rubygems-update 4.0.2 → 4.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c9f59269d6d1048c0621c1a5eebf9a11e4bfb2563437a2321ab7ea7cc88112ae
-  data.tar.gz: cc74dcbadef15de4f55949db6c8260b59a2c32217db792305cbc43f8f9475c2c
+  metadata.gz: f46bbce4276140cd482c5f57e651c9e1b5093d0d0d1fa80305a62dd015f13824
+  data.tar.gz: ed7311da71b209962ca244fa6b1767ddaf556bb2572b3327825b67e7d68d6dde
 SHA512:
-  metadata.gz: dfca31973be9cfacea2aa06e470b47a0c49c4a381c2e5a3fa0cf8ef68bebdb675c62e101cc31bc9c3786fbe3272263792ee77ef13a5869d85fb68e97311d4f91
-  data.tar.gz: 3da6e226d22a6328348ea79ea704e0c6acb99a1090579707aeacbe1984f823e0c8c02330c1aeb1281c61c4ffef17801325bd6c0061b79fe8502997093b6f9bf8
+  metadata.gz: 3be7c427689e3863e1c3e2164758ea267129cdae4ceef0d288d1928bbc686bcb0bb40bf2658da5a6ee7d7699710b7e6d010ccdb731a320ccb8b3ef54b13ca868
+  data.tar.gz: ea3b92eb905288d60b330d2a61efe848ef7ebf630ae3dfdafd9f371540854cd0d5f81b2e88eb596f534c6e09d35b154ffa99e0f7e3d57fe7caabe7137445bc1f

data/CHANGELOG.md

@@ -1,5 +1,29 @@
 # Changelog
 
+## 4.0.4 / 2026-01-15
+
+### Enhancements:
+
+* Remove date require from rebuild command. Pull request
+  [#9232](https://github.com/ruby/rubygems/pull/9232) by jeremyevans
+* Installs bundler 4.0.4 as a default gem.
+
+### Bug fixes:
+
+* Add a missing "require 'etc'" statement:. Pull request
+  [#9242](https://github.com/ruby/rubygems/pull/9242) by Edouard-chin
+
+## 4.0.3 / 2025-12-23
+
+### Enhancements:
+
+* Installs bundler 4.0.3 as a default gem.
+
+### Documentation:
+
+* Fix broken documentation links. Pull request
+  [#9208](https://github.com/ruby/rubygems/pull/9208) by eileencodes
+
 ## 4.0.2 / 2025-12-17
 
 ### Enhancements:

data/bundler/CHANGELOG.md

@@ -1,5 +1,23 @@
 # Changelog
 
+## 4.0.4 (2026-01-15)
+
+### Enhancements:
+
+  - Validate more options for add sub-command [#5905](https://github.com/ruby/rubygems/pull/5905)
+  - Support Ruby 4.1 [#9219](https://github.com/ruby/rubygems/pull/9219)
+
+### Bug fixes:
+
+  - Fix dependency source bug in bundler [#9213](https://github.com/ruby/rubygems/pull/9213)
+  - Retain current bundler version on `bundle clean` [#9221](https://github.com/ruby/rubygems/pull/9221)
+
+## 4.0.3 (2025-12-23)
+
+### Enhancements:
+
+  - Fall back to ruby platform gem when precompiled variant is incompatible [#9211](https://github.com/ruby/rubygems/pull/9211)
+
 ## 4.0.2 (2025-12-17)
 
 ### Enhancements:

data/bundler/lib/bundler/build_metadata.rb

@@ -4,8 +4,8 @@ module Bundler
   # Represents metadata from when the Bundler gem was built.
   module BuildMetadata
     # begin ivars
-    @built_at = "2025-12-17".freeze
-    @git_commit_sha = "03359f8b08".freeze
+    @built_at = "2026-01-15".freeze
+    @git_commit_sha = "49e812f884".freeze
     # end ivars
 
     # A hash representation of the build metadata.

data/bundler/lib/bundler/cli/add.rb

@@ -36,6 +36,16 @@ module Bundler
     end
 
     def validate_options!
+      raise InvalidOption, "You cannot specify `--git` and `--github` at the same time." if options["git"] && options["github"]
+
+      unless options["git"] || options["github"]
+        raise InvalidOption, "You cannot specify `--branch` unless `--git` or `--github` is specified." if options["branch"]
+
+        raise InvalidOption, "You cannot specify `--ref` unless `--git` or `--github` is specified." if options["ref"]
+      end
+
+      raise InvalidOption, "You cannot specify `--branch` and `--ref` at the same time." if options["branch"] && options["ref"]
+
       raise InvalidOption, "You cannot specify `--strict` and `--optimistic` at the same time." if options[:strict] && options[:optimistic]
 
