RubyGems - rubygems-update - Versions diffs - 3.5.3 → 3.7.1 - Mend

rubygems-update 3.5.3 → 3.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (437) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +1410 -686
data/CODE_OF_CONDUCT.md +79 -28
data/CONTRIBUTING.md +4 -226
data/Manifest.txt +107 -83
data/README.md +16 -11
data/SECURITY.md +7 -0
data/bundler/CHANGELOG.md +1525 -931
data/bundler/README.md +9 -9
data/bundler/bundler.gemspec +2 -2
data/bundler/lib/bundler/build_metadata.rb +10 -11
data/bundler/lib/bundler/checksum.rb +22 -12
data/bundler/lib/bundler/cli/add.rb +3 -1
data/bundler/lib/bundler/cli/binstubs.rb +1 -1
data/bundler/lib/bundler/cli/check.rb +3 -3
data/bundler/lib/bundler/cli/common.rb +1 -1
data/bundler/lib/bundler/cli/config.rb +2 -2
data/bundler/lib/bundler/cli/console.rb +8 -10
data/bundler/lib/bundler/cli/doctor/diagnose.rb +167 -0
data/bundler/lib/bundler/cli/doctor/ssl.rb +249 -0
data/bundler/lib/bundler/cli/doctor.rb +27 -151
data/bundler/lib/bundler/cli/exec.rb +1 -0
data/bundler/lib/bundler/cli/fund.rb +1 -1
data/bundler/lib/bundler/cli/gem.rb +74 -46
data/bundler/lib/bundler/cli/info.rb +6 -6
data/bundler/lib/bundler/cli/inject.rb +3 -3
data/bundler/lib/bundler/cli/install.rb +19 -10
data/bundler/lib/bundler/cli/issue.rb +3 -3
data/bundler/lib/bundler/cli/lock.rb +32 -11
data/bundler/lib/bundler/cli/outdated.rb +23 -23
data/bundler/lib/bundler/cli/plugin.rb +3 -2
data/bundler/lib/bundler/cli/pristine.rb +1 -1
data/bundler/lib/bundler/cli/show.rb +3 -3
data/bundler/lib/bundler/cli/update.rb +3 -3
data/bundler/lib/bundler/cli.rb +75 -145
data/bundler/lib/bundler/compact_index_client/cache.rb +48 -73
data/bundler/lib/bundler/compact_index_client/cache_file.rb +0 -5
data/bundler/lib/bundler/compact_index_client/parser.rb +84 -0
data/bundler/lib/bundler/compact_index_client/updater.rb +6 -16
data/bundler/lib/bundler/compact_index_client.rb +52 -85
data/bundler/lib/bundler/constants.rb +8 -1
data/bundler/lib/bundler/current_ruby.rb +48 -34
data/bundler/lib/bundler/definition.rb +501 -328
data/bundler/lib/bundler/dependency.rb +93 -47
data/bundler/lib/bundler/dsl.rb +147 -103
data/bundler/lib/bundler/endpoint_specification.rb +30 -3
data/bundler/lib/bundler/env.rb +1 -1
data/bundler/lib/bundler/environment_preserver.rb +5 -23
data/bundler/lib/bundler/errors.rb +53 -5
data/bundler/lib/bundler/feature_flag.rb +18 -18
data/bundler/lib/bundler/fetcher/compact_index.rb +16 -25
data/bundler/lib/bundler/fetcher/dependency.rb +2 -1
data/bundler/lib/bundler/fetcher/downloader.rb +34 -8
data/bundler/lib/bundler/fetcher.rb +63 -26
data/bundler/lib/bundler/force_platform.rb +0 -2
data/bundler/lib/bundler/friendly_errors.rb +3 -2
data/bundler/lib/bundler/gem_helper.rb +1 -1
data/bundler/lib/bundler/gem_version_promoter.rb +42 -40
data/bundler/lib/bundler/index.rb +7 -2
data/bundler/lib/bundler/injector.rb +14 -16
data/bundler/lib/bundler/inline.rb +42 -17
data/bundler/lib/bundler/installer/gem_installer.rb +4 -3
data/bundler/lib/bundler/installer/parallel_installer.rb +3 -2
data/bundler/lib/bundler/installer/standalone.rb +2 -5
data/bundler/lib/bundler/installer.rb +22 -45
data/bundler/lib/bundler/lazy_specification.rb +121 -48
data/bundler/lib/bundler/lockfile_generator.rb +1 -1
data/bundler/lib/bundler/lockfile_parser.rb +36 -9
data/bundler/lib/bundler/man/bundle-add.1 +44 -27
data/bundler/lib/bundler/man/bundle-add.1.ronn +52 -23
data/bundler/lib/bundler/man/bundle-binstubs.1 +9 -6
data/bundler/lib/bundler/man/bundle-binstubs.1.ronn +6 -3
data/bundler/lib/bundler/man/bundle-cache.1 +32 -4
data/bundler/lib/bundler/man/bundle-cache.1.ronn +31 -2
data/bundler/lib/bundler/man/bundle-check.1 +7 -5
data/bundler/lib/bundler/man/bundle-check.1.ronn +7 -2
data/bundler/lib/bundler/man/bundle-clean.1 +3 -3
data/bundler/lib/bundler/man/bundle-config.1 +180 -138
data/bundler/lib/bundler/man/bundle-config.1.ronn +96 -99
data/bundler/lib/bundler/man/bundle-console.1 +4 -6
data/bundler/lib/bundler/man/bundle-console.1.ronn +2 -7
data/bundler/lib/bundler/man/bundle-doctor.1 +46 -7
data/bundler/lib/bundler/man/bundle-doctor.1.ronn +49 -5
data/bundler/lib/bundler/man/bundle-env.1 +9 -0
data/bundler/lib/bundler/man/bundle-env.1.ronn +10 -0
data/bundler/lib/bundler/man/bundle-exec.1 +9 -6
data/bundler/lib/bundler/man/bundle-exec.1.ronn +6 -3
data/bundler/lib/bundler/man/bundle-fund.1 +22 -0
data/bundler/lib/bundler/man/bundle-fund.1.ronn +25 -0
data/bundler/lib/bundler/man/bundle-gem.1 +69 -28
data/bundler/lib/bundler/man/bundle-gem.1.ronn +42 -6
data/bundler/lib/bundler/man/bundle-help.1 +3 -3
data/bundler/lib/bundler/man/bundle-info.1 +7 -4
data/bundler/lib/bundler/man/bundle-info.1.ronn +6 -2
data/bundler/lib/bundler/man/bundle-init.1 +5 -5
data/bundler/lib/bundler/man/bundle-init.1.ronn +3 -2
data/bundler/lib/bundler/man/bundle-inject.1 +13 -5
data/bundler/lib/bundler/man/bundle-inject.1.ronn +10 -2
data/bundler/lib/bundler/man/bundle-install.1 +20 -17
data/bundler/lib/bundler/man/bundle-install.1.ronn +26 -23
data/bundler/lib/bundler/man/bundle-issue.1 +45 -0
data/bundler/lib/bundler/man/bundle-issue.1.ronn +37 -0
data/bundler/lib/bundler/man/bundle-licenses.1 +9 -0
data/bundler/lib/bundler/man/bundle-licenses.1.ronn +10 -0
data/bundler/lib/bundler/man/bundle-list.1 +3 -3
data/bundler/lib/bundler/man/bundle-list.1.ronn +4 -1
data/bundler/lib/bundler/man/bundle-lock.1 +23 -8
data/bundler/lib/bundler/man/bundle-lock.1.ronn +25 -4
data/bundler/lib/bundler/man/bundle-open.1 +4 -4
data/bundler/lib/bundler/man/bundle-open.1.ronn +2 -1
data/bundler/lib/bundler/man/bundle-outdated.1 +10 -7
data/bundler/lib/bundler/man/bundle-outdated.1.ronn +8 -4
data/bundler/lib/bundler/man/bundle-platform.1 +3 -3
data/bundler/lib/bundler/man/bundle-plugin.1 +9 -6
