RubyGems - rubygems-update - Versions diffs - 3.2.17 → 3.2.21 - Mend

rubygems-update 3.2.17 → 3.2.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (167) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +39 -0
data/Manifest.txt +3 -0
data/Rakefile +6 -6
data/bundler/CHANGELOG.md +54 -0
data/bundler/bundler.gemspec +2 -3
data/bundler/lib/bundler.rb +2 -1
data/bundler/lib/bundler/build_metadata.rb +2 -2
data/bundler/lib/bundler/cli.rb +13 -33
data/bundler/lib/bundler/cli/check.rb +4 -2
data/bundler/lib/bundler/cli/install.rb +6 -7
data/bundler/lib/bundler/cli/outdated.rb +9 -10
data/bundler/lib/bundler/definition.rb +29 -82
data/bundler/lib/bundler/feature_flag.rb +0 -2
data/bundler/lib/bundler/fetcher/compact_index.rb +1 -1
data/bundler/lib/bundler/fetcher/index.rb +0 -1
data/bundler/lib/bundler/friendly_errors.rb +2 -4
data/bundler/lib/bundler/index.rb +1 -2
data/bundler/lib/bundler/installer.rb +1 -8
data/bundler/lib/bundler/man/bundle-add.1 +1 -1
data/bundler/lib/bundler/man/bundle-binstubs.1 +1 -1
data/bundler/lib/bundler/man/bundle-cache.1 +1 -1
data/bundler/lib/bundler/man/bundle-check.1 +1 -1
data/bundler/lib/bundler/man/bundle-clean.1 +1 -1
data/bundler/lib/bundler/man/bundle-config.1 +1 -7
data/bundler/lib/bundler/man/bundle-config.1.ronn +0 -8
data/bundler/lib/bundler/man/bundle-doctor.1 +1 -1
data/bundler/lib/bundler/man/bundle-exec.1 +1 -1
data/bundler/lib/bundler/man/bundle-gem.1 +1 -1
data/bundler/lib/bundler/man/bundle-info.1 +1 -1
data/bundler/lib/bundler/man/bundle-init.1 +1 -1
data/bundler/lib/bundler/man/bundle-inject.1 +1 -1
data/bundler/lib/bundler/man/bundle-install.1 +1 -1
data/bundler/lib/bundler/man/bundle-list.1 +1 -1
data/bundler/lib/bundler/man/bundle-lock.1 +1 -1
data/bundler/lib/bundler/man/bundle-open.1 +1 -1
data/bundler/lib/bundler/man/bundle-outdated.1 +1 -1
data/bundler/lib/bundler/man/bundle-platform.1 +1 -1
data/bundler/lib/bundler/man/bundle-pristine.1 +1 -1
data/bundler/lib/bundler/man/bundle-remove.1 +1 -1
data/bundler/lib/bundler/man/bundle-show.1 +1 -1
data/bundler/lib/bundler/man/bundle-update.1 +1 -1
data/bundler/lib/bundler/man/bundle-viz.1 +1 -1
data/bundler/lib/bundler/man/bundle.1 +1 -1
data/bundler/lib/bundler/man/gemfile.5 +1 -1
data/bundler/lib/bundler/plugin/api/source.rb +14 -0
data/bundler/lib/bundler/resolver.rb +15 -96
data/bundler/lib/bundler/resolver/spec_group.rb +0 -24
data/bundler/lib/bundler/rubygems_ext.rb +2 -2
data/bundler/lib/bundler/rubygems_integration.rb +4 -3
data/bundler/lib/bundler/settings.rb +21 -3
data/bundler/lib/bundler/source.rb +11 -0
data/bundler/lib/bundler/source/rubygems.rb +24 -11
data/bundler/lib/bundler/source/rubygems_aggregate.rb +64 -0
data/bundler/lib/bundler/source_list.rb +35 -10
data/bundler/lib/bundler/source_map.rb +58 -0
data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +2 -2
data/bundler/lib/bundler/version.rb +1 -1
data/lib/rubygems.rb +1 -1
data/lib/rubygems/command.rb +2 -0
data/lib/rubygems/commands/build_command.rb +1 -1
data/lib/rubygems/config_file.rb +1 -1
data/lib/rubygems/ext/ext_conf_builder.rb +4 -4
data/lib/rubygems/installer.rb +4 -0
data/lib/rubygems/request.rb +1 -1
data/lib/rubygems/specification.rb +0 -2
data/lib/rubygems/specification_policy.rb +5 -4
data/lib/rubygems/test_case.rb +106 -18
data/lib/rubygems/util/licenses.rb +107 -2
data/rubygems-update.gemspec +1 -1
data/setup.rb +1 -2
data/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem +0 -0
data/test/rubygems/test_bundled_ca.rb +2 -2
data/test/rubygems/test_deprecate.rb +3 -3
data/test/rubygems/test_gem.rb +33 -31
data/test/rubygems/test_gem_bundler_version_finder.rb +3 -5
data/test/rubygems/test_gem_command.rb +13 -1
data/test/rubygems/test_gem_command_manager.rb +5 -5
data/test/rubygems/test_gem_commands_build_command.rb +10 -10
data/test/rubygems/test_gem_commands_cert_command.rb +36 -36
data/test/rubygems/test_gem_commands_check_command.rb +5 -5
data/test/rubygems/test_gem_commands_cleanup_command.rb +24 -24
data/test/rubygems/test_gem_commands_contents_command.rb +3 -3
data/test/rubygems/test_gem_commands_dependency_command.rb +2 -2
data/test/rubygems/test_gem_commands_environment_command.rb +1 -1
data/test/rubygems/test_gem_commands_fetch_command.rb +9 -9
data/test/rubygems/test_gem_commands_help_command.rb +8 -1
data/test/rubygems/test_gem_commands_install_command.rb +60 -60