       # raise error when no gems are specified

data/bundler/lib/bundler/current_ruby.rb

@@ -11,7 +11,7 @@ module Bundler
   end
 
   class CurrentRuby
-    ALL_RUBY_VERSIONS = [*18..27, *30..34, 40].freeze
+    ALL_RUBY_VERSIONS = [*18..27, *30..34, *40..41].freeze
     KNOWN_MINOR_VERSIONS = ALL_RUBY_VERSIONS.map {|v| v.digits.reverse.join(".") }.freeze
     KNOWN_MAJOR_VERSIONS = ALL_RUBY_VERSIONS.map {|v| v.digits.last.to_s }.uniq.freeze
     PLATFORM_MAP = {

data/bundler/lib/bundler/definition.rb

@@ -1066,7 +1066,22 @@ module Bundler
 
           deps << dep if !replacement_source || lockfile_source.include?(replacement_source) || new_deps.include?(dep)
         else
-          replacement_source = sources.get(lockfile_source)
+          parent_dep = @dependencies.find do |d|
+            next unless d.source && d.source != lockfile_source
+            next if d.source.is_a?(Source::Gemspec)
+
+            parent_locked_specs = @originally_locked_specs[d.name]
+
+            parent_locked_specs.any? do |parent_spec|
+              parent_spec.runtime_dependencies.any? {|rd| rd.name == s.name }
+            end
+          end
+
+          if parent_dep
+            replacement_source = parent_dep.source
+          else
+            replacement_source = sources.get(lockfile_source)
+          end
         end
 
         # Replace the locked dependency's source with the equivalent source from the Gemfile

data/bundler/lib/bundler/lazy_specification.rb

@@ -138,24 +138,16 @@ module Bundler
       source.local!
 
       if use_exact_resolved_specifications?
-        materialize(self) do |matching_specs|
-          choose_compatible(matching_specs)
-        end
-      else
-        materialize([name, version]) do |matching_specs|
-          target_platform = source.is_a?(Source::Path) ? platform : Bundler.local_platform
-
-          installable_candidates = MatchPlatform.select_best_platform_match(matching_specs, target_platform)
-
-          specification = choose_compatible(installable_candidates, fallback_to_non_installable: false)
-          return specification unless specification.nil?
+        spec = materialize(self) {|specs| choose_compatible(specs, fallback_to_non_installable: false) }
+        return spec if spec
 
-          if target_platform != platform
-            installable_candidates = MatchPlatform.select_best_platform_match(matching_specs, platform)
-          end
-
-          choose_compatible(installable_candidates)
+        # Exact spec is incompatible; in frozen mode, try to find a compatible platform variant
+        # In non-frozen mode, return nil to trigger re-resolution and lockfile update
+        if Bundler.frozen_bundle?
+          materialize([name, version]) {|specs| resolve_best_platform(specs) }
         end
+      else
+        materialize([name, version]) {|specs| resolve_best_platform(specs) }
       end
     end
 
@@ -190,6 +182,39 @@ module Bundler
       !source.is_a?(Source::Path) && ruby_platform_materializes_to_ruby_platform?
     end
 
+    # Try platforms in order of preference until finding a compatible spec.
+    # Used for legacy lockfiles and as a fallback when the exact locked spec
+    # is incompatible. Falls back to frozen bundle behavior if none match.
+    def resolve_best_platform(specs)
+      find_compatible_platform_spec(specs) || frozen_bundle_fallback(specs)
+    end
+
+    def find_compatible_platform_spec(specs)
+      candidate_platforms.each do |plat|
+        candidates = MatchPlatform.select_best_platform_match(specs, plat)
+        spec = choose_compatible(candidates, fallback_to_non_installable: false)
+        return spec if spec
+      end
+      nil
+    end
+
+    # Platforms to try in order of preference. Ruby platform is last since it
+    # requires compilation, but works when precompiled gems are incompatible.
+    def candidate_platforms
+      target = source.is_a?(Source::Path) ? platform : Bundler.local_platform
+      [target, platform, Gem::Platform::RUBY].uniq
+    end
+
+    # In frozen mode, accept any candidate. Will error at install time.
+    # When target differs from locked platform, prefer locked platform's candidates
+    # to preserve lockfile integrity.
+    def frozen_bundle_fallback(specs)
+      target = source.is_a?(Source::Path) ? platform : Bundler.local_platform
+      fallback_platform = target == platform ? target : platform
+      candidates = MatchPlatform.select_best_platform_match(specs, fallback_platform)
+      choose_compatible(candidates)
+    end
+
     def ruby_platform_materializes_to_ruby_platform?
       generic_platform = Bundler.generic_local_platform == Gem::Platform::JAVA ? Gem::Platform::JAVA : Gem::Platform::RUBY
 

