rubygems-update 2.7.6 → 2.7.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0fa366bda5b1ed46730b8c276ce161ef32966ec9dde14f974663508163df41da
-  data.tar.gz: 76d8c2583652ec7266303e5af81014b7b6c440ff207e1d4cbe483959226db55d
+  metadata.gz: 8894c9873527e4af5cc83ac8aded3cee104bcc856ca20bb56fc1323b42505e12
+  data.tar.gz: 931f155a8de59dd9b17423356e1dc0de54f3cf5b40bbe5eae801c884420a9407
 SHA512:
-  metadata.gz: cd712f404f5e736191c312af58dafdfe897e155b9cdec68a634547606846bb31bae7cdefc46ace35eb143db7f8281c20092a534a7ccb94760ad5701d8c0ca06f
-  data.tar.gz: 1d80df8990549a07c91d94c5e848141f72045a71046ef0a3be5b871e8af9f0909187b196d117b6c508ec9fd0c9238a0ed96e4f9a8c7f6a9f6b59feac8a7df25b
+  metadata.gz: 2b23ba224604b357bb71d7f0aff9bb7e73979bb53c59310ef70566e8df2bbaca3c3aec46961cfdd38262baba89af52c8131a4d3eecc50470b2181c52b8db340d
+  data.tar.gz: e1632f7987dbd4eaa50704237ea7b78cb952ca6f775ed4613399c7b4797e0fb92402a1af7ea4f4cd39e38065c4883a4ba0acc07086ee908d0eb6e50ad356e497

data/.travis.yml

@@ -28,28 +28,7 @@ env:
   - "TEST_TOOL=rubygems YAML=psych"
   - "TEST_TOOL=bundler RGV=master"
 script:
-- util/ci script
+  - util/ci script
 matrix:
-  exclude:
-    - rvm: 1.8.7
-      env: "TEST_TOOL=rubygems YAML=psych"
-    - rvm: 1.9.2
-      env: "TEST_TOOL=bundler RGV=master"
-    - rvm: 2.0.0
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.1.10
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.2.9
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.3.6
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.4.3
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: 2.5.0
-      env: "TEST_TOOL=rubygems YAML=syck"
-    - rvm: ruby-head
-      env: "TEST_TOOL=rubygems YAML=syck"
   allow_failures:
-    - rvm: ruby-head
-    - rvm: 2.5.0
-      env: "TEST_TOOL=rubygems YAML=psych"
+    - env: "TEST_TOOL=bundler RGV=master"

data/History.txt

@@ -1,5 +1,44 @@
 # coding: UTF-8
 
+=== 2.7.7 / 2018-05-08
+
+Minor enhancements:
+
+* [RequestSet] Only suggest a gem version with an installable platform.
+  Pull request #2175 by Samuel Giddins.
+* Fixed no assignment variables about default gems installation. Pull
+  request #2181 by SHIBATA Hiroshi.
+* Backport improvements for test-case from Ruby core. Pull request #2189
+  by SHIBATA Hiroshi.
+* Fix ruby warnings in test suite. Pull request #2205 by Colby Swandale.
+* To use Gem::Specification#bindir of bundler instead of hard coded path.
+  Pull request #2208 by SHIBATA Hiroshi.
+* Update gem push --help description. Pull request #2215 by Luis
+  Sagastume.
+* Backport ruby core commits. Pull request #2264 by SHIBATA Hiroshi.
+
+Bug fixes:
+
+* Frozen string fix - lib/rubygems/bundler_version_finder.rb. Pull request
+  #2115 by MSP-Greg.
+* Fixed tempfile leak for RubyGems 2.7.6. Pull request #2194 by SHIBATA
+  Hiroshi.
+* Add missing requires. Pull request #2196 by David Rodríguez.
+* Fix Gem::Version.correct?. Pull request #2203 by Masato Nakamura.
+* Fix verify_entry regex for metadata. Pull request #2212 by Luis
+  Sagastume.
+* Fix path checks for case insensitive filesystem. Pull request #2211 by
+  Lars Kanis.
+
+Compatibility changes:
+
+* Deprecate unused code before removing them at #1524. Pull request #2197
+  by SHIBATA Hiroshi.
+* Deprecate for rubygems 3. Pull request #2214 by SHIBATA Hiroshi.
+* Mark deprecation to `ubygems.rb` for RubyGems 4. Pull request #2269 by
+  SHIBATA Hiroshi.
+* Update bundler-1.16.2. Pull request #2291 by SHIBATA Hiroshi.
+
 === 2.7.6 / 2018-02-16
 
