rubygems-update 3.5.22 → 3.6.0

data/bundler/lib/bundler/remote_specification.rb

@@ -12,7 +12,7 @@ module Bundler
 
     attr_reader :name, :version, :platform
     attr_writer :dependencies
-    attr_accessor :source, :remote
+    attr_accessor :source, :remote, :locked_platform
 
     def initialize(name, version, platform, spec_fetcher)
       @name         = name
@@ -21,6 +21,11 @@ module Bundler
       @platform     = Gem::Platform.new(platform)
       @spec_fetcher = spec_fetcher
       @dependencies = nil
+      @locked_platform = nil
+    end
+
+    def insecurely_materialized?
+      @locked_platform.to_s != @platform.to_s
     end
 
     # Needed before installs, since the arch matters then and quick

data/bundler/lib/bundler/resolver/base.rb

@@ -16,7 +16,7 @@ module Bundler
           hash[name] = Package.new(name, platforms, **options)
         end
 
-        @requirements = dependencies.map do |dep|
+        @requirements = dependencies.filter_map do |dep|
           dep_platforms = dep.gem_platforms(platforms)
 
           # Dependencies scoped to external platforms are ignored
@@ -27,11 +27,7 @@ module Bundler
           @packages[name] = Package.new(name, dep_platforms, **options.merge(dependency: dep))
 
           dep
-        end.compact
-      end
-
-      def specs_compatible_with(result)
-        @base.specs_compatible_with(result)
+        end
       end
 
       def [](name)
@@ -107,6 +103,10 @@ module Bundler
       def build_base_requirements
         base_requirements = {}
         @base.each do |ls|
+          if ls.source_changed? && ls.source.specs.search(ls.name).empty?
+            raise GemNotFound, "Could not find gem '#{ls.name}' in #{ls.source}"
+          end
+
           req = Gem::Requirement.new(ls.version)
           base_requirements[ls.name] = req
         end

data/bundler/lib/bundler/resolver/candidate.rb

@@ -34,10 +34,10 @@ module Bundler
         @spec_group.dependencies
       end
 
-      def to_specs(package)
+      def to_specs(package, most_specific_locked_platform)
         return [] if package.meta?
 
-        @spec_group.to_specs(package.force_ruby_platform?)
+        @spec_group.to_specs(package.force_ruby_platform?, most_specific_locked_platform)
       end
 
       def prerelease?

data/bundler/lib/bundler/resolver/spec_group.rb

@@ -25,10 +25,11 @@ module Bundler
         @source ||= exemplary_spec.source
       end
 
-      def to_specs(force_ruby_platform)
+      def to_specs(force_ruby_platform, most_specific_locked_platform)
         @specs.map do |s|
           lazy_spec = LazySpecification.from_spec(s)
           lazy_spec.force_ruby_platform = force_ruby_platform
+          lazy_spec.most_specific_locked_platform = most_specific_locked_platform
           lazy_spec
         end
       end
@@ -38,9 +39,9 @@ module Bundler
       end
 
       def dependencies
-        @dependencies ||= @specs.map do |spec|
+        @dependencies ||= @specs.flat_map do |spec|
           __dependencies(spec) + metadata_dependencies(spec)
-        end.flatten.uniq.sort
+        end.uniq.sort
       end
 
       def ==(other)

data/bundler/lib/bundler/resolver.rb

@@ -15,10 +15,11 @@ module Bundler
 
     include GemHelpers
 
-    def initialize(base, gem_version_promoter)
+    def initialize(base, gem_version_promoter, most_specific_locked_platform = nil)
       @source_requirements = base.source_requirements
       @base = base
       @gem_version_promoter = gem_version_promoter
+      @most_specific_locked_platform = most_specific_locked_platform
     end
 
     def start
@@ -79,8 +80,7 @@ module Bundler
     def solve_versions(root:, logger:)
       solver = PubGrub::VersionSolver.new(source: self, root: root, logger: logger)
       result = solver.solve
-      resolved_specs = result.map {|package, version| version.to_specs(package) }.flatten
-      resolved_specs |= @base.specs_compatible_with(SpecSet.new(resolved_specs))
+      result.flat_map {|package, version| version.to_specs(package, @most_specific_locked_platform) }
     rescue PubGrub::SolveFailure => e
       incompatibility = e.incompatibility
 