data/test/rubygems/test_gem_commands_list_command.rb +1 -1
data/test/rubygems/test_gem_commands_lock_command.rb +1 -1
data/test/rubygems/test_gem_commands_open_command.rb +8 -9
data/test/rubygems/test_gem_commands_owner_command.rb +3 -3
data/test/rubygems/test_gem_commands_pristine_command.rb +14 -14
data/test/rubygems/test_gem_commands_push_command.rb +6 -11
data/test/rubygems/test_gem_commands_query_command.rb +7 -7
data/test/rubygems/test_gem_commands_server_command.rb +2 -2
data/test/rubygems/test_gem_commands_setup_command.rb +21 -21
data/test/rubygems/test_gem_commands_signin_command.rb +13 -6
data/test/rubygems/test_gem_commands_sources_command.rb +5 -5
data/test/rubygems/test_gem_commands_specification_command.rb +6 -6
data/test/rubygems/test_gem_commands_uninstall_command.rb +4 -4
data/test/rubygems/test_gem_commands_unpack_command.rb +2 -2
data/test/rubygems/test_gem_commands_update_command.rb +10 -10
data/test/rubygems/test_gem_commands_which_command.rb +3 -3
data/test/rubygems/test_gem_commands_yank_command.rb +1 -1
data/test/rubygems/test_gem_config_file.rb +9 -9
data/test/rubygems/test_gem_dependency.rb +12 -6
data/test/rubygems/test_gem_dependency_installer.rb +4 -4
data/test/rubygems/test_gem_doctor.rb +30 -30
data/test/rubygems/test_gem_ext_builder.rb +20 -20
data/test/rubygems/test_gem_ext_cmake_builder.rb +4 -4
data/test/rubygems/test_gem_ext_configure_builder.rb +4 -4
data/test/rubygems/test_gem_ext_ext_conf_builder.rb +14 -13
data/test/rubygems/test_gem_ext_rake_builder.rb +1 -1
data/test/rubygems/test_gem_gemcutter_utilities.rb +8 -14
data/test/rubygems/test_gem_install_update_options.rb +9 -9
data/test/rubygems/test_gem_installer.rb +162 -140
data/test/rubygems/test_gem_local_remote_options.rb +1 -1
data/test/rubygems/test_gem_package.rb +48 -48
data/test/rubygems/test_gem_package_old.rb +9 -9
data/test/rubygems/test_gem_package_tar_header.rb +5 -5
data/test/rubygems/test_gem_package_tar_reader_entry.rb +8 -8
data/test/rubygems/test_gem_package_tar_writer.rb +18 -20
data/test/rubygems/test_gem_package_task.rb +2 -2
data/test/rubygems/test_gem_path_support.rb +1 -1
data/test/rubygems/test_gem_rdoc.rb +9 -9
data/test/rubygems/test_gem_remote_fetcher.rb +17 -18
data/test/rubygems/test_gem_request.rb +2 -2
data/test/rubygems/test_gem_request_connection_pools.rb +1 -1
data/test/rubygems/test_gem_request_set.rb +15 -14
data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +16 -16
data/test/rubygems/test_gem_request_set_lockfile.rb +3 -3
data/test/rubygems/test_gem_request_set_lockfile_parser.rb +3 -3
data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +4 -4
data/test/rubygems/test_gem_requirement.rb +13 -13
data/test/rubygems/test_gem_resolver.rb +11 -11
data/test/rubygems/test_gem_resolver_best_set.rb +1 -1
data/test/rubygems/test_gem_resolver_git_set.rb +1 -1
data/test/rubygems/test_gem_resolver_git_specification.rb +2 -2
data/test/rubygems/test_gem_resolver_index_specification.rb +1 -1
data/test/rubygems/test_gem_resolver_installer_set.rb +4 -4
data/test/rubygems/test_gem_resolver_local_specification.rb +1 -1
data/test/rubygems/test_gem_resolver_specification.rb +1 -1
data/test/rubygems/test_gem_resolver_vendor_set.rb +2 -2
data/test/rubygems/test_gem_security.rb +5 -5
data/test/rubygems/test_gem_security_policy.rb +27 -27
data/test/rubygems/test_gem_security_signer.rb +7 -7
data/test/rubygems/test_gem_security_trust_dir.rb +4 -4
data/test/rubygems/test_gem_server.rb +2 -2
data/test/rubygems/test_gem_silent_ui.rb +9 -9
data/test/rubygems/test_gem_source.rb +2 -2
data/test/rubygems/test_gem_source_fetch_problem.rb +1 -1
data/test/rubygems/test_gem_source_git.rb +11 -11
data/test/rubygems/test_gem_source_specific_file.rb +1 -1
data/test/rubygems/test_gem_spec_fetcher.rb +1 -1
data/test/rubygems/test_gem_specification.rb +86 -106
data/test/rubygems/test_gem_stream_ui.rb +1 -1
data/test/rubygems/test_gem_stub_specification.rb +4 -4
data/test/rubygems/test_gem_uninstaller.rb +16 -16
data/test/rubygems/test_gem_util.rb +8 -6
data/test/rubygems/test_gem_version.rb +4 -13
data/test/rubygems/test_kernel.rb +6 -4
data/test/rubygems/test_project_sanity.rb +1 -1
data/test/rubygems/test_remote_fetch_error.rb +1 -1
data/test/rubygems/test_require.rb +12 -14
data/test/test_changelog_generator.rb +1 -2
metadata +6 -3