 Security fixes:
@@ -19,6 +58,20 @@ Security fixes:
 * Prevent Path Traversal issue during gem installation.
   Discovered by nmalkin.
 
+=== 2.7.5
+
+Bug fixes:
+
+* To use bundler-1.16.1 #2121 by SHIBATA Hiroshi.
+* Fixed leaked FDs. Pull request #2127 by Nobuyoshi Nakada.
+* Support option for `--destdir` with upgrade installer. #2169 by Thibault Jouan.
+* Remove PID from gem index directory. #2155 by SHIBATA Hiroshi.
+* Avoid a #mkdir race condition #2148 by Samuel Giddins.
+* Gem::Util.traverse_parents should not crash on permissions error #2147 by Robert Ulejczyk.
+* Use `File.open` instead of `open`. #2142 by SHIBATA Hiroshi.
+* Set whether bundler is used for gemdeps with an environmental variable #2126 by SHIBATA Hiroshi.
+* Fix undefined method error when printing alert #1884 by Robert Ross.
+
 === 2.7.4
 
 Bug fixes:

data/Manifest.txt

@@ -247,6 +247,7 @@ bundler/man/bundle-binstubs.ronn
 bundler/man/bundle-check.ronn
 bundler/man/bundle-clean.ronn
 bundler/man/bundle-config.ronn
+bundler/man/bundle-doctor.ronn
 bundler/man/bundle-exec.ronn
 bundler/man/bundle-gem.ronn
 bundler/man/bundle-info.ronn

