rubygems-update 3.2.30 → 3.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (203) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +163 -4
  3. data/CONTRIBUTING.md +40 -10
  4. data/Manifest.txt +28 -5
  5. data/POLICIES.md +22 -8
  6. data/README.md +9 -7
  7. data/UPGRADING.md +5 -81
  8. data/bin/gem +1 -6
  9. data/bundler/CHANGELOG.md +86 -0
  10. data/bundler/exe/bundle +7 -8
  11. data/bundler/lib/bundler/build_metadata.rb +2 -2
  12. data/bundler/lib/bundler/cli/doctor.rb +3 -2
  13. data/bundler/lib/bundler/cli/gem.rb +70 -8
  14. data/bundler/lib/bundler/cli/info.rb +6 -1
  15. data/bundler/lib/bundler/cli/install.rb +2 -0
  16. data/bundler/lib/bundler/cli/update.rb +2 -2
  17. data/bundler/lib/bundler/cli.rb +9 -1
  18. data/bundler/lib/bundler/compact_index_client/updater.rb +0 -5
  19. data/bundler/lib/bundler/definition.rb +66 -120
  20. data/bundler/lib/bundler/dependency.rb +5 -7
  21. data/bundler/lib/bundler/dsl.rb +18 -30
  22. data/bundler/lib/bundler/endpoint_specification.rb +0 -8
  23. data/bundler/lib/bundler/environment_preserver.rb +4 -1
  24. data/bundler/lib/bundler/fetcher/compact_index.rb +9 -4
  25. data/bundler/lib/bundler/fetcher.rb +2 -5
  26. data/bundler/lib/bundler/gem_helper.rb +2 -2
  27. data/bundler/lib/bundler/injector.rb +10 -1
  28. data/bundler/lib/bundler/installer/gem_installer.rb +1 -6
  29. data/bundler/lib/bundler/installer.rb +1 -4
  30. data/bundler/lib/bundler/lazy_specification.rb +17 -1
  31. data/bundler/lib/bundler/lockfile_parser.rb +10 -12
  32. data/bundler/lib/bundler/man/bundle-add.1 +10 -2
  33. data/bundler/lib/bundler/man/bundle-add.1.ronn +7 -1
  34. data/bundler/lib/bundler/man/bundle-binstubs.1 +1 -1
  35. data/bundler/lib/bundler/man/bundle-cache.1 +1 -1
  36. data/bundler/lib/bundler/man/bundle-check.1 +1 -1
  37. data/bundler/lib/bundler/man/bundle-clean.1 +1 -1
  38. data/bundler/lib/bundler/man/bundle-config.1 +5 -5
  39. data/bundler/lib/bundler/man/bundle-config.1.ronn +5 -5
  40. data/bundler/lib/bundler/man/bundle-doctor.1 +1 -1
  41. data/bundler/lib/bundler/man/bundle-exec.1 +1 -1
  42. data/bundler/lib/bundler/man/bundle-gem.1 +14 -1
  43. data/bundler/lib/bundler/man/bundle-gem.1.ronn +16 -0
  44. data/bundler/lib/bundler/man/bundle-info.1 +1 -1
  45. data/bundler/lib/bundler/man/bundle-init.1 +1 -1
  46. data/bundler/lib/bundler/man/bundle-inject.1 +1 -1
  47. data/bundler/lib/bundler/man/bundle-install.1 +2 -2
  48. data/bundler/lib/bundler/man/bundle-install.1.ronn +2 -2
  49. data/bundler/lib/bundler/man/bundle-list.1 +1 -1
  50. data/bundler/lib/bundler/man/bundle-lock.1 +1 -1
  51. data/bundler/lib/bundler/man/bundle-open.1 +1 -1
  52. data/bundler/lib/bundler/man/bundle-outdated.1 +1 -1
  53. data/bundler/lib/bundler/man/bundle-platform.1 +1 -1
  54. data/bundler/lib/bundler/man/bundle-pristine.1 +1 -1
  55. data/bundler/lib/bundler/man/bundle-remove.1 +1 -1
  56. data/bundler/lib/bundler/man/bundle-show.1 +1 -1
  57. data/bundler/lib/bundler/man/bundle-update.1 +2 -2
  58. data/bundler/lib/bundler/man/bundle-update.1.ronn +2 -1
  59. data/bundler/lib/bundler/man/bundle-viz.1 +1 -1
  60. data/bundler/lib/bundler/man/bundle.1 +1 -1
  61. data/bundler/lib/bundler/man/gemfile.5 +28 -2
  62. data/bundler/lib/bundler/man/gemfile.5.ronn +9 -1
  63. data/bundler/lib/bundler/plugin/api/source.rb +1 -0
  64. data/bundler/lib/bundler/plugin/installer.rb +1 -1
  65. data/bundler/lib/bundler/process_lock.rb +1 -1
  66. data/bundler/lib/bundler/psyched_yaml.rb +1 -13
  67. data/bundler/lib/bundler/resolver.rb +34 -31
  68. data/bundler/lib/bundler/rubygems_ext.rb +2 -0
  69. data/bundler/lib/bundler/rubygems_integration.rb +11 -48
  70. data/bundler/lib/bundler/runtime.rb +1 -1
  71. data/bundler/lib/bundler/self_manager.rb +73 -0
  72. data/bundler/lib/bundler/shared_helpers.rb +4 -12
  73. data/bundler/lib/bundler/source/git/git_proxy.rb +7 -4
  74. data/bundler/lib/bundler/source/metadata.rb +1 -1
  75. data/bundler/lib/bundler/source/rubygems.rb +17 -13
  76. data/bundler/lib/bundler/source/rubygems_aggregate.rb +1 -1
  77. data/bundler/lib/bundler/source.rb +1 -1
  78. data/bundler/lib/bundler/source_list.rb +7 -29
  79. data/bundler/lib/bundler/spec_set.rb +1 -1
  80. data/bundler/lib/bundler/templates/Executable.bundler +1 -1
  81. data/bundler/lib/bundler/templates/Gemfile +0 -2
  82. data/bundler/lib/bundler/templates/gems.rb +0 -3
  83. data/bundler/lib/bundler/templates/newgem/Gemfile.tt +5 -2
  84. data/bundler/lib/bundler/templates/newgem/Rakefile.tt +15 -2
  85. data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +2 -2
  86. data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +13 -13
  87. data/bundler/lib/bundler/templates/newgem/sig/newgem.rbs.tt +8 -0
  88. data/bundler/lib/bundler/templates/newgem/standard.yml.tt +2 -0
  89. data/bundler/lib/bundler/templates/newgem/test/minitest/{newgem_test.rb.tt → test_newgem.rb.tt} +1 -1
  90. data/bundler/lib/bundler/ui/shell.rb +1 -1
  91. data/bundler/lib/bundler/vendor/.document +1 -0
  92. data/bundler/lib/bundler/vendor/molinillo/lib/molinillo/dependency_graph.rb +2 -2
  93. data/bundler/lib/bundler/vendor/tsort/LICENSE.txt +22 -0
  94. data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +453 -0
  95. data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +17 -80
  96. data/bundler/lib/bundler/vendor/uri/lib/uri/ftp.rb +0 -1
  97. data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +5 -6
  98. data/bundler/lib/bundler/vendor/uri/lib/uri/http.rb +0 -1
  99. data/bundler/lib/bundler/vendor/uri/lib/uri/https.rb +0 -1
  100. data/bundler/lib/bundler/vendor/uri/lib/uri/ldap.rb +1 -1
