rubygems-update 3.4.21 → 3.4.22

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1f05a0cda4ceecb0e1a71c9956e3e8597fcf627c352f6ee567790df40fddccac
-  data.tar.gz: fa139ca2d60133ee401e1b10a4ec477bd38264c49507b55b319299e26b77ab8d
+  metadata.gz: d9b782e56366a59b623c07b32c0904f4513142800144c6696a711662e263eaff
+  data.tar.gz: b68d46e9eb675529b261a94fa642da2796cf72079d3b913efb4111ea869ef1c0
 SHA512:
-  metadata.gz: 69e38f7e11e4c39a32bfa5fc0f921c004128a2c283affa2dfe52b3fc12c326d4d32af6310aa9b364e4c6d0568f9c3cb71cf9162c5923738447250ff40dd6ad17
-  data.tar.gz: 1a4bf79c31e726474c4066e9b166562c81a84a02560f70f647e03f1bb41c988147837d65fac7238737493521643a75e9c75494932446faa16325ca923fb1b646
+  metadata.gz: f9c8dd30ce9c75aae03adb7d5aa98e717d11aaa3ea97dc0a02229c8ee9ad59c39300270b31557bcc8bee2b8a6cd5037aa5a50484ca6e352cc764d6cedd6bc34b
+  data.tar.gz: 5ecf50108472f52df50b05e05fc57ddf8bfc65c526e9ffd7e3623b0fd63d1d1714097617356b652d06f0bc7ee354a6b9a8b65b7856e0d1cdb2951407b16fb36d

data/CHANGELOG.md

@@ -1,3 +1,36 @@
+# 3.4.22 / 2023-11-09
+
+## Enhancements:
+
+* Update SPDX license list as of 2023-10-05. Pull request
+  [#7040](https://github.com/rubygems/rubygems/pull/7040) by
+  github-actions[bot]
+* Remove unnecessary rescue. Pull request
+  [#7109](https://github.com/rubygems/rubygems/pull/7109) by
+  deivid-rodriguez
+* Installs bundler 2.4.22 as a default gem.
+
+## Bug fixes:
+
+* Handle empty array at built-in YAML serializer. Pull request
+  [#7099](https://github.com/rubygems/rubygems/pull/7099) by hsbt
+* Ignore non-tar format `.gem` files during search. Pull request
+  [#7095](https://github.com/rubygems/rubygems/pull/7095) by dearblue
+* Allow explicitly uninstalling multiple versions of same gem. Pull
+  request [#7063](https://github.com/rubygems/rubygems/pull/7063) by
+  kstevens715
+
+## Performance:
+
+* Avoid regexp match on every call to `Gem::Platform.local`. Pull request
+  [#7104](https://github.com/rubygems/rubygems/pull/7104) by segiddins
+
+## Documentation:
+
+* Get `Gem::Specification#extensions_dir` documented. Pull request
+  [#6218](https://github.com/rubygems/rubygems/pull/6218) by
+  deivid-rodriguez
+
 # 3.4.21 / 2023-10-17
 
 ## Enhancements:

data/Manifest.txt

@@ -302,7 +302,12 @@ bundler/lib/bundler/vendor/thor/lib/thor/runner.rb
 bundler/lib/bundler/vendor/thor/lib/thor/shell.rb
 bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb
 bundler/lib/bundler/vendor/thor/lib/thor/shell/color.rb
+bundler/lib/bundler/vendor/thor/lib/thor/shell/column_printer.rb
 bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb
+bundler/lib/bundler/vendor/thor/lib/thor/shell/lcs_diff.rb
+bundler/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb
+bundler/lib/bundler/vendor/thor/lib/thor/shell/terminal.rb
+bundler/lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb
 bundler/lib/bundler/vendor/thor/lib/thor/util.rb
 bundler/lib/bundler/vendor/thor/lib/thor/version.rb
 bundler/lib/bundler/vendor/tsort/LICENSE.txt

