rubygems-update 3.5.9 → 3.5.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (84) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +66 -1
  3. data/CODE_OF_CONDUCT.md +79 -28
  4. data/CONTRIBUTING.md +2 -2
  5. data/Manifest.txt +1 -0
  6. data/POLICIES.md +75 -6
  7. data/bundler/CHANGELOG.md +52 -0
  8. data/bundler/lib/bundler/build_metadata.rb +2 -2
  9. data/bundler/lib/bundler/cli/install.rb +1 -1
  10. data/bundler/lib/bundler/cli.rb +5 -22
  11. data/bundler/lib/bundler/compact_index_client/cache.rb +16 -7
  12. data/bundler/lib/bundler/constants.rb +8 -1
  13. data/bundler/lib/bundler/definition.rb +70 -50
  14. data/bundler/lib/bundler/dependency.rb +2 -1
  15. data/bundler/lib/bundler/environment_preserver.rb +2 -20
  16. data/bundler/lib/bundler/errors.rb +14 -0
  17. data/bundler/lib/bundler/gem_helper.rb +1 -1
  18. data/bundler/lib/bundler/injector.rb +2 -1
  19. data/bundler/lib/bundler/installer.rb +8 -8
  20. data/bundler/lib/bundler/man/bundle-add.1 +1 -1
  21. data/bundler/lib/bundler/man/bundle-binstubs.1 +1 -1
  22. data/bundler/lib/bundler/man/bundle-cache.1 +1 -1
  23. data/bundler/lib/bundler/man/bundle-check.1 +3 -1
  24. data/bundler/lib/bundler/man/bundle-check.1.ronn +3 -0
  25. data/bundler/lib/bundler/man/bundle-clean.1 +1 -1
  26. data/bundler/lib/bundler/man/bundle-config.1 +1 -3
  27. data/bundler/lib/bundler/man/bundle-config.1.ronn +0 -3
  28. data/bundler/lib/bundler/man/bundle-console.1 +1 -1
  29. data/bundler/lib/bundler/man/bundle-doctor.1 +1 -1
  30. data/bundler/lib/bundler/man/bundle-exec.1 +1 -1
  31. data/bundler/lib/bundler/man/bundle-gem.1 +1 -1
  32. data/bundler/lib/bundler/man/bundle-help.1 +1 -1
  33. data/bundler/lib/bundler/man/bundle-info.1 +1 -1
  34. data/bundler/lib/bundler/man/bundle-init.1 +1 -1
  35. data/bundler/lib/bundler/man/bundle-inject.1 +1 -1
  36. data/bundler/lib/bundler/man/bundle-install.1 +1 -1
  37. data/bundler/lib/bundler/man/bundle-list.1 +1 -1
  38. data/bundler/lib/bundler/man/bundle-lock.1 +1 -1
  39. data/bundler/lib/bundler/man/bundle-open.1 +1 -1
  40. data/bundler/lib/bundler/man/bundle-outdated.1 +1 -1
  41. data/bundler/lib/bundler/man/bundle-platform.1 +1 -1
  42. data/bundler/lib/bundler/man/bundle-plugin.1 +1 -1
  43. data/bundler/lib/bundler/man/bundle-pristine.1 +1 -1
  44. data/bundler/lib/bundler/man/bundle-remove.1 +1 -1
  45. data/bundler/lib/bundler/man/bundle-show.1 +1 -1
  46. data/bundler/lib/bundler/man/bundle-update.1 +1 -1
  47. data/bundler/lib/bundler/man/bundle-version.1 +1 -1
  48. data/bundler/lib/bundler/man/bundle-viz.1 +1 -1
  49. data/bundler/lib/bundler/man/bundle.1 +1 -1
  50. data/bundler/lib/bundler/man/gemfile.5 +1 -1
  51. data/bundler/lib/bundler/rubygems_ext.rb +29 -9
  52. data/bundler/lib/bundler/self_manager.rb +1 -1
  53. data/bundler/lib/bundler/settings.rb +0 -1
  54. data/bundler/lib/bundler/setup.rb +3 -0
  55. data/bundler/lib/bundler/shared_helpers.rb +6 -4
  56. data/bundler/lib/bundler/source/git/git_proxy.rb +8 -0
  57. data/bundler/lib/bundler/source/metadata.rb +2 -0
  58. data/bundler/lib/bundler/source/rubygems.rb +6 -18
  59. data/bundler/lib/bundler/source_list.rb +28 -4
  60. data/bundler/lib/bundler/spec_set.rb +1 -1
  61. data/bundler/lib/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt +77 -29
  62. data/bundler/lib/bundler/version.rb +1 -1
  63. data/bundler/lib/bundler.rb +20 -0
  64. data/exe/update_rubygems +1 -1
  65. data/lib/rubygems/commands/pristine_command.rb +9 -6
  66. data/lib/rubygems/commands/setup_command.rb +2 -0
  67. data/lib/rubygems/commands/uninstall_command.rb +1 -1
  68. data/lib/rubygems/commands/update_command.rb +8 -9
  69. data/lib/rubygems/dependency.rb +1 -13
  70. data/lib/rubygems/deprecate.rb +79 -77
  71. data/lib/rubygems/ext/cargo_builder.rb +1 -16
  72. data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +3 -1
  73. data/lib/rubygems/installer.rb +1 -1
  74. data/lib/rubygems/package/tar_header.rb +20 -4
  75. data/lib/rubygems/package.rb +11 -6