  101. data/bundler/lib/bundler/vendor/uri/lib/uri/mailto.rb +0 -1
  102. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +1 -14
  103. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +1 -12
  104. data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
  105. data/bundler/lib/bundler/vendor/uri/lib/uri/ws.rb +84 -0
  106. data/bundler/lib/bundler/vendor/uri/lib/uri/wss.rb +22 -0
  107. data/bundler/lib/bundler/vendor/uri/lib/uri.rb +0 -1
  108. data/bundler/lib/bundler/vendored_tsort.rb +4 -0
  109. data/bundler/lib/bundler/version.rb +1 -1
  110. data/bundler/lib/bundler.rb +9 -3
  111. data/hide_lib_for_update/note.txt +0 -4
  112. data/lib/rubygems/command.rb +4 -4
  113. data/lib/rubygems/command_manager.rb +4 -2
  114. data/lib/rubygems/commands/cert_command.rb +6 -6
  115. data/lib/rubygems/commands/fetch_command.rb +1 -1
  116. data/lib/rubygems/commands/install_command.rb +5 -2
  117. data/lib/rubygems/commands/pristine_command.rb +8 -2
  118. data/lib/rubygems/commands/server_command.rb +14 -77
  119. data/lib/rubygems/commands/setup_command.rb +84 -76
  120. data/lib/rubygems/commands/uninstall_command.rb +1 -1
  121. data/lib/rubygems/commands/update_command.rb +10 -5
  122. data/lib/rubygems/defaults.rb +2 -20
  123. data/lib/rubygems/dependency_list.rb +2 -2
  124. data/lib/rubygems/deprecate.rb +53 -6
  125. data/lib/rubygems/exceptions.rb +27 -1
  126. data/lib/rubygems/ext/builder.rb +11 -8
  127. data/lib/rubygems/ext/cmake_builder.rb +1 -1
  128. data/lib/rubygems/install_update_options.rb +13 -4
  129. data/lib/rubygems/installer.rb +46 -27
  130. data/lib/rubygems/local_remote_options.rb +3 -3
  131. data/lib/rubygems/name_tuple.rb +2 -3
  132. data/lib/rubygems/optparse/.document +1 -0
  133. data/lib/rubygems/optparse/COPYING +56 -0
  134. data/lib/rubygems/optparse/lib/optionparser.rb +2 -0
  135. data/lib/rubygems/optparse/lib/optparse/ac.rb +54 -0
  136. data/lib/rubygems/optparse/lib/optparse/date.rb +18 -0
  137. data/lib/rubygems/optparse/lib/optparse/kwargs.rb +22 -0
  138. data/lib/rubygems/optparse/lib/optparse/shellwords.rb +7 -0
  139. data/lib/rubygems/optparse/lib/optparse/time.rb +11 -0
  140. data/lib/rubygems/optparse/lib/optparse/uri.rb +7 -0
  141. data/lib/rubygems/optparse/lib/optparse/version.rb +71 -0
  142. data/lib/rubygems/optparse/lib/optparse.rb +2230 -0
  143. data/lib/rubygems/optparse.rb +3 -0
  144. data/lib/rubygems/path_support.rb +1 -6
  145. data/lib/rubygems/platform.rb +4 -0
  146. data/lib/rubygems/remote_fetcher.rb +1 -1
  147. data/lib/rubygems/request_set.rb +2 -2
  148. data/lib/rubygems/requirement.rb +1 -1
  149. data/lib/rubygems/resolver/installer_set.rb +1 -1
  150. data/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb +2 -2
  151. data/lib/rubygems/security.rb +4 -3
  152. data/lib/rubygems/security_option.rb +3 -3
  153. data/lib/rubygems/source.rb +3 -1
  154. data/lib/rubygems/spec_fetcher.rb +1 -1
  155. data/lib/rubygems/specification.rb +46 -46
  156. data/lib/rubygems/text.rb +21 -20
  157. data/lib/rubygems/tsort/.document +1 -0
  158. data/lib/rubygems/tsort/LICENSE.txt +22 -0
  159. data/lib/rubygems/tsort/lib/tsort.rb +454 -0
  160. data/lib/rubygems/tsort.rb +3 -0
  161. data/lib/rubygems/uninstaller.rb +4 -1
  162. data/lib/rubygems/unknown_command_spell_checker.rb +21 -0
  163. data/lib/rubygems/util/licenses.rb +2 -0
  164. data/lib/rubygems/version.rb +2 -0
  165. data/lib/rubygems/version_option.rb +2 -2
  166. data/lib/rubygems.rb +13 -10
  167. data/rubygems-update.gemspec +1 -1
  168. data/setup.rb +1 -6
  169. data/test/rubygems/encrypted_private_key.pem +26 -26
  170. data/test/rubygems/helper.rb +48 -38
  171. data/test/rubygems/test_config.rb +2 -2
  172. data/test/rubygems/test_exit.rb +11 -0
  173. data/test/rubygems/test_gem.rb +46 -41
  174. data/test/rubygems/test_gem_command.rb +1 -1
  175. data/test/rubygems/test_gem_command_manager.rb +28 -2
  176. data/test/rubygems/test_gem_commands_cert_command.rb +8 -8
  177. data/test/rubygems/test_gem_commands_fetch_command.rb +36 -0
  178. data/test/rubygems/test_gem_commands_open_command.rb +1 -1
  179. data/test/rubygems/test_gem_commands_server_command.rb +4 -46
  180. data/test/rubygems/test_gem_commands_setup_command.rb +67 -19
  181. data/test/rubygems/test_gem_commands_signin_command.rb +1 -1
  182. data/test/rubygems/test_gem_commands_uninstall_command.rb +1 -1
  183. data/test/rubygems/test_gem_commands_update_command.rb +2 -2
  184. data/test/rubygems/test_gem_commands_yank_command.rb +1 -1
  185. data/test/rubygems/test_gem_ext_ext_conf_builder.rb +7 -3
  186. data/test/rubygems/test_gem_install_update_options.rb +2 -2
  187. data/test/rubygems/test_gem_installer.rb +37 -5
  188. data/test/rubygems/test_gem_path_support.rb +2 -6
  189. data/test/rubygems/test_gem_remote_fetcher.rb +15 -0
  190. data/test/rubygems/test_gem_request.rb +10 -4
  191. data/test/rubygems/test_gem_requirement.rb +0 -1
  192. data/test/rubygems/test_gem_resolver.rb +7 -7
  193. data/test/rubygems/test_gem_security.rb +1 -1
  194. data/test/rubygems/test_gem_specification.rb +27 -25
  195. data/test/rubygems/test_gem_text.rb +6 -0
  196. data/test/rubygems/test_project_sanity.rb +1 -1
  197. data/test/rubygems/test_require.rb +8 -35
  198. data/test/rubygems/test_rubygems.rb +23 -0
  199. metadata +31 -8
  200. data/bundler/lib/bundler/gemdeps.rb +0 -29
  201. data/lib/rubygems/server.rb +0 -882
  202. data/test/rubygems/bogussources.rb +0 -9
  203. data/test/rubygems/test_gem_server.rb +0 -608
@@ -6,6 +6,11 @@ module Bundler
6
6
  class Definition
7
7
  include GemHelpers
8
8
 