data/bundler/lib/bundler/rubygems_integration.rb

@@ -432,7 +432,7 @@ module Bundler
     end
 
     def find_bundler(version)
-      find_name("bundler").find {|s| s.version.to_s == version }
+      find_name("bundler").find {|s| s.version.to_s == version.to_s }
     end
 
     def find_name(name)

data/bundler/lib/bundler/runtime.rb

@@ -174,7 +174,14 @@ module Bundler
       spec_cache_paths     = []
       spec_gemspec_paths   = []
       spec_extension_paths = []
-      Bundler.rubygems.add_default_gems_to(specs).values.each do |spec|
+      specs_to_keep = Bundler.rubygems.add_default_gems_to(specs).values
+
+      current_bundler = Bundler.rubygems.find_bundler(Bundler.gem_version)
+      if current_bundler
+        specs_to_keep << current_bundler
+      end
+
+      specs_to_keep.each do |spec|
         spec_gem_paths << spec.full_gem_path
         # need to check here in case gems are nested like for the rails git repo
         md = %r{(.+bundler/gems/.+-[a-f0-9]{7,12})}.match(spec.full_gem_path)

data/bundler/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "4.0.2".freeze
+  VERSION = "4.0.4".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= gem_version.segments.first

data/lib/rubygems/commands/rebuild_command.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require "date"
 require "digest"
 require "fileutils"
 require "tmpdir"

data/lib/rubygems/installer.rb

@@ -943,7 +943,12 @@ class Gem::Installer
   end
 
   def build_jobs
-    @build_jobs ||= Etc.nprocessors + 1
+    @build_jobs ||= begin
+                      require "etc"
+                      Etc.nprocessors + 1
+                    rescue LoadError
+                      1
+                    end
   end
 
   def rb_config

data/lib/rubygems/psych_tree.rb

@@ -22,7 +22,7 @@ module Gem
       def register(target, obj)
       end
 
-      # This is ported over from the yaml_tree in 1.9.3
+      # This is ported over from the YAMLTree implementation in Ruby 1.9.3
       def format_time(time)
         if time.utc?
           time.strftime("%Y-%m-%d %H:%M:%S.%9N Z")

data/lib/rubygems/request_set/lockfile.rb

@@ -38,7 +38,7 @@ class Gem::RequestSet::Lockfile
   end
 
   ##
-  # Creates a new Lockfile for the given +request_set+ and +gem_deps_file+
+  # Creates a new Lockfile for the given Gem::RequestSet and +gem_deps_file+
   # location.
 
   def self.build(request_set, gem_deps_file, dependencies = nil)

data/lib/rubygems/security/policy.rb

@@ -143,7 +143,7 @@ class Gem::Security::Policy
   end
 
   ##
-  # Ensures the root of +chain+ has a trusted certificate in +trust_dir+ and
+  # Ensures the root of +chain+ has a trusted certificate in Gem::Security.trust_dir and
   # the digests of the two certificates match according to +digester+
 
   def check_trust(chain, digester, trust_dir)

data/lib/rubygems/source.rb

@@ -102,7 +102,7 @@ class Gem::Source
   end
 
   ##
-  # Fetches a specification for the given +name_tuple+.
+  # Fetches a specification for the given Gem::NameTuple.
 
   def fetch_spec(name_tuple)
     fetcher = Gem::RemoteFetcher.fetcher

data/lib/rubygems.rb

@@ -9,7 +9,7 @@
 require "rbconfig"
 
 module Gem
-  VERSION = "4.0.2"
+  VERSION = "4.0.4"
 end
 
 require_relative "rubygems/defaults"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubygems-update
 version: !ruby/object:Gem::Version
-  version: 4.0.2
+  version: 4.0.4
 platform: ruby
 authors:
 - Jim Weirich