rubygems-update 3.4.19 → 3.4.20

data/bundler/lib/bundler/settings.rb

@@ -88,14 +88,24 @@ module Bundler
     def initialize(root = nil)
       @root            = root
       @local_config    = load_config(local_config_file)
-      @env_config      = ENV.to_h.select {|key, _value| key =~ /\ABUNDLE_.+/ }
+
+      @env_config      = ENV.to_h
+      @env_config.select! {|key, _value| key.start_with?("BUNDLE_") }
+      @env_config.delete("BUNDLE_")
+
       @global_config   = load_config(global_config_file)
       @temporary       = {}
     end
 
     def [](name)
       key = key_for(name)
-      value = configs.values.map {|config| config[key] }.compact.first
+
+      value = nil
+      configs.each do |_, config|
+        value = config[key]
+        next if value.nil?
+        break
+      end
 
       converted_value(value, name)
     end
@@ -138,17 +148,22 @@ module Bundler
     end
 
     def all
-      keys = @temporary.keys | @global_config.keys | @local_config.keys | @env_config.keys
+      keys = @temporary.keys.union(@global_config.keys, @local_config.keys, @env_config.keys)
 
-      keys.map do |key|
-        key.sub(/^BUNDLE_/, "").gsub(/___/, "-").gsub(/__/, ".").downcase
-      end.sort
+      keys.map! do |key|
+        key = key.delete_prefix("BUNDLE_")
+        key.gsub!("___", "-")
+        key.gsub!("__", ".")
+        key.downcase!
+        key
+      end.sort!
+      keys
     end
 
     def local_overrides
       repos = {}
       all.each do |k|
-        repos[$'] = self[k] if k =~ /^local\./
+        repos[k.delete_prefix("local.")] = self[k] if k.start_with?("local.")
       end
       repos
     end
@@ -301,7 +316,7 @@ module Bundler
     private
 
     def configs
-      {
+      @configs ||= {
         :temporary => @temporary,
         :local => @local_config,
         :env => @env_config,
@@ -327,16 +342,20 @@ module Bundler
     end
 
     def is_bool(name)
-      BOOL_KEYS.include?(name.to_s) || BOOL_KEYS.include?(parent_setting_for(name.to_s))
+      name = name.to_s
+      BOOL_KEYS.include?(name) || BOOL_KEYS.include?(parent_setting_for(name))
     end
 
     def is_string(name)
-      STRING_KEYS.include?(name.to_s) || name.to_s.start_with?("local.") || name.to_s.start_with?("mirror.") || name.to_s.start_with?("build.")
+      name = name.to_s
+      STRING_KEYS.include?(name) || name.start_with?("local.") || name.start_with?("mirror.") || name.start_with?("build.")
     end
 
     def to_bool(value)
       case value
-      when nil, /\A(false|f|no|n|0|)\z/i, false
+      when String
+        value.match?(/\A(false|f|no|n|0|)\z/i) ? false : true
+      when nil, false
         false
       else
         true
@@ -392,6 +411,8 @@ module Bundler
     end
 
     def converted_value(value, key)
+      key = key.to_s
+
       if is_array(key)
         to_array(value)
       elsif value.nil?
@@ -482,8 +503,11 @@ module Bundler
 
     def self.key_for(key)
       key = normalize_uri(key).to_s if key.is_a?(String) && key.start_with?("http", "mirror.http")
-      key = key.to_s.gsub(".", "__").gsub("-", "___").upcase
-      "BUNDLE_#{key}"
+      key = key.to_s.gsub(".", "__")
+      key.gsub!("-", "___")
+      key.upcase!
+
+      key.prepend("BUNDLE_")
     end
 
     # TODO: duplicates Rubygems#normalize_uri

data/bundler/lib/bundler/source/git/git_proxy.rb

@@ -43,6 +43,13 @@ module Bundler
         end
       end
 
+      class AmbiguousGitReference < GitError
+        def initialize(options)
+          msg = "Specification of branch or ref with tag is ambiguous. You specified #{options.inspect}"
+          super msg
+        end
+      end
+
       # The GitProxy is responsible to interact with git repositories.
       # All actions required by the Git source is encapsulated in this
       # object.
@@ -53,10 +60,15 @@ module Bundler
         def initialize(path, uri, options = {}, revision = nil, git = nil)
           @path     = path
           @uri      = uri
-          @branch   = options["branch"]
           @tag      = options["tag"]
+          @branch   = options["branch"]
           @ref      = options["ref"]
-          @explicit_ref = branch || tag || ref
+          if @tag
+            raise AmbiguousGitReference.new(options) if @branch || @ref
+            @explicit_ref = @tag
+          else
+            @explicit_ref = @ref || @branch
+          end
           @revision = revision
           @git      = git
           @commit_ref = nil