9
+ class << self
10
+ # Do not create or modify a lockfile (Makes #lock a noop)
11
+ attr_accessor :no_lock
12
+ end
13
+
9
14
  attr_reader(
10
15
  :dependencies,
11
16
  :locked_deps,
@@ -138,7 +143,7 @@ module Bundler
138
143
  @dependency_changes = converge_dependencies
139
144
  @local_changes = converge_locals
140
145
 
141
- @locked_specs_incomplete_for_platform = !@locked_specs.for(expand_dependencies(requested_dependencies & locked_dependencies), true, true)
146
+ @locked_specs_incomplete_for_platform = !@locked_specs.for(requested_dependencies & expand_dependencies(locked_dependencies), true, true)
142
147
 
143
148
  @requires = compute_requires
144
149
  end
@@ -158,10 +163,6 @@ module Bundler
158
163
  end
159
164
  end
160
165
 
161
- def multisource_allowed?
162
- @multisource_allowed
163
- end
164
-
165
166
  def resolve_only_locally!
166
167
  @remote = false
167
168
  sources.local_only!
@@ -234,16 +235,17 @@ module Bundler
234
235
  end
235
236
 
236
237
  def specs_for(groups)
237
- groups = requested_groups if groups.empty?
238
+ return specs if groups.empty?
238
239
  deps = dependencies_for(groups)
239
- materialize(expand_dependencies(deps))
240
+ materialize(deps)
240
241
  end
241
242
 
242
243
  def dependencies_for(groups)
243
244
  groups.map!(&:to_sym)
244
- current_dependencies.reject do |d|
245
+ deps = current_dependencies.reject do |d|
245
246
  (d.groups & groups).empty?
246
247
  end
248
+ expand_dependencies(deps)
247
249
  end
248
250
 
249
251
  # Resolve all the dependencies specified in Gemfile. It ensures that
@@ -278,6 +280,8 @@ module Bundler
278
280
  end
279
281
 
280
282
  def lock(file, preserve_unknown_sections = false)
283
+ return if Definition.no_lock
284
+
281
285
  contents = to_lock
282
286
 
283
287
  # Convert to \r\n if the existing lock has them
@@ -290,7 +294,7 @@ module Bundler
290
294
 
291
295
  if updating_major = locked_major < current_major
292
296
  Bundler.ui.warn "Warning: the lockfile is being updated to Bundler #{current_major}, " \
293
- "after which you will be unable to return to Bundler #{@locked_bundler_version.segments.first}."
297
+ "after which you will be unable to return to Bundler #{locked_major}."
294
298
  end
295
299
  end
296
300
 
