rubygems-update 3.2.10 → 3.2.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +42 -0
  3. data/Manifest.txt +1 -0
  4. data/Rakefile +6 -0
  5. data/bundler/CHANGELOG.md +46 -0
  6. data/bundler/lib/bundler/build_metadata.rb +2 -2
  7. data/bundler/lib/bundler/cli/gem.rb +23 -17
  8. data/bundler/lib/bundler/compact_index_client/updater.rb +1 -1
  9. data/bundler/lib/bundler/definition.rb +6 -13
  10. data/bundler/lib/bundler/dsl.rb +2 -4
  11. data/bundler/lib/bundler/feature_flag.rb +1 -0
  12. data/bundler/lib/bundler/installer.rb +2 -0
  13. data/bundler/lib/bundler/installer/parallel_installer.rb +36 -15
  14. data/bundler/lib/bundler/lazy_specification.rb +6 -1
  15. data/bundler/lib/bundler/lockfile_parser.rb +2 -16
  16. data/bundler/lib/bundler/man/bundle-config.1 +6 -0
  17. data/bundler/lib/bundler/man/bundle-config.1.ronn +8 -0
  18. data/bundler/lib/bundler/plugin/api/source.rb +7 -0
  19. data/bundler/lib/bundler/plugin/installer.rb +1 -2
  20. data/bundler/lib/bundler/plugin/source_list.rb +4 -0
  21. data/bundler/lib/bundler/resolver.rb +19 -17
  22. data/bundler/lib/bundler/rubygems_gem_installer.rb +47 -0
  23. data/bundler/lib/bundler/settings.rb +1 -0
  24. data/bundler/lib/bundler/source.rb +6 -0
  25. data/bundler/lib/bundler/source/metadata.rb +0 -4
  26. data/bundler/lib/bundler/source/path.rb +3 -1
  27. data/bundler/lib/bundler/source/path/installer.rb +1 -1
  28. data/bundler/lib/bundler/source/rubygems.rb +16 -9
  29. data/bundler/lib/bundler/source_list.rb +8 -12
  30. data/bundler/lib/bundler/spec_set.rb +2 -0
  31. data/bundler/lib/bundler/stub_specification.rb +8 -0
  32. data/bundler/lib/bundler/templates/newgem/README.md.tt +5 -3
  33. data/bundler/lib/bundler/version.rb +1 -1
  34. data/lib/rubygems.rb +1 -1
  35. data/lib/rubygems/commands/update_command.rb +21 -3
  36. data/lib/rubygems/config_file.rb +9 -0
  37. data/lib/rubygems/core_ext/tcpsocket_init.rb +52 -0
  38. data/lib/rubygems/remote_fetcher.rb +4 -8
  39. data/lib/rubygems/security/trust_dir.rb +1 -0
  40. data/rubygems-update.gemspec +1 -1
  41. data/test/rubygems/test_gem_commands_update_command.rb +28 -1