data/bundler/CHANGELOG.md

@@ -1,3 +1,53 @@
+## 1.16.2 (2018-04-20)
+
+Changes:
+
+  - Include the gem's source in the gem install error message when available (@papanikge)
+  - Remove unnecessary executable bit from gem template (@voxik)
+  - Dont add the timestamp comment with gems added to the Gemfile via `bundle add` ([#6193](https://github.com/bundler/bundler/issues/6193), @cpgo)
+  - Improve yanked gem error message (@alyssais)
+  - Use `Bundler.rubygems.inflate` instead of the Gem::Util method directly (@segiddins)
+  - Remove unused instance variable (@segiddins)
+
+Bugfixes:
+
+  - Only trap INT signal and have Ruby's signal default handler be invoked (@shayonj)
+  - Fix warning about the use of `__FILE__` in RubyGems integration testing (@MSP-Greg)
+  - Skip the outdated bundler check when MD5 is not available ([#6032](https://github.com/bundler/bundler/issues/6032), @segiddins)
+  - Fallback to the original error if the friendly message raises (@segiddins)
+  - Rename Bundler.frozen? to avoid Object method conflict ([#6252](https://github.com/bundler/bundler/issues/6252), @segiddins)
+  - Ensure the bindir exists before installing gems (@segiddins)
+  - Handle gzip corruption errors in the compact index client ([#6261](https://github.com/bundler/bundler/issues/6261), @colby-swandale)
+  - Check if the current directory is writeable when writing files in `bundle gem` ([#6219](https://github.com/bundler/bundler/issues/6219), @nilsding)
+  - Fix hang when gemspec has incompatible encoding (@deivid-rodriguez)
+  - Gracefully handle when the lockfile is missing spec entries for the current platform ([#6079](https://github.com/bundler/bundler/issues/6079), @segiddins)
+  - Use Gem::Util.inflate instead of Gem.inflate (@hsbt)
+  - Update binstub generator to use new ERB.new arity in Ruby 2.6 (@koic)
+  - Fix `source_location` call in rubygems integration (@MSP-Greg)
+  - Use `filesystem_access` when copying files in Compact Index Updater ([#6289](https://github.com/bundler/bundler/issues/6289), @segiddins)
+  - Fail gracefully when resetting git gems to the given revision fails ([#6324](https://github.com/bundler/bundler/issues/6324), @segiddins)
+  - Handle exceptions that do not have a backtrace ([#6342](https://github.com/bundler/bundler/issues/6342), @nesaulov)
+  - Check if stderr was closed before writing to it (@shime)
+  - Handle updating a specific gem for a non-local platform ([#6350](https://github.com/bundler/bundler/issues/6350), @greysteil)
+  - Bump the `bundle_binstub` check-length to 300 characters (@tduffield)
+  - Fix specifying alterntive Lockfile with `bundle lock` when default gemfile is present  ([#6460](https://github.com/bundler/bundler/issues/6460), @agrim123)
+  - Allow installing dependencies when the path is set to `.`  ([#6475](https://github.com/bundler/bundler/issues/6475), @segiddins)
+  - Support Bundler installing on a readonly filesystem without a home directory ([#6461](https://github.com/bundler/bundler/issues/6461), @grosser)
+  - Filter git uri credentials in source description (@segiddins)
+
+Documentation:
+
+  - Correct typos in `bundle binstubs` man page (@erikj, @samueloph)
+  - Update links in `bundle gem` command documentation to use https (@KrauseFx)
+  - Fix broken links between bundler man pages (@segiddins)
+  - Add man page for the `bundle doctor` command ([#6243](https://github.com/bundler/bundler/issues/6243), @nholden)
+  - Document `# frozen_string_literal` in `bundle init` Gemfile (@315tky)
+  - Explain the gemspec files attribute in `bundle gem` template and print a link to bundler.io guides when running `bundle gem` ([#6246](https://github.com/bundler/bundler/issues/6246), @nesaulov)
+  - Small copy tweaks & removed redundant phrasing in the bundler man page (@rubymorillo)
+  - Improve the documentation of the settings load order in Bundler (@rubymorillo)
+  - Added license info to main README (@rubymorillo)
+  - Document parameters and return value of Injector#inject (@tobias-grasse)
+
 ## 1.16.1 (2017-12-12)
 
 Bugfixes:

data/bundler/README.md

@@ -57,3 +57,7 @@ While some Bundler contributors are compensated by Ruby Together, the project ma
 ### Code of Conduct
 
 Everyone interacting in the Bundler project’s codebases, issue trackers, chat rooms, and mailing lists is expected to follow the [Bundler code of conduct](https://github.com/bundler/bundler/blob/master/CODE_OF_CONDUCT.md).
+
+### License
+
+[MIT License](https://github.com/bundler/bundler/blob/master/LICENSE.md)

data/bundler/lib/bundler.rb

@@ -136,7 +136,7 @@ module Bundler
       end
     end
 
-    def frozen?
+    def frozen_bundle?
       frozen = settings[:deployment]
       frozen ||= settings[:frozen] unless feature_flag.deployment_means_frozen?
       frozen
@@ -427,7 +427,7 @@ EOF
 
     def load_gemspec_uncached(file, validate = false)
       path = Pathname.new(file)
-      contents = path.read
+      contents = read_file(file)
       spec = if contents.start_with?("---") # YAML header
         eval_yaml_gemspec(path, contents)
       else

data/bundler/lib/bundler/cli.rb

@@ -717,6 +717,8 @@ module Bundler
       command_name = current_command.name
       return if PARSEABLE_COMMANDS.include?(command_name)
 
+      return unless SharedHelpers.md5_available?
+
       latest = Fetcher::CompactIndex.
                new(nil, Source::Rubygems::Remote.new(URI("https://rubygems.org")), nil).
                send(:compact_index_client).

