rubygems-update 2.7.3 → 2.7.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc0054d823436dc260e3e3365622dc5bc173ed4855a2f22fdcaac219929b080e
-  data.tar.gz: 6257d0503e5ca25f0601bec2600de2599c1815014fd866ae040313ded19be794
+  metadata.gz: 05af8c86d4ea15a0d09d4d8611a6aca36d75dc741cdd8e5d86076475ebe8a7de
+  data.tar.gz: a8dfa7a91b938c27adb2227e99bb3160384e5bfe4b0701f54bdda00039f5bedb
 SHA512:
-  metadata.gz: 0041f39fec2a3abb43bf7eca6d3c82f883ca760fb2b4d9b4cc0539d9fa6f3a0f1d80bca636f49ab2960478c921d4b8513e135ae62893c592aa5760d8a2b9226d
-  data.tar.gz: 5a2e0146149449fd9bb43e57efc2d0835e36fddff60a07ff5714d1f9737efe087505ba9fc40d256d155621c131a94f8e487255e17d67c105b46ac86eb6276d2a
+  metadata.gz: 7c7a3afc31fb6b849ad66759acb0df2444867bf0db3f64ec05f7484689cb47bac289429d5a350fa7949a5d2a94090c14fd7eec552b8ea3678e71f4a65bdd11ba
+  data.tar.gz: 77a27d60b8709a0b26872bf616eeb4161cf9c847b0770e74976d631934b4ef88c2d5d2406c36846104361acea894e1b4104921fd286a6540adf17402d85dcecb

data/.travis.yml

@@ -18,41 +18,17 @@ rvm:
 - 1.9.3
 - 2.0.0
 - 2.1.10
-- 2.2.8
-- 2.3.5
-- 2.4.2
+- 2.2.9
+- 2.3.6
+- 2.4.3
+- 2.5.0
 - ruby-head
 env:
   - "TEST_TOOL=rubygems YAML=syck"
   - "TEST_TOOL=rubygems YAML=psych"
   - "TEST_TOOL=bundler RGV=master"
 script:
-- util/ci script
+  - util/ci script
 matrix:
-  exclude:
-    - rvm: 1.8.7
-      env: "TEST_TOOL=rubygems YAML=psych"
-    - rvm: 1.9.2
-      env: "TEST_TOOL=bundler RGV=master"
-    - rvm: 2.0.0
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.1.10
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.2.7
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.3.4
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.4.1
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: ruby-head
-      env: "TEST_TOOL=rubygems YAML=syck"
   allow_failures:
-    - rvm: 1.8.7
-      env: "TEST_TOOL=bundler RGV=master"
-    - rvm: 1.9.3
-      env: "TEST_TOOL=bundler RGV=master"
-    - rvm: 2.0.0
-      env: "TEST_TOOL=bundler RGV=master"
-    - rvm: 2.1.10
-      env: "TEST_TOOL=bundler RGV=master"
-    - rvm: ruby-head
+    - env: "TEST_TOOL=bundler RGV=master"