data/bundler/CHANGELOG.md

@@ -1,3 +1,24 @@
+# 2.4.22 (November 9, 2023)
+
+## Enhancements:
+
+  - Add Bundler::Plugin.loaded? helper [#6964](https://github.com/rubygems/rubygems/pull/6964)
+  - Give better error when previous installation folder is insecure to remove [#7030](https://github.com/rubygems/rubygems/pull/7030)
+  - Set file path when eval-ing local specification in EndpointSpecification [#7106](https://github.com/rubygems/rubygems/pull/7106)
+  - Git ignore the proper files for the CI service selected for `bundle gem` [#7101](https://github.com/rubygems/rubygems/pull/7101)
+  - Update vendored thor to v1.3.0 [#7078](https://github.com/rubygems/rubygems/pull/7078)
+  - Restore using old way of passing Ruby version to resolver [#7066](https://github.com/rubygems/rubygems/pull/7066)
+  - Bump vendored net-http-persistent to 4.0.2 [#6787](https://github.com/rubygems/rubygems/pull/6787)
+
+## Bug fixes:
+
+  - Fix regression when installing native extensions on universal rubies [#7077](https://github.com/rubygems/rubygems/pull/7077)
+  - Only remove bundler plugin gem when it's inside the cache [#7001](https://github.com/rubygems/rubygems/pull/7001)
+  - Don't show bug report template when GEM_HOME has no writable bit [#7113](https://github.com/rubygems/rubygems/pull/7113)
+  - Fix regression in old git versions [#7114](https://github.com/rubygems/rubygems/pull/7114)
+  - Handle empty array at built-in YAML serializer [#7099](https://github.com/rubygems/rubygems/pull/7099)
+  - Fix force_ruby_platform: when the lockfile only locks the ruby platform [#6936](https://github.com/rubygems/rubygems/pull/6936)
+
 # 2.4.21 (October 17, 2023)
 
 ## Enhancements:

data/bundler/README.md

@@ -1,5 +1,4 @@
 [![Version ](https://img.shields.io/gem/v/bundler.svg?style=flat)](https://rubygems.org/gems/bundler)
-[![Slack   ](https://bundler-slackin.herokuapp.com/badge.svg)](https://bundler-slackin.herokuapp.com)
 
 # Bundler: a gem to bundle gems
 
@@ -38,7 +37,7 @@ Still stuck? Try [filing an issue](https://github.com/rubygems/rubygems/issues/n
 
 To see what has changed in recent versions of Bundler, see the [CHANGELOG](CHANGELOG.md).
 
-To get in touch with the Bundler core team and other Bundler users, please join [the Bundler slack](https://slack.bundler.io).
+To get in touch with the Bundler core team and other Bundler users, please join [the Bundler slack](https://join.slack.com/t/bundler/shared_invite/zt-1rrsuuv3m-OmXKWQf8K6iSla4~F1DBjQ).
 
 ### Contributing
 

data/bundler/lib/bundler/build_metadata.rb

@@ -4,8 +4,8 @@ module Bundler
   # Represents metadata from when the Bundler gem was built.
   module BuildMetadata
     # begin ivars
-    @built_at = "2023-10-17".freeze
-    @git_commit_sha = "d10b46bd15".freeze
+    @built_at = "2023-11-09".freeze
+    @git_commit_sha = "ec2089640".freeze
     @release = true
     # end ivars
 

data/bundler/lib/bundler/cli/gem.rb

@@ -137,10 +137,13 @@ module Bundler
       case config[:ci]
       when "github"
         templates.merge!("github/workflows/main.yml.tt" => ".github/workflows/main.yml")
+        config[:ci_config_path] = ".github "
       when "gitlab"
         templates.merge!("gitlab-ci.yml.tt" => ".gitlab-ci.yml")
+        config[:ci_config_path] = ".gitlab-ci.yml "
       when "circle"
         templates.merge!("circleci/config.yml.tt" => ".circleci/config.yml")
+        config[:ci_config_path] = ".circleci "
       end
 
       if ask_and_set(:mit, "Do you want to license your code permissively under the MIT license?",