@@ -417,7 +417,7 @@ module Bundler
     end
 
     def prepare_dependencies(requirements, packages)
-      to_dependency_hash(requirements, packages).map do |dep_package, dep_constraint|
+      to_dependency_hash(requirements, packages).filter_map do |dep_package, dep_constraint|
         name = dep_package.name
 
         next [dep_package, dep_constraint] if name == "bundler"
@@ -443,7 +443,7 @@ module Bundler
         next unless dep_package.current_platform?
 
         raise_not_found!(dep_package)
-      end.compact.to_h
+      end.to_h
     end
 
     def select_sorted_versions(package, range)

data/bundler/lib/bundler/rubygems_ext.rb

@@ -79,14 +79,18 @@ module Gem
     include ::Bundler::MatchMetadata
     include ::Bundler::MatchPlatform
 
-    attr_accessor :remote, :location, :relative_loaded_from
+    attr_accessor :remote, :relative_loaded_from
 
-    remove_method :source
-    attr_writer :source
-    def source
-      (defined?(@source) && @source) || Gem::Source::Installed.new
+    module AllowSettingSource
+      attr_writer :source
+
+      def source
+        (defined?(@source) && @source) || super
+      end
     end
 
+    prepend AllowSettingSource
+
     alias_method :rg_full_gem_path, :full_gem_path
     alias_method :rg_loaded_from,   :loaded_from
 
@@ -122,7 +126,9 @@ module Gem
       end
     end
 
-    remove_method :gem_dir
+    # Can be removed once RubyGems 3.5.21 support is dropped
+    remove_method :gem_dir if method_defined?(:gem_dir, false)
+
     def gem_dir
       full_gem_path
     end
@@ -144,6 +150,10 @@ module Gem
       end
     end
 
+    def insecurely_materialized?
+      false
+    end
+
     def groups
       @groups ||= []
     end
@@ -278,23 +288,6 @@ module Gem
     end
   end
 
-  # Requirements using lambda operator differentiate trailing zeros since rubygems 3.2.6
-  if Gem::Requirement.new("~> 2.0").hash == Gem::Requirement.new("~> 2.0.0").hash
-    class Requirement
-      module CorrectHashForLambdaOperator
-        def hash
-          if requirements.any? {|r| r.first == "~>" }
-            requirements.map {|r| r.first == "~>" ? [r[0], r[1].to_s] : r }.sort.hash
-          else
-            super
-          end
-        end
-      end
-
-      prepend CorrectHashForLambdaOperator
-    end
-  end
-
   require "rubygems/platform"
 
   class Platform
@@ -344,10 +337,6 @@ module Gem
         without_gnu_nor_abi_modifiers
       end
     end
-
-    if RUBY_ENGINE == "truffleruby" && !defined?(REUSE_AS_BINARY_ON_TRUFFLERUBY)
-      REUSE_AS_BINARY_ON_TRUFFLERUBY = %w[libv8 libv8-node sorbet-static].freeze
-    end
   end
 
   Platform.singleton_class.module_eval do
@@ -452,4 +441,18 @@ module Gem
       end
     end
   end
+
+  if Gem.rubygems_version < Gem::Version.new("3.6.0")
+    class Package; end
+    require "rubygems/package/tar_reader"
+    require "rubygems/package/tar_reader/entry"
+
+    module FixFullNameEncoding
+      def full_name
+        super.force_encoding(Encoding::UTF_8)
+      end
+    end
+
+    Package::TarReader::Entry.prepend(FixFullNameEncoding)
+  end
 end

data/bundler/lib/bundler/rubygems_gem_installer.rb

@@ -23,7 +23,9 @@ module Bundler
         FileUtils.mkdir_p gem_dir, mode: 0o755
       end
 
-      extract_files
+      SharedHelpers.filesystem_access(gem_dir, :write) do
+        extract_files
+      end
 
       build_extensions if spec.extensions.any?
       write_build_info_file
@@ -145,7 +147,6 @@ module Bundler
       SharedHelpers.filesystem_access(extension_dir, :create) do
         FileUtils.mkdir_p extension_dir
       end
-      require "shellwords" unless Bundler.rubygems.provides?(">= 3.2.25")
     end
 
     def strict_rm_rf(dir)

data/bundler/lib/bundler/rubygems_integration.rb

@@ -20,10 +20,6 @@ module Bundler
       Gem::Requirement.new(req_str).satisfied_by?(version)
     end
 
-    def supports_bundler_trampolining?
-      provides?(">= 3.3.0.a")
-    end
-
     def build_args
       require "rubygems/command"
       Gem::Command.build_args
@@ -34,6 +30,10 @@ module Bundler
       Gem::Command.build_args = args
     end
 