  76. data/lib/rubygems/platform.rb +1 -0
  77. data/lib/rubygems/specification.rb +35 -117
  78. data/lib/rubygems/specification_policy.rb +3 -1
  79. data/lib/rubygems/specification_record.rb +213 -0
  80. data/lib/rubygems/uninstaller.rb +15 -9
  81. data/lib/rubygems/util/licenses.rb +25 -0
  82. data/lib/rubygems.rb +8 -1
  83. data/rubygems-update.gemspec +1 -1
  84. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3ab914e068825c9de5c8d4452b8567dafcd64c4caf771657e3b345acf5280148
4
- data.tar.gz: adcba32efcf1df21e5cf908ecb21a3e4aafa3b0d701cf90dfd4dabe9105f471d
3
+ metadata.gz: bd4f648b70b6865239d7b78c7773946b5be7fa737c540ffcc33e1266e1ef3f88
4
+ data.tar.gz: 4c94ce1d451e13399cf9c29154707d75b5bde5dfe2a663864dff4587bf724017
5
5
  SHA512:
6
- metadata.gz: 64ee2b3cd6e7f2697ceae3e588e413896410e80fa7038f2cf9c6c59f1ee423c216e79bfa22c6c1775aa6ae286d110dbc949b331edb87f7e08e202af89634d1ef
7
- data.tar.gz: 610bc73529da5c2093c09712ac75d93fdb3896a9391425364e3bd9f419db93ee5989ad3e0c4fdd309c9d758bd4f925a90f52ed5e30e0f137a1b5403bdb235421
6
+ metadata.gz: 4ea473f16af7b832d500c6b5692039281f77f5f581fe1f114d7f183443bfb4149a415fc5f021d8255662d5712a369d0a52d943367962ea14b301b7f12ef859f5
7
+ data.tar.gz: 492b437441e43a45505cb6223c7e317341eee786436cc44bd619dd00f765c07867bcd8b11824eef968360e6798aa9c83013e543a69466c48b81cb51f0a831979
data/CHANGELOG.md CHANGED
@@ -1,3 +1,68 @@
1
+ # 3.5.11 / 2024-05-28
2
+
3
+ ## Enhancements:
4
+
5
+ * Update SPDX license list as of 2024-05-22. Pull request
6
+ [#7689](https://github.com/rubygems/rubygems/pull/7689) by
7
+ github-actions[bot]
8
+ * Fix the update_rubygems inconsistency (--disable-gems). Pull request
9
+ [#7658](https://github.com/rubygems/rubygems/pull/7658) by x-yuri
10
+ * Accept WASI as an OS name in Gem::Platform. Pull request
11
+ [#7629](https://github.com/rubygems/rubygems/pull/7629) by kateinoigakukun
12
+ * Warn if RubyGems version explicitly set in gemspec does not match
13
+ running version. Pull request
14
+ [#7460](https://github.com/rubygems/rubygems/pull/7460) by
15
+ deivid-rodriguez
16
+ * Installs bundler 2.5.11 as a default gem.
17
+
18
+ ## Bug fixes:
19
+
20
+ * Fix binstubs sometimes not getting regenerated when `--destdir` is
21
+ given. Pull request
22
+ [#7660](https://github.com/rubygems/rubygems/pull/7660) by
23
+ deivid-rodriguez
24
+ * Fix `gem uninstall --user-install` for symlinked HOME. Pull request
25
+ [#7645](https://github.com/rubygems/rubygems/pull/7645) by
26
+ deivid-rodriguez
27
+ * Fix issue when plugin stubs would sometimes not be properly removed by
28
+ `gem uninstall`. Pull request
29
+ [#7631](https://github.com/rubygems/rubygems/pull/7631) by
30
+ deivid-rodriguez
31
+ * Fix plugins uninstallation for user installed gems. Pull request
32
+ [#6456](https://github.com/rubygems/rubygems/pull/6456) by voxik
33
+
34
+ ## Performance:
35
+
36
+ * Use a constant empty tar header to avoid extra allocations. Pull request
37
+ [#7484](https://github.com/rubygems/rubygems/pull/7484) by segiddins
38
+
39
+ ## Documentation:
40
+
41
+ * Recommend `bin/rake` over `rake` in contributing docs. Pull request
42
+ [#7648](https://github.com/rubygems/rubygems/pull/7648) by
43
+ deivid-rodriguez
44
+
45
+ # 3.5.10 / 2024-05-03
46
+
47
+ ## Security:
48
+
49
+ * Add a limit to the size of the metadata and checksums files in a gem
50
+ package. Pull request
51
+ [#7568](https://github.com/rubygems/rubygems/pull/7568) by segiddins
52
+
53
+ ## Enhancements:
54
+
55
+ * Don't fully require `rubygems` from `rubygems/package` to prevent some
56
+ circular require warnings when using Bundler. Pull request
57
+ [#7612](https://github.com/rubygems/rubygems/pull/7612) by
58
+ deivid-rodriguez
59
+ * Installs bundler 2.5.10 as a default gem.
60
+
61
+ ## Bug fixes:
62
+
63
+ * Rename credential email to identifier in WebAuthn poller. Pull request
64
+ [#7623](https://github.com/rubygems/rubygems/pull/7623) by jenshenny
65
+
1
66
  # 3.5.9 / 2024-04-12
2
67
 