data/bundler/lib/bundler/definition.rb

@@ -881,7 +881,7 @@ module Bundler
 
     def metadata_dependencies
       @metadata_dependencies ||= [
-        Dependency.new("Ruby\0", Gem.ruby_version),
+        Dependency.new("Ruby\0", Bundler::RubyVersion.system.gem_version),
         Dependency.new("RubyGems\0", Gem::VERSION),
       ]
     end

data/bundler/lib/bundler/endpoint_specification.rb

@@ -94,7 +94,7 @@ module Bundler
 
     def _local_specification
       return unless @loaded_from && File.exist?(local_specification_path)
-      eval(File.read(local_specification_path)).tap do |spec|
+      eval(File.read(local_specification_path), nil, local_specification_path).tap do |spec|
         spec.loaded_from = @loaded_from
       end
     end

data/bundler/lib/bundler/errors.rb

@@ -172,4 +172,19 @@ module Bundler
 
     status_code(36)
   end
+
+  class InsecureInstallPathError < BundlerError
+    def initialize(path)
+      @path = path
+    end
+
+    def message
+      "The installation path is insecure. Bundler cannot continue.\n" \
+      "#{@path} is world-writable (without sticky bit).\n" \
+      "Bundler cannot safely replace gems in world-writeable directories due to potential vulnerabilities.\n" \
+      "Please change the permissions of this directory or choose a different install path."
+    end
+
+    status_code(38)
+  end
 end

data/bundler/lib/bundler/gem_helpers.rb

@@ -48,6 +48,13 @@ module Bundler
     end
     module_function :select_best_platform_match
 
+    def force_ruby_platform(specs)
+      matching = specs.select {|spec| spec.match_platform(Gem::Platform::RUBY) && spec.force_ruby_platform! }
+
+      sort_best_platform_match(matching, Gem::Platform::RUBY)
+    end
+    module_function :force_ruby_platform
+
     def sort_best_platform_match(matching, platform)
       exact = matching.select {|spec| spec.platform == platform }
       return exact if exact.any?

data/bundler/lib/bundler/installer/gem_installer.rb

@@ -16,13 +16,13 @@ module Bundler
       post_install_message = install
       Bundler.ui.debug "#{worker}:  #{spec.name} (#{spec.version}) from #{spec.loaded_from}"
       generate_executable_stubs
-      return true, post_install_message
-    rescue Bundler::InstallHookError, Bundler::SecurityError, Bundler::APIResponseMismatchError
+      [true, post_install_message]
+    rescue Bundler::InstallHookError, Bundler::SecurityError, Bundler::APIResponseMismatchError, Bundler::InsecureInstallPathError
       raise
     rescue Errno::ENOSPC
-      return false, out_of_space_message
-    rescue Bundler::BundlerError, Gem::InstallError, Bundler::APIResponseInvalidDependenciesError => e
-      return false, specific_failure_message(e)
+      [false, out_of_space_message]
+    rescue Bundler::BundlerError, Gem::InstallError => e
+      [false, specific_failure_message(e)]
     end
 
     private

data/bundler/lib/bundler/lazy_specification.rb

@@ -134,6 +134,10 @@ module Bundler
       " #{source.revision[0..6]}"
     end
 
+    def force_ruby_platform!
+      @force_ruby_platform = true
+    end
+
     private
 
     def use_exact_resolved_specifications?

data/bundler/lib/bundler/plugin/index.rb

@@ -136,6 +136,14 @@ module Bundler
         @hooks[event] || []
       end
 
+      # This plugin is installed inside the .bundle/plugin directory,
+      # and thus is managed solely by Bundler
+      def installed_in_plugin_root?(name)
+        return false unless (path = installed?(name))
+
+        path.start_with?("#{Plugin.root}/")
+      end
+
       private
 
       # Reads the index file from the directory and initializes the instance

data/bundler/lib/bundler/plugin.rb

@@ -62,7 +62,8 @@ module Bundler
       if names.any?
         names.each do |name|
           if index.installed?(name)
-            Bundler.rm_rf(index.plugin_path(name))
+            path = index.plugin_path(name).to_s
+            Bundler.rm_rf(path) if index.installed_in_plugin_root?(name)
             index.unregister_plugin(name)
             Bundler.ui.info "Uninstalled plugin #{name}"
           else
@@ -227,7 +228,7 @@ module Bundler
       plugins = index.hook_plugins(event)
       return unless plugins.any?
 