data/bundler/lib/bundler/man/bundle-plugin.1.ronn +7 -3
data/bundler/lib/bundler/man/bundle-pristine.1 +3 -3
data/bundler/lib/bundler/man/bundle-pristine.1.ronn +1 -1
data/bundler/lib/bundler/man/bundle-remove.1 +3 -3
data/bundler/lib/bundler/man/bundle-remove.1.ronn +1 -1
data/bundler/lib/bundler/man/bundle-show.1 +7 -4
data/bundler/lib/bundler/man/bundle-show.1.ronn +4 -0
data/bundler/lib/bundler/man/bundle-update.1 +17 -11
data/bundler/lib/bundler/man/bundle-update.1.ronn +17 -9
data/bundler/lib/bundler/man/bundle-version.1 +3 -3
data/bundler/lib/bundler/man/bundle-viz.1 +6 -6
data/bundler/lib/bundler/man/bundle-viz.1.ronn +7 -3
data/bundler/lib/bundler/man/bundle.1 +3 -3
data/bundler/lib/bundler/man/gemfile.5 +7 -5
data/bundler/lib/bundler/man/gemfile.5.ronn +8 -2
data/bundler/lib/bundler/man/index.txt +4 -0
data/bundler/lib/bundler/match_metadata.rb +13 -0
data/bundler/lib/bundler/match_platform.rb +31 -12
data/bundler/lib/bundler/materialization.rb +59 -0
data/bundler/lib/bundler/mirror.rb +3 -3
data/bundler/lib/bundler/plugin/api/source.rb +5 -4
data/bundler/lib/bundler/plugin/events.rb +24 -0
data/bundler/lib/bundler/plugin/index.rb +5 -1
data/bundler/lib/bundler/plugin/installer/path.rb +26 -0
data/bundler/lib/bundler/plugin/installer.rb +37 -17
data/bundler/lib/bundler/plugin/source_list.rb +4 -4
data/bundler/lib/bundler/plugin.rb +21 -2
data/bundler/lib/bundler/process_lock.rb +10 -14
data/bundler/lib/bundler/remote_specification.rb +6 -1
data/bundler/lib/bundler/resolver/base.rb +14 -3
data/bundler/lib/bundler/resolver/candidate.rb +18 -27
data/bundler/lib/bundler/resolver/package.rb +20 -3
data/bundler/lib/bundler/resolver/spec_group.rb +22 -27
data/bundler/lib/bundler/resolver/strategy.rb +40 -0
data/bundler/lib/bundler/resolver.rb +114 -52
data/bundler/lib/bundler/retry.rb +1 -1
data/bundler/lib/bundler/ruby_dsl.rb +12 -3
data/bundler/lib/bundler/ruby_version.rb +7 -1
data/bundler/lib/bundler/rubygems_ext.rb +303 -150
data/bundler/lib/bundler/rubygems_gem_installer.rb +40 -5
data/bundler/lib/bundler/rubygems_integration.rb +40 -73
data/bundler/lib/bundler/runtime.rb +48 -35
data/bundler/lib/bundler/self_manager.rb +36 -26
data/bundler/lib/bundler/settings/validator.rb +0 -23
data/bundler/lib/bundler/settings.rb +36 -27
data/bundler/lib/bundler/setup.rb +6 -0
data/bundler/lib/bundler/shared_helpers.rb +45 -25
data/bundler/lib/bundler/source/gemspec.rb +1 -4
data/bundler/lib/bundler/source/git/git_proxy.rb +26 -9
data/bundler/lib/bundler/source/git.rb +113 -41
data/bundler/lib/bundler/source/metadata.rb +4 -3
data/bundler/lib/bundler/source/path.rb +14 -18
data/bundler/lib/bundler/source/rubygems/remote.rb +12 -4
data/bundler/lib/bundler/source/rubygems.rb +54 -48
data/bundler/lib/bundler/source.rb +2 -0
data/bundler/lib/bundler/source_list.rb +54 -12
data/bundler/lib/bundler/source_map.rb +1 -1
data/bundler/lib/bundler/spec_set.rb +227 -103
data/bundler/lib/bundler/stub_specification.rb +29 -2
data/bundler/lib/bundler/templates/Executable +0 -11
data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +77 -29
data/bundler/lib/bundler/templates/newgem/Gemfile.tt +1 -3
data/bundler/lib/bundler/templates/newgem/README.md.tt +7 -3
data/bundler/lib/bundler/templates/newgem/github/workflows/main.yml.tt +17 -15
data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +14 -12
data/bundler/lib/bundler/templates/newgem/rubocop.yml.tt +0 -5
data/bundler/lib/bundler/ui/shell.rb +26 -4
data/bundler/lib/bundler/ui/silent.rb +12 -1
data/bundler/lib/bundler/uri_credentials_filter.rb +3 -3
data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb +53 -3
data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +11 -0
data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +15 -13
data/bundler/lib/bundler/vendor/net-http-persistent/README.rdoc +1 -1
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +2 -1
data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +134 -57
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/basic_package_source.rb +4 -24
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/static_package_source.rb +1 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/strategy.rb +42 -0
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb +20 -8
data/bundler/lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb +17 -29
data/bundler/lib/bundler/vendor/securerandom/COPYING +56 -0
data/bundler/lib/bundler/vendor/securerandom/lib/securerandom.rb +102 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/actions/file_manipulation.rb +3 -5
data/bundler/lib/bundler/vendor/thor/lib/thor/group.rb +11 -0
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/argument.rb +1 -4
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/option.rb +2 -2
data/bundler/lib/bundler/vendor/thor/lib/thor/parser/options.rb +2 -1
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/basic.rb +9 -9
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/html.rb +1 -1
data/bundler/lib/bundler/vendor/thor/lib/thor/shell/table_printer.rb +5 -21
data/bundler/lib/bundler/vendor/thor/lib/thor/util.rb +1 -1
data/bundler/lib/bundler/vendor/thor/lib/thor/version.rb +1 -1
data/bundler/lib/bundler/vendor/thor/lib/thor.rb +11 -0
data/bundler/lib/bundler/vendor/uri/COPYING +56 -0
data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +43 -16
data/bundler/lib/bundler/vendor/uri/lib/uri/file.rb +3 -3
data/bundler/lib/bundler/vendor/uri/lib/uri/ftp.rb +1 -1
data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +28 -37
data/bundler/lib/bundler/vendor/uri/lib/uri/http.rb +2 -2
data/bundler/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb +16 -9
data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +26 -3
data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