data/History.txt

@@ -1,5 +1,151 @@
 # coding: UTF-8
 
+=== 2.7.11 / 2020-12-08
+
+Minor enhancements:
+
+* Add GlobalSign Root CA - R3 cert and remove outdated certs. Pull request #4100
+  by Aditya Prakash.
+
+=== 2.7.10 / 2019-06-14
+
+Minor enhancements:
+
+* Fix bundler rubygems binstub not properly looking for bundler. Pull request #2426
+  by David Rodríguez.
+* [BudlerVersionFinder] set .filter! and .compatible? to match only on major versions.
+  Pull request #2515 by Colby Swandale.
++ Update for compatibilty with new minitest. Pull request #2118 by MSP-Greg.
+
+=== 2.7.9 / 2019-03-05
+
+Security fixes:
+
+* Fixed following vulnerabilities:
+  * CVE-2019-8320: Delete directory using symlink when decompressing tar
+  * CVE-2019-8321: Escape sequence injection vulnerability in `verbose`
+  * CVE-2019-8322: Escape sequence injection vulnerability in `gem owner`
+  * CVE-2019-8323: Escape sequence injection vulnerability in API response handling
+  * CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
+  * CVE-2019-8325: Escape sequence injection vulnerability in errors
+
+=== 2.7.8 / 2018-11-02
+
+Minor enhancements:
+
+* [Requirement] Treat requirements with == versions as equal. Pull
+  request #2230 by Samuel Giddins.
+* Fix exec_name documentation. Pull request #2239 by Luis Sagastume.
+* [TarHeader] Extract the empty header into a constant. Pull request #2247
+  by Samuel Giddins.
+* Simplify the code that lets us call the original, non-monkeypatched
+  Kernel#require. Pull request #2267 by Leon Miller-Out.
+* Add install alias documentation. Pull request #2320 by ota42y.
+* [Rakefile] Set bundler build metadata when doing a release. Pull request
+  #2335 by Samuel Giddins.
+* Backport commits from ruby core . Pull request #2347 by SHIBATA Hiroshi.
+* Sign in to the correct host before push. Pull request #2366 by Luis
+  Sagastume.
+* Bump bundler-1.16.4. Pull request #2381 by SHIBATA Hiroshi.
+* Improve bindir flag description. Pull request #2383 by Luis Sagastume.
+* Update bundler-1.16.6. Pull request #2423 by SHIBATA Hiroshi.
+
+Bug fixes:
+
+* Fix #1470: generate documentation when --install-dir is present. Pull
+  request #2229 by Elias Hernandis.
+* Fix no proxy checking. Pull request #2249 by Luis Sagastume.
+* Validate SPDX license exceptions. Pull request #2257 by Mikit.
+* Retry api specification spec with original platform. Pull request #2275
+  by Luis Sagastume.
+* Fix approximate recommendation with prereleases. Pull request #2345 by
+  David Rodríguez.
+* Gem::Version should handle nil like it used to before. Pull request
+  #2363 by Luis Sagastume.
+
+=== 2.7.7 / 2018-05-08
+
+Minor enhancements:
+
+* [RequestSet] Only suggest a gem version with an installable platform.
+  Pull request #2175 by Samuel Giddins.
+* Fixed no assignment variables about default gems installation. Pull
+  request #2181 by SHIBATA Hiroshi.
+* Backport improvements for test-case from Ruby core. Pull request #2189
+  by SHIBATA Hiroshi.
+* Fix ruby warnings in test suite. Pull request #2205 by Colby Swandale.
+* To use Gem::Specification#bindir of bundler instead of hard coded path.
+  Pull request #2208 by SHIBATA Hiroshi.
+* Update gem push --help description. Pull request #2215 by Luis
+  Sagastume.
+* Backport ruby core commits. Pull request #2264 by SHIBATA Hiroshi.
+
+Bug fixes:
+
+* Frozen string fix - lib/rubygems/bundler_version_finder.rb. Pull request
+  #2115 by MSP-Greg.
+* Fixed tempfile leak for RubyGems 2.7.6. Pull request #2194 by SHIBATA
+  Hiroshi.
+* Add missing requires. Pull request #2196 by David Rodríguez.
+* Fix Gem::Version.correct?. Pull request #2203 by Masato Nakamura.
+* Fix verify_entry regex for metadata. Pull request #2212 by Luis
+  Sagastume.
+* Fix path checks for case insensitive filesystem. Pull request #2211 by
+  Lars Kanis.
+
+Compatibility changes:
+
+* Deprecate unused code before removing them at #1524. Pull request #2197
+  by SHIBATA Hiroshi.
+* Deprecate for rubygems 3. Pull request #2214 by SHIBATA Hiroshi.
+* Mark deprecation to `ubygems.rb` for RubyGems 4. Pull request #2269 by
+  SHIBATA Hiroshi.
+* Update bundler-1.16.2. Pull request #2291 by SHIBATA Hiroshi.
+
+=== 2.7.6 / 2018-02-16
+
+Security fixes:
+
+* Prevent path traversal when writing to a symlinked basedir outside of the root.
+  Discovered by nmalkin, fixed by Jonathan Claudius and Samuel Giddins.
+* Fix possible Unsafe Object Deserialization Vulnerability in gem owner.
+  Fixed by Jonathan Claudius.
+* Strictly interpret octal fields in tar headers.
+  Discoved by plover, fixed by Samuel Giddins.
+* Raise a security error when there are duplicate files in a package.
+  Discovered by plover, fixed by Samuel Giddins.
+* Enforce URL validation on spec homepage attribute.
+  Discovered by Yasin Soliman, fixed by Jonathan Claudius.
+* Mitigate XSS vulnerability in homepage attribute when displayed via `gem server`.
+  Discovered by Yasin Soliman, fixed by Jonathan Claudius.
+* Prevent Path Traversal issue during gem installation.
+  Discovered by nmalkin.
+
+=== 2.7.5
+
+Bug fixes:
+
+* To use bundler-1.16.1 #2121 by SHIBATA Hiroshi.
+* Fixed leaked FDs. Pull request #2127 by Nobuyoshi Nakada.
+* Support option for `--destdir` with upgrade installer. #2169 by Thibault Jouan.
+* Remove PID from gem index directory. #2155 by SHIBATA Hiroshi.
+* Avoid a #mkdir race condition #2148 by Samuel Giddins.
+* Gem::Util.traverse_parents should not crash on permissions error #2147 by Robert Ulejczyk.
+* Use `File.open` instead of `open`. #2142 by SHIBATA Hiroshi.
+* Set whether bundler is used for gemdeps with an environmental variable #2126 by SHIBATA Hiroshi.
+* Fix undefined method error when printing alert #1884 by Robert Ross.
+
+=== 2.7.4
+
+Bug fixes:
+
+* Fixed leaked FDs. Pull request #2127 by Nobuyoshi Nakada.
+* Avoid to warnings about gemspec loadings in rubygems tests. Pull request
+  #2125 by SHIBATA Hiroshi.
+* Fix updater with rubygems-2.7.3 Pull request #2124 by SHIBATA Hiroshi.
+* Handle environment that does not have `flock` system call. Pull request
+  #2107 by SHIBATA Hiroshi.
+
 === 2.7.3
 
