rubygems-update 3.4.7 → 3.4.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (76) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +32 -0
  3. data/Manifest.txt +2 -0
  4. data/POLICIES.md +5 -5
  5. data/README.md +1 -4
  6. data/bundler/CHANGELOG.md +23 -0
  7. data/bundler/README.md +1 -4
  8. data/bundler/lib/bundler/build_metadata.rb +2 -2
  9. data/bundler/lib/bundler/environment_preserver.rb +2 -2
  10. data/bundler/lib/bundler/fetcher.rb +2 -2
  11. data/bundler/lib/bundler/index.rb +2 -2
  12. data/bundler/lib/bundler/injector.rb +1 -1
  13. data/bundler/lib/bundler/installer/parallel_installer.rb +1 -14
  14. data/bundler/lib/bundler/lockfile_generator.rb +1 -1
  15. data/bundler/lib/bundler/lockfile_parser.rb +9 -9
  16. data/bundler/lib/bundler/plugin.rb +1 -1
  17. data/bundler/lib/bundler/rubygems_integration.rb +1 -1
  18. data/bundler/lib/bundler/setup.rb +4 -1
  19. data/bundler/lib/bundler/source/git/git_proxy.rb +16 -4
  20. data/bundler/lib/bundler/source/git.rb +1 -0
  21. data/bundler/lib/bundler/source/path.rb +1 -1
  22. data/bundler/lib/bundler/spec_set.rb +8 -2
  23. data/bundler/lib/bundler/templates/Executable.bundler +1 -1
  24. data/bundler/lib/bundler/templates/newgem/newgem.gemspec.tt +1 -1
  25. data/bundler/lib/bundler/version.rb +1 -1
  26. data/bundler/lib/bundler.rb +9 -9
  27. data/lib/rubygems/bundler_version_finder.rb +1 -1
  28. data/lib/rubygems/command.rb +10 -6
  29. data/lib/rubygems/command_manager.rb +1 -0
  30. data/lib/rubygems/commands/exec_command.rb +248 -0
  31. data/lib/rubygems/commands/help_command.rb +3 -3
  32. data/lib/rubygems/defaults.rb +2 -2
  33. data/lib/rubygems/dependency.rb +1 -1
  34. data/lib/rubygems/package/tar_reader/entry.rb +82 -3
  35. data/lib/rubygems/package/tar_reader.rb +0 -28
  36. data/lib/rubygems/platform.rb +2 -2
  37. data/lib/rubygems/request_set/gem_dependency_api.rb +0 -1
  38. data/lib/rubygems/requirement.rb +1 -1
  39. data/lib/rubygems/resolver/stats.rb +1 -1
  40. data/lib/rubygems/source/git.rb +1 -1
  41. data/lib/rubygems/specification.rb +9 -1
  42. data/lib/rubygems/stub_specification.rb +7 -7
  43. data/lib/rubygems/text.rb +1 -1
  44. data/lib/rubygems/util/licenses.rb +2 -2
  45. data/lib/rubygems/version.rb +2 -2
  46. data/lib/rubygems.rb +3 -3
  47. data/rubygems-update.gemspec +1 -1
  48. data/test/rubygems/helper.rb +2 -3
  49. data/test/rubygems/package/tar_test_case.rb +49 -14
  50. data/test/rubygems/simple_gem.rb +1 -1
  51. data/test/rubygems/test_gem.rb +24 -0
  52. data/test/rubygems/test_gem_bundler_version_finder.rb +2 -2
  53. data/test/rubygems/test_gem_commands_exec_command.rb +851 -0
  54. data/test/rubygems/test_gem_commands_install_command.rb +1 -1
  55. data/test/rubygems/test_gem_commands_setup_command.rb +1 -1
  56. data/test/rubygems/test_gem_ext_builder.rb +3 -5
  57. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock +20 -6
  58. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.toml +1 -1
  59. data/test/rubygems/test_gem_gem_runner.rb +2 -2
  60. data/test/rubygems/test_gem_package.rb +0 -25
  61. data/test/rubygems/test_gem_package_tar_reader.rb +48 -1
  62. data/test/rubygems/test_gem_package_tar_reader_entry.rb +102 -15
  63. data/test/rubygems/test_gem_remote_fetcher.rb +1 -1
  64. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +10 -10
  65. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +2 -2
  66. data/test/rubygems/test_gem_resolver_git_set.rb +9 -9
  67. data/test/rubygems/test_gem_resolver_git_specification.rb +1 -1
  68. data/test/rubygems/test_gem_source.rb +1 -1
  69. data/test/rubygems/test_gem_source_git.rb +13 -12
  70. data/test/rubygems/test_gem_source_installed.rb +1 -1
  71. data/test/rubygems/test_gem_source_lock.rb +3 -3
  72. data/test/rubygems/test_gem_source_vendor.rb +1 -1
  73. data/test/rubygems/test_gem_specification.rb +19 -2
  74. data/test/rubygems/test_gem_version.rb +2 -2
  75. data/test/rubygems/test_kernel.rb +0 -8
  76. metadata +5 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ce0db157a5beb6c516383463604a7bcfd5f69f6314b44a07428b8e2ef0ce7466
4
- data.tar.gz: a0ed37a3997da0b7f7e21a239482830023eefcf60fe0e70e793f07ebeb36aefa
3
+ metadata.gz: b72ec3162017147a6f9615ce417dfe0f59cd925ceec0375a6ce918fff8853c7c
4
+ data.tar.gz: 93a753b1da6838871ce0e36d140856ef4243ddf43d07ad0a3eb29b5b606fd2d2
5
5
  SHA512:
6
- metadata.gz: 8f601f949d72477e06ec2e6ceb7eb12ef189370e49da57430fc7bdf3937f74f24f678f411e0e791cf7a22fb8911f61ac25f7d8f3f922a587150a54fd431fe726
7
- data.tar.gz: 761cba346c2cb4bf07c552396c10d8aecda68888768a146afdc4a9cf2393ee67b32427b26c3fdc9e93d1f78875abe02e7aec0d8604b33b5cd5794b151d66ce64
6
+ metadata.gz: 183cc6648ef21fb35b04ae47856cce4dbeb006bf59191aeff12852ee7498a2bca95858faeb7e439f26527d880a0f6f8c81a0bc2af2bd95fbf606d5318573b66d
7
+ data.tar.gz: 52b9d7ba40df8205d56a472ec42e2214c1111356ea2d59e40fe066b1fd164b0f2983313009a3164007ec2adb59c0263cce251a54baaba3656c84445ca3f4a4da
data/CHANGELOG.md CHANGED
@@ -1,3 +1,35 @@
1
+ # 3.4.8 / 2023-03-08
2
+
3
+ ## Enhancements:
4
+
5
+ * Add TarReader::Entry#seek to seek within the tar file entry. Pull
6
+ request [#6390](https://github.com/rubygems/rubygems/pull/6390) by
7
+ martinemde
8
+ * Avoid calling String#dup in Gem::Version#marshal_dump. Pull request
9
+ [#6438](https://github.com/rubygems/rubygems/pull/6438) by segiddins
10
+ * Remove hardcoded "master" branch references. Pull request
11
+ [#6425](https://github.com/rubygems/rubygems/pull/6425) by
12
+ deivid-rodriguez
13
+ * [Experimental] Add `gem exec` command to run executables from gems that
14
+ may or may not be installed. Pull request
15
+ [#6309](https://github.com/rubygems/rubygems/pull/6309) by segiddins
16
+ * Installs bundler 2.4.8 as a default gem.
17
+
18
+ ## Bug fixes:
19
+
20
+ * Fix installation error of same version of default gems with local
21
+ installation. Pull request
22
+ [#6430](https://github.com/rubygems/rubygems/pull/6430) by hsbt
23
+ * Use proper memoized var name for Gem.state_home. Pull request
24
+ [#6420](https://github.com/rubygems/rubygems/pull/6420) by simi
25
+
26
+ ## Documentation:
27
+
28
+ * Switch supporting explanations to all Ruby Central. Pull request
29
+ [#6419](https://github.com/rubygems/rubygems/pull/6419) by indirect
30
+ * Update the link to OpenSource.org. Pull request
31
+ [#6392](https://github.com/rubygems/rubygems/pull/6392) by nobu
32
+
1
33
  # 3.4.7 / 2023-02-15
2
34
 