3
68
  ## Enhancements:
@@ -5928,7 +5993,7 @@ There has been some minor usability enhancements and changes ...
5928
5993
  This *greatly* speeds up gem commands run in non-admin mode when the
5929
5994
  site-wide cache is out of date.
5930
5995
  * The gem command now used an HTTP HEAD command to detect if the
5931
- server's source index needs to be downloaed.
5996
+ server's source index needs to be downloaded.
5932
5997
  * gem check gemname --test will run unit tests on installed gems that
5933
5998
  have unit tests.
5934
5999
  * Multiple gem names are allowed on the gem install command line.
data/CODE_OF_CONDUCT.md CHANGED
@@ -2,80 +2,131 @@
2
2
 
3
3
  ## Our Pledge
4
4
 
5
- We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
5
+ We as members, contributors, and leaders pledge to make participation in our
6
+ community a harassment-free experience for everyone, regardless of age, body
7
+ size, visible or invisible disability, ethnicity, sex characteristics, gender
8
+ identity and expression, level of experience, education, socio-economic status,
9
+ nationality, personal appearance, race, caste, color, religion, or sexual
10
+ identity and orientation.
6
11
 
7
- We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
12
+ We pledge to act and interact in ways that contribute to an open, welcoming,
13
+ diverse, inclusive, and healthy community.
8
14
 
9
15
  ## Our Standards
10
16
 
11
- Examples of behavior that contributes to a positive environment for our community include:
17
+ Examples of behavior that contributes to a positive environment for our
18
+ community include:
12
19
 
13
20
  * Demonstrating empathy and kindness toward other people
14
21
  * Being respectful of differing opinions, viewpoints, and experiences
15
22
  * Giving and gracefully accepting constructive feedback
16
- * Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
17
- * Focusing on what is best not just for us as individuals, but for the overall community
23
+ * Accepting responsibility and apologizing to those affected by our mistakes,
24
+ and learning from the experience
25
+ * Focusing on what is best not just for us as individuals, but for the overall
26
+ community
18
27
 