+    def set_target_rbconfig(path)
+      Gem.set_target_rbconfig(path)
+    end
+
     def loaded_specs(name)
       Gem.loaded_specs[name]
     end
@@ -134,6 +134,18 @@ module Bundler
       loaded_gem_paths.flatten
     end
 
+    def load_plugins
+      Gem.load_plugins
+    end
+
+    def load_plugin_files(plugin_files)
+      Gem.load_plugin_files(plugin_files)
+    end
+
+    def load_env_plugins
+      Gem.load_env_plugins
+    end
+
     def ui=(obj)
       Gem::DefaultUserInteraction.ui = obj
     end
@@ -220,9 +232,7 @@ module Bundler
       end
     end
 
-    # Used to make bin stubs that are not created by bundler work
-    # under bundler. The new Gem.bin_path only considers gems in
-    # +specs+
+    # Used to give better error messages when activating specs outside of the current bundle
     def replace_bin_path(specs_by_name)
       gem_class = (class << Gem; self; end)
 
@@ -261,31 +271,6 @@ module Bundler
 
         spec
       end
-
-      redefine_method(gem_class, :activate_bin_path) do |name, *args|
-        exec_name = args.first
-        return ENV["BUNDLE_BIN_PATH"] if exec_name == "bundle"
-
-        # Copy of Rubygems activate_bin_path impl
-        requirement = args.last
-        spec = find_spec_for_exe name, exec_name, [requirement]
-
-        gem_bin = File.join(spec.full_gem_path, spec.bindir, exec_name)
-        gem_from_path_bin = File.join(File.dirname(spec.loaded_from), spec.bindir, exec_name)
-        File.exist?(gem_bin) ? gem_bin : gem_from_path_bin
-      end
-
-      redefine_method(gem_class, :bin_path) do |name, *args|
-        exec_name = args.first
-        return ENV["BUNDLE_BIN_PATH"] if exec_name == "bundle"
-
-        spec = find_spec_for_exe(name, *args)
-        exec_name ||= spec.default_executable
-
-        gem_bin = File.join(spec.full_gem_path, spec.bindir, exec_name)
-        gem_from_path_bin = File.join(File.dirname(spec.loaded_from), spec.bindir, exec_name)
-        File.exist?(gem_bin) ? gem_bin : gem_from_path_bin
-      end
     end
 
     # Replace or hook into RubyGems to provide a bundlerized view
@@ -302,7 +287,7 @@ module Bundler
         Gem::BUNDLED_GEMS.replace_require(specs) if Gem::BUNDLED_GEMS.respond_to?(:replace_require)
       end
       replace_gem(specs, specs_by_name)
-      stub_rubygems(specs)
+      stub_rubygems(specs_by_name.values)
       replace_bin_path(specs_by_name)
 
       Gem.clear_paths
@@ -331,11 +316,7 @@ module Bundler
       @replaced_methods.each do |(sym, klass), method|
         redefine_method(klass, sym, method)
       end
-      if Binding.public_method_defined?(:source_location)
-        post_reset_hooks.reject! {|proc| proc.binding.source_location[0] == __FILE__ }
-      else
-        post_reset_hooks.reject! {|proc| proc.binding.eval("__FILE__") == __FILE__ }
-      end
+      post_reset_hooks.reject! {|proc| proc.binding.source_location[0] == __FILE__ }
       @replaced_methods.clear
     end
 
@@ -412,7 +393,9 @@ module Bundler
     def download_gem(spec, uri, cache_dir, fetcher)
       require "rubygems/remote_fetcher"
       uri = Bundler.settings.mirror_for(uri)
-      Bundler::Retry.new("download gem from #{uri}").attempts do
+      redacted_uri = Gem::Uri.redact(uri)
+
+      Bundler::Retry.new("download gem from #{redacted_uri}").attempts do
         gem_file_name = spec.file_name
         local_gem_path = File.join cache_dir, gem_file_name
         return if File.exist? local_gem_path
@@ -434,7 +417,7 @@ module Bundler
         end
       end
     rescue Gem::RemoteFetcher::FetchError => e
-      raise Bundler::HTTPError, "Could not download gem from #{uri} due to underlying error <#{e.message}>"
+      raise Bundler::HTTPError, "Could not download gem from #{redacted_uri} due to underlying error <#{e.message}>"
     end
 
     def build(spec, skip_validation = false)

data/bundler/lib/bundler/runtime.rb

@@ -41,12 +41,17 @@ module Bundler
       groups.map!(&:to_sym)
       groups = [:default] if groups.empty?
 