@@ -367,44 +371,31 @@ module Bundler
367
371
  added.concat new_platforms.map {|p| "* platform: #{p}" }
368
372
  deleted.concat deleted_platforms.map {|p| "* platform: #{p}" }
369
373
 
370
- gemfile_sources = sources.lock_sources
371
-
372
- new_sources = gemfile_sources - @locked_sources
373
- deleted_sources = @locked_sources - gemfile_sources
374
-
375
374
  new_deps = @dependencies - locked_dependencies
376
375
  deleted_deps = locked_dependencies - @dependencies
377
376
 
378
- # Check if it is possible that the source is only changed thing
379
- if (new_deps.empty? && deleted_deps.empty?) && (!new_sources.empty? && !deleted_sources.empty?)
380
- new_sources.reject! {|source| (source.path? && source.path.exist?) || equivalent_rubygems_remotes?(source) }
381
- deleted_sources.reject! {|source| (source.path? && source.path.exist?) || equivalent_rubygems_remotes?(source) }
382
- end
377
+ added.concat new_deps.map {|d| "* #{pretty_dep(d)}" } if new_deps.any?
378
+ deleted.concat deleted_deps.map {|d| "* #{pretty_dep(d)}" } if deleted_deps.any?
383
379
 
384
- if @locked_sources != gemfile_sources
385
- if new_sources.any?
386
- added.concat new_sources.map {|source| "* source: #{source}" }
387
- end
380
+ both_sources = Hash.new {|h, k| h[k] = [] }
381
+ @dependencies.each {|d| both_sources[d.name][0] = d }
388
382
 
389
- if deleted_sources.any?
390
- deleted.concat deleted_sources.map {|source| "* source: #{source}" }
391
- end
392
- end
383
+ locked_dependencies.each do |d|
384
+ next if !Bundler.feature_flag.bundler_3_mode? && @locked_specs[d.name].empty?
393
385
 
394
- added.concat new_deps.map {|d| "* #{pretty_dep(d)}" } if new_deps.any?
395
- if deleted_deps.any?
396
- deleted.concat deleted_deps.map {|d| "* #{pretty_dep(d)}" }
386
+ both_sources[d.name][1] = d
397
387
  end
398
388
 
399
- both_sources = Hash.new {|h, k| h[k] = [] }
400
- @dependencies.each {|d| both_sources[d.name][0] = d }
401
- @locked_deps.each {|name, d| both_sources[name][1] = d.source }
389
+ both_sources.each do |name, (dep, lock_dep)|
390
+ next if dep.nil? || lock_dep.nil?
391
+
392
+ gemfile_source = dep.source || sources.default_source
393
+ lock_source = lock_dep.source || sources.default_source
394
+ next if lock_source.include?(gemfile_source)
402
395
 
403
- both_sources.each do |name, (dep, lock_source)|
404
- next if lock_source.nil? || (dep && lock_source.can_lock?(dep))
405
- gemfile_source_name = (dep && dep.source) || "no specified source"
406
- lockfile_source_name = lock_source
407
- changed << "* #{name} from `#{gemfile_source_name}` to `#{lockfile_source_name}`"
396
+ gemfile_source_name = dep.source ? gemfile_source.identifier : "no specified source"
397
+ lockfile_source_name = lock_dep.source ? lock_source.identifier : "no specified source"
398
+ changed << "* #{name} from `#{lockfile_source_name}` to `#{gemfile_source_name}`"
408
399
  end
409
400
 
410
401
  reason = change_reason
@@ -648,25 +639,14 @@ module Bundler
648
639
  end
649
640
 
650
641
  def converge_dependencies
651
- frozen = Bundler.frozen_bundle?
652
- (@dependencies + locked_dependencies).each do |dep|
653
- locked_source = @locked_deps[dep.name]
654
- # This is to make sure that if bundler is installing in deployment mode and
655
- # after locked_source and sources don't match, we still use locked_source.
656
- if frozen && !locked_source.nil? &&
657
- locked_source.respond_to?(:source) && locked_source.source.instance_of?(Source::Path) && locked_source.source.path.exist?
658
- dep.source = locked_source.source
659
- elsif dep.source
642
+ changes = false
643
+
644
+ @dependencies.each do |dep|
645
+ if dep.source
660
646
  dep.source = sources.get(dep.source)
661
647
  end
662
- end
663
648
 
664
- changes = false
665
- # We want to know if all match, but don't want to check all entries
666
- # This means we need to return false if any dependency doesn't match
667
- # the lock or doesn't exist in the lock.
668
- @dependencies.each do |dependency|
669
- unless locked_dep = @locked_deps[dependency.name]
649
+ unless locked_dep = @locked_deps[dep.name]
670
650
  changes = true
671
651
  next
672
652
  end
@@ -677,11 +657,11 @@ module Bundler
677
657
  # directive, the lockfile dependencies and resolved dependencies end up
678
658
  # with a mismatch on #type. Work around that by setting the type on the
679
659
  # dep from the lockfile.
680
- locked_dep.instance_variable_set(:@type, dependency.type)
660
+ locked_dep.instance_variable_set(:@type, dep.type)
681
661
 
682
662
  # We already know the name matches from the hash lookup
683
663
  # so we only need to check the requirement now
684
- changes ||= dependency.requirement != locked_dep.requirement
664
+ changes ||= dep.requirement != locked_dep.requirement
685
665
  end
686
666
 
687
667
  changes
@@ -691,39 +671,36 @@ module Bundler
691
671
  # commonly happen if the Gemfile has changed since the lockfile was last
692
672
  # generated
693
673
  def converge_locked_specs
694
- deps = []
674
+ resolve = converge_specs(@locked_specs)
695
675
 