  42. data/test/rubygems/test_gem_config_file.rb +10 -0
  43. data/test/rubygems/test_gem_remote_fetcher.rb +38 -0
  44. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e482e0b6b43dc7594405f537f149db6f78314c06e2a15c609f4023951ca0d7d7
4
- data.tar.gz: ac6f951b732cdb60f3164e65d2c46f31c8e04c4bf70d50efc0059ad7f4ae2e6d
3
+ metadata.gz: 12f7d1b385b073b255590e0eee7807d5bb588ab877a9928e5edee6f3701e47b6
4
+ data.tar.gz: 425d632864b300c71cd1d62e9fdd045f94f4a6a088dbfc0a3a29977950958787
5
5
  SHA512:
6
- metadata.gz: db6d0b7178aa13690c92fe513b08c1fb05772866384cf258b2350daa49fe1a635163511306ac2dc3b392a77a751404925478e4cabb61901c1ca46052a993b0cc
7
- data.tar.gz: b545dc793092b3d0b79318763ca84e8cb0e8a91288de8351592cc11b9164930a22320701f0a8ad36051e0b986b65df6b5a400fcf6838e03f31f4e215cf431514
6
+ metadata.gz: ed5579f01a5c0a2d832779331df8900db7e0ed9bc6dc03f6f449ff76f9552f378d771424354629fbc34bd2ace0a9ab486cf79743065ece6d89d832a79383b97a
7
+ data.tar.gz: bf54441188feb5c8388676a46713113097aa978270514a3bcadf12564f8dd50ec671c0067c55727a927e7f6dfac27ce05bf13ba04731a44e749ce8c1b16d0470
data/CHANGELOG.md CHANGED
@@ -1,3 +1,45 @@
1
+ # 3.2.15 / 2021-03-18
2
+
3
+ ## Enhancements:
4
+
5
+ * Prevent downgrades to untested rubygems versions. Pull request #4460 by
6
+ deivid-rodriguez
7
+
8
+ ## Bug fixes:
9
+
10
+ * Fix missing require breaking `gem cert`. Pull request #4464 by lukehinds
11
+
12
+ # 3.2.14 / 2021-03-08
13
+
14
+ ## Enhancements:
15
+
16
+ * Less wrapping of network errors. Pull request #4064 by deivid-rodriguez
17
+
18
+ ## Bug fixes:
19
+
20
+ * Revert addition of support for `musl` variants to restore graceful
21
+ fallback on Alpine. Pull request #4434 by deivid-rodriguez
22
+
23
+ # 3.2.13 / 2021-03-03
24
+
25
+ ## Bug fixes:
26
+
27
+ * Support non-gnu libc linux platforms. Pull request #4082 by lloeki
28
+
29
+ # 3.2.12 / 2021-03-01
30
+
31
+ ## Bug fixes:
32
+
33
+ * Restore the ability to manually install extension gems. Pull request
34
+ #4384 by cfis
35
+
36
+ # 3.2.11 / 2021-02-17
37
+
38
+ ## Enhancements:
39
+
40
+ * Optionally fallback to IPv4 when IPv6 is unreachable. Pull request #2662
41
+ by sonalkr132
42
+
1
43
  # 3.2.10 / 2021-02-15
2
44
 