19
28
  Examples of unacceptable behavior include:
20
29
 
21
- * The use of sexualized language or imagery, and sexual attention or advances of any kind
30
+ * The use of sexualized language or imagery, and sexual attention or advances of
31
+ any kind
22
32
  * Trolling, insulting or derogatory comments, and personal or political attacks
23
33
  * Public or private harassment
24
- * Publishing others' private information, such as a physical or email address, without their explicit permission
25
- * Other conduct which could reasonably be considered inappropriate in a professional setting
34
+ * Publishing others' private information, such as a physical or email address,
35
+ without their explicit permission
36
+ * Other conduct which could reasonably be considered inappropriate in a
37
+ professional setting
26
38
 
27
39
  ## Enforcement Responsibilities
28
40
 
29
- Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
41
+ Community leaders are responsible for clarifying and enforcing our standards of
42
+ acceptable behavior and will take appropriate and fair corrective action in
43
+ response to any behavior that they deem inappropriate, threatening, offensive,
44
+ or harmful.
30
45
 
31
- Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
46
+ Community leaders have the right and responsibility to remove, edit, or reject
47
+ comments, commits, code, wiki edits, issues, and other contributions that are
48
+ not aligned to this Code of Conduct, and will communicate reasons for moderation
49
+ decisions when appropriate.
32
50
 
33
51
  ## Scope
34
52
 
35
- This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
53
+ This Code of Conduct applies within all community spaces, and also applies when
54
+ an individual is officially representing the community in public spaces.
55
+ Examples of representing our community include using an official email address,
56
+ posting via an official social media account, or acting as an appointed
57
+ representative at an online or offline event.
36
58
 
37
59
  ## Enforcement
38
60
 
39
- Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at team@bundler.io, or directly contacting project team members via email or Slack. All complaints will be reviewed and investigated promptly and fairly.
61
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
62
+ reported to the community leaders responsible for enforcement at
63
+ team@bundler.io.
64
+ All complaints will be reviewed and investigated promptly and fairly.
40
65
 
41
- All community leaders are obligated to respect the privacy and security of the reporter of any incident.
66
+ All community leaders are obligated to respect the privacy and security of the
67
+ reporter of any incident.
42
68
 
43
69
  ## Enforcement Guidelines
44
70
 
45
- Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
71
+ Community leaders will follow these Community Impact Guidelines in determining
72
+ the consequences for any action they deem in violation of this Code of Conduct:
46
73
 
47
74
  ### 1. Correction
48
75
 
49
- **Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
76
+ **Community Impact**: Use of inappropriate language or other behavior deemed
77
+ unprofessional or unwelcome in the community.
50
78
 
51
- **Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
79
+ **Consequence**: A private, written warning from community leaders, providing
80
+ clarity around the nature of the violation and an explanation of why the
81
+ behavior was inappropriate. A public apology may be requested.
52
82
 
53
83
  ### 2. Warning
54
84
 
55
- **Community Impact**: A violation through a single incident or series of actions.
85
+ **Community Impact**: A violation through a single incident or series of
86
+ actions.
56
87
 
57
- **Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban.
88
+ **Consequence**: A warning with consequences for continued behavior. No
89
+ interaction with the people involved, including unsolicited interaction with
90
+ those enforcing the Code of Conduct, for a specified period of time. This
91
+ includes avoiding interactions in community spaces as well as external channels
92
+ like social media. Violating these terms may lead to a temporary or permanent
93
+ ban.
58
94
 
59
95
  ### 3. Temporary Ban
60
96
 
61
- **Community Impact**: A serious violation of community standards, including sustained inappropriate behavior.
97
+ **Community Impact**: A serious violation of community standards, including
98
+ sustained inappropriate behavior.
62
99
 
63
- **Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
100
+ **Consequence**: A temporary ban from any sort of interaction or public
101
+ communication with the community for a specified period of time. No public or
102
+ private interaction with the people involved, including unsolicited interaction
103
+ with those enforcing the Code of Conduct, is allowed during this period.
104
+ Violating these terms may lead to a permanent ban.
64
105
 
65
106
  ### 4. Permanent Ban
66
107
 
67
- **Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
108
+ **Community Impact**: Demonstrating a pattern of violation of community
109
+ standards, including sustained inappropriate behavior, harassment of an
110
+ individual, or aggression toward or disparagement of classes of individuals.
68
111
 
69
- **Consequence**: A permanent ban from any sort of public interaction within the community.
112
+ **Consequence**: A permanent ban from any sort of public interaction within the
113
+ community.
70
114
 
71
115
  ## Attribution
72
116
 
73
- This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.0,
74
- available at https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
117
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage],
118
+ version 2.1, available at
119
+ [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
75
120
 