696
- # Build a list of dependencies that are the same in the Gemfile
697
- # and Gemfile.lock. If the Gemfile modified a dependency, but
698
- # the gem in the Gemfile.lock still satisfies it, this is fine
699
- # too.
700
- @dependencies.each do |dep|
701
- locked_dep = @locked_deps[dep.name]
702
-
703
- # If the locked_dep doesn't match the dependency we're looking for then we ignore the locked_dep
704
- locked_dep = nil unless locked_dep == dep
676
+ diff = nil
705
677
 
706
- if in_locked_deps?(dep, locked_dep) || satisfies_locked_spec?(dep)
707
- deps << dep
708
- elsif dep.source.is_a?(Source::Path) && dep.current_platform? && (!locked_dep || dep.source != locked_dep.source)
709
- @locked_specs.each do |s|
710
- @unlock[:gems] << s.name if s.source == dep.source
711
- end
678
+ # Now, we unlock any sources that do not have anymore gems pinned to it
679
+ sources.all_sources.each do |source|
680
+ next unless source.respond_to?(:unlock!)
712
681
 
713
- dep.source.unlock! if dep.source.respond_to?(:unlock!)
714
- dep.source.specs.each {|s| @unlock[:gems] << s.name }
682
+ unless resolve.any? {|s| s.source == source }
683
+ diff ||= @locked_specs.to_a - resolve.to_a
684
+ source.unlock! if diff.any? {|s| s.source == source }
715
685
  end
716
686
  end
717
687
 
688
+ resolve
689
+ end
690
+
691
+ def converge_specs(specs)
692
+ deps = []
718
693
  converged = []
719
- @locked_specs.each do |s|
694
+ specs.each do |s|
720
695
  # Replace the locked dependency's source with the equivalent source from the Gemfile
721
696
  dep = @dependencies.find {|d| s.satisfies?(d) }
722
- s.source = (dep && dep.source) || sources.get(s.source) unless multisource_allowed?
723
697
 
724
- # Don't add a spec to the list if its source is expired. For example,
725
- # if you change a Git gem to RubyGems.
726
- next if s.source.nil?
698
+ if dep && (!dep.source || s.source.include?(dep.source))
699
+ deps << dep
700
+ end
701
+
702
+ s.source = (dep && dep.source) || sources.get(s.source) || sources.default_source unless Bundler.frozen_bundle?
703
+
727
704
  next if @unlock[:sources].include?(s.source.name)
728
705
 
729
706
  # If the spec is from a path source and it doesn't exist anymore
@@ -736,7 +713,7 @@ module Bundler
736
713
  rescue PathError, GitError
737
714
  # if we won't need the source (according to the lockfile),
738
715
  # don't error if the path/git source isn't available
739
- next if @locked_specs.
716
+ next if specs.
740
717
  for(requested_dependencies, false, true).
741
718
  none? {|locked_spec| locked_spec.source == s.source }
742
719
 
@@ -752,35 +729,15 @@ module Bundler
752
729
  s.dependencies.replace(new_spec.dependencies)
753
730
  end
754
731
 
755
- converged << s
756
- end
757
-
758
- resolve = SpecSet.new(converged)
759
- resolve = SpecSet.new(resolve.for(expand_dependencies(deps, true), false, false).reject{|s| @unlock[:gems].include?(s.name) })
760
- diff = nil
761
-
762
- # Now, we unlock any sources that do not have anymore gems pinned to it
763
- sources.all_sources.each do |source|
764
- next unless source.respond_to?(:unlock!)
765
-
766
- unless resolve.any? {|s| s.source == source }
767
- diff ||= @locked_specs.to_a - resolve.to_a
768
- source.unlock! if diff.any? {|s| s.source == source }
732
+ if dep.nil? && requested_dependencies.find {|d| s.name == d.name }
733
+ @unlock[:gems] << s.name
734
+ else
735
+ converged << s
769
736
  end
770
737
  end
771
738
 
772
- resolve
773
- end
774
-
775
- def in_locked_deps?(dep, locked_dep)
776
- # Because the lockfile can't link a dep to a specific remote, we need to
777
- # treat sources as equivalent anytime the locked dep has all the remotes
778
- # that the Gemfile dep does.
779
- locked_dep && locked_dep.source && dep.source && locked_dep.source.include?(dep.source)
780
- end
781
-
782
- def satisfies_locked_spec?(dep)
783
- @locked_specs[dep].any? {|s| s.satisfies?(dep) && (!dep.source || s.source.include?(dep.source)) }
739
+ resolve = SpecSet.new(converged)
740
+ SpecSet.new(resolve.for(expand_dependencies(deps, true), false, false).reject{|s| @unlock[:gems].include?(s.name) })
784
741
  end
785
742
 
786
743
  def metadata_dependencies
@@ -873,22 +830,11 @@ module Bundler
873
830
 
874
831
  def additional_base_requirements_for_resolve
875
832
  return [] unless @locked_gems && unlocking? && !sources.expired_sources?(@locked_gems.sources)
876
- dependencies_by_name = dependencies.inject({}) {|memo, dep| memo.update(dep.name => dep) }
877
- @locked_gems.specs.reduce({}) do |requirements, locked_spec|
833
+ converge_specs(@locked_gems.specs).map do |locked_spec|
878
834
  name = locked_spec.name
879
- dependency = dependencies_by_name[name]
880
- next requirements if @locked_gems.dependencies[name] != dependency
881
- next requirements if dependency && dependency.source.is_a?(Source::Path)
882
835
  dep = Gem::Dependency.new(name, ">= #{locked_spec.version}")
883
- requirements[name] = DepProxy.get_proxy(dep, locked_spec.platform)
884
- requirements
885
- end.values
886
- end
887
-
888
- def equivalent_rubygems_remotes?(source)
889
- return false unless source.is_a?(Source::Rubygems)
890
-
891
- Bundler.settings[:allow_deployment_source_credential_changes] && source.equivalent_remotes?(sources.rubygems_remotes)
836
+ DepProxy.get_proxy(dep, locked_spec.platform)
837
+ end
892
838
  end
893
839
 