data/bundler/lib/bundler/vendor/uri/lib/uri.rb +9 -9
data/bundler/lib/bundler/vendored_net_http.rb +20 -5
data/bundler/lib/bundler/vendored_securerandom.rb +12 -0
data/bundler/lib/bundler/vendored_timeout.rb +7 -3
data/bundler/lib/bundler/vendored_uri.rb +18 -1
data/bundler/lib/bundler/version.rb +10 -2
data/bundler/lib/bundler/worker.rb +1 -1
data/bundler/lib/bundler/yaml_serializer.rb +12 -7
data/bundler/lib/bundler.rb +101 -61
data/{bundler → doc/bundler}/UPGRADING.md +132 -127
data/doc/rubygems/CONTRIBUTING.md +227 -0
data/{POLICIES.md → doc/rubygems/POLICIES.md} +86 -17
data/exe/update_rubygems +1 -1
data/lib/rubygems/basic_specification.rb +50 -10
data/lib/rubygems/bundler_version_finder.rb +1 -1
data/lib/rubygems/command.rb +1 -4
data/lib/rubygems/command_manager.rb +5 -6
data/lib/rubygems/commands/build_command.rb +2 -11
data/lib/rubygems/commands/cleanup_command.rb +3 -13
data/lib/rubygems/commands/contents_command.rb +17 -10
data/lib/rubygems/commands/environment_command.rb +5 -0
data/lib/rubygems/commands/exec_command.rb +18 -11
data/lib/rubygems/commands/fetch_command.rb +14 -0
data/lib/rubygems/commands/help_command.rb +2 -2
data/lib/rubygems/commands/install_command.rb +0 -4
data/lib/rubygems/commands/pristine_command.rb +29 -19
data/lib/rubygems/commands/push_command.rb +31 -6
data/lib/rubygems/commands/rdoc_command.rb +3 -10
data/lib/rubygems/commands/rebuild_command.rb +262 -0
data/lib/rubygems/commands/setup_command.rb +13 -18
data/lib/rubygems/commands/sources_command.rb +2 -2
data/lib/rubygems/commands/uninstall_command.rb +9 -4
data/lib/rubygems/commands/unpack_command.rb +0 -6
data/lib/rubygems/commands/update_command.rb +13 -22
data/lib/rubygems/config_file.rb +45 -16
data/lib/rubygems/core_ext/kernel_require.rb +15 -3
data/lib/rubygems/core_ext/kernel_warn.rb +2 -6
data/lib/rubygems/defaults.rb +7 -7
data/lib/rubygems/dependency.rb +12 -16
data/lib/rubygems/dependency_list.rb +1 -1
data/lib/rubygems/deprecate.rb +79 -77
data/lib/rubygems/errors.rb +2 -1
data/lib/rubygems/exceptions.rb +2 -9
data/lib/rubygems/ext/builder.rb +21 -8
data/lib/rubygems/ext/cargo_builder.rb +16 -26
data/lib/rubygems/ext/cmake_builder.rb +7 -2
data/lib/rubygems/ext/configure_builder.rb +7 -2
data/lib/rubygems/ext/ext_conf_builder.rb +9 -5
data/lib/rubygems/ext/rake_builder.rb +7 -4
data/lib/rubygems/gem_runner.rb +9 -0
data/lib/rubygems/gemcutter_utilities/webauthn_listener.rb +11 -4
data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +3 -1
data/lib/rubygems/gemcutter_utilities.rb +52 -26
data/lib/rubygems/gemspec_helpers.rb +19 -0
data/lib/rubygems/install_update_options.rb +5 -0
data/lib/rubygems/installer.rb +76 -90
data/lib/rubygems/local_remote_options.rb +8 -8
data/lib/rubygems/package/tar_header.rb +31 -4
data/lib/rubygems/package/tar_reader/entry.rb +1 -5
data/lib/rubygems/package/tar_writer.rb +5 -4
data/lib/rubygems/package.rb +13 -8
data/lib/rubygems/platform.rb +148 -43
data/lib/rubygems/psych_tree.rb +4 -0
data/lib/rubygems/query_utils.rb +2 -2
data/lib/rubygems/rdoc.rb +16 -3
data/lib/rubygems/remote_fetcher.rb +6 -7
data/lib/rubygems/request.rb +5 -5
data/lib/rubygems/request_set/gem_dependency_api.rb +1 -1
data/lib/rubygems/request_set.rb +4 -7
data/lib/rubygems/requirement.rb +16 -12
data/lib/rubygems/resolver/activation_request.rb +1 -1
data/lib/rubygems/resolver/api_set/gem_parser.rb +2 -5
data/lib/rubygems/resolver/api_set.rb +13 -8
data/lib/rubygems/resolver/best_set.rb +1 -29
data/lib/rubygems/resolver/composed_set.rb +3 -3
data/lib/rubygems/resolver/git_set.rb +0 -1
data/lib/rubygems/resolver/index_set.rb +2 -2
data/lib/rubygems/resolver/source_set.rb +1 -1
data/lib/rubygems/resolver/spec_specification.rb +7 -0
data/lib/rubygems/resolver.rb +8 -8
data/lib/rubygems/s3_uri_signer.rb +8 -6
data/lib/rubygems/safe_marshal/reader.rb +31 -14
data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +29 -16
data/lib/rubygems/safe_yaml.rb +10 -1
data/lib/rubygems/security.rb +1 -1
data/lib/rubygems/source/git.rb +22 -17
data/lib/rubygems/source/installed.rb +3 -1
data/lib/rubygems/source/local.rb +8 -4
data/lib/rubygems/source/specific_file.rb +5 -3
data/lib/rubygems/source.rb +37 -29
data/lib/rubygems/source_list.rb +1 -1
data/lib/rubygems/spec_fetcher.rb +47 -15
data/lib/rubygems/specification.rb +110 -183
data/lib/rubygems/specification_policy.rb +33 -13
data/lib/rubygems/specification_record.rb +212 -0
data/lib/rubygems/stub_specification.rb +32 -10
data/lib/rubygems/target_rbconfig.rb +50 -0
data/lib/rubygems/uninstaller.rb +42 -22
data/lib/rubygems/uri.rb +6 -6
data/lib/rubygems/uri_formatter.rb +2 -1
data/lib/rubygems/util/licenses.rb +118 -1
data/lib/rubygems/util.rb +1 -1
data/lib/rubygems/vendor/molinillo/lib/molinillo/delegates/resolution_state.rb +57 -0
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/delegates/specification_provider.rb +11 -11
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/action.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/add_vertex.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/delete_edge.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/log.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/set_payload.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/tag.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph/vertex.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/dependency_graph.rb +2 -2
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/errors.rb +1 -1
data/lib/rubygems/vendor/molinillo/lib/molinillo/gem_metadata.rb +6 -0
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/modules/specification_provider.rb +2 -2
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/modules/ui.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/resolution.rb +4 -4