 Minor enhancements:

data/Manifest.txt

@@ -144,12 +144,12 @@ bundler/lib/bundler/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem
 bundler/lib/bundler/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem
 bundler/lib/bundler/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem
 bundler/lib/bundler/stub_specification.rb
+bundler/lib/bundler/templates/.document
 bundler/lib/bundler/templates/Executable
 bundler/lib/bundler/templates/Executable.bundler
 bundler/lib/bundler/templates/Executable.standalone
 bundler/lib/bundler/templates/Gemfile
 bundler/lib/bundler/templates/gems.rb
-bundler/lib/bundler/templates/newgem/.travis.yml.tt
 bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt
 bundler/lib/bundler/templates/newgem/Gemfile.tt
 bundler/lib/bundler/templates/newgem/LICENSE.txt.tt
@@ -170,6 +170,7 @@ bundler/lib/bundler/templates/newgem/spec/newgem_spec.rb.tt
 bundler/lib/bundler/templates/newgem/spec/spec_helper.rb.tt
 bundler/lib/bundler/templates/newgem/test/newgem_test.rb.tt
 bundler/lib/bundler/templates/newgem/test/test_helper.rb.tt
+bundler/lib/bundler/templates/newgem/travis.yml.tt
 bundler/lib/bundler/ui.rb
 bundler/lib/bundler/ui/rg_proxy.rb
 bundler/lib/bundler/ui/shell.rb
@@ -246,6 +247,7 @@ bundler/man/bundle-binstubs.ronn
 bundler/man/bundle-check.ronn
 bundler/man/bundle-clean.ronn
 bundler/man/bundle-config.ronn
+bundler/man/bundle-doctor.ronn
 bundler/man/bundle-exec.ronn
 bundler/man/bundle-gem.ronn
 bundler/man/bundle-info.ronn
@@ -431,9 +433,8 @@ lib/rubygems/source_specific_file.rb
 lib/rubygems/spec_fetcher.rb
 lib/rubygems/specification.rb
 lib/rubygems/ssl_certs/.document
-lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem
-lib/rubygems/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem
-lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem
+lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem
+lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem
 lib/rubygems/stub_specification.rb
 lib/rubygems/syck_hack.rb
 lib/rubygems/test_case.rb

data/Rakefile

@@ -103,6 +103,13 @@ hoe.testlib      = :minitest
 hoe.test_prelude = <<-RUBY.gsub("\n", ";")
   gem "minitest", "~> 4.0"
   $:.unshift #{File.expand_path("../bundler/lib", __FILE__).dump}
+  if "1.8" < RUBY_VERSION && RUBY_VERSION < "2.2"
+    module Gem
+      @path_to_default_spec_map.delete_if do |_path, spec|
+        spec.name == "bundler"
+      end
+    end
+  end
 RUBY
 