894
840
  def source_map
@@ -7,7 +7,7 @@ require_relative "rubygems_ext"
7
7
  module Bundler
8
8
  class Dependency < Gem::Dependency
9
9
  attr_reader :autorequire
10
- attr_reader :groups, :platforms, :gemfile, :git, :branch
10
+ attr_reader :groups, :platforms, :gemfile, :git, :github, :branch, :ref
11
11
 
12
12
  PLATFORM_MAP = {
13
13
  :ruby => Gem::Platform::RUBY,
@@ -82,7 +82,9 @@ module Bundler
82
82
  @groups = Array(options["group"] || :default).map(&:to_sym)
83
83
  @source = options["source"]
84
84
  @git = options["git"]
85
+ @github = options["github"]
85
86
  @branch = options["branch"]
87
+ @ref = options["ref"]
86
88
  @platforms = Array(options["platforms"])
87
89
  @env = options["env"]
88
90
  @should_include = options.fetch("should_include", true)
@@ -96,15 +98,11 @@ module Bundler
96
98
  def gem_platforms(valid_platforms)
97
99
  return valid_platforms if @platforms.empty?
98
100
 
99
- valid_generic_platforms = valid_platforms.map {|p| [p, GemHelpers.generic(p)] }.to_h
100
- @gem_platforms ||= expanded_platforms.compact.uniq
101
-
102
- filtered_generic_platforms = valid_generic_platforms.values & @gem_platforms
103
- valid_generic_platforms.select {|_, v| filtered_generic_platforms.include?(v) }.keys
101
+ valid_platforms.select {|p| expanded_platforms.include?(GemHelpers.generic(p)) }
104
102
  end
105
103
 
106
104
  def expanded_platforms
107
- @platforms.map {|pl| PLATFORM_MAP[pl] }
105
+ @expanded_platforms ||= @platforms.map {|pl| PLATFORM_MAP[pl] }.compact.uniq
108
106
  end
109
107
 
110
108
  def should_include?
@@ -18,6 +18,8 @@ module Bundler
18
18
  VALID_KEYS = %w[group groups git path glob name branch ref tag require submodules
19
19
  platform platforms type source install_if gemfile].freeze
20
20
 
21
+ GITHUB_PULL_REQUEST_URL = %r{\Ahttps://github\.com/([A-Za-z0-9_\-\.]+/[A-Za-z0-9_\-\.]+)/pull/(\d+)\z}.freeze
22
+
21
23
  attr_reader :gemspecs
22
24
  attr_accessor :dependencies
23
25
 
@@ -275,26 +277,24 @@ module Bundler
275
277
 
276
278
  def add_git_sources
277
279
  git_source(:github) do |repo_name|
278
- warn_deprecated_git_source(:github, <<-'RUBY'.strip, 'Change any "reponame" :github sources to "username/reponame".')
279
- "https://github.com/#{repo_name}.git"
280
- RUBY
281
- repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
282
- "https://github.com/#{repo_name}.git"
280
+ if repo_name =~ GITHUB_PULL_REQUEST_URL
281
+ {
282
+ "git" => "https://github.com/#{$1}.git",
283
+ "branch" => "refs/pull/#{$2}/head",
284
+ "ref" => nil,
285
+ "tag" => nil,
286
+ }
287
+ else
288
+ repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
289
+ "https://github.com/#{repo_name}.git"
290
+ end
283
291
  end
284
292
 
285
293
  git_source(:gist) do |repo_name|
286
- warn_deprecated_git_source(:gist, '"https://gist.github.com/#{repo_name}.git"')
287
-
288
294
  "https://gist.github.com/#{repo_name}.git"
289
295
  end
290
296
 
291
297
  git_source(:bitbucket) do |repo_name|
292
- warn_deprecated_git_source(:bitbucket, <<-'RUBY'.strip)
293
- user_name, repo_name = repo_name.split("/")
294
- repo_name ||= user_name
295
- "https://#{user_name}@bitbucket.org/#{user_name}/#{repo_name}.git"
296
- RUBY
297
-
298
298
  user_name, repo_name = repo_name.split("/")
299
299
  repo_name ||= user_name
300
300
  "https://#{user_name}@bitbucket.org/#{user_name}/#{repo_name}.git"
@@ -365,7 +365,11 @@ repo_name ||= user_name
365
365
 
366
366
  git_name = (git_names & opts.keys).last
367
367
  if @git_sources[git_name]
368
- opts["git"] = @git_sources[git_name].call(opts[git_name])
368
+ git_opts = @git_sources[git_name].call(opts[git_name])
369
+ git_opts = { "git" => git_opts } if git_opts.is_a?(String)
370
+ opts.merge!(git_opts) do |key, _gemfile_value, _git_source_value|
371
+ raise GemfileError, %(The :#{key} option can't be used with `#{git_name}: #{opts[git_name].inspect}`)
372
+ end
369
373
  end
370
374
 
371
375
  %w[git path].each do |type|
@@ -475,22 +479,6 @@ repo_name ||= user_name
475
479
  end
476
480
  end
477
481
 