-      (plugins - @loaded_plugin_names).each {|name| load_plugin(name) }
+      plugins.each {|name| load_plugin(name) }
 
       @hooks_by_event[event].each {|blk| blk.call(*args, &arg_blk) }
     end
@@ -239,6 +240,11 @@ module Bundler
       Index.new.installed?(plugin)
     end
 
+    # @return [true, false] whether the plugin is loaded
+    def loaded?(plugin)
+      @loaded_plugin_names.include?(plugin)
+    end
+
     # Post installation processing and registering with index
     #
     # @param [Array<String>] plugins list to be installed
@@ -329,6 +335,7 @@ module Bundler
     # @param [String] name of the plugin
     def load_plugin(name)
       return unless name && !name.empty?
+      return if loaded?(name)
 
       # Need to ensure before this that plugin root where the rest of gems
       # are installed to be on load path to support plugin deps. Currently not

data/bundler/lib/bundler/rubygems_ext.rb

@@ -320,7 +320,7 @@ module Gem
   end
 
   # On universal Rubies, resolve the "universal" arch to the real CPU arch, without changing the extension directory.
-  class Specification
+  class BasicSpecification
     if /^universal\.(?<arch>.*?)-/ =~ (CROSS_COMPILING || RUBY_PLATFORM)
       local_platform = Platform.local
       if local_platform.cpu == "universal"
@@ -333,9 +333,8 @@ module Gem
         end
 
         def extensions_dir
-          Gem.default_ext_dir_for(base_dir) ||
-            File.join(base_dir, "extensions", ORIGINAL_LOCAL_PLATFORM,
-                      Gem.extension_api_version)
+          @extensions_dir ||=
+            Gem.default_ext_dir_for(base_dir) || File.join(base_dir, "extensions", ORIGINAL_LOCAL_PLATFORM, Gem.extension_api_version)
         end
       end
     end

data/bundler/lib/bundler/rubygems_gem_installer.rb

@@ -45,6 +45,14 @@ module Bundler
       spec
     end
 
+    def pre_install_checks
+      super && validate_bundler_checksum(options[:bundler_expected_checksum])
+    rescue Gem::FilePermissionError
+      # Ignore permission checks in RubyGems. Instead, go on, and try to write
+      # for real. We properly handle permission errors when they happen.
+      nil
+    end
+
     def generate_plugins
       return unless Gem::Installer.instance_methods(false).include?(:generate_plugins)
 
@@ -60,10 +68,6 @@ module Bundler
       end
     end
 
-    def pre_install_checks
-      super && validate_bundler_checksum(options[:bundler_expected_checksum])
-    end
-
     def build_extensions
       extension_cache_path = options[:bundler_extension_cache_path]
       extension_dir = spec.extension_dir
@@ -108,11 +112,22 @@ module Bundler
     end
 
     def strict_rm_rf(dir)
-      Bundler.rm_rf dir
-    rescue StandardError => e
-      raise unless File.exist?(dir)
+      return unless File.exist?(dir)
+
+      parent = File.dirname(dir)
+      parent_st = File.stat(parent)
+
+      if parent_st.world_writable? && !parent_st.sticky?
+        raise InsecureInstallPathError.new(parent)
+      end
+
+      begin
+        FileUtils.remove_entry_secure(dir)
+      rescue StandardError => e
+        raise unless File.exist?(dir)
 