76
- Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity).
77
-
78
- [homepage]: https://www.contributor-covenant.org
121
+ Community Impact Guidelines were inspired by
122
+ [Mozilla's code of conduct enforcement ladder][Mozilla CoC].
79
123
 
80
124
  For answers to common questions about this code of conduct, see the FAQ at
81
- https://www.contributor-covenant.org/faq. Translations are available at https://www.contributor-covenant.org/translations.
125
+ [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
126
+ [https://www.contributor-covenant.org/translations][translations].
127
+
128
+ [homepage]: https://www.contributor-covenant.org
129
+ [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
130
+ [Mozilla CoC]: https://github.com/mozilla/diversity
131
+ [FAQ]: https://www.contributor-covenant.org/faq
132
+ [translations]: https://www.contributor-covenant.org/translations
data/CONTRIBUTING.md CHANGED
@@ -31,7 +31,7 @@ here: https://guides.rubygems.org/contributing/
31
31
 
32
32
  ### Installing dependencies
33
33
 
34
- rake setup
34
+ bin/rake setup
35
35
 
36
36
  > **NOTE**: If the above fails with permission related errors, you're most
37
37
  > likely using a global Ruby installation (like the one packaged by your OS),
@@ -58,7 +58,7 @@ To run commands like `bundle install` from the repo:
58
58
 
59
59
  To run the entire test suite you can use:
60
60
 
61
- rake test
61
+ bin/rake test
62
62
 
63
63
  To run an individual test file located for example in `test/rubygems/test_deprecate.rb` you can use:
64
64
 
data/Manifest.txt CHANGED
@@ -515,6 +515,7 @@ lib/rubygems/source_list.rb
515
515
  lib/rubygems/spec_fetcher.rb
516
516
  lib/rubygems/specification.rb
517
517
  lib/rubygems/specification_policy.rb
518
+ lib/rubygems/specification_record.rb
518
519
  lib/rubygems/ssl_certs/.document
519
520
  lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem
520
521
  lib/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem
data/POLICIES.md CHANGED
@@ -65,6 +65,59 @@ Bundler:
65
65
  have to work on weekends.
66
66
  * Continue with the regular release process below.
67
67
 
68
+ ### Branching
69
+
70
+ Bundler releases are synchronized with rubygems releases at the moment. That
71
+ means that releases for both share the same stable branch, and they should
72
+ generally happen together.
73
+
74
+ The current conventional naming for stable branches is `x+1.y`, where `x.y` is
75
+ the version of `bundler` that will be released. This is because `rubygems-x+1.y`
76
+ will be released at the same time.
77
+
78
+ For example, `rubygems-3.2.0` and `bundler-2.2.0` were both released from the
79
+ `3.2` stable branch.
80
+
81
+ Once a stable branch has been cut from `master`, changes for that minor release
82
+ series are only made _intentionally_, via patch releases. That is to say,
83
+ changes to `master` by default _won't_ make their way into the current stable
84
+ branch, and development on `master` will be targeting the next minor
85
+ or major release.
86
+
87
+ There is a `rake prepare_release[<target_rubygems_version>]` rake task
88
+ that helps with creating a release. It takes a single argument, the _exact
89
+ rubygems release_ being made (e.g. `3.2.3` when releasing bundler `2.2.3`).
90
+ This task checks out the appropriate stable branch (`3.2`, for example), grabs
91
+ all merged but unreleased PRs from both bundler & rubygems from GitHub that are
92
+ compatible with the target release level, and then cherry-picks those changes
93
+ (and only those changes) to a new branch based off the stable branch. Then bumps
94
+ the version in all version files, synchronizes both changelogs to include all
95
+ backported changes and commits that change on top of the cherry-picks.
96
+
97
+ Note that this task requires all user facing pull requests to be tagged with
98
+ specific labels. See [Merging a PR](/bundler/doc/playbooks/MERGING_A_PR.md) for details.
99
+
100
+ Also note that when this task cherry-picks, it cherry-picks the merge commits
101
+ using the following command:
102
+
103
+ ```bash
104
+ $ git cherry-pick -m 1 MERGE_COMMIT_SHAS
105
+ ```
106
+
107
+ For example, for PR [#5029](https://github.com/rubygems/bundler/pull/5029), we
108
+ cherry picked commit [dd6aef9](https://github.com/rubygems/bundler/commit/dd6aef97a5f2e7173f406267256a8c319d6134ab),
109
+ not [4fe9291](https://github.com/rubygems/bundler/commit/4fe92919f51e3463f0aad6fa833ab68044311f03)
110
+ using:
111
+
112
+ ```bash
113
+ $ git cherry-pick -m 1 dd6aef9
114
+ ```
115
+
116
+ After running the task, you'll have a release branch ready to be merged into the
117
+ stable branch. You'll want to open a PR from this branch into the stable branch
118
+ and provided CI is green, you can go ahead, merge the PR and run release tasks
119
+ as specified below from the updated stable branch.
120
+
68
121
  ### Automatic changelog and backport generation
69
122
 