3
45
  ## Documentation:
data/Manifest.txt CHANGED
@@ -354,6 +354,7 @@ lib/rubygems/config_file.rb
354
354
  lib/rubygems/core_ext/kernel_gem.rb
355
355
  lib/rubygems/core_ext/kernel_require.rb
356
356
  lib/rubygems/core_ext/kernel_warn.rb
357
+ lib/rubygems/core_ext/tcpsocket_init.rb
357
358
  lib/rubygems/defaults.rb
358
359
  lib/rubygems/dependency.rb
359
360
  lib/rubygems/dependency_installer.rb
data/Rakefile CHANGED
@@ -15,6 +15,12 @@ task :update do |_, args|
15
15
  sh "ruby", "bundler/bin/bundle", "update", *args, "--gemfile=dev_gems.rb"
16
16
  end
17
17
 
18
+ desc "Update the locked bundler version in dev environment"
19
+ task :update_locked_bundler do |_, args|
20
+ sh "ruby", "bundler/bin/bundle", "update", "--bundler", "--gemfile=dev_gems.rb"
21
+ sh "ruby", "bundler/bin/bundle", "update", "--bundler", "--gemfile=bundler/test_gems.rb"
22
+ end
23
+
18
24
  desc "Setup git hooks"
19
25
  task :git_hooks do
20
26
  sh "git config core.hooksPath .githooks"
data/bundler/CHANGELOG.md CHANGED
@@ -1,3 +1,49 @@
1
+ # 2.2.15 (March 18, 2021)
2
+
3
+ ## Enhancements:
4
+
5
+ - Add a hint about bundler installing executables for path gems [#4461](https://github.com/rubygems/rubygems/pull/4461)
6
+ - Warn lockfiles with incorrect resolutions [#4459](https://github.com/rubygems/rubygems/pull/4459)
7
+ - Don't generate duplicate redundant sources in the lockfile [#4456](https://github.com/rubygems/rubygems/pull/4456)
8
+
9
+ ## Bug fixes:
10
+
11
+ - Respect running ruby when resolving platforms [#4449](https://github.com/rubygems/rubygems/pull/4449)
12
+
13
+ # 2.2.14 (March 8, 2021)
14
+
15
+ ## Security fixes:
16
+
17
+ - Lock GEM sources separately and fix locally installed specs confusing bundler [#4381](https://github.com/rubygems/rubygems/pull/4381)
18
+
19
+ ## Bug fixes:
20
+
21
+ - Make `rake` available to other gems' installers right after it's installed [#4428](https://github.com/rubygems/rubygems/pull/4428)
22
+ - Fix encoding issue on compact index updater [#4362](https://github.com/rubygems/rubygems/pull/4362)
23
+
24
+ # 2.2.13 (March 3, 2021)
25
+
26
+ ## Enhancements:
27
+
28
+ - Respect user configured default branch in README links in new generated gems [#4303](https://github.com/rubygems/rubygems/pull/4303)
29
+
30
+ ## Bug fixes:
31
+
32
+ - Fix gems sometimes being pulled from irrelevant sources [#4418](https://github.com/rubygems/rubygems/pull/4418)
33
+
34
+ # 2.2.12 (March 1, 2021)
35
+
36
+ ## Bug fixes:
37
+
38
+ - Fix sporadic warnings about `nil` gemspec on install/update and make those faster [#4409](https://github.com/rubygems/rubygems/pull/4409)
39
+ - Fix deployment install with duplicate path gems added to Gemfile [#4410](https://github.com/rubygems/rubygems/pull/4410)
40
+
41
+ # 2.2.11 (February 17, 2021)
42
+
43
+ ## Bug fixes:
44
+
45
+ - Revert disable_multisource changes [#4385](https://github.com/rubygems/rubygems/pull/4385)
46
+
1
47
  # 2.2.10 (February 15, 2021)
2
48
 
3
49
  ## Security fixes:
@@ -4,8 +4,8 @@ module Bundler
4
4
  # Represents metadata from when the Bundler gem was built.
5
5
  module BuildMetadata
6
6
  # begin ivars
7
- @built_at = "2021-02-15".freeze
8
- @git_commit_sha = "cc7c333721".freeze
7
+ @built_at = "2021-03-19".freeze
8
+ @git_commit_sha = "3dbcc68293".freeze
9
9
  @release = true
10
10
  # end ivars
11
11
 
@@ -39,11 +39,11 @@ module Bundler
39
39
  constant_name = name.gsub(/-[_-]*(?![_-]|$)/) { "::" }.gsub(/([_-]+|(::)|^)(.|$)/) { $2.to_s + $3.upcase }
40
40
  constant_array = constant_name.split("::")
41
41
 
42
- git_installed = Bundler.git_present?
42
+ use_git = Bundler.git_present? && options[:git]
43
43
 
44
- git_author_name = git_installed ? `git config user.name`.chomp : ""
45
- github_username = git_installed ? `git config github.user`.chomp : ""
46
- git_user_email = git_installed ? `git config user.email`.chomp : ""
44
+ git_author_name = use_git ? `git config user.name`.chomp : ""
45
+ github_username = use_git ? `git config github.user`.chomp : ""
46
+ git_user_email = use_git ? `git config user.email`.chomp : ""
47
47
 
48
48
  config = {
49
49
  :name => name,
@@ -58,6 +58,7 @@ module Bundler
58
58
  :ext => options[:ext],
59
59
  :exe => options[:exe],
60
60
  :bundler_version => bundler_dependency_version,
61
+ :git => use_git,
61
62
  :github_username => github_username.empty? ? "[USERNAME]" : github_username,
62
63
  :required_ruby_version => Gem.ruby_version < Gem::Version.new("2.4.a") ? "2.3.0" : "2.4.0",
63
64
  }
@@ -79,7 +80,7 @@ module Bundler
79
80
  bin/setup
80
81
  ]
81
82
 
82
- templates.merge!("gitignore.tt" => ".gitignore") if Bundler.git_present?
83
+ templates.merge!("gitignore.tt" => ".gitignore") if use_git
83
84
 
