
end
|
353
|
+
|
354
|
+
def locked_bundler_version
|
355
|
+
if @locked_bundler_version && @locked_bundler_version < Gem::Version.new(Bundler::VERSION)
|
356
|
+
new_version = Bundler::VERSION
|
357
|
+
end
|
358
|
+
|
359
|
+
new_version || @locked_bundler_version || Bundler::VERSION
|
360
|
+
end
|
361
|
+
|
362
|
+
def locked_ruby_version
|
363
|
+
return unless ruby_version
|
364
|
+
if @unlock[:ruby] || !@locked_ruby_version
|
365
|
+
Bundler::RubyVersion.system
|
366
|
+
else
|
367
|
+
@locked_ruby_version
|
368
|
+
end
|
369
|
+
end
|
370
|
+
|
371
|
+
def locked_ruby_version_object
|
372
|
+
return unless @locked_ruby_version
|
373
|
+
@locked_ruby_version_object ||= begin
|
374
|
+
unless version = RubyVersion.from_string(@locked_ruby_version)
|
375
|
+
raise LockfileError, "The Ruby version #{@locked_ruby_version} from " \
|
376
|
+
"#{@lockfile} could not be parsed. " \
|
377
|
+
"Try running bundle update --ruby to resolve this."
|
378
|
+
end
|
379
|
+
version
|
380
|
+
end
|
381
|
+
end
|
382
|
+
|
383
|
+
def to_lock
|
384
|
+
require "bundler/lockfile_generator"
|
385
|
+
LockfileGenerator.generate(self)
|
386
|
+
end
|
387
|
+
|
388
|
+
def ensure_equivalent_gemfile_and_lockfile(explicit_flag = false)
|
389
|
+
msg = String.new
|
390
|
+
msg << "You are trying to install in deployment mode after changing\n" \
|
391
|
+
"your Gemfile. Run `bundle install` elsewhere and add the\n" \
|
392
|
+
"updated #{Bundler.default_lockfile.relative_path_from(SharedHelpers.pwd)} to version control."
|
393
|
+
|
394
|
+
unless explicit_flag
|
395
|
+
suggested_command = if Bundler.settings.locations("frozen")[:global]
|
396
|
+
"bundle config --delete frozen"
|
397
|
+
elsif Bundler.settings.locations("deployment").keys.&([:global, :local]).any?
|
398
|
+
"bundle config --delete deployment"
|
399
|
+
else
|
400
|
+
"bundle install --no-deployment"
|
401
|
+
end
|
402
|
+
msg << "\n\nIf this is a development machine, remove the #{Bundler.default_gemfile} " \
|
403
|
+
"freeze \nby running `#{suggested_command}`."
|
404
|
+
end
|
405
|
+
|
406
|
+
added = []
|
407
|
+
deleted = []
|
408
|
+
changed = []
|
409
|
+
|
410
|
+
new_platforms = @platforms - @locked_platforms
|
411
|
+
deleted_platforms = @locked_platforms - @platforms
|
412
|
+
added.concat new_platforms.map {|p| "* platform: #{p}" }
|
413
|
+
deleted.concat deleted_platforms.map {|p| "* platform: #{p}" }
|
414
|
+
|
415
|
+
gemfile_sources = sources.lock_sources
|
416
|
+
|
417
|
+
new_sources = gemfile_sources - @locked_sources
|
418
|
+
deleted_sources = @locked_sources - gemfile_sources
|
419
|
+
|
420
|
+
new_deps = @dependencies - @locked_deps.values
|
421
|
+
deleted_deps = @locked_deps.values - @dependencies
|
422
|
+
|
423
|
+
# Check if it is possible that the source is only changed thing
|
424
|
+
if (new_deps.empty? && deleted_deps.empty?) && (!new_sources.empty? && !deleted_sources.empty?)
|
425
|
+
new_sources.reject! {|source| (source.path? && source.path.exist?) || equivalent_rubygems_remotes?(source) }
|
426
|
+
deleted_sources.reject! {|source| (source.path? && source.path.exist?) || equivalent_rubygems_remotes?(source) }
|
427
|
+
end
|
428
|
+
|
429
|
+
if @locked_sources != gemfile_sources
|
430
|
+
if new_sources.any?
|
431
|
+
added.concat new_sources.map {|source| "* source: #{source}" }
|
432
|
+
end
|
433
|
+
|
434
|
+
if deleted_sources.any?