70
123
  PR labels and titles are used to automatically generate changelogs for patch and
@@ -85,12 +138,28 @@ backporting a PR generates conflicts that are solved by backporting another PR
85
138
  with no user visible changes. You can use these special labels to also backport
86
139
  the other PR and not get any conflicts.
87
140
 
141
+ ### Breaking changes
142
+
143
+ Bundler cares a lot about preserving compatibility. As a result, changes that
144
+ break backwards compatibility should (whenever this is possible) include a feature
145
+ release that is backwards compatible, and issue warnings for all options and
146
+ behaviors that will change.
147
+
148
+ We only release major breaking changes when incrementing the _major_ version of
149
+ Bundler and RubyGems. However, experience shows that almost every single part of
150
+ Bundler and RubyGems is depended on by someone in ways hard to anticipate. So if
151
+ we were strict about breaking changes we'd need to hold on from making progress
152
+ a lot, or continuously increment the major version, emptying "really major"
153
+ versions from their meaning. Because of this, we also may release "small"
154
+ breaking changes in minor releases. "Small" here means that we expect them to
155
+ affect only very few users in rare cases.
156
+
88
157
  ### Steps for patch releases
89
158
 
90
159
  * Confirm all PRs that you want backported are properly tagged with `rubygems:
91
160
  <type>` or `bundler: <type>` labels at GitHub.
92
- * Run `rake prepare_release[<target_version>]`. This will create a PR to the
93
- stable branch with the backports included in the release, and proper
161
+ * Run `rake prepare_release[<target_rubygems_version>]`. This will create a PR
162
+ to the stable branch with the backports included in the release, and proper
94
163
  changelogs and version bumps. It will also create a PR to merge release
95
164
  changelogs into master.
96
165
  * Once CI passes, merge the release PR, switch to the stable branch and pull
@@ -102,10 +171,10 @@ the other PR and not get any conflicts.
102
171
 