3
35
  ## Enhancements:
data/Manifest.txt CHANGED
@@ -347,6 +347,7 @@ lib/rubygems/commands/cleanup_command.rb
347
347
  lib/rubygems/commands/contents_command.rb
348
348
  lib/rubygems/commands/dependency_command.rb
349
349
  lib/rubygems/commands/environment_command.rb
350
+ lib/rubygems/commands/exec_command.rb
350
351
  lib/rubygems/commands/fetch_command.rb
351
352
  lib/rubygems/commands/generate_index_command.rb
352
353
  lib/rubygems/commands/help_command.rb
@@ -616,6 +617,7 @@ test/rubygems/test_gem_commands_cleanup_command.rb
616
617
  test/rubygems/test_gem_commands_contents_command.rb
617
618
  test/rubygems/test_gem_commands_dependency_command.rb
618
619
  test/rubygems/test_gem_commands_environment_command.rb
620
+ test/rubygems/test_gem_commands_exec_command.rb
619
621
  test/rubygems/test_gem_commands_fetch_command.rb
620
622
  test/rubygems/test_gem_commands_generate_index_command.rb
621
623
  test/rubygems/test_gem_commands_help_command.rb
data/POLICIES.md CHANGED
@@ -128,8 +128,8 @@ permissions compromised or exposed.
128
128
 