data/bundler/lib/bundler/source/rubygems.rb

@@ -88,6 +88,7 @@ module Bundler
       end
 
       def self.from_lock(options)
+        options["remotes"] = Array(options.delete("remote")).reverse
         new(options)
       end
 
@@ -128,12 +129,12 @@ module Bundler
       def specs
         @specs ||= begin
           # remote_specs usually generates a way larger Index than the other
-          # sources, and large_idx.use small_idx is way faster than
-          # small_idx.use large_idx.
-          idx = @allow_remote ? remote_specs.dup : Index.new
-          idx.use(cached_specs, :override_dupes) if @allow_cached || @allow_remote
-          idx.use(installed_specs, :override_dupes) if @allow_local
-          idx
+          # sources, and large_idx.merge! small_idx is way faster than
+          # small_idx.merge! large_idx.
+          index = @allow_remote ? remote_specs.dup : Index.new
+          index.merge!(cached_specs) if @allow_cached || @allow_remote
+          index.merge!(installed_specs) if @allow_local
+          index
         end
       end
 
@@ -237,7 +238,7 @@ module Bundler
       end
 
       def spec_names
-        if @allow_remote && dependency_api_available?
+        if dependency_api_available?
           remote_specs.spec_names
         else
           []
@@ -245,7 +246,7 @@ module Bundler
       end
 
       def unmet_deps
-        if @allow_remote && dependency_api_available?
+        if dependency_api_available?
           remote_specs.unmet_dependency_names
         else
           []
@@ -260,7 +261,6 @@ module Bundler
       end
 
       def double_check_for(unmet_dependency_names)
-        return unless @allow_remote
         return unless dependency_api_available?
 
         unmet_dependency_names = unmet_dependency_names.call
@@ -275,7 +275,9 @@ module Bundler
 
         Bundler.ui.debug "Double checking for #{unmet_dependency_names || "all specs (due to the size of the request)"} in #{self}"
 
-        fetch_names(api_fetchers, unmet_dependency_names, specs, false)
+        fetch_names(api_fetchers, unmet_dependency_names, remote_specs)
+
+        specs.use remote_specs
       end
 
       def dependency_names_to_double_check
@@ -379,7 +381,7 @@ module Bundler
 
       def cached_specs
         @cached_specs ||= begin
-          idx = @allow_local ? installed_specs.dup : Index.new
+          idx = Index.new
 
           Dir["#{cache_path}/*.gem"].each do |gemfile|
             s ||= Bundler.rubygems.spec_from_gem(gemfile)
@@ -392,35 +394,30 @@ module Bundler
       end
 
       def api_fetchers
-        fetchers.select {|f| f.use_api && f.fetchers.first.api_fetcher? }
+        fetchers.select(&:api_fetcher?)
       end
 
       def remote_specs
         @remote_specs ||= Index.build do |idx|
           index_fetchers = fetchers - api_fetchers
 
-          # gather lists from non-api sites
-          fetch_names(index_fetchers, nil, idx, false)
-
-          # legacy multi-remote sources need special logic to figure out
-          # dependency names and that logic can be very costly if one remote
-          # uses the dependency API but others don't. So use full indexes
-          # consistently in that particular case.
-          allow_api = !multiple_remotes?
-
-          fetch_names(api_fetchers, allow_api && dependency_names, idx, false)
+          if index_fetchers.empty?
+            fetch_names(api_fetchers, dependency_names, idx)
+          else
+            fetch_names(fetchers, nil, idx)
+          end
         end
       end
 