-      @definition.dependencies.each do |dep|
-        # Skip the dependency if it is not in any of the requested groups, or
-        # not for the current platform, or doesn't match the gem constraints.
-        next unless (dep.groups & groups).any? && dep.should_include?
+      dependencies = @definition.dependencies.select do |dep|
+        # Select the dependency if it is in any of the requested groups, and
+        # for the current platform, and matches the gem constraints.
+        (dep.groups & groups).any? && dep.should_include?
+      end
+
+      Plugin.hook(Plugin::Events::GEM_BEFORE_REQUIRE_ALL, dependencies)
 
+      dependencies.each do |dep|
         required_file = nil
+        Plugin.hook(Plugin::Events::GEM_BEFORE_REQUIRE, dep)
 
         begin
           # Loop through all the specified autorequires for the
@@ -76,7 +81,13 @@ module Bundler
             end
           end
         end
+
+        Plugin.hook(Plugin::Events::GEM_AFTER_REQUIRE, dep)
       end
+
+      Plugin.hook(Plugin::Events::GEM_AFTER_REQUIRE_ALL, dependencies)
+
+      dependencies
     end
 
     def self.definition_method(meth)
@@ -125,7 +136,16 @@ module Bundler
       specs_to_cache.each do |spec|
         next if spec.name == "bundler"
         next if spec.source.is_a?(Source::Gemspec)
-        spec.source.cache(spec, custom_path) if spec.source.respond_to?(:cache)
+        if spec.source.respond_to?(:migrate_cache)
+          spec.source.migrate_cache(custom_path, local: local)
+        elsif spec.source.respond_to?(:cache)
+          spec.source.cache(spec, custom_path)
+        end
+      end
+
+      Dir[cache_path.join("*/.git")].each do |git_dir|
+        FileUtils.rm_rf(git_dir)
+        FileUtils.touch(File.expand_path("../.bundlecache", git_dir))
       end
 
       prune_cache(cache_path) unless Bundler.settings[:no_prune]
@@ -252,10 +272,10 @@ module Bundler
 
     def setup_manpath
       # Add man/ subdirectories from activated bundles to MANPATH for man(1)
-      manuals = $LOAD_PATH.map do |path|
+      manuals = $LOAD_PATH.filter_map do |path|
         man_subdir = path.sub(/lib$/, "man")
         man_subdir unless Dir[man_subdir + "/man?/"].empty?
-      end.compact
+      end
 
       return if manuals.empty?
       Bundler::SharedHelpers.set_env "MANPATH", manuals.concat(

data/bundler/lib/bundler/self_manager.rb

@@ -84,8 +84,8 @@ module Bundler
         require "shellwords"
         cmd = [*Shellwords.shellsplit(bundler_spec_original_cmd), *ARGV]
       else
-        cmd = [$PROGRAM_NAME, *ARGV]
-        cmd.unshift(Gem.ruby) unless File.executable?($PROGRAM_NAME)
+        cmd = [Process.argv0, *ARGV]
+        cmd.unshift(Gem.ruby) unless File.executable?(Process.argv0)
       end
 
       Bundler.with_original_env do
@@ -106,7 +106,6 @@ module Bundler
 
     def autoswitching_applies?
       ENV["BUNDLER_VERSION"].nil? &&
-        Bundler.rubygems.supports_bundler_trampolining? &&
         ruby_can_restart_with_same_arguments? &&
         SharedHelpers.in_bundle? &&
         lockfile_version

data/bundler/lib/bundler/settings.rb

@@ -32,6 +32,7 @@ module Bundler
       ignore_messages
       init_gems_rb
       inline
+      lockfile_checksums
       no_install
       no_prune
       path_relative_to_cwd
@@ -425,8 +426,12 @@ module Bundler
       Validator.validate!(raw_key, converted_value(value, raw_key), hash)
 
       return unless file
+
+      SharedHelpers.filesystem_access(file.dirname, :create) do |p|
+        FileUtils.mkdir_p(p)
+      end
+
       SharedHelpers.filesystem_access(file) do |p|
-        FileUtils.mkdir_p(p.dirname)
         p.open("w") {|f| f.write(serializer_class.dump(hash)) }
       end
     end