103
172
  * Confirm all PRs that you want listed in changelogs are properly tagged with
104
173
  `rubygems: <type>` or `bundler: <type>` labels at GitHub.
105
- * Run `rake prepare_release[<target_version>]`. This will create a new stable
106
- branch off the master branch, and create a PR to it with the proper version
107
- bumps and changelogs. It will also create a PR to merge release changelogs
108
- into master.
174
+ * Run `rake prepare_release[<target_rubygems_version>]`. This will create a
175
+ new stable branch off the master branch, and create a PR to it with the
176
+ proper version bumps and changelogs. It will also create a PR to merge
177
+ release changelogs into master.
109
178
  * Replace the stable branch in the workflows with the new stable branch, and
110
179
  push that change to the release PR.
111
180
  * Replace version numbers with the next ".dev" version, and push that change
data/bundler/CHANGELOG.md CHANGED
@@ -1,3 +1,55 @@
1
+ # 2.5.11 (May 28, 2024)
2
+
3
+ ## Deprecations:
4
+
5
+ - Deprecate Bundler constants [#7653](https://github.com/rubygems/rubygems/pull/7653)
6
+
7
+ ## Enhancements:
8
+
9
+ - Bump `bundle gem` generated COC to Contributor Covenant 2.1 [#7692](https://github.com/rubygems/rubygems/pull/7692)
10
+ - Retry a full clone when git server does not support shallow capabilities [#7649](https://github.com/rubygems/rubygems/pull/7649)
11
+
12
+ ## Bug fixes:
13
+
14
+ - Fix regression when caching gems from secondary sources [#7659](https://github.com/rubygems/rubygems/pull/7659)
15
+ - Fix error when Bundler installation is corrupted [#7642](https://github.com/rubygems/rubygems/pull/7642)
16
+ - Fix crash caused by RubyGems `require` gem activation logic running before Bundler can properly register its own monkeypatches [#7647](https://github.com/rubygems/rubygems/pull/7647)
17
+
18
+ ## Performance:
19
+
20
+ - Update cache checksums to decrease string allocations [#7637](https://github.com/rubygems/rubygems/pull/7637)
21
+ - Fix performance regression in applications with a local cache [#7680](https://github.com/rubygems/rubygems/pull/7680)
22
+
23
+ ## Documentation:
24
+
25
+ - Recommend `bin/rake` over `rake` in contributing docs [#7648](https://github.com/rubygems/rubygems/pull/7648)
26
+ - Monthly man update for May 2024 [#7640](https://github.com/rubygems/rubygems/pull/7640)
27
+ - Clarify Bundler support policy [#7633](https://github.com/rubygems/rubygems/pull/7633)
28
+
29
+ # 2.5.10 (May 3, 2024)
30
+
31
+ ## Security:
32
+
33
+ - Never write credentials to lockfiles [#7560](https://github.com/rubygems/rubygems/pull/7560)
34
+
35
+ ## Enhancements:
36
+
37
+ - Add auto_install support to require "bundler/setup" [#6561](https://github.com/rubygems/rubygems/pull/6561)
38
+ - Add `--glob` flag to `bundle add` [#7557](https://github.com/rubygems/rubygems/pull/7557)
39
+
40
+ ## Bug fixes:
41
+
42
+ - Make sure `bundle update <specific_gems>` can always update to the latest resolvable version of each requested gem [#7558](https://github.com/rubygems/rubygems/pull/7558)
43
+ - Show better error when installed gemspecs are unreadable [#7603](https://github.com/rubygems/rubygems/pull/7603)
44
+ - Fix `bundle update` not working on an out of sync lockfile [#7607](https://github.com/rubygems/rubygems/pull/7607)
45
+ - Don't upcase Windows ENV before backing it up [#7574](https://github.com/rubygems/rubygems/pull/7574)
46
+ - Properly resolve aliases when `bundle help` is run [#7601](https://github.com/rubygems/rubygems/pull/7601)
47
+ - Fix issue installing gems with linux-musl variant on non musl linux [#7583](https://github.com/rubygems/rubygems/pull/7583)
48
+
49
+ ## Documentation:
50
+
51
+ - Clarify `bundle check` behaviour in docs [#7613](https://github.com/rubygems/rubygems/pull/7613)
52
+
1
53
  # 2.5.9 (April 12, 2024)
2
54
 
3
55
  ## Bug fixes:
@@ -4,8 +4,8 @@ module Bundler
4
4
  # Represents metadata from when the Bundler gem was built.
5
5
  module BuildMetadata
6
6
  # begin ivars
7
- @built_at = "2024-04-12".freeze
8
- @git_commit_sha = "4304697e0c".freeze
7
+ @built_at = "2024-05-28".freeze
8
+ @git_commit_sha = "4afb2d450a".freeze
9
9
  @release = true
10
10
  # end ivars
11
11
 
@@ -14,7 +14,7 @@ module Bundler
14
14
 
15
15
  Bundler.self_manager.install_locked_bundler_and_restart_with_it_if_needed
16
16
 
17
- Bundler::SharedHelpers.set_env "RB_USER_INSTALL", "1" if Bundler::FREEBSD
17
+ Bundler::SharedHelpers.set_env "RB_USER_INSTALL", "1" if Gem.freebsd_platform?
18
18
 
19
19
  # Disable color in deployment mode
20
20
  Bundler.ui.shell = Thor::Shell::Basic.new if options[:deployment]
@@ -5,6 +5,7 @@ require_relative "vendored_thor"
5
5
  module Bundler
6
6
  class CLI < Thor
7
7
  require_relative "cli/common"
8
+ require_relative "cli/install"
8
9
 
9
10
  package_name "Bundler"
10
11
 
@@ -69,7 +70,7 @@ module Bundler
69
70
  Bundler.settings.set_command_option_if_given :retry, options[:retry]
70
71
 
71
72
  current_cmd = args.last[:current_command].name
72
- auto_install if AUTO_INSTALL_CMDS.include?(current_cmd)
73
+ Bundler.auto_install if AUTO_INSTALL_CMDS.include?(current_cmd)
73
74
  rescue UnknownArgumentError => e
74
75
  raise InvalidOption, e.message
75
76
  ensure
@@ -114,6 +115,8 @@ module Bundler
114
115
  class_option "verbose", type: :boolean, desc: "Enable verbose output mode", aliases: "-V"
115
116
 