84
85
  if test_framework = ask_and_set_test_framework
85
86
  config[:test] = test_framework
@@ -175,24 +176,31 @@ module Bundler
175
176
  )
176
177
  end
177
178
 
179
+ if File.exist?(target) && !File.directory?(target)
180
+ Bundler.ui.error "Couldn't create a new gem named `#{gem_name}` because there's an existing file named `#{gem_name}`."
181
+ exit Bundler::BundlerError.all_errors[Bundler::GenericSystemCallError]
182
+ end
183
+
184
+ if use_git
185
+ Bundler.ui.info "Initializing git repo in #{target}"
186
+ `git init #{target}`
187
+
188
+ config[:git_default_branch] = File.read("#{target}/.git/HEAD").split("/").last.chomp
189
+ end
190
+
178
191
  templates.each do |src, dst|
179
192
  destination = target.join(dst)
180
- SharedHelpers.filesystem_access(destination) do
181
- thor.template("newgem/#{src}", destination, config)
182
- end
193
+ thor.template("newgem/#{src}", destination, config)
183
194
  end
184
195
 
185
196
  executables.each do |file|
186
- SharedHelpers.filesystem_access(target.join(file)) do |path|
187
- executable = (path.stat.mode | 0o111)
188
- path.chmod(executable)
189
- end
197
+ path = target.join(file)
198
+ executable = (path.stat.mode | 0o111)
199
+ path.chmod(executable)
190
200
  end
191
201
 
192
- if Bundler.git_present? && options[:git]
193
- Bundler.ui.info "Initializing git repo in #{target}"
202
+ if use_git
194
203
  Dir.chdir(target) do
195
- `git init`
196
204
  `git add .`
197
205
  end
198
206
  end
@@ -202,8 +210,6 @@ module Bundler
202
210
 
203
211
  Bundler.ui.info "Gem '#{name}' was successfully created. " \
204
212
  "For more information on making a RubyGem visit https://bundler.io/guides/creating_gem.html"
205
- rescue Errno::EEXIST => e
206
- raise GenericSystemCallError.new(e, "There was a conflict while creating the new gem.")
207
213
  end
208
214
 
209
215
  private
@@ -54,7 +54,7 @@ module Bundler
54
54
  if response.is_a?(Net::HTTPPartialContent) && local_temp_path.size.nonzero?
55
55
  local_temp_path.open("a") {|f| f << slice_body(content, 1..-1) }
56
56
  else
57
- local_temp_path.open("w") {|f| f << content }
57
+ local_temp_path.open("wb") {|f| f << content }
58
58
  end
59
59
  end
60
60
 
@@ -107,16 +107,14 @@ module Bundler
107
107
  end
108
108
 
109
109
  @locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
110
- @disable_multisource = !Bundler.frozen_bundle? || @locked_gem_sources.none? {|s| s.remotes.size > 1 }
110
+ @disable_multisource = @locked_gem_sources.all?(&:disable_multisource?)
111
111
 
112
112
  unless @disable_multisource
113
- msg = "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. " \
114
- "You should regenerate your lockfile in a non frozen environment."
113
+ msg = "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. You should run `bundle update` or generate your lockfile from scratch."
115
114
 
116
115
  Bundler::SharedHelpers.major_deprecation 2, msg
117
116
 
118
- @sources.allow_multisource!
119
- @locked_gem_sources.each(&:allow_multisource!)
117
+ @sources.merged_gem_lockfile_sections!
120
118
  end
121
119
 
122
120
  @unlock[:gems] ||= []
@@ -162,10 +160,6 @@ module Bundler
162
160
  @disable_multisource
163
161
  end
164
162
 
165
- def allow_multisource!
166
- @disable_multisource = false
167
- end
168
-
169
163
  def resolve_with_cache!
170
164
  raise "Specs already loaded" if @specs
171
165
  sources.cached!
@@ -618,7 +612,7 @@ module Bundler
618
612
  deps_for_source = @dependencies.select {|s| s.source == source }
619
613
  locked_deps_for_source = @locked_deps.values.select {|dep| dep.source == locked_source }
620
614
 