 Rake::Task['docs'].clear
@@ -166,9 +173,9 @@ end
 # --------------------------------------------------------------------
 # Creating a release
 
-task :prerelease => [:clobber, :check_manifest, :test]
+task :prerelease => %w[clobber check_manifest test bundler:build_metadata]
 
-task :postrelease => %w[upload guides:publish blog:publish]
+task :postrelease => %w[bundler:build_metadata:clean upload guides:publish blog:publish]
 
 file "pkg/rubygems-#{v}" => "pkg/rubygems-update-#{v}" do |t|
   require 'find'
@@ -506,4 +513,14 @@ namespace :bundler do
   task :checkout do
     sh "git submodule update --init"
   end
+
+  task :build_metadata do
+    chdir('bundler') { sh "rake build_metadata" }
+  end
+
+  namespace :build_metadata do
+    task :clean do
+      chdir('bundler') { sh "rake build_metadata:clean" }
+    end
+  end
 end

data/bundler/CHANGELOG.md

@@ -1,3 +1,146 @@
+## 1.16.6 (2018-10-05)
+
+Changes:
+
+  - Add an error message when adding a gem with `bundle add` that's already in the bundle ([#6341](https://github.com/bundler/bundler/issues/6341), @agrim123)
+  - Add Homepage, Source Code and Chanagelog URI metadata fields to the `bundle gem` gemspec template (@walf443)
+
+Bugfixes:
+
+  - Fix issue where updating a gem resulted in the gem's version being downgraded when `BUNDLE_ONLY_UPDATE_TO_NEWER_VERSIONS` was set ([#6529](https://github.com/bundler/bundler/issues/6529), @theflow)
+  - Fix some rescue calls that don't specifiy error type (@utilum)
+  - Fix an issue when the Lockfile would contain platform-specific gems that it didn't need ([#6491](https://github.com/bundler/bundler/issues/6491), @segiddins)
+  - Improve handlding of adding new gems with only a single group to the Gemfile in `bundle add` (@agrim123)
+  - Refactor check for OpenSSL in `bundle env` (@voxik)
+  - Remove an unnecessary assignment in Metadata (@voxik)
+
+Documentation:
+
+  - Update docs to reflect revised guidance to check in Gemfile.lock into version control for gems ([#5879](https://github.com/bundler/bundler/issues/5879), @arbonap)
+  - Add documentation for the `--all` flag in `bundle update` (@agrim123)
+  - Update README to use `bundle add` in usage examples (@hdf1986)
+
+## 1.16.5 (2018-09-18)
+
+Changes:
+
+  - Add support for TruffleRuby (@eregon)
+
+Bugfixes:
+
+  - Avoid printing git errors when checking the version on incorrectly packaged versions of Bundler ([#6453](https://github.com/bundler/bundler/issues/6453), @greysteil)
+  - Fix issue where Bundler does not check the given class when comparing equality in DepProxy (@ChrisBr)
+  - Handle `RangeNotSatisfiable` error in Compact Index (@MaxLap)
+  - Check for initialized `search` variable in `LazySpecification` (@voxik)
+  - Fix LoadError occurring in nested bundle exec calls ([#6537](https://github.com/bundler/bundler/issues/6537), @colby-swandale)
+  - Check that Bundler::Deprecate is not an autoload constant ([#6163](https://github.com/bundler/bundler/issues/6163), @eregon)
+  - Prefer non-pre-release versions when performing a `bundle update --patch` ([#6684](https://github.com/bundler/bundler/issues/6684), @segiddins)
+
+## 1.16.4 (2018-08-17)
+
+Changes:
+
+  - Welcome new members to the Bundler core team (@indirect)
+  - Don't mutate original error trees when determining version_conflict_message (@greysteil)
+  - Update vendored Molinillo to 0.6.6 (@segiddins)
+
+Bugfixes:
+
+  - Reword bundle update regression message to be more clear to the user when a gem's version is downgraded ([#6584](https://github.com/bundler/bundler/issues/6584), @ralphbolo)
+  - Respect --conservative flag when updating a dependency group ([#6560](https://github.com/bundler/bundler/issues/6560), @greysteil)
+  - Fix issue where a pre-release version was not being selected when it's specified in the Gemfile ([#6449](https://github.com/bundler/bundler/issues/6449), @akihiro17)