data/bundler/lib/bundler/cli/check.rb

@@ -26,7 +26,7 @@ module Bundler
         not_installed.each {|s| Bundler.ui.error " * #{s.name} (#{s.version})" }
         Bundler.ui.warn "Install missing gems with `bundle install`"
         exit 1
-      elsif !Bundler.default_lockfile.file? && Bundler.frozen?
+      elsif !Bundler.default_lockfile.file? && Bundler.frozen_bundle?
         Bundler.ui.error "This bundle has been frozen, but there is no #{Bundler.default_lockfile.relative_path_from(SharedHelpers.pwd)} present"
         exit 1
       else

data/bundler/lib/bundler/cli/exec.rb

@@ -6,7 +6,7 @@ module Bundler
   class CLI::Exec
     attr_reader :options, :args, :cmd
 
-    RESERVED_SIGNALS = %w[SEGV BUS ILL FPE VTALRM KILL STOP].freeze
+    TRAPPED_SIGNALS = %w[INT].freeze
 
     def initialize(options, args)
       @options = options
@@ -70,15 +70,14 @@ module Bundler
       ui = Bundler.ui
       Bundler.ui = nil
       require "bundler/setup"
-      signals = Signal.list.keys - RESERVED_SIGNALS
-      signals.each {|s| trap(s, "DEFAULT") }
+      TRAPPED_SIGNALS.each {|s| trap(s, "DEFAULT") }
       Kernel.load(file)
     rescue SystemExit, SignalException
       raise
     rescue Exception => e # rubocop:disable Lint/RescueException
       Bundler.ui = ui
       Bundler.ui.error "bundler: failed to load command: #{cmd} (#{file})"
-      backtrace = e.backtrace.take_while {|bt| !bt.start_with?(__FILE__) }
+      backtrace = e.backtrace ? e.backtrace.take_while {|bt| !bt.start_with?(__FILE__) } : []
       abort "#{e.class}: #{e.message}\n  #{backtrace.join("\n  ")}"
     end
 

data/bundler/lib/bundler/cli/gem.rb

@@ -105,7 +105,7 @@ module Bundler
       if ask_and_set(:mit, "Do you want to license your code permissively under the MIT license?",
         "This means that any other developer or company will be legally allowed to use your code " \
         "for free as long as they admit you created it. You can read more about the MIT license " \
-        "at http://choosealicense.com/licenses/mit.")
+        "at https://choosealicense.com/licenses/mit.")
         config[:mit] = true
         Bundler.ui.info "MIT License enabled in config"
         templates.merge!("LICENSE.txt.tt" => "LICENSE.txt")
@@ -118,7 +118,7 @@ module Bundler
         "of enforcing it, so be sure that you are prepared to do that. Be sure that your email " \
         "address is specified as a contact in the generated code of conduct so that people know " \
         "who to contact in case of a violation. For suggestions about " \
-        "how to enforce codes of conduct, see http://bit.ly/coc-enforcement.")
+        "how to enforce codes of conduct, see https://bit.ly/coc-enforcement.")
         config[:coc] = true
         Bundler.ui.info "Code of conduct enabled in config"
         templates.merge!("CODE_OF_CONDUCT.md.tt" => "CODE_OF_CONDUCT.md")
@@ -158,6 +158,9 @@ module Bundler
 
       # Open gemspec in editor
       open_editor(options["edit"], target.join("#{name}.gemspec")) if options[:edit]
+
+      Bundler.ui.info "Gem '#{name}' was successfully created. " \
+        "For more information on making a RubyGem visit https://bundler.io/guides/creating_gem.html"
     rescue Errno::EEXIST => e
       raise GenericSystemCallError.new(e, "There was a conflict while creating the new gem.")
     end

data/bundler/lib/bundler/cli/init.rb

@@ -13,6 +13,11 @@ module Bundler
         exit 1
       end
 
+      unless File.writable?(Dir.pwd)
+        Bundler.ui.error "Can not create #{gemfile} as the current directory is not writable."
+        exit 1
+      end
+
       if options[:gemspec]
         gemspec = File.expand_path(options[:gemspec])
         unless File.exist?(gemspec)