116
117
  def help(cli = nil)
118
+ cli = self.class.all_aliases[cli] if self.class.all_aliases[cli]
119
+
117
120
  case cli
118
121
  when "gemfile" then command = "gemfile"
119
122
  when nil then command = "bundle"
@@ -347,6 +350,7 @@ module Bundler
347
350
  method_option "github", type: :string
348
351
  method_option "branch", type: :string
349
352
  method_option "ref", type: :string
353
+ method_option "glob", type: :string, banner: "The location of a dependency's .gemspec, expanded within Ruby (single quotes recommended)"
350
354
  method_option "skip-install", type: :boolean, banner: "Adds gem to the Gemfile but does not install it"
351
355
  method_option "optimistic", type: :boolean, banner: "Adds optimistic declaration of version to gem"
352
356
  method_option "strict", type: :boolean, banner: "Adds strict declaration of version to gem"
@@ -682,7 +686,6 @@ module Bundler
682
686
  exec_used = args.index {|a| exec_commands.include? a }
683
687
 
684
688
  command = args.find {|a| bundler_commands.include? a }
685
- command = all_aliases[command] if all_aliases[command]
686
689
 
687
690
  if exec_used && help_used
688
691
  if exec_used + help_used == 1
@@ -735,26 +738,6 @@ module Bundler
735
738
 
736
739
  private
737
740
 
738
- # Automatically invoke `bundle install` and resume if
739
- # Bundler.settings[:auto_install] exists. This is set through config cmd
740
- # `bundle config set --global auto_install 1`.
741
- #
742
- # Note that this method `nil`s out the global Definition object, so it
743
- # should be called first, before you instantiate anything like an
744
- # `Installer` that'll keep a reference to the old one instead.
745
- def auto_install
746
- return unless Bundler.settings[:auto_install]
747
-
748
- begin
749
- Bundler.definition.specs
750
- rescue GemNotFound, GitError
751
- Bundler.ui.info "Automatically installing missing gems."
752
- Bundler.reset!
753
- invoke :install, []
754
- Bundler.reset!
755
- end
756
- end
757
-
758
741
  def current_command
759
742
  _, _, config = @_initializer
760
743
  config[:current_command]
@@ -55,14 +55,9 @@ module Bundler
55
55
  end
56
56
 
57
57
  def checksums
58
- checksums = {}
59
-
60
- lines(versions_path).each do |line|
61
- name, _, checksum = line.split(" ", 3)
62
- checksums[name] = checksum
58
+ lines(versions_path).each_with_object({}) do |line, checksums|
59
+ parse_version_checksum(line, checksums)
63
60
  end
64
-
65
- checksums
66
61
  end
67
62
 
68
63
  def dependencies(name)
@@ -106,6 +101,20 @@ module Bundler
106
101
  @dependency_parser.parse(line)
107
102
  end
108
103
 
104
+ # This is mostly the same as `split(" ", 3)` but it avoids allocating extra objects.
105
+ # This method gets called at least once for every gem when parsing versions.
106
+ def parse_version_checksum(line, checksums)
107
+ line.freeze # allows slicing into the string to not allocate a copy of the line
108
+ name_end = line.index(" ")
109
+ checksum_start = line.index(" ", name_end + 1) + 1
110
+ checksum_end = line.size - checksum_start
111
+ # freeze name since it is used as a hash key
112
+ # pre-freezing means a frozen copy isn't created
113
+ name = line[0, name_end].freeze
114
+ checksum = line[checksum_start, checksum_end]
115
+ checksums[name] = checksum
116
+ end
117
+
109
118
  def info_roots
110
119
  [
111
120
  directory.join("info"),
@@ -1,7 +1,14 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "rbconfig"
4
+
3
5
  module Bundler
4
6
  WINDOWS = RbConfig::CONFIG["host_os"] =~ /(msdos|mswin|djgpp|mingw)/
7
+ deprecate_constant :WINDOWS
8
+
5
9
  FREEBSD = RbConfig::CONFIG["host_os"].to_s.include?("bsd")
6
- NULL = File::NULL
10
+ deprecate_constant :FREEBSD
11
+
12
+ NULL = File::NULL
13
+ deprecate_constant :NULL
7
14
  end