-      raise DirectoryRemovalError.new(e, "Could not delete previous installation of `#{dir}`")
+        raise DirectoryRemovalError.new(e, "Could not delete previous installation of `#{dir}`")
+      end
     end
 
     def validate_bundler_checksum(checksum)

data/bundler/lib/bundler/source/git/git_proxy.rb

@@ -131,7 +131,11 @@ module Bundler
           end
 
           ref = @commit_ref || (locked_to_full_sha? && @revision)
-          git "fetch", "--force", "--quiet", *extra_fetch_args(ref), :dir => destination if ref
+          if ref
+            git "config", "uploadpack.allowAnySHA1InWant", "true", :dir => path.to_s if @commit_ref.nil? && needs_allow_any_sha1_in_want?
+
+            git "fetch", "--force", "--quiet", *extra_fetch_args(ref), :dir => destination
+          end
 
           git "reset", "--hard", @revision, :dir => destination
 
@@ -434,6 +438,10 @@ module Bundler
           @supports_minus_c ||= Gem::Version.new(version) >= Gem::Version.new("1.8.5")
         end
 
+        def needs_allow_any_sha1_in_want?
+          @needs_allow_any_sha1_in_want ||= Gem::Version.new(version) <= Gem::Version.new("2.13.7")
+        end
+
         def supports_fetching_unreachable_refs?
           @supports_fetching_unreachable_refs ||= Gem::Version.new(version) >= Gem::Version.new("2.5.0")
         end

data/bundler/lib/bundler/source/metadata.rb

@@ -5,7 +5,7 @@ module Bundler
     class Metadata < Source
       def specs
         @specs ||= Index.build do |idx|
-          idx << Gem::Specification.new("Ruby\0", Gem.ruby_version)
+          idx << Gem::Specification.new("Ruby\0", Bundler::RubyVersion.system.gem_version)
           idx << Gem::Specification.new("RubyGems\0", Gem::VERSION) do |s|
             s.required_rubygems_version = Gem::Requirement.default
           end

data/bundler/lib/bundler/spec_set.rb

@@ -200,8 +200,11 @@ module Bundler
 
     def specs_for_dependency(dep, platform)
       specs_for_name = lookup[dep.name]
-      target_platform = dep.force_ruby_platform ? Gem::Platform::RUBY : (platform || Bundler.local_platform)
-      matching_specs = GemHelpers.select_best_platform_match(specs_for_name, target_platform)
+      matching_specs = if dep.force_ruby_platform
+        GemHelpers.force_ruby_platform(specs_for_name)
+      else
+        GemHelpers.select_best_platform_match(specs_for_name, platform || Bundler.local_platform)
+      end
       matching_specs.map!(&:materialize_for_installation).compact! if platform.nil?
       matching_specs
     end

data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt

@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
   spec.files = Dir.chdir(__dir__) do
     `git ls-files -z`.split("\x0").reject do |f|
       (File.expand_path(f) == __FILE__) ||
-        f.start_with?(*%w[bin/ test/ spec/ features/ .git .circleci appveyor Gemfile])
+        f.start_with?(*%w[bin/ test/ spec/ features/ .git <%= config[:ci_config_path] %>appveyor Gemfile])
     end
   end
   spec.bindir = "exe"

data/bundler/lib/bundler/ui/shell.rb

@@ -147,7 +147,7 @@ module Bundler
         spaces ? text.gsub(/#{spaces}/, "") : text
       end
 
-      def word_wrap(text, line_width = @shell.terminal_width)
+      def word_wrap(text, line_width = Thor::Terminal.terminal_width)
         strip_leading_spaces(text).split("\n").collect do |line|
           line.length > line_width ? line.gsub(/(.{1,#{line_width}})(\s+|$)/, "\\1\n").strip : line
         end * "\n"

data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb

@@ -25,6 +25,7 @@ class Bundler::Persistent::Net::HTTP::Persistent::Connection # :nodoc:
   ensure
     reset
   end
+  alias_method :close, :finish
 
   def reset
     @last_use = Bundler::Persistent::Net::HTTP::Persistent::EPOCH

data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb

@@ -11,20 +11,32 @@ class Bundler::Persistent::Net::HTTP::Persistent::Pool < Bundler::ConnectionPool
   end
 