data/bundler/lib/bundler/resolver/spec_group.rb CHANGED Viewed

@@ -21,14 +21,10 @@ module Bundler
         @version = exemplary_spec.version
         @source = exemplary_spec.source
-        @all_platforms = relevant_platforms
         @activated_platforms = relevant_platforms
         @dependencies = Hash.new do |dependencies, platforms|
           dependencies[platforms] = dependencies_for(platforms)
         end
-        @partitioned_dependency_names = Hash.new do |partitioned_dependency_names, platforms|
-          partitioned_dependency_names[platforms] = partitioned_dependency_names_for(platforms)
-        end
         @specs = specs
       end
@@ -45,14 +41,6 @@ module Bundler
         end.flatten.compact.uniq
       end
-      def activate_platform!(platform)
-        self.activated_platforms = [platform]
-      end
-      def activate_all_platforms!
-        self.activated_platforms = @all_platforms
-      end
       def to_s
         activated_platforms_string = sorted_activated_platforms.join(", ")
         "#{name} (#{version}) (#{activated_platforms_string})"
@@ -62,10 +50,6 @@ module Bundler
         @dependencies[activated_platforms]
       end
-      def partitioned_dependency_names_for_activated_platforms
-        @partitioned_dependency_names[activated_platforms]
-      end
       def ==(other)
         return unless other.is_a?(SpecGroup)
         name == other.name &&
@@ -100,14 +84,6 @@ module Bundler
         end.flatten
       end
-      def partitioned_dependency_names_for(platforms)
-        return @dependencies[platforms].map(&:name), [] if platforms.size == 1
-        @dependencies[platforms].partition do |dep_proxy|
-          @dependencies[platforms].count {|dp| dp.dep == dep_proxy.dep } == platforms.size
-        end.map {|deps| deps.map(&:name) }
-      end
       def __dependencies(platform)
         dependencies = []
         @specs[platform].first.dependencies.each do |dep|