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/resolver.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo/state.rb +1 -1
data/lib/rubygems/{resolver → vendor}/molinillo/lib/molinillo.rb +2 -2
data/lib/rubygems/vendor/net-http/COPYING +56 -0
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/generic_request.rb +9 -9
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/header.rb +3 -3
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/request.rb +3 -3
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/requests.rb +35 -30
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/response.rb +2 -2
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/responses.rb +6 -6
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/status.rb +1 -1
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http.rb +149 -70
data/lib/rubygems/{net-http → vendor/net-http}/lib/net/https.rb +1 -1
data/lib/rubygems/vendor/optparse/COPYING +56 -0
data/lib/rubygems/{optparse → vendor/optparse}/lib/optparse/ac.rb +16 -0
data/lib/rubygems/{optparse → vendor/optparse}/lib/optparse/kwargs.rb +8 -3
data/lib/rubygems/vendor/optparse/lib/optparse/uri.rb +7 -0
data/lib/rubygems/{optparse → vendor/optparse}/lib/optparse/version.rb +9 -0
data/lib/rubygems/{optparse → vendor/optparse}/lib/optparse.rb +158 -62
data/lib/rubygems/vendor/resolv/COPYING +56 -0
data/lib/rubygems/{resolv → vendor/resolv}/lib/resolv.rb +165 -69
data/lib/rubygems/vendor/securerandom/COPYING +56 -0
data/lib/rubygems/vendor/securerandom/lib/securerandom.rb +102 -0
data/lib/rubygems/vendor/timeout/COPYING +56 -0
data/lib/rubygems/{timeout → vendor/timeout}/lib/timeout.rb +10 -11
data/lib/rubygems/{tsort → vendor/tsort}/lib/tsort.rb +2 -2
data/lib/rubygems/vendor/uri/COPYING +56 -0
data/lib/rubygems/vendor/uri/lib/uri/common.rb +880 -0
data/lib/rubygems/vendor/uri/lib/uri/file.rb +100 -0
data/lib/rubygems/vendor/uri/lib/uri/ftp.rb +267 -0
data/lib/rubygems/vendor/uri/lib/uri/generic.rb +1579 -0
data/lib/rubygems/vendor/uri/lib/uri/http.rb +125 -0
data/lib/rubygems/vendor/uri/lib/uri/https.rb +23 -0
data/lib/rubygems/vendor/uri/lib/uri/ldap.rb +261 -0
data/lib/rubygems/vendor/uri/lib/uri/ldaps.rb +22 -0
data/lib/rubygems/vendor/uri/lib/uri/mailto.rb +293 -0
data/lib/rubygems/vendor/uri/lib/uri/rfc2396_parser.rb +546 -0
data/lib/rubygems/vendor/uri/lib/uri/rfc3986_parser.rb +206 -0
data/lib/rubygems/vendor/uri/lib/uri/version.rb +6 -0
data/lib/rubygems/vendor/uri/lib/uri/ws.rb +83 -0
data/lib/rubygems/vendor/uri/lib/uri/wss.rb +23 -0
data/lib/rubygems/vendor/uri/lib/uri.rb +104 -0
data/lib/rubygems/vendored_molinillo.rb +3 -0
data/lib/rubygems/vendored_net_http.rb +5 -0
data/lib/rubygems/vendored_optparse.rb +3 -0
data/lib/rubygems/vendored_securerandom.rb +3 -0
data/lib/rubygems/vendored_timeout.rb +5 -0
data/lib/rubygems/vendored_tsort.rb +3 -0
data/lib/rubygems/version.rb +26 -9
data/lib/rubygems/yaml_serializer.rb +12 -7
data/lib/rubygems.rb +160 -53
data/rubygems-update.gemspec +11 -6
data/setup.rb +1 -1
metadata +124 -96
data/bundler/lib/bundler/compact_index_client/gem_parser.rb +0 -32
data/bundler/lib/bundler/gem_helpers.rb +0 -127
data/bundler/lib/bundler/templates/Executable.bundler +0 -109
data/bundler/lib/bundler/vendor/fileutils/.document +0 -1
data/bundler/lib/bundler/vendor/net-http-persistent/.document +0 -1
data/bundler/lib/bundler/vendor/pub_grub/.document +0 -1
data/bundler/lib/bundler/vendor/thor/.document +0 -1
data/bundler/lib/bundler/vendor/tsort/.document +0 -1
data/bundler/lib/bundler/vendor/uri/.document +0 -1
data/lib/rubygems/net/http.rb +0 -3
data/lib/rubygems/net-http/.document +0 -1
data/lib/rubygems/net-http/LICENSE.txt +0 -22
data/lib/rubygems/net-http/lib/net/http/backward.rb +0 -40
data/lib/rubygems/net-protocol/.document +0 -1
data/lib/rubygems/net-protocol/LICENSE.txt +0 -22
data/lib/rubygems/optparse/.document +0 -1
data/lib/rubygems/optparse/lib/optparse/uri.rb +0 -7
data/lib/rubygems/optparse.rb +0 -3
data/lib/rubygems/resolv/.document +0 -1
data/lib/rubygems/resolv/LICENSE.txt +0 -22
data/lib/rubygems/resolver/molinillo/.document +0 -1
data/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb +0 -57
data/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb +0 -6
data/lib/rubygems/resolver/molinillo.rb +0 -3
data/lib/rubygems/shellwords.rb +0 -3
data/lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem +0 -21
data/lib/rubygems/timeout/.document +0 -1
data/lib/rubygems/timeout/LICENSE.txt +0 -22
data/lib/rubygems/timeout.rb +0 -3
data/lib/rubygems/tsort/.document +0 -1
data/lib/rubygems/tsort/LICENSE.txt +0 -22
data/lib/rubygems/tsort.rb +0 -3
/data/{lib/rubygems/optparse → bundler/lib/bundler/vendor/fileutils}/COPYING +0 -0
/data/{MAINTAINERS.txt → doc/MAINTAINERS.txt} +0 -0
/data/{UPGRADING.md → doc/rubygems/UPGRADING.md} +0 -0
/data/lib/rubygems/ssl_certs/rubygems.org/{GlobalSignRootCA_R3.pem → GlobalSign.pem} +0 -0
/data/{bundler/lib/bundler/vendor/connection_pool → lib/rubygems/vendor}/.document +0 -0
/data/lib/rubygems/{resolver → vendor}/molinillo/LICENSE +0 -0
/data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/exceptions.rb +0 -0
/data/lib/rubygems/{net-http → vendor/net-http}/lib/net/http/proxy_delta.rb +0 -0
/data/{bundler/lib/bundler/vendor/fileutils → lib/rubygems/vendor/net-protocol}/LICENSE.txt +0 -0
/data/lib/rubygems/{net-protocol → vendor/net-protocol}/lib/net/protocol.rb +0 -0
/data/lib/rubygems/{optparse → vendor/optparse}/lib/optionparser.rb +0 -0
/data/lib/rubygems/{optparse → vendor/optparse}/lib/optparse/date.rb +0 -0
/data/lib/rubygems/{optparse → vendor/optparse}/lib/optparse/shellwords.rb +0 -0
/data/lib/rubygems/{optparse → vendor/optparse}/lib/optparse/time.rb +0 -0
/data/{bundler/lib/bundler/vendor/uri → lib/rubygems/vendor/tsort}/LICENSE.txt +0 -0