|
435
|
+
deleted.concat deleted_sources.map {|source| "* source: #{source}" }
|
436
|
+
end
|
437
|
+
end
|
438
|
+
|
439
|
+
added.concat new_deps.map {|d| "* #{pretty_dep(d)}" } if new_deps.any?
|
440
|
+
if deleted_deps.any?
|
441
|
+
deleted.concat deleted_deps.map {|d| "* #{pretty_dep(d)}" }
|
442
|
+
end
|
443
|
+
|
444
|
+
both_sources = Hash.new {|h, k| h[k] = [] }
|
445
|
+
@dependencies.each {|d| both_sources[d.name][0] = d }
|
446
|
+
@locked_deps.each {|name, d| both_sources[name][1] = d.source }
|
447
|
+
|
448
|
+
both_sources.each do |name, (dep, lock_source)|
|
449
|
+
next unless (dep.nil? && !lock_source.nil?) || (!dep.nil? && !lock_source.nil? && !lock_source.can_lock?(dep))
|
450
|
+
gemfile_source_name = (dep && dep.source) || "no specified source"
|
451
|
+
lockfile_source_name = lock_source || "no specified source"
|
452
|
+
changed << "* #{name} from `#{gemfile_source_name}` to `#{lockfile_source_name}`"
|
453
|
+
end
|
454
|
+
|
455
|
+
reason = change_reason
|
456
|
+
msg << "\n\n#{reason.split(", ").map(&:capitalize).join("\n")}" unless reason.strip.empty?
|
457
|
+
msg << "\n\nYou have added to the Gemfile:\n" << added.join("\n") if added.any?
|
458
|
+
msg << "\n\nYou have deleted from the Gemfile:\n" << deleted.join("\n") if deleted.any?
|
459
|
+
msg << "\n\nYou have changed in the Gemfile:\n" << changed.join("\n") if changed.any?
|
460
|
+
msg << "\n"
|
461
|
+
|
462
|
+
raise ProductionError, msg if added.any? || deleted.any? || changed.any? || !nothing_changed?
|
463
|
+
end
|
464
|
+
|
465
|
+
def validate_runtime!
|
466
|
+
validate_ruby!
|
467
|
+
validate_platforms!
|
468
|
+
end
|
469
|
+
|
470
|
+
def validate_ruby!
|
471
|
+
return unless ruby_version
|
472
|
+
|
473
|
+
if diff = ruby_version.diff(Bundler::RubyVersion.system)
|
474
|
+
problem, expected, actual = diff
|
475
|
+
|
476
|
+
msg = case problem
|
477
|
+
when :engine
|
478
|
+
"Your Ruby engine is #{actual}, but your Gemfile specified #{expected}"
|
479
|
+
when :version
|
480
|
+
"Your Ruby version is #{actual}, but your Gemfile specified #{expected}"
|
481
|
+
when :engine_version
|
482
|
+
"Your #{Bundler::RubyVersion.system.engine} version is #{actual}, but your Gemfile specified #{ruby_version.engine} #{expected}"
|
483
|
+
when :patchlevel
|
484
|
+
if !expected.is_a?(String)
|
485
|
+
"The Ruby patchlevel in your Gemfile must be a string"
|
486
|
+
else
|
487
|
+
"Your Ruby patchlevel is #{actual}, but your Gemfile specified #{expected}"
|
488
|
+
end
|
489
|
+
end
|
490
|
+
|
491
|
+
raise RubyVersionMismatch, msg
|
492
|
+
end
|
493
|
+
end
|
494
|
+
|
495
|
+
def validate_platforms!
|
496
|
+
return if @platforms.any? do |bundle_platform|
|
497
|
+
Bundler.rubygems.platforms.any? do |local_platform|
|
498
|
+
MatchPlatform.platforms_match?(bundle_platform, local_platform)
|
499
|
+
end
|
500
|
+
end
|
501
|
+
|
502
|
+
raise ProductionError, "Your bundle only supports platforms #{@platforms.map(&:to_s)} " \
|
503
|
+
"but your local platforms are #{Bundler.rubygems.platforms.map(&:to_s)}, and " \
|
504
|
+
"there's no compatible match between those two lists."