-      def fetch_names(fetchers, dependency_names, index, override_dupes)
+      def fetch_names(fetchers, dependency_names, index)
         fetchers.each do |f|
           if dependency_names
             Bundler.ui.info "Fetching gem metadata from #{URICredentialsFilter.credential_filtered_uri(f.uri)}", Bundler.ui.debug?
-            index.use f.specs_with_retry(dependency_names, self), override_dupes
+            index.use f.specs_with_retry(dependency_names, self)
             Bundler.ui.info "" unless Bundler.ui.debug? # new line now that the dots are over
           else
             Bundler.ui.info "Fetching source index from #{URICredentialsFilter.credential_filtered_uri(f.uri)}"
-            index.use f.specs_with_retry(nil, self), override_dupes
+            index.use f.specs_with_retry(nil, self)
           end
         end
       end

data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt

@@ -17,7 +17,7 @@ jobs:
           - '<%= RUBY_VERSION %>'
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 <%- if config[:ext] == 'rust' -%>
     - name: Set up Ruby & Rust
       uses: oxidize-rb/actions/setup-ruby-and-rust@v1

data/bundler/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.4.19".freeze
+  VERSION = "2.4.20".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i

data/lib/rubygems/available_set.rb

@@ -27,7 +27,7 @@ class Gem::AvailableSet
       s = o.set
     when Array
       s = o.map do |sp,so|
-        if !sp.kind_of?(Gem::Specification) || !so.kind_of?(Gem::Source)
+        if !sp.is_a?(Gem::Specification) || !so.is_a?(Gem::Source)
           raise TypeError, "Array must be in [[spec, source], ...] form"
         end
 

data/lib/rubygems/basic_specification.rb

@@ -133,9 +133,9 @@ class Gem::BasicSpecification
 
   def full_name
     if platform == Gem::Platform::RUBY || platform.nil?
-      "#{name}-#{version}".dup.tap(&Gem::UNTAINT)
+      (+"#{name}-#{version}").tap(&Gem::UNTAINT)
     else
-      "#{name}-#{version}-#{platform}".dup.tap(&Gem::UNTAINT)
+      (+"#{name}-#{version}-#{platform}").tap(&Gem::UNTAINT)
     end
   end
 

data/lib/rubygems/command.rb

@@ -94,7 +94,7 @@ class Gem::Command
   # array or a string to be split on white space.
 
   def self.add_specific_extra_args(cmd,args)
-    args = args.split(/\s+/) if args.kind_of? String
+    args = args.split(/\s+/) if args.is_a? String
     specific_extra_args_hash[cmd] = args
   end
 
@@ -398,22 +398,21 @@ class Gem::Command
 
   def check_deprecated_options(options)
     options.each do |option|
-      if option_is_deprecated?(option)
-        deprecation = @deprecated_options[command][option]
-        version_to_expire = deprecation["rg_version_to_expire"]
+      next unless option_is_deprecated?(option)
+      deprecation = @deprecated_options[command][option]
+      version_to_expire = deprecation["rg_version_to_expire"]
 
-        deprecate_option_msg = if version_to_expire
-          "The \"#{option}\" option has been deprecated and will be removed in Rubygems #{version_to_expire}."
-        else
-          "The \"#{option}\" option has been deprecated and will be removed in future versions of Rubygems."
-        end
+      deprecate_option_msg = if version_to_expire
+        "The \"#{option}\" option has been deprecated and will be removed in Rubygems #{version_to_expire}."
+      else
+        "The \"#{option}\" option has been deprecated and will be removed in future versions of Rubygems."
+      end
 
-        extra_msg = deprecation["extra_msg"]
+      extra_msg = deprecation["extra_msg"]
 
-        deprecate_option_msg += " #{extra_msg}" if extra_msg
+      deprecate_option_msg += " #{extra_msg}" if extra_msg
 
-        alert_warning(deprecate_option_msg)
-      end
+      alert_warning(deprecate_option_msg)
     end
   end
 
@@ -430,12 +429,10 @@ class Gem::Command
   # True if the command handles the given argument list.
 
   def handles?(args)
-    begin
-      parser.parse!(args.dup)
-      return true
-    rescue
-      return false
-    end
+    parser.parse!(args.dup)
+    return true
+  rescue
+    return false
   end
 
   ##

data/lib/rubygems/commands/cert_command.rb

@@ -136,7 +136,7 @@ class Gem::Commands::CertCommand < Gem::Command
   end
 
   def build(email)
-    if !valid_email?(email)
+    unless valid_email?(email)
       raise Gem::CommandLineError, "Invalid email address #{email}"
     end
 

data/lib/rubygems/commands/dependency_command.rb

@@ -91,10 +91,9 @@ use with other commands.
 