478
- def warn_deprecated_git_source(name, replacement, additional_message = nil)
479
- additional_message &&= " #{additional_message}"
480
- replacement = if replacement.count("\n").zero?
481
- "{|repo_name| #{replacement} }"
482
- else
483
- "do |repo_name|\n#{replacement.to_s.gsub(/^/, " ")}\n end"
484
- end
485
-
486
- Bundler::SharedHelpers.major_deprecation 3, <<-EOS
487
- The :#{name} git source is deprecated, and will be removed in the future.#{additional_message} Add this code to the top of your Gemfile to ensure it continues to work:
488
-
489
- git_source(:#{name}) #{replacement}
490
-
491
- EOS
492
- end
493
-
494
482
  class DSLError < GemfileError
495
483
  # @return [String] the description that should be presented to the user.
496
484
  #
@@ -3,7 +3,6 @@
3
3
  module Bundler
4
4
  # used for Creating Specifications from the Gemcutter Endpoint
5
5
  class EndpointSpecification < Gem::Specification
6
- ILLFORMED_MESSAGE = 'Ill-formed requirement ["#<YAML::Syck::DefaultKey'.freeze
7
6
  include MatchPlatform
8
7
 
9
8
  attr_reader :name, :version, :platform, :required_rubygems_version, :required_ruby_version, :checksum
@@ -129,13 +128,6 @@ module Bundler
129
128
 
130
129
  def build_dependency(name, requirements)
131
130
  Gem::Dependency.new(name, requirements)
132
- rescue ArgumentError => e
133
- raise unless e.message.include?(ILLFORMED_MESSAGE)
134
- puts # we shouldn't print the error message on the "fetching info" status line
135
- raise GemspecError,
136
- "Unfortunately, the gem #{name} (#{version}) has an invalid " \
137
- "gemspec.\nPlease ask the gem author to yank the bad version to fix " \
138
- "this issue. For more information, see http://bit.ly/syck-defaultkey."
139
131
  end
140
132
  end
141
133
  end
@@ -38,7 +38,10 @@ module Bundler
38
38
 
39
39
  # Replaces `ENV` with the bundler environment variables backed up
40
40
  def replace_with_backup
41
- ENV.replace(backup) unless Gem.win_platform?
41
+ unless Gem.win_platform?
42
+ ENV.replace(backup)
43
+ return
44
+ end
42
45
 
43
46
  # Fallback logic for Windows below to workaround
44
47
  # https://bugs.ruby-lang.org/issues/16798. Can be dropped once all
@@ -68,11 +68,16 @@ module Bundler
68
68
  compact_index_request :fetch_spec
69
69
 
70
70
  def available?
71
- return nil unless SharedHelpers.md5_available?
72
- user_home = Bundler.user_home
73
- return nil unless user_home.directory? && user_home.writable?
71
+ unless SharedHelpers.md5_available?
72
+ Bundler.ui.debug("FIPS mode is enabled, bundler can't use the CompactIndex API")
73
+ return nil
74
+ end
75
+ if fetch_uri.scheme == "file"
76
+ Bundler.ui.debug("Using a local server, bundler won't use the CompactIndex API")
77
+ return false
78
+ end
74
79
  # Read info file checksums out of /versions, so we can know if gems are up to date
75
- fetch_uri.scheme != "file" && compact_index_client.update_and_parse_checksums!
80
+ compact_index_client.update_and_parse_checksums!
76
81
  rescue CompactIndexClient::Updater::MisMatchedChecksumError => e
77
82
  Bundler.ui.debug(e.message)
78
83
  nil
@@ -71,8 +71,8 @@ module Bundler
71
71
  :HTTPUnsupportedMediaType, :HTTPVersionNotSupported].freeze
72
72
  FAIL_ERRORS = begin
73
73
  fail_errors = [AuthenticationRequiredError, BadAuthenticationError, FallbackError]
74
- fail_errors << Gem::Requirement::BadRequirementError if defined?(Gem::Requirement::BadRequirementError)
75
- fail_errors.concat(NET_ERRORS.map {|e| SharedHelpers.const_get_safely(e, Net) }.compact)
74
+ fail_errors << Gem::Requirement::BadRequirementError
75
+ fail_errors.concat(NET_ERRORS.map {|e| Net.const_get(e) })
76
76
  end.freeze
77
77
 
78
78
  class << self
@@ -122,7 +122,6 @@ module Bundler
122
122
 
123
123
  # return the specs in the bundler format as an index
124
124
  def specs(gem_names, source)
125
- old = Bundler.rubygems.sources
126
125
  index = Bundler::Index.new
127
126
 
128
127
  if Bundler::Fetcher.disable_endpoint
@@ -153,8 +152,6 @@ module Bundler
153
152
  rescue CertificateFailureError
154
153
  Bundler.ui.info "" if gem_names && use_api # newline after dots
155
154
  raise
156
- ensure
157
- Bundler.rubygems.sources = old
158
155
  end
159
156
 
160
157
  def use_api
@@ -129,8 +129,8 @@ module Bundler
129
129
 
130
130
  def git_push(remote = nil)
131
131
  remote ||= default_remote
132
- sh(%W[git push #{remote} refs/heads/#{current_branch}])
133
- sh(%W[git push #{remote} refs/tags/#{version_tag}])
132
+ sh("git push #{remote} refs/heads/#{current_branch}".shellsplit)
133
+ sh("git push #{remote} refs/tags/#{version_tag}".shellsplit)
134
134
  Bundler.ui.confirm "Pushed git commits and release tag."
135
135
  end
136
136
 
@@ -112,9 +112,12 @@ module Bundler
112
112
 
113
113
  source = ", :source => \"#{d.source}\"" unless d.source.nil?
114
114
  git = ", :git => \"#{d.git}\"" unless d.git.nil?
115
+ github = ", :github => \"#{d.github}\"" unless d.github.nil?
115
116
  branch = ", :branch => \"#{d.branch}\"" unless d.branch.nil?
117
+ ref = ", :ref => \"#{d.ref}\"" unless d.ref.nil?
118
+ require_path = ", :require => #{convert_autorequire(d.autorequire)}" unless d.autorequire.nil?
116
119
 