621
- deps_for_source.sort != locked_deps_for_source.sort
615
+ deps_for_source.uniq.sort != locked_deps_for_source.sort
622
616
  end
623
617
 
624
618
  def specs_for_source_changed?(source)
@@ -920,7 +914,7 @@ module Bundler
920
914
  metadata_dependencies.each do |dep|
921
915
  source_requirements[dep.name] = sources.metadata_source
922
916
  end
923
- source_requirements[:global] = index unless disable_multisource?
917
+ source_requirements[:global] = index unless Bundler.feature_flag.disable_multisource?
924
918
  source_requirements[:default_bundler] = source_requirements["bundler"] || source_requirements[:default]
925
919
  source_requirements["bundler"] = sources.metadata_source # needs to come last to override
926
920
  source_requirements
@@ -988,10 +982,9 @@ module Bundler
988
982
  def dependency_source_requirements
989
983
  @dependency_source_requirements ||= begin
990
984
  source_requirements = {}
991
- default = disable_multisource? && sources.default_source
985
+ default = sources.default_source
992
986
  dependencies.each do |dep|
993
987
  dep_source = dep.source || default
994
- next unless dep_source
995
988
  source_requirements[dep.name] = dep_source
996
989
  end
997
990
  source_requirements
@@ -453,10 +453,8 @@ repo_name ||= user_name
453
453
  end
454
454
 
455
455
  def check_rubygems_source_safety
456
- if @global_rubygems_sources.size <= 1
457
- @sources.global_rubygems_source = @global_rubygems_sources.first
458
- return
459
- end
456
+ @sources.global_rubygems_source = @global_rubygems_sources.shift
457
+ return if @global_rubygems_sources.empty?
460
458
 
461
459
  @global_rubygems_sources.each do |source|
462
460
  @sources.add_rubygems_remote(source)
@@ -32,6 +32,7 @@ module Bundler
32
32
  settings_flag(:cache_all) { bundler_3_mode? }
33
33
  settings_flag(:default_install_uses_path) { bundler_3_mode? }
34
34
  settings_flag(:deployment_means_frozen) { bundler_3_mode? }
35
+ settings_flag(:disable_multisource) { bundler_3_mode? }
35
36
  settings_flag(:forget_cli_options) { bundler_3_mode? }
36
37
  settings_flag(:global_gem_cache) { bundler_3_mode? }
37
38
  settings_flag(:only_update_to_newer_versions) { bundler_3_mode? }
@@ -89,6 +89,8 @@ module Bundler
89
89
  end
90
90
  install(options)
91
91
 
92
+ Gem::Specification.reset # invalidate gem specification cache so that installed gems are immediately available
93
+
92
94
  lock unless Bundler.frozen_bundle?
93
95
  Standalone.new(options[:standalone], @definition).generate if options[:standalone]
94
96
  end
@@ -6,10 +6,11 @@ require_relative "gem_installer"
6
6
  module Bundler
7
7
  class ParallelInstaller
8
8
  class SpecInstallation
9
- attr_accessor :spec, :name, :post_install_message, :state, :error
9
+ attr_accessor :spec, :name, :full_name, :post_install_message, :state, :error
10
10
  def initialize(spec)
11
11
  @spec = spec
12
12
  @name = spec.name
13
+ @full_name = spec.full_name
13
14
  @state = :none
14
15
  @post_install_message = ""
15
16
  @error = nil
@@ -27,13 +28,8 @@ module Bundler
27
28
  state == :failed
28
29
  end
29
30
 
30
- def installation_attempted?
31
- installed? || failed?
32
- end
33
-
34
- # Only true when spec in neither installed nor already enqueued
35
31
  def ready_to_enqueue?
36
- !enqueued? && !installation_attempted?
32
+ state == :none
37
33
  end
38
34
 