   def display_pipe(specs) # :nodoc:
     specs.each do |spec|
-      unless spec.dependencies.empty?
-        spec.dependencies.sort_by {|dep| dep.name }.each do |dep|
-          say "#{dep.name} --version '#{dep.requirement}'"
-        end
+      next if spec.dependencies.empty?
+      spec.dependencies.sort_by {|dep| dep.name }.each do |dep|
+        say "#{dep.name} --version '#{dep.requirement}'"
       end
     end
   end

data/lib/rubygems/commands/owner_command.rb

@@ -94,16 +94,14 @@ permission to.
 
   def manage_owners(method, name, owners)
     owners.each do |owner|
-      begin
-        response = send_owner_request(method, name, owner)
-        action = method == :delete ? "Removing" : "Adding"
-
-        with_response response, "#{action} #{owner}"
-      rescue Gem::WebauthnVerificationError => e
-        raise e
-      rescue StandardError
-        # ignore early exits to allow for completing the iteration of all owners
-      end
+      response = send_owner_request(method, name, owner)
+      action = method == :delete ? "Removing" : "Adding"
+
+      with_response response, "#{action} #{owner}"
+    rescue Gem::WebauthnVerificationError => e
+      raise e
+    rescue StandardError
+      # ignore early exits to allow for completing the iteration of all owners
     end
   end
 

data/lib/rubygems/commands/uninstall_command.rb

@@ -169,15 +169,14 @@ that is a dependency of an existing gem.  You can use the
     gems_to_uninstall = {}
 
     deps.each do |dep|
-      unless gems_to_uninstall[dep.name]
-        gems_to_uninstall[dep.name] = true
+      next if gems_to_uninstall[dep.name]
+      gems_to_uninstall[dep.name] = true
 
-        unless original_gem_version[dep.name] == Gem::Requirement.default
-          options[:version] = dep.version
-        end
-
-        uninstall_gem(dep.name)
+      unless original_gem_version[dep.name] == Gem::Requirement.default
+        options[:version] = dep.version
       end
+
+      uninstall_gem(dep.name)
     end
   end
 

data/lib/rubygems/commands/unpack_command.rb

@@ -96,12 +96,10 @@ command help for an example.
 
         FileUtils.mkdir_p @options[:target] if @options[:target]
 
-        destination = begin
-          if @options[:target]
-            File.join @options[:target], spec_file
-          else
-            spec_file
-          end
+        destination = if @options[:target]
+          File.join @options[:target], spec_file
+        else
+          spec_file
         end
 
         File.open destination, "w" do |io|

data/lib/rubygems/config_file.rb

@@ -353,7 +353,7 @@ if you believe they were disclosed to a third party.
 
     begin
       content = Gem::SafeYAML.load(File.read(filename))
-      unless content.kind_of? Hash
+      unless content.is_a? Hash
         warn "Failed to load #{filename} because it doesn't contain valid YAML hash"
         return {}
       end

data/lib/rubygems/core_ext/kernel_gem.rb

@@ -37,7 +37,7 @@ module Kernel
     skip_list = (ENV["GEM_SKIP"] || "").split(/:/)
     raise Gem::LoadError, "skipping #{gem_name}" if skip_list.include? gem_name
 
-    if gem_name.kind_of? Gem::Dependency
+    if gem_name.is_a? Gem::Dependency
       unless Gem::Deprecate.skip
         warn "#{Gem.location_of_caller.join ':'}:Warning: Kernel.gem no longer "\
           "accepts a Gem::Dependency object, please pass the name "\

data/lib/rubygems/core_ext/kernel_warn.rb

@@ -35,11 +35,10 @@ module Kernel
 
         start += 1
 
-        if path = loc.path
-          unless path.start_with?(rubygems_path) || path.start_with?("<internal:")
-            # Non-rubygems frames
-            uplevel -= 1
-          end
+        next unless path = loc.path
+        unless path.start_with?(rubygems_path) || path.start_with?("<internal:")
+          # Non-rubygems frames
+          uplevel -= 1
         end
       end
       kw[:uplevel] = start

data/lib/rubygems/dependency_installer.rb

@@ -163,13 +163,11 @@ class Gem::DependencyInstaller
 
         specs = []
         tuples.each do |tup, source|
-          begin
-            spec = source.fetch_spec(tup)
-          rescue Gem::RemoteFetcher::FetchError => e
-            errors << Gem::SourceFetchProblem.new(source, e)
-          else
-            specs << [spec, source]
-          end
+          spec = source.fetch_spec(tup)
+        rescue Gem::RemoteFetcher::FetchError => e
+          errors << Gem::SourceFetchProblem.new(source, e)
+        else
+          specs << [spec, source]
         end
 