data/bundler/lib/bundler/rubygems_ext.rb CHANGED Viewed

@@ -105,7 +105,7 @@ module Gem
   end
   class Dependency
-    attr_accessor :source, :groups, :all_sources
+    attr_accessor :source, :groups
     alias_method :eql?, :==
@@ -116,7 +116,7 @@ module Gem
     end
     def to_yaml_properties
-      instance_variables.reject {|p| ["@source", "@groups", "@all_sources"].include?(p.to_s) }
+      instance_variables.reject {|p| ["@source", "@groups"].include?(p.to_s) }
     end
     def to_lock

data/bundler/lib/bundler/rubygems_integration.rb CHANGED Viewed

@@ -526,13 +526,14 @@ module Bundler
       Bundler::Retry.new("download gem from #{uri}").attempts do
         fetcher.download(spec, uri, path)
       end
+    rescue Gem::RemoteFetcher::FetchError => e
+      raise Bundler::HTTPError, "Could not download gem from #{uri} due to underlying error <#{e.message}>"
     end
     def gem_remote_fetcher
-      require "resolv"
+      require "rubygems/remote_fetcher"
       proxy = configuration[:http_proxy]
-      dns = Resolv::DNS.new
-      Gem::RemoteFetcher.new(proxy, dns)
+      Gem::RemoteFetcher.new(proxy)
     end
     def gem_from_path(path, policy = nil)

data/bundler/lib/bundler/settings.rb CHANGED Viewed

@@ -16,12 +16,10 @@ module Bundler
       clean
       default_install_uses_path
       deployment
-      deployment_means_frozen
       disable_checksum_validation
       disable_exec_load
       disable_local_branch_check
       disable_local_revision_check
-      disable_multisource
       disable_shared_gems
       disable_version_check
       force_ruby_platform
@@ -211,6 +209,13 @@ module Bundler
       locations
     end
+    def processor_count
+      require "etc"
+      Etc.nprocessors
+    rescue StandardError
+      1
+    end
     # for legacy reasons, in Bundler 2, we do not respect :disable_shared_gems
     def path
       configs.each do |_level, settings|
@@ -443,7 +448,20 @@ module Bundler
         valid_file = file.exist? && !file.size.zero?
         return {} unless valid_file
         require_relative "yaml_serializer"
-        YAMLSerializer.load file.read
+        YAMLSerializer.load(file.read).inject({}) do |config, (k, v)|
+          new_k = k
+          if k.include?("-")
+            Bundler.ui.warn "Your #{file} config includes `#{k}`, which contains the dash character (`-`).\n" \
+              "This is deprecated, because configuration through `ENV` should be possible, but `ENV` keys cannot include dashes.\n" \
+              "Please edit #{file} and replace any dashes in configuration keys with a triple underscore (`___`)."
+            new_k = k.gsub("-", "___")
+          end
+          config[new_k] = v
+          config
+        end
       end
     end

data/bundler/lib/bundler/source.rb CHANGED Viewed

@@ -7,6 +7,7 @@ module Bundler
     autoload :Metadata, File.expand_path("source/metadata", __dir__)
     autoload :Path,     File.expand_path("source/path", __dir__)
     autoload :Rubygems, File.expand_path("source/rubygems", __dir__)
+    autoload :RubygemsAggregate, File.expand_path("source/rubygems_aggregate", __dir__)
     attr_accessor :dependency_names
@@ -35,10 +36,16 @@ module Bundler
     def local!; end
+    def local_only!; end
     def cached!; end
     def remote!; end
+    def add_dependency_names(names)
+      @dependency_names = Array(dependency_names) | Array(names)
+    end
     # it's possible that gems from one source depend on gems from some
     # other source, so now we download gemspecs and iterate over those
     # dependencies, looking for gems we don't have info on yet.
@@ -48,6 +55,10 @@ module Bundler
       specs.dependency_names
     end
+    def spec_names
+      specs.spec_names
+    end
     def include?(other)
       other == self
     end