117
- %(gem #{name}#{requirement}#{group}#{source}#{git}#{branch})
120
+ %(gem #{name}#{requirement}#{group}#{source}#{git}#{github}#{branch}#{ref}#{require_path})
118
121
  end.join("\n")
119
122
  end
120
123
 
@@ -269,5 +272,11 @@ module Bundler
269
272
  def show_warning(message)
270
273
  Bundler.ui.info Bundler.ui.add_color(message, :yellow)
271
274
  end
275
+
276
+ def convert_autorequire(autorequire)
277
+ autorequire = autorequire.first
278
+ return autorequire if autorequire == "false"
279
+ autorequire.inspect
280
+ end
272
281
  end
273
282
  end
@@ -13,7 +13,7 @@ module Bundler
13
13
  end
14
14
 
15
15
  def install_from_spec
16
- post_install_message = spec_settings ? install_with_settings : install
16
+ post_install_message = install
17
17
  Bundler.ui.debug "#{worker}: #{spec.name} (#{spec.version}) from #{spec.loaded_from}"
18
18
  generate_executable_stubs
19
19
  return true, post_install_message
@@ -54,11 +54,6 @@ module Bundler
54
54
  spec.source.install(spec, :force => force, :ensure_builtin_gems_cached => standalone, :build_args => Array(spec_settings))
55
55
  end
56
56
 
57
- def install_with_settings
58
- # Build arguments are global, so this is mutexed
59
- Bundler.rubygems.install_with_build_args([spec_settings]) { install }
60
- end
61
-
62
57
  def out_of_space_message
63
58
  "#{install_error_message}\nYour disk is out of space. Free some space to be able to install your bundle."
64
59
  end
@@ -218,9 +218,6 @@ module Bundler
218
218
  return jobs
219
219
  end
220
220
 
221
- # Parallelization has some issues on Windows, so it's not yet the default
222
- return 1 if Gem.win_platform?
223
-
224
221
  Bundler.settings.processor_count
225
222
  end
226
223
 
@@ -242,7 +239,7 @@ module Bundler
242
239
 
243
240
  def ensure_specs_are_compatible!
244
241
  system_ruby = Bundler::RubyVersion.system
245
- rubygems_version = Gem::Version.create(Gem::VERSION)
242
+ rubygems_version = Bundler.rubygems.version
246
243
  @definition.specs.each do |spec|
247
244
  if required_ruby_version = spec.required_ruby_version
248
245
  unless required_ruby_version.satisfied_by?(system_ruby.gem_version)
@@ -38,8 +38,24 @@ module Bundler
38
38
  identifier.hash
39
39
  end
40
40
 
41
+ ##
42
+ # Does this locked specification satisfy +dependency+?
43
+ #
44
+ # NOTE: Rubygems default requirement is ">= 0", which doesn't match
45
+ # prereleases of 0 versions, like "0.0.0.dev" or "0.0.0.SNAPSHOT". However,
46
+ # bundler users expect those to work. We need to make sure that Gemfile
47
+ # dependencies without explicit requirements (which use ">= 0" under the
48
+ # hood by default) are still valid for locked specs using this kind of
49
+ # versions. The method implements an ad-hoc fix for that. A better solution
50
+ # might be to change default rubygems requirement of dependencies to be ">=
51
+ # 0.A" but that's a major refactoring likely to break things. Hopefully we
52
+ # can attempt it in the future.
53
+ #
54
+
41
55
  def satisfies?(dependency)
42
- @name == dependency.name && dependency.requirement.satisfied_by?(Gem::Version.new(@version))
56
+ effective_requirement = dependency.requirement == Gem::Requirement.default ? Gem::Requirement.new(">= 0.A") : dependency.requirement
57
+
58
+ @name == dependency.name && effective_requirement.satisfied_by?(Gem::Version.new(@version))
43
59
  end
44
60
 
45
61
  def to_lock
@@ -46,6 +46,16 @@ module Bundler
46
46
  attributes
47
47
  end
48
48
 
49
+ def self.bundled_with
50
+ lockfile = Bundler.default_lockfile
51
+ return unless lockfile.file?
52
+
53
+ lockfile_contents = Bundler.read_file(lockfile)
54
+ return unless lockfile_contents.include?(BUNDLED)
55
+
56
+ lockfile_contents.split(BUNDLED).last.strip
57
+ end
58
+
49
59
  def initialize(lockfile)
50
60
  @platforms = []
51
61
  @sources = []
@@ -77,24 +87,12 @@ module Bundler
77
87
  end
78
88
  end
79
89
  @specs = @specs.values.sort_by(&:identifier)
80
- warn_for_outdated_bundler_version
81
90
  rescue ArgumentError => e
82
91
  Bundler.ui.debug(e)
83
92
  raise LockfileError, "Your lockfile is unreadable. Run `rm #{Bundler.default_lockfile.relative_path_from(SharedHelpers.pwd)}` " \
84
93
  "and then `bundle install` to generate a new lockfile."
85
94
  end
86
95
 
87
- def warn_for_outdated_bundler_version
88
- return unless bundler_version
89
- prerelease_text = bundler_version.prerelease? ? " --pre" : ""
90
- current_version = Gem::Version.create(Bundler::VERSION)
91
- return unless current_version < bundler_version
92
- Bundler.ui.warn "Warning: the running version of Bundler (#{current_version}) is older " \
93
- "than the version that created the lockfile (#{bundler_version}). We suggest you to " \
94
- "upgrade to the version that created the lockfile by running `gem install " \
95
- "bundler:#{bundler_version}#{prerelease_text}`.\n"
96
- end
97
-
98
96
  private
99
97
 
100
98
  TYPES = {