data/bundler/lib/bundler/environment_preserver.rb CHANGED Viewed

@@ -19,14 +19,7 @@ module Bundler
     BUNDLER_PREFIX = "BUNDLER_ORIG_"
     def self.from_env
-      new(env_to_hash(ENV), BUNDLER_KEYS)
-    end
-    def self.env_to_hash(env)
-      to_hash = env.to_hash
-      return to_hash unless Gem.win_platform?
-      to_hash.each_with_object({}) {|(k,v), a| a[k.upcase] = v }
+      new(ENV.to_hash, BUNDLER_KEYS)
     end
     # @param env [Hash]
@@ -39,18 +32,7 @@ module Bundler
     # Replaces `ENV` with the bundler environment variables backed up
     def replace_with_backup
-      unless Gem.win_platform?
-        ENV.replace(backup)
-        return
-      end
-      # Fallback logic for Windows below to workaround
-      # https://bugs.ruby-lang.org/issues/16798. Can be dropped once all
-      # supported rubies include the fix for that.
-      ENV.clear
-      backup.each {|k, v| ENV[k] = v }
+      ENV.replace(backup)
     end
     # @return [Hash]
@@ -58,9 +40,9 @@ module Bundler
       env = @original.clone
       @keys.each do |key|
         value = env[key]
-        if !value.nil? && !value.empty?
+        if !value.nil?
           env[@prefix + key] ||= value
-        elsif value.nil?
+        else
           env[@prefix + key] ||= INTENTIONALLY_NIL
         end
       end
@@ -72,7 +54,7 @@ module Bundler
       env = @original.clone
       @keys.each do |key|
         value_original = env[@prefix + key]
-        next if value_original.nil? || value_original.empty?
+        next if value_original.nil?
         if value_original == INTENTIONALLY_NIL
           env.delete(key)
         else

data/bundler/lib/bundler/errors.rb CHANGED Viewed

@@ -193,6 +193,24 @@ module Bundler
     status_code(31)
   end
+  class ReadOnlyFileSystemError < PermissionError
+    def message
+      "There was an error while trying to #{action} `#{@path}`. " \
+      "File system is read-only."
+    end
+    status_code(42)
+  end
+  class OperationNotPermittedError < PermissionError
+    def message
+      "There was an error while trying to #{action} `#{@path}`. " \
+      "Underlying OS system call raised an EPERM error."
+    end
+    status_code(43)
+  end
   class GenericSystemCallError < BundlerError
     attr_reader :underlying_error
@@ -217,17 +235,47 @@ module Bundler
   end
   class InsecureInstallPathError < BundlerError
-    def initialize(path)
+    def initialize(name, path)
+      @name = name
       @path = path
     end
     def message
-      "The installation path is insecure. Bundler cannot continue.\n" \
-      "#{@path} is world-writable (without sticky bit).\n" \
-      "Bundler cannot safely replace gems in world-writeable directories due to potential vulnerabilities.\n" \
-      "Please change the permissions of this directory or choose a different install path."
+      "Bundler cannot reinstall #{@name} because there's a previous installation of it at #{@path} that is unsafe to remove.\n" \
+      "The parent of #{@path} is world-writable and does not have the sticky bit set, making it insecure to remove due to potential vulnerabilities.\n" \
+      "Please change the permissions of #{File.dirname(@path)} or choose a different install path."
     end
     status_code(38)
   end
+  class CorruptBundlerInstallError < BundlerError
+    def initialize(loaded_spec)
+      @loaded_spec = loaded_spec
+    end
+    def message
+      "The running version of Bundler (#{Bundler::VERSION}) does not match the version of the specification installed for it (#{@loaded_spec.version}). " \
+      "This can be caused by reinstalling Ruby without removing previous installation, leaving around an upgraded default version of Bundler. " \
+      "Reinstalling Ruby from scratch should fix the problem."
+    end
+    status_code(39)
+  end
+  class InvalidArgumentError < BundlerError; status_code(40); end
+  class IncorrectLockfileDependencies < BundlerError
+    attr_reader :spec
+    def initialize(spec)
+      @spec = spec
+    end
+    def message
+      "Bundler found incorrect dependencies in the lockfile for #{spec.full_name}"
+    end
+    status_code(41)
+  end
 end

data/bundler/lib/bundler/feature_flag.rb CHANGED Viewed

@@ -25,29 +25,29 @@ module Bundler
     end
     private_class_method :settings_method
-    (1..10).each {|v| define_method("bundler_#{v}_mode?") { major_version >= v } }
-    settings_flag(:allow_offline_install) { bundler_3_mode? }
-    settings_flag(:auto_clean_without_path) { bundler_3_mode? }
-    settings_flag(:cache_all) { bundler_3_mode? }
-    settings_flag(:default_install_uses_path) { bundler_3_mode? }
-    settings_flag(:forget_cli_options) { bundler_3_mode? }
-    settings_flag(:global_gem_cache) { bundler_3_mode? }
-    settings_flag(:path_relative_to_cwd) { bundler_3_mode? }
+    (1..10).each {|v| define_method("bundler_#{v}_mode?") { @major_version >= v } }
+    settings_flag(:allow_offline_install) { bundler_4_mode? }
+    settings_flag(:cache_all) { bundler_4_mode? }
+    settings_flag(:forget_cli_options) { bundler_4_mode? }
+    settings_flag(:global_gem_cache) { bundler_4_mode? }
+    settings_flag(:lockfile_checksums) { bundler_4_mode? }
     settings_flag(:plugins) { @bundler_version >= Gem::Version.new("1.14") }
-    settings_flag(:print_only_version_number) { bundler_3_mode? }
-    settings_flag(:setup_makes_kernel_gem_public) { !bundler_3_mode? }
-    settings_flag(:update_requires_all_flag) { bundler_4_mode? }
+    settings_flag(:update_requires_all_flag) { bundler_5_mode? }
-    settings_option(:default_cli_command) { bundler_3_mode? ? :cli_help : :install }
+    settings_option(:default_cli_command) { bundler_4_mode? ? :cli_help : :install }
-    def initialize(bundler_version)
-      @bundler_version = Gem::Version.create(bundler_version)
+    def removed_major?(target_major_version)
+      @major_version > target_major_version
     end
-    def major_version
-      @bundler_version.segments.first
+    def deprecated_major?(target_major_version)
+      @major_version >= target_major_version
+    end
+    def initialize(bundler_version)
+      @bundler_version = Gem::Version.create(bundler_version)
+      @major_version = @bundler_version.segments.first
     end
-    private :major_version
   end
 end