data/bundler/lib/bundler/source/rubygems.rb CHANGED Viewed

@@ -26,6 +26,12 @@ module Bundler
         Array(options["remotes"]).reverse_each {|r| add_remote(r) }
       end
+      def local_only!
+        @specs = nil
+        @allow_local = true
+        @allow_remote = false
+      end
       def local!
         return if @allow_local
@@ -61,12 +67,12 @@ module Bundler
         o.is_a?(Rubygems) && (o.credless_remotes - credless_remotes).empty?
       end
-      def disable_multisource?
-        @remotes.size <= 1
+      def multiple_remotes?
+        @remotes.size > 1
       end
       def can_lock?(spec)
-        return super if disable_multisource?
+        return super unless multiple_remotes?
         spec.source.is_a?(Rubygems)
       end
@@ -259,8 +265,16 @@ module Bundler
         !equivalent
       end
+      def spec_names
+        if @allow_remote && dependency_api_available?
+          remote_specs.spec_names
+        else
+          []
+        end
+      end
       def unmet_deps
-        if @allow_remote && api_fetchers.any?
+        if @allow_remote && dependency_api_available?
           remote_specs.unmet_dependency_names
         else
           []
@@ -276,7 +290,7 @@ module Bundler
       def double_check_for(unmet_dependency_names)
         return unless @allow_remote
-        return unless api_fetchers.any?
+        return unless dependency_api_available?
         unmet_dependency_names = unmet_dependency_names.call
         unless unmet_dependency_names.nil?
@@ -298,17 +312,20 @@ module Bundler
         remote_specs.each do |spec|
           case spec
           when EndpointSpecification, Gem::Specification, StubSpecification, LazySpecification
-            names.concat(spec.runtime_dependencies)
+            names.concat(spec.runtime_dependencies.map(&:name))
           when RemoteSpecification # from the full index
             return nil
           else
             raise "unhandled spec type (#{spec.inspect})"
           end
         end
-        names.map!(&:name) if names
         names
       end
+      def dependency_api_available?
+        api_fetchers.any?
+      end
       protected
       def credless_remotes
@@ -387,10 +404,6 @@ module Bundler
             next if gemfile =~ /^bundler\-[\d\.]+?\.gem/
             s ||= Bundler.rubygems.spec_from_gem(gemfile)
             s.source = self
-            if Bundler.rubygems.spec_missing_extensions?(s, false)
-              Bundler.ui.debug "Source #{self} is ignoring #{s} because it is missing extensions"
-              next
-            end
             idx << s
           end

data/bundler/lib/bundler/source/rubygems_aggregate.rb ADDED Viewed

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+module Bundler
+  class Source
+    class RubygemsAggregate
+      attr_reader :source_map, :sources
+      def initialize(sources, source_map)
+        @sources = sources
+        @source_map = source_map
+        @index = build_index
+      end
+      def specs
+        @index
+      end
+      def to_s
+        "any of the sources"
+      end
+      private
+      def build_index
+        Index.build do |idx|
+          dependency_names = source_map.pinned_spec_names
+          sources.all_sources.each do |source|
+            source.dependency_names = dependency_names - source_map.pinned_spec_names(source)
+            idx.add_source source.specs
+            dependency_names.concat(source.unmet_deps).uniq!
+          end
+          double_check_for_index(idx, dependency_names)
+        end
+      end
+      # Suppose the gem Foo depends on the gem Bar.  Foo exists in Source A.  Bar has some versions that exist in both
+      # sources A and B.  At this point, the API request will have found all the versions of Bar in source A,
+      # but will not have found any versions of Bar from source B, which is a problem if the requested version
+      # of Foo specifically depends on a version of Bar that is only found in source B. This ensures that for
+      # each spec we found, we add all possible versions from all sources to the index.
+      def double_check_for_index(idx, dependency_names)
+        pinned_names = source_map.pinned_spec_names
+        names = :names # do this so we only have to traverse to get dependency_names from the index once
+        unmet_dependency_names = lambda do
+          return names unless names == :names
+          new_names = sources.all_sources.map(&:dependency_names_to_double_check)
+          return names = nil if new_names.compact!
+          names = new_names.flatten(1).concat(dependency_names)
+          names.uniq!
+          names -= pinned_names
+          names
+        end
+        sources.all_sources.each do |source|
+          source.double_check_for(unmet_dependency_names)
+        end
+      end
+    end
+  end
+end