data/bundler/lib/bundler/cli/install.rb

@@ -23,7 +23,7 @@ module Bundler
 
       check_trust_policy
 
-      if options[:deployment] || options[:frozen] || Bundler.frozen?
+      if options[:deployment] || options[:frozen] || Bundler.frozen_bundle?
         unless Bundler.default_lockfile.exist?
           flag   = "--deployment flag" if options[:deployment]
           flag ||= "--frozen flag"     if options[:frozen]
@@ -63,7 +63,7 @@ module Bundler
       definition.validate_runtime!
 
       installer = Installer.install(Bundler.root, definition, options)
-      Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen?
+      Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle?
 
       Bundler.ui.confirm "Bundle complete! #{dependencies_count_for(definition)}, #{gems_installed_for(definition)}."
       Bundler::CLI::Common.output_without_groups_message

data/bundler/lib/bundler/cli/outdated.rb

@@ -213,7 +213,7 @@ module Bundler
     end
 
     def check_for_deployment_mode
-      return unless Bundler.frozen?
+      return unless Bundler.frozen_bundle?
       suggested_command = if Bundler.settings.locations("frozen")[:global]
         "bundle config --delete frozen"
       elsif Bundler.settings.locations("deployment").keys.&([:global, :local]).any?

data/bundler/lib/bundler/compact_index_client/updater.rb

@@ -33,7 +33,9 @@ module Bundler
 
           # first try to fetch any new bytes on the existing file
           if retrying.nil? && local_path.file?
-            FileUtils.cp local_path, local_temp_path
+            SharedHelpers.filesystem_access(local_temp_path) do
+              FileUtils.cp local_path, local_temp_path
+            end
             headers["If-None-Match"] = etag_for(local_temp_path)
             headers["Range"] =
               if local_temp_path.size.nonzero?
@@ -78,6 +80,13 @@ module Bundler
 
           update(local_path, remote_path, :retrying)
         end
+      rescue Errno::EACCES
+        raise Bundler::PermissionError,
+          "Bundler does not have write access to create a temp directory " \
+          "within #{Dir.tmpdir}. Bundler must have write access to your " \
+          "systems temp directory to function properly. "
+      rescue Zlib::GzipFile::Error
+        raise Bundler::HTTPError
       end
 
       def etag_for(path)

data/bundler/lib/bundler/definition.rb

@@ -77,6 +77,7 @@ module Bundler
       @lockfile_contents      = String.new
       @locked_bundler_version = nil
       @locked_ruby_version    = nil
+      @locked_specs_incomplete_for_platform = false
 
       if lockfile && File.exist?(lockfile)
         @lockfile_contents = Bundler.read_file(lockfile)
@@ -113,15 +114,15 @@ module Bundler
       end
       @unlocking ||= @unlock[:ruby] ||= (!@locked_ruby_version ^ !@ruby_version)
 
-      add_current_platform unless Bundler.frozen?
+      add_current_platform unless Bundler.frozen_bundle?
 
       converge_path_sources_to_gemspec_sources
       @path_changes = converge_paths
       @source_changes = converge_sources
 
       unless @unlock[:lock_shared_dependencies]
-        eager_unlock = expand_dependencies(@unlock[:gems])
-        @unlock[:gems] = @locked_specs.for(eager_unlock).map(&:name)
+        eager_unlock = expand_dependencies(@unlock[:gems], true)
+        @unlock[:gems] = @locked_specs.for(eager_unlock, [], false, false, false).map(&:name)
       end
 