data/bundler/lib/bundler/fetcher/compact_index.rb CHANGED Viewed

@@ -4,15 +4,13 @@ require_relative "base"
 require_relative "../worker"
 module Bundler
-  autoload :CompactIndexClient, File.expand_path("../compact_index_client", __dir__)
   class Fetcher
     class CompactIndex < Base
       def self.compact_index_request(method_name)
         method = instance_method(method_name)
         undef_method(method_name)
         define_method(method_name) do |*args, &blk|
-          method.bind(self).call(*args, &blk)
+          method.bind_call(self, *args, &blk)
         rescue NetworkDownError, CompactIndexClient::Updater::MismatchedChecksumError => e
           raise HTTPError, e.message
         rescue AuthenticationRequiredError, BadAuthenticationError
@@ -36,15 +34,8 @@ module Bundler
         until remaining_gems.empty?
           log_specs { "Looking up gems #{remaining_gems.inspect}" }
-          deps = begin
-                   parallel_compact_index_client.dependencies(remaining_gems)
-                 rescue TooManyRequestsError
-                   @bundle_worker&.stop
-                   @bundle_worker = nil # reset it.  Not sure if necessary
-                   serial_compact_index_client.dependencies(remaining_gems)
-                 end
-          next_gems = deps.flat_map {|d| d[3].flat_map(&:first) }.uniq
+          deps = fetch_gem_infos(remaining_gems).flatten(1)
+          next_gems = deps.flat_map {|d| d[CompactIndexClient::INFO_DEPS].flat_map(&:first) }.uniq
           deps.each {|dep| gem_info << dep }
           complete_gems.concat(deps.map(&:first)).uniq!
           remaining_gems = next_gems - complete_gems
@@ -61,7 +52,7 @@ module Bundler
           return nil
         end
         # Read info file checksums out of /versions, so we can know if gems are up to date
-        compact_index_client.update_and_parse_checksums!
+        compact_index_client.available?
       rescue CompactIndexClient::Updater::MismatchedChecksumError => e
         Bundler.ui.debug(e.message)
         nil
@@ -81,20 +72,20 @@ module Bundler
           end
       end
-      def parallel_compact_index_client
-        compact_index_client.execution_mode = lambda do |inputs, &blk|
-          func = lambda {|object, _index| blk.call(object) }
-          worker = bundle_worker(func)
-          inputs.each {|input| worker.enq(input) }
-          inputs.map { worker.deq }
-        end
-        compact_index_client
+      def fetch_gem_infos(names)
+        in_parallel(names) {|name| compact_index_client.info(name) }
+      rescue TooManyRequestsError # rubygems.org is rate limiting us, slow down.
+        @bundle_worker&.stop
+        @bundle_worker = nil # reset it.  Not sure if necessary
+        compact_index_client.reset!
+        names.map {|name| compact_index_client.info(name) }
       end
-      def serial_compact_index_client
-        compact_index_client.sequential_execution_mode!
-        compact_index_client
+      def in_parallel(inputs, &blk)
+        func = lambda {|object, _index| blk.call(object) }
+        worker = bundle_worker(func)
+        inputs.each {|input| worker.enq(input) }
+        inputs.map { worker.deq }
       end
       def bundle_worker(func = nil)

data/bundler/lib/bundler/fetcher/dependency.rb CHANGED Viewed

@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 require_relative "base"
-require "cgi"
+require "cgi/escape"
+require "cgi/util" unless defined?(CGI::EscapeExt)
 module Bundler
   class Fetcher

data/bundler/lib/bundler/fetcher/downloader.rb CHANGED Viewed

@@ -3,6 +3,28 @@
 module Bundler
   class Fetcher
     class Downloader
+      HTTP_NON_RETRYABLE_ERRORS = [
+        SocketError,
+        Errno::EADDRNOTAVAIL,
+        Errno::ENETDOWN,
+        Errno::ENETUNREACH,
+        Gem::Net::HTTP::Persistent::Error,
+        Errno::EHOSTUNREACH,
+      ].freeze
+      HTTP_RETRYABLE_ERRORS = [
+        Gem::Timeout::Error,
+        EOFError,
+        Errno::EINVAL,
+        Errno::ECONNRESET,
+        Errno::ETIMEDOUT,
+        Errno::EAGAIN,
+        Gem::Net::HTTPBadResponse,
+        Gem::Net::HTTPHeaderSyntaxError,
+        Gem::Net::ProtocolError,
+        Zlib::BufError,
+      ].freeze
       attr_reader :connection
       attr_reader :redirect_limit
@@ -23,7 +45,7 @@ module Bundler
         when Gem::Net::HTTPSuccess, Gem::Net::HTTPNotModified
           response
         when Gem::Net::HTTPRedirection
-          new_uri = Bundler::URI.parse(response["location"])
+          new_uri = Gem::URI.parse(response["location"])
           if new_uri.host == uri.host
             new_uri.user = uri.user
             new_uri.password = uri.password
@@ -67,15 +89,19 @@ module Bundler
         connection.request(uri, req)
       rescue OpenSSL::SSL::SSLError
         raise CertificateFailureError.new(uri)
-      rescue *HTTP_ERRORS => e
+      rescue *HTTP_NON_RETRYABLE_ERRORS => e
         Bundler.ui.trace e
-        if e.is_a?(SocketError) || e.message.to_s.include?("host down:")
-          raise NetworkDownError, "Could not reach host #{uri.host}. Check your network " \
-            "connection and try again."
-        else
-          raise HTTPError, "Network error while fetching #{filtered_uri}" \
+        host = uri.host
+        host_port = "#{host}:#{uri.port}"
+        host = host_port if filtered_uri.to_s.include?(host_port)
+        raise NetworkDownError, "Could not reach host #{host}. Check your network " \
+          "connection and try again."
+      rescue *HTTP_RETRYABLE_ERRORS => e
+        Bundler.ui.trace e
+        raise HTTPError, "Network error while fetching #{filtered_uri}" \
             " (#{e})"
-        end
       end
       private