data/bundler/lib/bundler/source_list.rb CHANGED Viewed

@@ -21,15 +21,19 @@ module Bundler
       @rubygems_sources       = []
       @metadata_source        = Source::Metadata.new
-      @disable_multisource = true
+      @merged_gem_lockfile_sections = false
     end
-    def disable_multisource?
-      @disable_multisource
+    def merged_gem_lockfile_sections?
+      @merged_gem_lockfile_sections
     end
     def merged_gem_lockfile_sections!
-      @disable_multisource = false
+      @merged_gem_lockfile_sections = true
+    end
+    def aggregate_global_source?
+      global_rubygems_source.multiple_remotes?
     end
     def add_path_source(options = {})
@@ -70,7 +74,11 @@ module Bundler
     end
     def rubygems_sources
-      @rubygems_sources + [global_rubygems_source]
+      non_global_rubygems_sources + [global_rubygems_source]
+    end
+    def non_global_rubygems_sources
+      @rubygems_sources
     end
     def rubygems_remotes
@@ -81,16 +89,27 @@ module Bundler
       path_sources + git_sources + plugin_sources + rubygems_sources + [metadata_source]
     end
+    def non_default_explicit_sources
+      all_sources - [default_source, metadata_source]
+    end
     def get(source)
       source_list_for(source).find {|s| equal_source?(source, s) || equivalent_source?(source, s) }
     end
     def lock_sources
-      lock_sources = (path_sources + git_sources + plugin_sources).sort_by(&:to_s)
-      if disable_multisource?
-        lock_sources + rubygems_sources.sort_by(&:to_s).uniq
+      lock_other_sources + lock_rubygems_sources
+    end
+    def lock_other_sources
+      (path_sources + git_sources + plugin_sources).sort_by(&:to_s)
+    end
+    def lock_rubygems_sources
+      if merged_gem_lockfile_sections?
+        [combine_rubygems_sources]
       else
-        lock_sources << combine_rubygems_sources
+        rubygems_sources.sort_by(&:to_s).uniq
       end
     end
@@ -104,7 +123,7 @@ module Bundler
         end
       end
-      replacement_rubygems = !disable_multisource? &&
+      replacement_rubygems = merged_gem_lockfile_sections? &&
         replacement_sources.detect {|s| s.is_a?(Source::Rubygems) }
       @global_rubygems_source = replacement_rubygems if replacement_rubygems
@@ -113,6 +132,10 @@ module Bundler
       false
     end
+    def local_only!
+      all_sources.each(&:local_only!)
+    end
     def cached!
       all_sources.each(&:cached!)
     end
@@ -162,6 +185,8 @@ module Bundler
     end
     def equal_source?(source, other_source)
+      return source.include?(other_source) if source.is_a?(Source::Rubygems) && other_source.is_a?(Source::Rubygems) && !merged_gem_lockfile_sections?
       source == other_source
     end

data/bundler/lib/bundler/source_map.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+module Bundler
+  class SourceMap
+    attr_reader :sources, :dependencies
+    def initialize(sources, dependencies)
+      @sources = sources
+      @dependencies = dependencies
+    end
+    def pinned_spec_names(skip = nil)
+      direct_requirements.reject {|_, source| source == skip }.keys
+    end
+    def all_requirements
+      requirements = direct_requirements.dup
+      unmet_deps = sources.non_default_explicit_sources.map do |source|
+        (source.spec_names - pinned_spec_names).each do |indirect_dependency_name|
+          previous_source = requirements[indirect_dependency_name]
+          if previous_source.nil?
+            requirements[indirect_dependency_name] = source
+          else
+            no_ambiguous_sources = Bundler.feature_flag.bundler_3_mode?
+            msg = ["The gem '#{indirect_dependency_name}' was found in multiple relevant sources."]
+            msg.concat [previous_source, source].map {|s| "  * #{s}" }.sort
+            msg << "You #{no_ambiguous_sources ? :must : :should} add this gem to the source block for the source you wish it to be installed from."
+            msg = msg.join("\n")
+            raise SecurityError, msg if no_ambiguous_sources
+            Bundler.ui.warn "Warning: #{msg}"
+          end
+        end
+        source.unmet_deps
+      end
+      sources.default_source.add_dependency_names(unmet_deps.flatten - requirements.keys)
+      requirements
+    end
+    def direct_requirements
+      @direct_requirements ||= begin
+        requirements = {}
+        default = sources.default_source
+        dependencies.each do |dep|
+          dep_source = dep.source || default
+          dep_source.add_dependency_names(dep.name)
+          requirements[dep.name] = dep_source
+        end
+        requirements
+      end
+    end
+  end
+end