|
505
|
+
end
|
506
|
+
|
507
|
+
def add_platform(platform)
|
508
|
+
@new_platform ||= !@platforms.include?(platform)
|
509
|
+
@platforms |= [platform]
|
510
|
+
end
|
511
|
+
|
512
|
+
def remove_platform(platform)
|
513
|
+
return if @platforms.delete(Gem::Platform.new(platform))
|
514
|
+
raise InvalidOption, "Unable to remove the platform `#{platform}` since the only platforms are #{@platforms.join ", "}"
|
515
|
+
end
|
516
|
+
|
517
|
+
def add_current_platform
|
518
|
+
current_platform = Bundler.local_platform
|
519
|
+
add_platform(current_platform) if Bundler.feature_flag.specific_platform?
|
520
|
+
add_platform(generic(current_platform))
|
521
|
+
end
|
522
|
+
|
523
|
+
def find_resolved_spec(current_spec)
|
524
|
+
specs.find_by_name_and_platform(current_spec.name, current_spec.platform)
|
525
|
+
end
|
526
|
+
|
527
|
+
def find_indexed_specs(current_spec)
|
528
|
+
index[current_spec.name].select {|spec| spec.match_platform(current_spec.platform) }.sort_by(&:version)
|
529
|
+
end
|
530
|
+
|
531
|
+
attr_reader :sources
|
532
|
+
private :sources
|
533
|
+
|
534
|
+
def nothing_changed?
|
535
|
+
!@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@locked_specs_incomplete_for_platform
|
536
|
+
end
|
537
|
+
|
538
|
+
def unlocking?
|
539
|
+
@unlocking
|
540
|
+
end
|
541
|
+
|
542
|
+
private
|
543
|
+
|
544
|
+
def change_reason
|
545
|
+
if unlocking?
|
546
|
+
unlock_reason = @unlock.reject {|_k, v| Array(v).empty? }.map do |k, v|
|
547
|
+
if v == true
|
548
|
+
k.to_s
|
549
|
+
else
|
550
|
+
v = Array(v)
|
551
|
+
"#{k}: (#{v.join(", ")})"
|
552
|
+
end
|
553
|
+
end.join(", ")
|
554
|
+
return "bundler is unlocking #{unlock_reason}"
|
555
|
+
end
|
556
|
+
[
|
557
|
+
[@source_changes, "the list of sources changed"],
|
558
|
+
[@dependency_changes, "the dependencies in your gemfile changed"],
|
559
|
+
[@new_platform, "you added a new platform to your gemfile"],
|
560
|
+
[@path_changes, "the gemspecs for path gems changed"],
|
561
|
+
[@local_changes, "the gemspecs for git local gems changed"],
|
562
|
+
[@locked_specs_incomplete_for_platform, "the lockfile does not have all gems needed for the current platform"],
|
563
|
+
].select(&:first).map(&:last).join(", ")
|
564
|
+
end
|
565
|
+
|
566
|
+
def pretty_dep(dep, source = false)
|
567
|
+
SharedHelpers.pretty_dependency(dep, source)
|
568
|
+
end
|
569
|
+
|
570
|
+
# Check if the specs of the given source changed
|
571
|
+
# according to the locked source.
|
572
|
+
def specs_changed?(source)
|
573
|
+
locked = @locked_sources.find {|s| s == source }
|
574
|
+
|
575
|
+
!locked || dependencies_for_source_changed?(source, locked) || specs_for_source_changed?(source)
|
576
|
+
end
|
577
|
+
|
578
|
+
def dependencies_for_source_changed?(source, locked_source = source)
|
579
|
+
deps_for_source = @dependencies.select {|s| s.source == source }
|
580
|
+
locked_deps_for_source = @locked_deps.values.select {|dep| dep.source == locked_source }
|
581
|
+
|
582
|
+
Set.new(deps_for_source) != Set.new(locked_deps_for_source)
|
583
|
+
end
|
584
|
+
|
585
|
+
def specs_for_source_changed?(source)
|
586
|
+
locked_index = Index.new
|
587
|
+
locked_index.use(@locked_specs.select {|s| source.can_lock?(s) })
|
588
|
+
|
589
|
+
# order here matters, since Index#== is checking source.specs.include?(locked_index)
|
590
|
+
locked_index != source.specs
|
591
|
+
rescue PathError, GitError => e
|
592
|
+
Bundler.ui.debug "Assuming that #{source} has not changed since fetching its specs errored (#{e})"
|
593
|
+
false
|
594
|
+
end
|
595
|
+
|
596
|
+
# Get all locals and override their matching sources.
|
597
|
+
# Return true if any of the locals changed (for example,
|
598
|
+
# they point to a new revision) or depend on new specs.
|
599
|
+
def converge_locals
|
600
|
+
locals = []
|
601
|
+
|
602
|
+
Bundler.settings.local_overrides.map do |k, v|
|
603
|
+
spec = @dependencies.find {|s| s.name == k }
|
604
|
+
source = spec && spec.source
|
605
|
+
if source && source.respond_to?(:local_override!)