data/bundler/lib/bundler/fetcher.rb CHANGED Viewed

@@ -2,8 +2,7 @@
 require_relative "vendored_persistent"
 require_relative "vendored_timeout"
-require "cgi"
-require "securerandom"
+require_relative "vendored_securerandom"
 require "zlib"
 module Bundler
@@ -37,8 +36,9 @@ module Bundler
     # This is the error raised when a source is HTTPS and OpenSSL didn't load
     class SSLError < HTTPError
       def initialize(msg = nil)
-        super msg || "Could not load OpenSSL.\n" \
-            "You must recompile Ruby with OpenSSL support."
+        super "Could not load OpenSSL.\n" \
+          "You must recompile Ruby with OpenSSL support.\n" \
+          "original error: #{msg}\n"
       end
     end
@@ -72,19 +72,57 @@ module Bundler
       end
     end
+    HTTP_ERRORS = (Downloader::HTTP_RETRYABLE_ERRORS + Downloader::HTTP_NON_RETRYABLE_ERRORS).freeze
+    deprecate_constant :HTTP_ERRORS
+    NET_ERRORS = [
+      :HTTPBadGateway,
+      :HTTPBadRequest,
+      :HTTPFailedDependency,
+      :HTTPForbidden,
+      :HTTPInsufficientStorage,
+      :HTTPMethodNotAllowed,
+      :HTTPMovedPermanently,
+      :HTTPNoContent,
+      :HTTPNotFound,
+      :HTTPNotImplemented,
+      :HTTPPreconditionFailed,
+      :HTTPRequestEntityTooLarge,
+      :HTTPRequestURITooLong,
+      :HTTPUnauthorized,
+      :HTTPUnprocessableEntity,
+      :HTTPUnsupportedMediaType,
+      :HTTPVersionNotSupported,
+    ].freeze
+    deprecate_constant :NET_ERRORS
     # Exceptions classes that should bypass retry attempts. If your password didn't work the
     # first time, it's not going to the third time.
-    NET_ERRORS = [:HTTPBadGateway, :HTTPBadRequest, :HTTPFailedDependency,
-                  :HTTPForbidden, :HTTPInsufficientStorage, :HTTPMethodNotAllowed,
-                  :HTTPMovedPermanently, :HTTPNoContent, :HTTPNotFound,
-                  :HTTPNotImplemented, :HTTPPreconditionFailed, :HTTPRequestEntityTooLarge,
-                  :HTTPRequestURITooLong, :HTTPUnauthorized, :HTTPUnprocessableEntity,
-                  :HTTPUnsupportedMediaType, :HTTPVersionNotSupported].freeze
-    FAIL_ERRORS = begin
-      fail_errors = [AuthenticationRequiredError, BadAuthenticationError, AuthenticationForbiddenError, FallbackError, SecurityError]
-      fail_errors << Gem::Requirement::BadRequirementError
-      fail_errors.concat(NET_ERRORS.map {|e| Gem::Net.const_get(e) })
-    end.freeze
+    FAIL_ERRORS = [
+      AuthenticationRequiredError,
+      BadAuthenticationError,
+      AuthenticationForbiddenError,
+      FallbackError,
+      SecurityError,
+      Gem::Requirement::BadRequirementError,
+      Gem::Net::HTTPBadGateway,
+      Gem::Net::HTTPBadRequest,
+      Gem::Net::HTTPFailedDependency,
+      Gem::Net::HTTPForbidden,
+      Gem::Net::HTTPInsufficientStorage,
+      Gem::Net::HTTPMethodNotAllowed,
+      Gem::Net::HTTPMovedPermanently,
+      Gem::Net::HTTPNoContent,
+      Gem::Net::HTTPNotFound,
+      Gem::Net::HTTPNotImplemented,
+      Gem::Net::HTTPPreconditionFailed,
+      Gem::Net::HTTPRequestEntityTooLarge,
+      Gem::Net::HTTPRequestURITooLong,
+      Gem::Net::HTTPUnauthorized,
+      Gem::Net::HTTPUnprocessableEntity,
+      Gem::Net::HTTPUnsupportedMediaType,
+      Gem::Net::HTTPVersionNotSupported,
+    ].freeze
     class << self
       attr_accessor :disable_endpoint, :api_timeout, :redirect_limit, :max_retries
@@ -111,7 +149,7 @@ module Bundler
       spec -= [nil, "ruby", ""]
       spec_file_name = "#{spec.join "-"}.gemspec"
-      uri = Bundler::URI.parse("#{remote_uri}#{Gem::MARSHAL_SPEC_DIR}#{spec_file_name}.rz")
+      uri = Gem::URI.parse("#{remote_uri}#{Gem::MARSHAL_SPEC_DIR}#{spec_file_name}.rz")
       spec = if uri.scheme == "file"
         path = Gem::Util.correct_for_windows_path(uri.path)
         Bundler.safe_load_marshal Bundler.rubygems.inflate(Gem.read_binary(path))
@@ -182,7 +220,7 @@ module Bundler
         agent << " ci/#{cis.join(",")}" if cis.any?
         # add a random ID so we can consolidate runs server-side
-        agent << " " << SecureRandom.hex(8)
+        agent << " " << Gem::SecureRandom.hex(8)
         # add any user agent strings set in the config
         extra_ua = Bundler.settings[:user_agent]
@@ -251,11 +289,17 @@ module Bundler
         needs_ssl = remote_uri.scheme == "https" ||
                     Bundler.settings[:ssl_verify_mode] ||
                     Bundler.settings[:ssl_client_cert]
-        raise SSLError if needs_ssl && !defined?(OpenSSL::SSL)
+        if needs_ssl
+          begin
+            require "openssl"
+          rescue StandardError, LoadError => e
+            raise SSLError.new(e.message)
+          end
+        end
         con = Gem::Net::HTTP::Persistent.new name: "bundler", proxy: :ENV
         if gem_proxy = Gem.configuration[:http_proxy]
-          con.proxy = Bundler::URI.parse(gem_proxy) if gem_proxy != :no_proxy
+          con.proxy = Gem::URI.parse(gem_proxy) if gem_proxy != :no_proxy
         end
         if remote_uri.scheme == "https"
@@ -287,13 +331,6 @@ module Bundler
       paths.find {|path| File.file? path }
     end
-    HTTP_ERRORS = [
-      Gem::Timeout::Error, EOFError, SocketError, Errno::ENETDOWN, Errno::ENETUNREACH,
-      Errno::EINVAL, Errno::ECONNRESET, Errno::ETIMEDOUT, Errno::EAGAIN,
-      Gem::Net::HTTPBadResponse, Gem::Net::HTTPHeaderSyntaxError, Gem::Net::ProtocolError,
-      Gem::Net::HTTP::Persistent::Error, Zlib::BufError, Errno::EHOSTUNREACH
-    ].freeze
     def bundler_cert_store
       store = OpenSSL::X509::Store.new
       ssl_ca_cert = Bundler.settings[:ssl_ca_cert] ||