+  - Fix issue where `Etc` was not loaded when getting the user's home dir ([#6640](https://github.com/bundler/bundler/issues/6640), @colby-swandale)
+  - Use UTF-8 for reading files including Gemfile ([#6660](https://github.com/bundler/bundler/issues/6660), @eregon)
+  - Remove unnecessary `while` loop in path resolver helper (@ojab)
+
+Documentation:
+
+  - Document that `bundle show [--paths]` sorts results by name (@kemitchell)
+
+## 1.16.3 (2018-07-17)
+
+Features:
+
+  - Support URI::File of Ruby 2.6 (@hsbt)
+
+Bugfixes:
+
+  - Expand symlinks during setup to allow Bundler to load correctly when using symlinks in $GEM_HOME ([#6465](https://github.com/bundler/bundler/issues/6465), @ojab, @indirect)
+  - Dont let Bundler create temporary folders for gem installs which are owned by root ([#6258](https://github.com/bundler/bundler/issues/6258), @colby-swandale)
+  - Don't fallback to using temporary directories when needed directories already exist ([#6546](https://github.com/bundler/bundler/issues/6546), @brodock)
+  - Use SharedHelpers.filesystem_access when reading a Gemfile so friendly error messages can be given to the user ([#6541](https://github.com/bundler/bundler/issues/6541), @segiddins)
+  - Check if source responds to `#remotes` before printing gem install error message ([#6211](https://github.com/bundler/bundler/issues/6211), @colby-swandale)
+  - Handle Errno::ENOTSUP in the Bundler Process Lock to prevent exceptions when using NFS mounts ([#6566](https://github.com/bundler/bundler/issues/6566), @colby-swandale)
+  - Respect encodings when reading gemspecs ([#6598](https://github.com/bundler/bundler/issues/6598), @deivid-rodriguez)
+
+Documentation:
+
+  - Fix links between manual pages (@BanzaiMan)
+  - Add warning to Gemfile documentation for the use of the `source` option when declaring gems ([#6280](https://github.com/bundler/bundler/issues/6280), @forestgagnon)
+
+## 1.16.2 (2018-04-20)
+
+Changes:
+
+  - Include the gem's source in the gem install error message when available (@papanikge)
+  - Remove unnecessary executable bit from gem template (@voxik)
+  - Dont add the timestamp comment with gems added to the Gemfile via `bundle add` ([#6193](https://github.com/bundler/bundler/issues/6193), @cpgo)
+  - Improve yanked gem error message (@alyssais)
+  - Use `Bundler.rubygems.inflate` instead of the Gem::Util method directly (@segiddins)
+  - Remove unused instance variable (@segiddins)
+
+Bugfixes:
+
+  - Only trap INT signal and have Ruby's signal default handler be invoked (@shayonj)
+  - Fix warning about the use of `__FILE__` in RubyGems integration testing (@MSP-Greg)
+  - Skip the outdated bundler check when MD5 is not available ([#6032](https://github.com/bundler/bundler/issues/6032), @segiddins)
+  - Fallback to the original error if the friendly message raises (@segiddins)
+  - Rename Bundler.frozen? to avoid Object method conflict ([#6252](https://github.com/bundler/bundler/issues/6252), @segiddins)
+  - Ensure the bindir exists before installing gems (@segiddins)
+  - Handle gzip corruption errors in the compact index client ([#6261](https://github.com/bundler/bundler/issues/6261), @colby-swandale)
+  - Check if the current directory is writeable when writing files in `bundle gem` ([#6219](https://github.com/bundler/bundler/issues/6219), @nilsding)
+  - Fix hang when gemspec has incompatible encoding (@deivid-rodriguez)
+  - Gracefully handle when the lockfile is missing spec entries for the current platform ([#6079](https://github.com/bundler/bundler/issues/6079), @segiddins)
+  - Use Gem::Util.inflate instead of Gem.inflate (@hsbt)
+  - Update binstub generator to use new ERB.new arity in Ruby 2.6 (@koic)
+  - Fix `source_location` call in rubygems integration (@MSP-Greg)
+  - Use `filesystem_access` when copying files in Compact Index Updater ([#6289](https://github.com/bundler/bundler/issues/6289), @segiddins)