|
606
|
+
source.unlock! if @unlock[:gems].include?(spec.name)
|
607
|
+
locals << [source, source.local_override!(v)]
|
608
|
+
end
|
609
|
+
end
|
610
|
+
|
611
|
+
sources_with_changes = locals.select do |source, changed|
|
612
|
+
changed || specs_changed?(source)
|
613
|
+
end.map(&:first)
|
614
|
+
!sources_with_changes.each {|source| @unlock[:sources] << source.name }.empty?
|
615
|
+
end
|
616
|
+
|
617
|
+
def converge_paths
|
618
|
+
sources.path_sources.any? do |source|
|
619
|
+
specs_changed?(source)
|
620
|
+
end
|
621
|
+
end
|
622
|
+
|
623
|
+
def converge_path_source_to_gemspec_source(source)
|
624
|
+
return source unless source.instance_of?(Source::Path)
|
625
|
+
gemspec_source = sources.path_sources.find {|s| s.is_a?(Source::Gemspec) && s.as_path_source == source }
|
626
|
+
gemspec_source || source
|
627
|
+
end
|
628
|
+
|
629
|
+
def converge_path_sources_to_gemspec_sources
|
630
|
+
@locked_sources.map! do |source|
|
631
|
+
converge_path_source_to_gemspec_source(source)
|
632
|
+
end
|
633
|
+
@locked_specs.each do |spec|
|
634
|
+
spec.source &&= converge_path_source_to_gemspec_source(spec.source)
|
635
|
+
end
|
636
|
+
@locked_deps.each do |_, dep|
|
637
|
+
dep.source &&= converge_path_source_to_gemspec_source(dep.source)
|
638
|
+
end
|
639
|
+
end
|
640
|
+
|
641
|
+
def converge_rubygems_sources
|
642
|
+
return false if Bundler.feature_flag.lockfile_uses_separate_rubygems_sources?
|
643
|
+
|
644
|
+
changes = false
|
645
|
+
|
646
|
+
# Get the RubyGems sources from the Gemfile.lock
|
647
|
+
locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
|
648
|
+
# Get the RubyGems remotes from the Gemfile
|
649
|
+
actual_remotes = sources.rubygems_remotes
|
650
|
+
|
651
|
+
# If there is a RubyGems source in both
|
652
|
+
if !locked_gem_sources.empty? && !actual_remotes.empty?
|
653
|
+
locked_gem_sources.each do |locked_gem|
|
654
|
+
# Merge the remotes from the Gemfile into the Gemfile.lock
|
655
|
+
changes |= locked_gem.replace_remotes(actual_remotes, Bundler.settings[:allow_deployment_source_credential_changes])
|
656
|
+
end
|
657
|
+
end
|
658
|
+
|
659
|
+
changes
|
660
|
+
end
|
661
|
+
|
662
|
+
def converge_sources
|
663
|
+
changes = false
|
664
|
+
|
665
|
+
changes |= converge_rubygems_sources
|
666
|
+
|
667
|
+
# Replace the sources from the Gemfile with the sources from the Gemfile.lock,
|
668
|
+
# if they exist in the Gemfile.lock and are `==`. If you can't find an equivalent
|
669
|
+
# source in the Gemfile.lock, use the one from the Gemfile.
|
670
|
+
changes |= sources.replace_sources!(@locked_sources)
|
671
|
+
|
672
|
+
sources.all_sources.each do |source|
|
673
|
+
# If the source is unlockable and the current command allows an unlock of
|
674
|
+
# the source (for example, you are doing a `bundle update <foo>` of a git-pinned
|
675
|
+
# gem), unlock it. For git sources, this means to unlock the revision, which
|
676
|
+
# will cause the `ref` used to be the most recent for the branch (or master) if
|
677
|
+
# an explicit `ref` is not used.
|
678
|
+
if source.respond_to?(:unlock!) && @unlock[:sources].include?(source.name)
|
679
|
+
source.unlock!