data/bundler/lib/bundler/force_platform.rb CHANGED Viewed

@@ -2,8 +2,6 @@
 module Bundler
   module ForcePlatform
-    private
     # The `:force_ruby_platform` value used by dependencies for resolution, and
     # by locked specifications for materialization is `false` by default, except
     # for TruffleRuby. TruffleRuby generally needs to force the RUBY platform

data/bundler/lib/bundler/friendly_errors.rb CHANGED Viewed

@@ -80,7 +80,7 @@ module Bundler
         First, try this link to see if there are any existing issue reports for this error:
         #{issues_url(e)}
-        If there aren't any reports for this error yet, please fill in the new issue form located at #{new_issue_url}, and copy and paste the report template above in there.
+        If there aren't any reports for this error yet, please fill in the new issue form located at #{new_issue_url}. Make sure to copy and paste the full output of this command under the "What happened instead?" section.
       EOS
     end
@@ -102,7 +102,8 @@ module Bundler
     def issues_url(exception)
       message = exception.message.lines.first.tr(":", " ").chomp
       message = message.split("-").first if exception.is_a?(Errno)
-      require "cgi"
+      require "cgi/escape"
+      require "cgi/util" unless defined?(CGI::EscapeExt)
       "https://github.com/rubygems/rubygems/search?q=" \
         "#{CGI.escape(message)}&type=Issues"
     end

data/bundler/lib/bundler/gem_helper.rb CHANGED Viewed

@@ -47,7 +47,7 @@ module Bundler
         built_gem_path = build_gem
       end
-      desc "Generate SHA512 checksum if #{name}-#{version}.gem into the checksums directory."
+      desc "Generate SHA512 checksum of #{name}-#{version}.gem into the checksums directory."
       task "build:checksum" => "build" do
         build_checksum(built_gem_path)
       end

data/bundler/lib/bundler/gem_version_promoter.rb CHANGED Viewed

@@ -45,17 +45,37 @@ module Bundler
     # Given a Resolver::Package and an Array of Specifications of available
     # versions for a gem, this method will return the Array of Specifications
-    # sorted (and possibly truncated if strict is true) in an order to give
-    # preference to the current level (:major, :minor or :patch) when resolution
-    # is deciding what versions best resolve all dependencies in the bundle.
+    # sorted in an order to give preference to the current level (:major, :minor
+    # or :patch) when resolution is deciding what versions best resolve all
+    # dependencies in the bundle.
     # @param package [Resolver::Package] The package being resolved.
     # @param specs [Specification] An array of Specifications for the package.
-    # @return [Specification] A new instance of the Specification Array sorted and
-    #    possibly filtered.
+    # @return [Specification] A new instance of the Specification Array sorted.
     def sort_versions(package, specs)
-      specs = filter_dep_specs(specs, package) if strict
+      locked_version = package.locked_version
-      sort_dep_specs(specs, package)
+      result = specs.sort do |a, b|
+        unless package.prerelease_specified? || pre?
+          a_pre = a.prerelease?
+          b_pre = b.prerelease?
+          next 1 if a_pre && !b_pre
+          next -1 if b_pre && !a_pre
+        end
+        if major? || locked_version.nil?
+          b <=> a
+        elsif either_version_older_than_locked?(a, b, locked_version)
+          b <=> a
+        elsif segments_do_not_match?(a, b, :major)
+          a <=> b
+        elsif !minor? && segments_do_not_match?(a, b, :minor)
+          a <=> b
+        else
+          b <=> a
+        end
+      end
+      post_sort(result, package.unlock?, locked_version)
     end
     # @return [bool] Convenience method for testing value of level variable.
@@ -73,9 +93,18 @@ module Bundler
       pre == true
     end
-    private
+    # Given a Resolver::Package and an Array of Specifications of available
+    # versions for a gem, this method will truncate the Array if strict
+    # is true. That means filtering out downgrades from the version currently
+    # locked, and filtering out upgrades that go past the selected level (major,
+    # minor, or patch).
+    # @param package [Resolver::Package] The package being resolved.
+    # @param specs [Specification] An array of Specifications for the package.
+    # @return [Specification] A new instance of the Specification Array
+    #   truncated.
+    def filter_versions(package, specs)
+      return specs unless strict
-    def filter_dep_specs(specs, package)
       locked_version = package.locked_version
       return specs if locked_version.nil? || major?
@@ -89,32 +118,7 @@ module Bundler
       end
     end
-    def sort_dep_specs(specs, package)
-      locked_version = package.locked_version
-      result = specs.sort do |a, b|
-        unless package.prerelease_specified? || pre?
-          a_pre = a.prerelease?
-          b_pre = b.prerelease?
-          next -1 if a_pre && !b_pre
-          next  1 if b_pre && !a_pre
-        end
-        if major? || locked_version.nil?
-          a <=> b
-        elsif either_version_older_than_locked?(a, b, locked_version)
-          a <=> b
-        elsif segments_do_not_match?(a, b, :major)
-          b <=> a
-        elsif !minor? && segments_do_not_match?(a, b, :minor)
-          b <=> a
-        else
-          a <=> b
-        end
-      end
-      post_sort(result, package.unlock?, locked_version)
-    end
+    private
     def either_version_older_than_locked?(a, b, locked_version)
       a.version < locked_version || b.version < locked_version
@@ -128,18 +132,16 @@ module Bundler
     # Specific version moves can't always reliably be done during sorting
     # as not all elements are compared against each other.
     def post_sort(result, unlock, locked_version)
-      # default :major behavior in Bundler does not do this
-      return result if major?
       if unlock || locked_version.nil?
         result
       else
-        move_version_to_end(result, locked_version)
+        move_version_to_beginning(result, locked_version)
       end
     end
-    def move_version_to_end(result, version)
+    def move_version_to_beginning(result, version)
       move, keep = result.partition {|s| s.version.to_s == version.to_s }
-      keep.concat(move)
+      move.concat(keep)
     end
   end
 end

data/bundler/lib/bundler/index.rb CHANGED Viewed

@@ -131,6 +131,11 @@ module Bundler
       return unless other
       other.each do |spec|
         if existing = find_by_spec(spec)
+          unless dependencies_eql?(existing, spec)
+            Bundler.ui.warn "Local specification for #{spec.full_name} has different dependencies than the remote gem, ignoring it"
+            next
+          end
           add_duplicate(existing)
         end
         add spec
@@ -153,8 +158,8 @@ module Bundler
     end
     def dependencies_eql?(spec, other_spec)
-      deps       = spec.dependencies.select {|d| d.type != :development }
-      other_deps = other_spec.dependencies.select {|d| d.type != :development }
+      deps       = spec.runtime_dependencies
+      other_deps = other_spec.runtime_dependencies
       deps.sort == other_deps.sort
     end