+  - Fail gracefully when resetting git gems to the given revision fails ([#6324](https://github.com/bundler/bundler/issues/6324), @segiddins)
+  - Handle exceptions that do not have a backtrace ([#6342](https://github.com/bundler/bundler/issues/6342), @nesaulov)
+  - Check if stderr was closed before writing to it (@shime)
+  - Handle updating a specific gem for a non-local platform ([#6350](https://github.com/bundler/bundler/issues/6350), @greysteil)
+  - Bump the `bundle_binstub` check-length to 300 characters (@tduffield)
+  - Fix specifying alterntive Lockfile with `bundle lock` when default gemfile is present  ([#6460](https://github.com/bundler/bundler/issues/6460), @agrim123)
+  - Allow installing dependencies when the path is set to `.`  ([#6475](https://github.com/bundler/bundler/issues/6475), @segiddins)
+  - Support Bundler installing on a readonly filesystem without a home directory ([#6461](https://github.com/bundler/bundler/issues/6461), @grosser)
+  - Filter git uri credentials in source description (@segiddins)
+
+Documentation:
+
+  - Correct typos in `bundle binstubs` man page (@erikj, @samueloph)
+  - Update links in `bundle gem` command documentation to use https (@KrauseFx)
+  - Fix broken links between bundler man pages (@segiddins)
+  - Add man page for the `bundle doctor` command ([#6243](https://github.com/bundler/bundler/issues/6243), @nholden)
+  - Document `# frozen_string_literal` in `bundle init` Gemfile (@315tky)
+  - Explain the gemspec files attribute in `bundle gem` template and print a link to bundler.io guides when running `bundle gem` ([#6246](https://github.com/bundler/bundler/issues/6246), @nesaulov)
+  - Small copy tweaks & removed redundant phrasing in the bundler man page (@rubymorillo)
+  - Improve the documentation of the settings load order in Bundler (@rubymorillo)
+  - Added license info to main README (@rubymorillo)
+  - Document parameters and return value of Injector#inject (@tobias-grasse)
+
+## 1.16.1 (2017-12-12)
+
+Bugfixes:
+
+  - avoid hanging on complex resolver errors ([#6114](https://github.com/bundler/bundler/issues/6114), @halfbyte)
+  - avoid an error when running `bundle update --group` ([#6156](https://github.com/bundler/bundler/issues/6156), @mattbrictson)
+  - ensure the resolver prefers non-pre-release gems when possible ([#6181](https://github.com/bundler/bundler/issues/6181), @greysteil)
+  - include bundler's gemspec in the built gem ([#6165](https://github.com/bundler/bundler/issues/6165), @dr-itz)
+  - ensure locally installed specs are not overriden by those in remote sources during dependency resolution ([#6072](https://github.com/bundler/bundler/issues/6072), @indirect)
+  - ensure custom gemfiles are respected in generated binstubs (@pftg)
+  - fail gracefully when loading a bundler-generated binstub when `bin/bundle` was not generated by bundler ([#6149](https://github.com/bundler/bundler/issues/6149), @hsbt)
+  - allow `bundle init` to be run even when a parent directory contains a gemfile ([#6205](https://github.com/bundler/bundler/issues/6205), @colby-swandale)
+
 ## 1.16.0 (2017-10-31)
 
 Bugfixes:

data/bundler/README.md

@@ -24,7 +24,7 @@ Bundler is most commonly used to manage your application's dependencies. For exa
 
 ```
 bundle init
-echo 'gem "rspec"' >> Gemfile
+bundle add rspec
 bundle install
 bundle exec rspec
 ```
@@ -57,3 +57,7 @@ While some Bundler contributors are compensated by Ruby Together, the project ma
 ### Code of Conduct
 
 Everyone interacting in the Bundler project’s codebases, issue trackers, chat rooms, and mailing lists is expected to follow the [Bundler code of conduct](https://github.com/bundler/bundler/blob/master/CODE_OF_CONDUCT.md).
+
+### License
+
+[MIT License](https://github.com/bundler/bundler/blob/master/LICENSE.md)