data/bundler/lib/bundler/shared_helpers.rb

@@ -96,14 +96,16 @@ module Bundler
     #   given block
     #
     # @example
-    #   filesystem_access("vendor/cache", :write) do
+    #   filesystem_access("vendor/cache", :create) do
     #     FileUtils.mkdir_p("vendor/cache")
     #   end
     #
     # @see {Bundler::PermissionError}
     def filesystem_access(path, action = :write, &block)
       yield(path.dup)
-    rescue Errno::EACCES
+    rescue Errno::EACCES => e
+      raise unless e.message.include?(path.to_s) || action == :create
+
       raise PermissionError.new(path, action)
     rescue Errno::EAGAIN
       raise TemporaryResourceError.new(path, action)
@@ -116,7 +118,7 @@ module Bundler
     rescue Errno::EEXIST, Errno::ENOENT
       raise
     rescue SystemCallError => e
-      raise GenericSystemCallError.new(e, "There was an error accessing `#{path}`.")
+      raise GenericSystemCallError.new(e, "There was an error #{[:create, :write].include?(action) ? "creating" : "accessing"} `#{path}`.")
     end
 
     def major_deprecation(major_version, message, removed_message: nil, print_caller_location: false)
@@ -160,10 +162,10 @@ module Bundler
       extra_deps = new_deps - old_deps
       return if extra_deps.empty?
 
-      Bundler.ui.debug "#{spec.full_name} from #{spec.remote} has either corrupted API or lockfile dependencies" \
+      Bundler.ui.debug "#{spec.full_name} from #{spec.remote} has corrupted API dependencies" \
         " (was expecting #{old_deps.map(&:to_s)}, but the real spec has #{new_deps.map(&:to_s)})"
       raise APIResponseMismatchError,
-        "Downloading #{spec.full_name} revealed dependencies not in the API or the lockfile (#{extra_deps.join(", ")})." \
+        "Downloading #{spec.full_name} revealed dependencies not in the API (#{extra_deps.join(", ")})." \
         "\nRunning `bundle update #{spec.name}` should fix the problem."
     end
 
@@ -274,15 +276,7 @@ module Bundler
       until !File.directory?(current) || current == previous
         if ENV["BUNDLER_SPEC_RUN"]
           # avoid stepping above the tmp directory when testing
-          gemspec = if ENV["GEM_COMMAND"]
-            # for Ruby Core
-            "lib/bundler/bundler.gemspec"
-          else
-            "bundler.gemspec"
-          end
-
-          # avoid stepping above the tmp directory when testing
-          return nil if File.file?(File.join(current, gemspec))
+          return nil if File.directory?(File.join(current, "tmp"))
         end
 
         names.each do |name|
@@ -314,18 +308,36 @@ module Bundler
 
     def bundle_bin_path
       # bundler exe & lib folders have same root folder, typical gem installation
-      exe_file = File.expand_path("../../exe/bundle", __dir__)
+      exe_file = File.join(source_root, "exe/bundle")
 
       # for Ruby core repository testing
-      exe_file = File.expand_path("../../libexec/bundle", __dir__) unless File.exist?(exe_file)
+      exe_file = File.join(source_root, "libexec/bundle") unless File.exist?(exe_file)
 
       # bundler is a default gem, exe path is separate
-      exe_file = Bundler.rubygems.bin_path("bundler", "bundle", VERSION) unless File.exist?(exe_file)
+      exe_file = Gem.bin_path("bundler", "bundle", VERSION) unless File.exist?(exe_file)
 
       exe_file
     end
     public :bundle_bin_path
 
+    def gemspec_path
+      # inside a gem repository, typical gem installation
+      gemspec_file = File.join(source_root, "../../specifications/bundler-#{VERSION}.gemspec")
+
+      # for Ruby core repository testing
+      gemspec_file = File.expand_path("bundler.gemspec", __dir__) unless File.exist?(gemspec_file)
+
+      # bundler is a default gem
+      gemspec_file = File.join(Gem.default_specifications_dir, "bundler-#{VERSION}.gemspec") unless File.exist?(gemspec_file)
+
+      gemspec_file
+    end
+    public :gemspec_path
+
+    def source_root
+      File.expand_path("../..", __dir__)
+    end
+
     def set_path
       validate_bundle_path
       paths = (ENV["PATH"] || "").split(File::PATH_SEPARATOR)

data/bundler/lib/bundler/source/git/git_proxy.rb

@@ -84,12 +84,6 @@ module Bundler
           end
         end
 
-        def not_a_repository?
-          _, status = git_null("rev-parse", "--resolve-git-dir", path.to_s, dir: path)
-
-          !status.success?
-        end
-
         def contains?(commit)
           allowed_with_path do
             result, status = git_null("branch", "--contains", commit, dir: path)