   def checkin net_http_args
-    stack = Thread.current[@key][net_http_args] ||= []
+    if net_http_args.is_a?(Hash) && net_http_args.size == 1 && net_http_args[:force]
+      # Bundler::ConnectionPool 2.4+ calls `checkin(force: true)` after fork.
+      # When this happens, we should remove all connections from Thread.current
+      if stacks = Thread.current[@key]
+        stacks.each do |http_args, connections|
+          connections.each do |conn|
+            @available.push conn, connection_args: http_args
+          end
+          connections.clear
+        end
+      end
+    else
+      stack = Thread.current[@key][net_http_args] ||= []
 
-    raise Bundler::ConnectionPool::Error, 'no connections are checked out' if
-      stack.empty?
+      raise Bundler::ConnectionPool::Error, 'no connections are checked out' if
+        stack.empty?
 
-    conn = stack.pop
+      conn = stack.pop
 
-    if stack.empty?
-      @available.push conn, connection_args: net_http_args
+      if stack.empty?
+        @available.push conn, connection_args: net_http_args
 
-      Thread.current[@key].delete(net_http_args)
-      Thread.current[@key] = nil if Thread.current[@key].empty?
+        Thread.current[@key].delete(net_http_args)
+        Thread.current[@key] = nil if Thread.current[@key].empty?
+      end
     end
-
     nil
   end
 

data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb

@@ -174,7 +174,7 @@ class Bundler::Persistent::Net::HTTP::Persistent
   ##
   # The version of Bundler::Persistent::Net::HTTP::Persistent you are using
 
-  VERSION = '4.0.1'
+  VERSION = '4.0.2'
 
   ##
   # Error class for errors raised by Bundler::Persistent::Net::HTTP::Persistent.  Various

data/bundler/lib/bundler/vendor/thor/lib/thor/actions/create_file.rb

@@ -43,7 +43,8 @@ class Bundler::Thor
       # Boolean:: true if it is identical, false otherwise.
       #
       def identical?
-        exists? && File.binread(destination) == render
+        # binread uses ASCII-8BIT, so to avoid false negatives, the string must use the same
+        exists? && File.binread(destination) == String.new(render).force_encoding("ASCII-8BIT")
       end
 
       # Holds the content to be added to the file.
@@ -60,7 +61,7 @@ class Bundler::Thor
         invoke_with_conflict_check do
           require "fileutils"
           FileUtils.mkdir_p(File.dirname(destination))
-          File.open(destination, "wb") { |f| f.write render }
+          File.open(destination, "wb", config[:perm]) { |f| f.write render }
         end
         given_destination
       end

data/bundler/lib/bundler/vendor/thor/lib/thor/actions/directory.rb

@@ -58,7 +58,7 @@ class Bundler::Thor
       def initialize(base, source, destination = nil, config = {}, &block)
         @source = File.expand_path(Dir[Util.escape_globs(base.find_in_source_paths(source.to_s))].first)
         @block  = block
-        super(base, destination, {:recursive => true}.merge(config))
+        super(base, destination, {recursive: true}.merge(config))
       end
 
       def invoke!

data/bundler/lib/bundler/vendor/thor/lib/thor/actions/empty_directory.rb

@@ -33,7 +33,7 @@ class Bundler::Thor
       #
       def initialize(base, destination, config = {})
         @base = base
-        @config = {:verbose => true}.merge(config)
+        @config = {verbose: true}.merge(config)
         self.destination = destination
       end
 

data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb

@@ -66,12 +66,15 @@ class Bundler::Thor
     # ==== Parameters
     # source<String>:: the address of the given content.
     # destination<String>:: the relative path to the destination root.
-    # config<Hash>:: give :verbose => false to not log the status.
+    # config<Hash>:: give :verbose => false to not log the status, and
+    #                :http_headers => <Hash> to add headers to an http request.
     #
     # ==== Examples
     #
     #   get "http://gist.github.com/103208", "doc/README"
     #
+    #   get "http://gist.github.com/103208", "doc/README", :http_headers => {"Content-Type" => "application/json"}
+    #
     #   get "http://gist.github.com/103208" do |content|
     #     content.split("\n").first
     #   end
@@ -82,10 +85,10 @@ class Bundler::Thor
 