|
680
|
+
changes = true
|
681
|
+
end
|
682
|
+
end
|
683
|
+
|
684
|
+
changes
|
685
|
+
end
|
686
|
+
|
687
|
+
def converge_dependencies
|
688
|
+
frozen = Bundler.frozen_bundle?
|
689
|
+
(@dependencies + @locked_deps.values).each do |dep|
|
690
|
+
locked_source = @locked_deps[dep.name]
|
691
|
+
# This is to make sure that if bundler is installing in deployment mode and
|
692
|
+
# after locked_source and sources don't match, we still use locked_source.
|
693
|
+
if frozen && !locked_source.nil? &&
|
694
|
+
locked_source.respond_to?(:source) && locked_source.source.instance_of?(Source::Path) && locked_source.source.path.exist?
|
695
|
+
dep.source = locked_source.source
|
696
|
+
elsif dep.source
|
697
|
+
dep.source = sources.get(dep.source)
|
698
|
+
end
|
699
|
+
if dep.source.is_a?(Source::Gemspec)
|
700
|
+
dep.platforms.concat(@platforms.map {|p| Dependency::REVERSE_PLATFORM_MAP[p] }.flatten(1)).uniq!
|
701
|
+
end
|
702
|
+
end
|
703
|
+
|
704
|
+
changes = false
|
705
|
+
# We want to know if all match, but don't want to check all entries
|
706
|
+
# This means we need to return false if any dependency doesn't match
|
707
|
+
# the lock or doesn't exist in the lock.
|
708
|
+
@dependencies.each do |dependency|
|
709
|
+
unless locked_dep = @locked_deps[dependency.name]
|
710
|
+
changes = true
|
711
|
+
next
|
712
|
+
end
|
713
|
+
|
714
|
+
# Gem::Dependency#== matches Gem::Dependency#type. As the lockfile
|
715
|
+
# doesn't carry a notion of the dependency type, if you use
|
716
|
+
# add_development_dependency in a gemspec that's loaded with the gemspec
|
717
|
+
# directive, the lockfile dependencies and resolved dependencies end up
|
718
|
+
# with a mismatch on #type. Work around that by setting the type on the
|
719
|
+
# dep from the lockfile.
|
720
|
+
locked_dep.instance_variable_set(:@type, dependency.type)
|
721
|
+
|
722
|
+
# We already know the name matches from the hash lookup
|
723
|
+
# so we only need to check the requirement now
|
724
|
+
changes ||= dependency.requirement != locked_dep.requirement
|
725
|
+
end
|
726
|
+
|
727
|
+
changes
|
728
|
+
end
|
729
|
+
|
730
|
+
# Remove elements from the locked specs that are expired. This will most
|
731
|
+
# commonly happen if the Gemfile has changed since the lockfile was last
|
732
|
+
# generated
|
733
|
+
def converge_locked_specs
|
734
|
+
deps = []
|
735
|
+
|
736
|
+
# Build a list of dependencies that are the same in the Gemfile
|
737
|
+
# and Gemfile.lock. If the Gemfile modified a dependency, but
|
738
|
+
# the gem in the Gemfile.lock still satisfies it, this is fine
|
739
|
+
# too.
|
740
|
+
@dependencies.each do |dep|
|
741
|
+
locked_dep = @locked_deps[dep.name]
|
742
|
+
|
743
|
+
# If the locked_dep doesn't match the dependency we're looking for then we ignore the locked_dep
|
744
|
+
locked_dep = nil unless locked_dep == dep
|
745
|
+
|
746
|
+
if in_locked_deps?(dep, locked_dep) || satisfies_locked_spec?(dep)
|
747
|
+
deps << dep
|
748
|
+
elsif dep.source.is_a?(Source::Path) && dep.current_platform? && (!locked_dep || dep.source != locked_dep.source)
|
749
|
+
@locked_specs.each do |s|
|
750
|
+
@unlock[:gems] << s.name if s.source == dep.source
|
751
|
+
end
|
752
|
+
|
753
|
+
dep.source.unlock! if dep.source.respond_to?(:unlock!)