       @gem_version_promoter = create_gem_version_promoter
@@ -175,7 +176,7 @@ module Bundler
           raise GemNotFound, "Your bundle is locked to #{locked_gem}, but that version could not " \
                              "be found in any of the sources listed in your Gemfile. If you haven't changed sources, " \
                              "that means the author of #{locked_gem} has removed it. You'll need to update your bundle " \
-                             "to a different version of #{locked_gem} that hasn't been removed in order to install."
+                             "to a version other than #{locked_gem} that hasn't been removed in order to install."
         end
         unless specs["bundler"].any?
           bundler = sources.metadata_source.specs.search(Gem::Dependency.new("bundler", VERSION)).last
@@ -245,7 +246,7 @@ module Bundler
     def resolve
       @resolve ||= begin
         last_resolve = converge_locked_specs
-        if Bundler.frozen?
+        if Bundler.frozen_bundle?
           Bundler.ui.debug "Frozen, using resolution from the lockfile"
           last_resolve
         elsif !unlocking? && nothing_changed?
@@ -336,10 +337,11 @@ module Bundler
         end
       end
 
-      preserve_unknown_sections ||= !updating_major && (Bundler.frozen? || !(unlocking? || @unlocking_bundler))
-      return if lockfiles_equal?(@lockfile_contents, contents, preserve_unknown_sections)
+      preserve_unknown_sections ||= !updating_major && (Bundler.frozen_bundle? || !(unlocking? || @unlocking_bundler))
 
-      if Bundler.frozen?
+      return if file && File.exist?(file) && lockfiles_equal?(@lockfile_contents, contents, preserve_unknown_sections)
+
+      if Bundler.frozen_bundle?
         Bundler.ui.error "Cannot write a changed lockfile while frozen."
         return
       end
@@ -530,7 +532,7 @@ module Bundler
     private :sources
 
     def nothing_changed?
-      !@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes
+      !@source_changes && !@dependency_changes && !@new_platform && !@path_changes && !@local_changes && !@locked_specs_incomplete_for_platform
     end
 
     def unlocking?
@@ -557,6 +559,7 @@ module Bundler
         [@new_platform, "you added a new platform to your gemfile"],
         [@path_changes, "the gemspecs for path gems changed"],
         [@local_changes, "the gemspecs for git local gems changed"],
+        [@locked_specs_incomplete_for_platform, "the lockfile does not have all gems needed for the current platform"],
       ].select(&:first).map(&:last).join(", ")
     end
 
@@ -682,7 +685,7 @@ module Bundler
     end
 
     def converge_dependencies
-      frozen = Bundler.frozen?
+      frozen = Bundler.frozen_bundle?
       (@dependencies + @locked_deps.values).each do |dep|
         locked_source = @locked_deps[dep.name]
         # This is to make sure that if bundler is installing in deployment mode and
@@ -803,7 +806,9 @@ module Bundler
       end
 
       resolve = SpecSet.new(converged)
-      resolve = resolve.for(expand_dependencies(deps, true), @unlock[:gems], false, false, false)
+      expanded_deps = expand_dependencies(deps, true)
+      @locked_specs_incomplete_for_platform = !resolve.for(expanded_deps, @unlock[:gems], true, true)
+      resolve = resolve.for(expanded_deps, @unlock[:gems], false, false, false)
       diff    = nil
 
       # Now, we unlock any sources that do not have anymore gems pinned to it

data/bundler/lib/bundler/fetcher.rb

@@ -96,11 +96,11 @@ module Bundler
 
       uri = URI.parse("#{remote_uri}#{Gem::MARSHAL_SPEC_DIR}#{spec_file_name}.rz")
       if uri.scheme == "file"
-        Bundler.load_marshal Gem.inflate(Gem.read_binary(uri.path))
+        Bundler.load_marshal Bundler.rubygems.inflate(Gem.read_binary(uri.path))
       elsif cached_spec_path = gemspec_cached_path(spec_file_name)
         Bundler.load_gemspec(cached_spec_path)
       else
-        Bundler.load_marshal Gem.inflate(downloader.fetch(uri).body)
+        Bundler.load_marshal Bundler.rubygems.inflate(downloader.fetch(uri).body)
       end
     rescue MarshalError
       raise HTTPError, "Gemspec #{spec} contained invalid data.\n" \