       render = if source =~ %r{^https?\://}
         require "open-uri"
-        URI.send(:open, source) { |input| input.binmode.read }
+        URI.send(:open, source, config.fetch(:http_headers, {})) { |input| input.binmode.read }
       else
         source = File.expand_path(find_in_source_paths(source.to_s))
-        open(source) { |input| input.binmode.read }
+        File.open(source) { |input| input.binmode.read }
       end
 
       destination ||= if block_given?
@@ -120,12 +123,7 @@ class Bundler::Thor
       context = config.delete(:context) || instance_eval("binding")
 
       create_file destination, nil, config do
-        match = ERB.version.match(/(\d+\.\d+\.\d+)/)
-        capturable_erb = if match && match[1] >= "2.2.0" # Ruby 2.6+
-          CapturableERB.new(::File.binread(source), :trim_mode => "-", :eoutvar => "@output_buffer")
-        else
-          CapturableERB.new(::File.binread(source), nil, "-", "@output_buffer")
-        end
+        capturable_erb = CapturableERB.new(::File.binread(source), trim_mode: "-", eoutvar: "@output_buffer")
         content = capturable_erb.tap do |erb|
           erb.filename = source
         end.result(context)
@@ -252,7 +250,7 @@ class Bundler::Thor
     # flag<Regexp|String>:: the regexp or string to be replaced
     # replacement<String>:: the replacement, can be also given as a block
     # config<Hash>:: give :verbose => false to not log the status, and
-    #                :force => true, to force the replacement regardles of runner behavior.
+    #                :force => true, to force the replacement regardless of runner behavior.
     #
     # ==== Example
     #

data/bundler/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb

@@ -21,7 +21,7 @@ class Bundler::Thor
     #     gems.split(" ").map{ |gem| "  config.gem :#{gem}" }.join("\n")
     #   end
     #
-    WARNINGS = { unchanged_no_flag: 'File unchanged! The supplied flag value not found!' }
+    WARNINGS = {unchanged_no_flag: "File unchanged! Either the supplied flag value not found or the content has already been inserted!"}
 
     def insert_into_file(destination, *args, &block)
       data = block_given? ? block : args.shift
@@ -37,7 +37,7 @@ class Bundler::Thor
       attr_reader :replacement, :flag, :behavior
 
       def initialize(base, destination, data, config)
-        super(base, destination, {:verbose => true}.merge(config))
+        super(base, destination, {verbose: true}.merge(config))
 
         @behavior, @flag = if @config.key?(:after)
           [:after, @config.delete(:after)]
@@ -59,6 +59,8 @@ class Bundler::Thor
         if exists?
           if replace!(/#{flag}/, content, config[:force])
             say_status(:invoke)
+          elsif replacement_present?
+            say_status(:unchanged, color: :blue)
           else
             say_status(:unchanged, warning: WARNINGS[:unchanged_no_flag], color: :red)
           end
@@ -96,6 +98,8 @@ class Bundler::Thor
           end
         elsif warning
           warning
+        elsif behavior == :unchanged
+          :unchanged
         else
           :subtract
         end
@@ -103,11 +107,18 @@ class Bundler::Thor
         super(status, (color || config[:verbose]))
       end
 
+      def content
+        @content ||= File.read(destination)
+      end
+
+      def replacement_present?
+        content.include?(replacement)
+      end
+
       # Adds the content to the file.
       #
       def replace!(regexp, string, force)
-        content = File.read(destination)
-        if force || !content.include?(replacement)
+        if force || !replacement_present?
           success = content.gsub!(regexp, string)
 
           File.open(destination, "wb") { |file| file.write(content) } unless pretend?