|
754
|
+
dep.source.specs.each {|s| @unlock[:gems] << s.name }
|
755
|
+
end
|
756
|
+
end
|
757
|
+
|
758
|
+
unlock_source_unlocks_spec = Bundler.feature_flag.unlock_source_unlocks_spec?
|
759
|
+
|
760
|
+
converged = []
|
761
|
+
@locked_specs.each do |s|
|
762
|
+
# Replace the locked dependency's source with the equivalent source from the Gemfile
|
763
|
+
dep = @dependencies.find {|d| s.satisfies?(d) }
|
764
|
+
s.source = (dep && dep.source) || sources.get(s.source)
|
765
|
+
|
766
|
+
# Don't add a spec to the list if its source is expired. For example,
|
767
|
+
# if you change a Git gem to RubyGems.
|
768
|
+
next if s.source.nil?
|
769
|
+
next if @unlock[:sources].include?(s.source.name)
|
770
|
+
|
771
|
+
# XXX This is a backwards-compatibility fix to preserve the ability to
|
772
|
+
# unlock a single gem by passing its name via `--source`. See issue #3759
|
773
|
+
# TODO: delete in Bundler 2
|
774
|
+
next if unlock_source_unlocks_spec && @unlock[:sources].include?(s.name)
|
775
|
+
|
776
|
+
# If the spec is from a path source and it doesn't exist anymore
|
777
|
+
# then we unlock it.
|
778
|
+
|
779
|
+
# Path sources have special logic
|
780
|
+
if s.source.instance_of?(Source::Path) || s.source.instance_of?(Source::Gemspec)
|
781
|
+
other_sources_specs = begin
|
782
|
+
s.source.specs
|
783
|
+
rescue PathError, GitError
|
784
|
+
# if we won't need the source (according to the lockfile),
|
785
|
+
# don't error if the path/git source isn't available
|
786
|
+
next if @locked_specs.
|
787
|
+
for(requested_dependencies, [], false, true, false).
|
788
|
+
none? {|locked_spec| locked_spec.source == s.source }
|
789
|
+
|
790
|
+
raise
|
791
|
+
end
|
792
|
+
|
793
|
+
other = other_sources_specs[s].first
|
794
|
+
|
795
|
+
# If the spec is no longer in the path source, unlock it. This
|
796
|
+
# commonly happens if the version changed in the gemspec
|
797
|
+
next unless other
|
798
|
+
|
799
|
+
deps2 = other.dependencies.select {|d| d.type != :development }
|
800
|
+
runtime_dependencies = s.dependencies.select {|d| d.type != :development }
|
801
|
+
# If the dependencies of the path source have changed, unlock it
|
802
|
+
next unless runtime_dependencies.sort == deps2.sort
|
803
|
+
end
|
804
|
+
|
805
|
+
converged << s
|
806
|
+
end
|
807
|
+
|
808
|
+
resolve = SpecSet.new(converged)
|
809
|
+
expanded_deps = expand_dependencies(deps, true)
|
810
|
+
@locked_specs_incomplete_for_platform = !resolve.for(expanded_deps, @unlock[:gems], true, true)
|
811
|
+
resolve = resolve.for(expanded_deps, @unlock[:gems], false, false, false)
|
812
|
+
diff = nil
|
813
|
+
|
814
|
+
# Now, we unlock any sources that do not have anymore gems pinned to it
|
815
|
+
sources.all_sources.each do |source|
|
816
|
+
next unless source.respond_to?(:unlock!)
|
817
|
+
|
818
|
+
unless resolve.any? {|s| s.source == source }
|
819
|
+
diff ||= @locked_specs.to_a - resolve.to_a
|
820
|
+
source.unlock! if diff.any? {|s| s.source == source }
|
821
|
+
end
|
822
|
+
end
|
823
|
+
|
824
|
+
resolve
|
825
|
+
end
|
826
|
+
|
827
|
+
def in_locked_deps?(dep, locked_dep)