         if @errors
@@ -296,11 +294,9 @@ class Gem::DependencyInstaller
         version = src.spec.version if version == Gem::Requirement.default
       elsif dep_or_name =~ /\.gem$/
         Dir[dep_or_name].each do |name|
-          begin
-            src = Gem::Source::SpecificFile.new name
-            installer_set.add_local dep_or_name, src.spec, src
-          rescue Gem::Package::FormatError
-          end
+          src = Gem::Source::SpecificFile.new name
+          installer_set.add_local dep_or_name, src.spec, src
+        rescue Gem::Package::FormatError
         end
         # else This is a dependency. InstallerSet handles this case
       end

data/lib/rubygems/deprecate.rb

@@ -104,7 +104,7 @@ module Gem::Deprecate
       old = "_deprecated_#{name}"
       alias_method old, name
       define_method name do |*args, &block|
-        klass = self.kind_of? Module
+        klass = self.is_a? Module
         target = klass ? "#{self}." : "#{self.class}#"
         msg = [ "NOTE: #{target}#{name} is deprecated",
                 repl == :none ? " with no replacement" : "; use #{repl} instead",
@@ -129,7 +129,7 @@ module Gem::Deprecate
       old = "_deprecated_#{name}"
       alias_method old, name
       define_method name do |*args, &block|
-        klass = self.kind_of? Module
+        klass = self.is_a? Module
         target = klass ? "#{self}." : "#{self.class}#"
         msg = [ "NOTE: #{target}#{name} is deprecated",
                 replacement == :none ? " with no replacement" : "; use #{replacement} instead",

data/lib/rubygems/gemcutter_utilities.rb

@@ -120,7 +120,7 @@ module Gem::GemcutterUtilities
   end
 
   def mfa_unauthorized?(response)
-    response.kind_of?(Net::HTTPUnauthorized) && response.body.start_with?("You have enabled multifactor authentication")
+    response.is_a?(Net::HTTPUnauthorized) && response.body.start_with?("You have enabled multifactor authentication")
   end
 
   def update_scope(scope)
@@ -367,6 +367,6 @@ module Gem::GemcutterUtilities
   end
 
   def api_key_forbidden?(response)
-    response.kind_of?(Net::HTTPForbidden) && response.body.start_with?("The API key doesn't have access")
+    response.is_a?(Net::HTTPForbidden) && response.body.start_with?("The API key doesn't have access")
   end
 end

data/lib/rubygems/installer.rb

@@ -357,25 +357,23 @@ class Gem::Installer
 
   def run_pre_install_hooks # :nodoc:
     Gem.pre_install_hooks.each do |hook|
-      if hook.call(self) == false
-        location = " at #{$1}" if hook.inspect =~ /[ @](.*:\d+)/
+      next unless hook.call(self) == false
+      location = " at #{$1}" if hook.inspect =~ /[ @](.*:\d+)/
 
-        message = "pre-install hook#{location} failed for #{spec.full_name}"
-        raise Gem::InstallError, message
-      end
+      message = "pre-install hook#{location} failed for #{spec.full_name}"
+      raise Gem::InstallError, message
     end
   end
 
   def run_post_build_hooks # :nodoc:
     Gem.post_build_hooks.each do |hook|
-      if hook.call(self) == false
-        FileUtils.rm_rf gem_dir
+      next unless hook.call(self) == false
+      FileUtils.rm_rf gem_dir
 
-        location = " at #{$1}" if hook.inspect =~ /[ @](.*:\d+)/
+      location = " at #{$1}" if hook.inspect =~ /[ @](.*:\d+)/
 
-        message = "post-build hook#{location} failed for #{spec.full_name}"
-        raise Gem::InstallError, message
-      end
+      message = "post-build hook#{location} failed for #{spec.full_name}"
+      raise Gem::InstallError, message
     end
   end
 

data/lib/rubygems/name_tuple.rb

@@ -10,7 +10,7 @@ class Gem::NameTuple
     @name = name
     @version = version
 
-    unless platform.kind_of? Gem::Platform
+    unless platform.is_a? Gem::Platform
       platform = "ruby" if !platform || platform.empty?
     end