39
35
  def has_post_install_message?
@@ -54,14 +50,11 @@ module Bundler
54
50
  # Represents only the non-development dependencies, the ones that are
55
51
  # itself and are in the total list.
56
52
  def dependencies
57
- @dependencies ||= begin
58
- all_dependencies.reject {|dep| ignorable_dependency? dep }
59
- end
53
+ @dependencies ||= all_dependencies.reject {|dep| ignorable_dependency? dep }
60
54
  end
61
55
 
62
56
  def missing_lockfile_dependencies(all_spec_names)
63
- deps = all_dependencies.reject {|dep| ignorable_dependency? dep }
64
- deps.reject {|dep| all_spec_names.include? dep.name }
57
+ dependencies.reject {|dep| all_spec_names.include? dep.name }
65
58
  end
66
59
 
67
60
  # Represents all dependencies
@@ -70,7 +63,7 @@ module Bundler
70
63
  end
71
64
 
72
65
  def to_s
73
- "#<#{self.class} #{@spec.full_name} (#{state})>"
66
+ "#<#{self.class} #{full_name} (#{state})>"
74
67
  end
75
68
  end
76
69
 
@@ -93,18 +86,48 @@ module Bundler
93
86
  def call
94
87
  check_for_corrupt_lockfile
95
88
 
89
+ if @rake
90
+ do_install(@rake, 0)
91
+ Gem::Specification.reset
92
+ end
93
+
96
94
  if @size > 1
97
95
  install_with_worker
98
96
  else
99
97
  install_serially
100
98
  end
101
99
 
100
+ check_for_unmet_dependencies
101
+
102
102
  handle_error if failed_specs.any?
103
103
  @specs
104
104
  ensure
105
105
  worker_pool && worker_pool.stop
106
106
  end
107
107
 
108
+ def check_for_unmet_dependencies
109
+ unmet_dependencies = @specs.map do |s|
110
+ [
111
+ s,
112
+ s.dependencies.reject {|dep| @specs.any? {|spec| dep.matches_spec?(spec.spec) } },
113
+ ]
114
+ end.reject {|a| a.last.empty? }
115
+ return if unmet_dependencies.empty?
116
+
117
+ warning = []
118
+ warning << "Your lockfile doesn't include a valid resolution."
119
+ warning << "You can fix this by regenerating your lockfile or trying to manually editing the bad locked gems to a version that satisfies all dependencies."
120
+ warning << "The unmet dependencies are:"
121
+
122
+ unmet_dependencies.each do |spec, unmet_spec_dependencies|
123
+ unmet_spec_dependencies.each do |unmet_spec_dependency|
124
+ warning << "* #{unmet_spec_dependency}, depended upon #{spec.full_name}, unsatisfied by #{@specs.find {|s| s.name == unmet_spec_dependency.name && !unmet_spec_dependency.matches_spec?(s.spec) }.full_name}"
125
+ end
126
+ end
127
+
128
+ Bundler.ui.warn(warning.join("\n"))
129
+ end
130
+
108
131
  def check_for_corrupt_lockfile
109
132
  missing_dependencies = @specs.map do |s|
110
133
  [
@@ -217,8 +240,6 @@ module Bundler
217
240
  # are installed.
218
241
  def enqueue_specs
219
242
  @specs.select(&:ready_to_enqueue?).each do |spec|
220
- next if @rake && !@rake.installed? && spec.name != @rake.name
221
-
222
243
  if spec.dependencies_installed? @specs
223
244
  spec.state = :enqueued
224
245
  worker_pool.enq spec
@@ -73,7 +73,12 @@ module Bundler
73
73
  same_platform_candidates = candidates.select do |spec|
74
74
  MatchPlatform.platforms_match?(spec.platform, platform_object)
75
75
  end
76
- search = same_platform_candidates.last || candidates.last
76
+ installable_candidates = same_platform_candidates.select do |spec|
77
+ !spec.is_a?(RemoteSpecification) &&
78
+ spec.required_ruby_version.satisfied_by?(Gem.ruby_version) &&
79
+ spec.required_rubygems_version.satisfied_by?(Gem.rubygems_version)
80
+ end
81
+ search = installable_candidates.last || same_platform_candidates.last
77
82
  search.dependencies = dependencies if search && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification))
78
83
  search
79
84
  end