|
828
|
+
# Because the lockfile can't link a dep to a specific remote, we need to
|
829
|
+
# treat sources as equivalent anytime the locked dep has all the remotes
|
830
|
+
# that the Gemfile dep does.
|
831
|
+
locked_dep && locked_dep.source && dep.source && locked_dep.source.include?(dep.source)
|
832
|
+
end
|
833
|
+
|
834
|
+
def satisfies_locked_spec?(dep)
|
835
|
+
@locked_specs[dep].any? {|s| s.satisfies?(dep) && (!dep.source || s.source.include?(dep.source)) }
|
836
|
+
end
|
837
|
+
|
838
|
+
# This list of dependencies is only used in #resolve, so it's OK to add
|
839
|
+
# the metadata dependencies here
|
840
|
+
def expanded_dependencies
|
841
|
+
@expanded_dependencies ||= begin
|
842
|
+
expand_dependencies(dependencies + metadata_dependencies, @remote)
|
843
|
+
end
|
844
|
+
end
|
845
|
+
|
846
|
+
def metadata_dependencies
|
847
|
+
@metadata_dependencies ||= begin
|
848
|
+
ruby_versions = concat_ruby_version_requirements(@ruby_version)
|
849
|
+
if ruby_versions.empty? || !@ruby_version.exact?
|
850
|
+
concat_ruby_version_requirements(RubyVersion.system)
|
851
|
+
concat_ruby_version_requirements(locked_ruby_version_object) unless @unlock[:ruby]
|
852
|
+
end
|
853
|
+
[
|
854
|
+
Dependency.new("ruby\0", ruby_versions),
|
855
|
+
Dependency.new("rubygems\0", Gem::VERSION),
|
856
|
+
]
|
857
|
+
end
|
858
|
+
end
|
859
|
+
|
860
|
+
def concat_ruby_version_requirements(ruby_version, ruby_versions = [])
|
861
|
+
return ruby_versions unless ruby_version
|
862
|
+
if ruby_version.patchlevel
|
863
|
+
ruby_versions << ruby_version.to_gem_version_with_patchlevel
|
864
|
+
else
|
865
|
+
ruby_versions.concat(ruby_version.versions.map do |version|
|
866
|
+
requirement = Gem::Requirement.new(version)
|
867
|
+
if requirement.exact?
|
868
|
+
"~> #{version}.0"
|
869
|
+
else
|
870
|
+
requirement
|
871
|
+
end
|
872
|
+
end)
|
873
|
+
end
|
874
|
+
end
|
875
|
+
|
876
|
+
def expand_dependencies(dependencies, remote = false)
|
877
|
+
sorted_platforms = Resolver.sort_platforms(@platforms)
|
878
|
+
deps = []
|
879
|
+
dependencies.each do |dep|
|
880
|
+
dep = Dependency.new(dep, ">= 0") unless dep.respond_to?(:name)
|
881
|
+
next if !remote && !dep.current_platform?
|
882
|
+
platforms = dep.gem_platforms(sorted_platforms)
|
883
|
+
if platforms.empty?
|
884
|
+
mapped_platforms = dep.platforms.map {|p| Dependency::PLATFORM_MAP[p] }
|
885
|
+
Bundler.ui.warn \
|
886
|
+
"The dependency #{dep} will be unused by any of the platforms Bundler is installing for. " \
|
887
|
+
"Bundler is installing for #{@platforms.join ", "} but the dependency " \
|
888
|
+
"is only for #{mapped_platforms.join ", "}. " \
|
889
|
+
"To add those platforms to the bundle, " \
|
890
|
+
"run `bundle lock --add-platform #{mapped_platforms.join " "}`."
|
891
|
+
end
|
892
|
+
platforms.each do |p|
|
893
|
+
deps << DepProxy.new(dep, p) if remote || p == generic_local_platform
|
894
|
+
end
|
895
|
+
end
|
896
|
+
deps
|
897
|
+
end
|
898
|
+
|
899
|
+
def requested_dependencies
|
900
|
+
groups = requested_groups
|
901
|
+
groups.map!(&:to_sym)
|
902
|
+
dependencies.reject {|d| !d.should_include? || (d.groups & groups).empty? }
|
903
|
+
end
|
904
|
+
|
905
|
+
def source_requirements
|
906
|
+
# Load all specs from remote sources
|
907
|
+
index
|
908
|
+
|
909
|
+
# Record the specs available in each gem's source, so that those
|
910
|
+
# specs will be available later when the resolver knows where to
|
911
|
+
# look for that gemspec (or its dependencies)
|
912
|
+
default = sources.default_source
|
913
|
+
source_requirements = { :default => default }
|
914
|
+
default = nil unless Bundler.feature_flag.lockfile_uses_separate_rubygems_sources?
|
915
|
+
dependencies.each do |dep|
|
916
|
+
next unless source = dep.source || default
|
917
|
+
source_requirements[dep.name] = source
|
918
|
+
end
|
919
|
+
metadata_dependencies.each do |dep|
|
920
|
+
source_requirements[dep.name] = sources.metadata_source
|
921
|
+
end
|
922
|
+
source_requirements["bundler"] = sources.metadata_source # needs to come last to override
|
923
|
+
source_requirements
|
924
|
+
end
|
925
|
+
|
926
|
+
def pinned_spec_names(skip = nil)
|
927
|
+
pinned_names = []
|
928
|
+
default = Bundler.feature_flag.lockfile_uses_separate_rubygems_sources? && sources.default_source
|
929
|
+
@dependencies.each do |dep|
|
930
|
+
next unless dep_source = dep.source || default
|
931
|
+
next if dep_source == skip
|
932
|
+
pinned_names << dep.name
|
933
|
+
end
|
934
|
+
pinned_names
|
935
|
+
end
|
936
|
+
|
937
|
+
def requested_groups
|
938
|
+
groups - Bundler.settings[:without] - @optional_groups + Bundler.settings[:with]
|
939
|
+
end
|
940
|
+
|
941
|
+
def lockfiles_equal?(current, proposed, preserve_unknown_sections)
|
942
|
+
if preserve_unknown_sections
|
943
|
+
sections_to_ignore = LockfileParser.sections_to_ignore(@locked_bundler_version)
|
944
|
+
sections_to_ignore += LockfileParser.unknown_sections_in_lockfile(current)
|
945
|
+
sections_to_ignore += LockfileParser::ENVIRONMENT_VERSION_SECTIONS
|
946
|
+
pattern = /#{Regexp.union(sections_to_ignore)}\n(\s{2,}.*\n)+/
|
947
|
+
whitespace_cleanup = /\n{2,}/
|
948
|
+
current = current.gsub(pattern, "\n").gsub(whitespace_cleanup, "\n\n").strip
|
949
|
+
proposed = proposed.gsub(pattern, "\n").gsub(whitespace_cleanup, "\n\n").strip
|
950
|
+
end
|
951
|
+
current == proposed
|
952
|
+
end
|
953
|
+
|
954
|
+
def extract_gem_info(error)
|
955
|
+
# This method will extract the error message like "Could not find foo-1.2.3 in any of the sources"
|
956
|
+
# to an array. The first element will be the gem name (e.g. foo), the second will be the version number.
|
957
|
+
error.message.scan(/Could not find (\w+)-(\d+(?:\.\d+)+)/).flatten
|
958
|
+
end
|
959
|
+
|
960
|
+
def compute_requires
|
961
|
+
dependencies.reduce({}) do |requires, dep|
|
962
|
+
next requires unless dep.should_include?
|
963
|
+
requires[dep.name] = Array(dep.autorequire || dep.name).map do |file|
|
964
|
+
# Allow `require: true` as an alias for `require: <name>`
|
965
|
+
file == true ? dep.name : file
|
966
|
+
end
|
967
|
+
requires
|
968
|
+
end
|
969
|
+
end
|
970
|
+
|
971
|
+
def additional_base_requirements_for_resolve
|
972
|
+
return [] unless @locked_gems && Bundler.feature_flag.only_update_to_newer_versions?
|
973
|
+
dependencies_by_name = dependencies.group_by(&:name)
|
974
|
+
@locked_gems.specs.reduce({}) do |requirements, locked_spec|
|
975
|
+
name = locked_spec.name
|
976
|
+
next requirements if @locked_deps[name] != dependencies_by_name[name]
|
977
|
+
dep = Gem::Dependency.new(name, ">= #{locked_spec.version}")
|
978
|
+
requirements[name] = DepProxy.new(dep, locked_spec.platform)
|
979
|
+
requirements
|
980
|
+
end.values
|
981
|
+
end
|
982
|
+
|
983
|
+
def equivalent_rubygems_remotes?(source)
|
984
|
+
return false unless source.is_a?(Source::Rubygems)
|
985
|
+
|
986
|
+
Bundler.settings[:allow_deployment_source_credential_changes] && source.equivalent_remotes?(sources.rubygems_remotes)
|
987
|
+
end
|
988
|
+
end
|
989
|
+
end
|