129
129
  ## Changing These Policies
130
130
 
131
- These policies were set in order to reduce the burden of maintenance and to
132
- keep committers current with existing development and policies. RubyGems work
133
- is primarily volunteer-driven which limits the ability to provide long-term
134
- support. By joining [Ruby Together](https://rubytogether.org) you can help
135
- extend support for older RubyGems versions.
131
+ These policies were set in order to reduce the burden of maintenance and to keep
132
+ committers current with existing development and policies. RubyGems work is
133
+ primarily volunteer-driven which limits the ability to provide long-term
134
+ support. By joining [Ruby Central](https://rubycentral.org/#/portal/signup) you
135
+ can help extend support for older RubyGems versions.
data/README.md CHANGED
@@ -87,15 +87,12 @@ See https://bundler.io/compatibility for known issues.
87
87
 
88
88
  ### Supporting
89
89
 
90
- <a href="https://rubytogether.org/"><img src="https://rubytogether.org/images/rubies.svg" width=200></a><br/>
91
- <a href="https://rubytogether.org/">Ruby Together</a> pays some RubyGems maintainers for their ongoing work. As a grassroots initiative committed to supporting the critical Ruby infrastructure you rely on, Ruby Together is funded entirely by the Ruby community. Contribute today <a href="https://rubytogether.org/developers">as an individual</a> or even better, <a href="https://rubytogether.org/companies">as a company</a>, and ensure that RubyGems, Bundler, and other shared tooling is around for years to come.
90
+ RubyGems is managed by [Ruby Central](https://rubycentral.org), a non-profit organization that supports the Ruby community through projects like this one, as well as [RubyConf](https://rubyconf.org), [RailsConf](https://railsconf.org), and [RubyGems.org](https://rubygems.org). You can support Ruby Central by attending or [sponsoring](sponsors@rubycentral.org) a conference, or by [joining as a supporting member](https://rubycentral.org/#/portal/signup).
92
91
 
93
92
  ### Contributing
94
93
 
95
94
  If you'd like to contribute to RubyGems, that's awesome, and we <3 you. Check out our [guide to contributing](CONTRIBUTING.md) for more information.
96
95
 
97
- While some RubyGems contributors are compensated by Ruby Together, the project maintainers make decisions independent of Ruby Together. As a project, we welcome contributions regardless of the author’s affiliation with Ruby Together.
98
-
99
96
  ### Code of Conduct
100
97
 
101
98
  Everyone interacting in the RubyGems project’s codebases, issue trackers, chat rooms, and mailing lists is expected to follow the [contributor code of conduct](https://github.com/rubygems/rubygems/blob/master/CODE_OF_CONDUCT.md).
data/bundler/CHANGELOG.md CHANGED
@@ -1,3 +1,26 @@
1
+ # 2.4.8 (March 8, 2023)
2
+
3
+ ## Security:
4
+
5
+ - Safe load all marshaled data [#6384](https://github.com/rubygems/rubygems/pull/6384)
6
+
7
+ ## Enhancements:
8
+
9
+ - Better suggestion when `bundler/setup` fails due to missing gems and Gemfile is not the default [#6428](https://github.com/rubygems/rubygems/pull/6428)
10
+ - Simplify the gem package file filter in the gemspec template [#6344](https://github.com/rubygems/rubygems/pull/6344)
11
+ - Auto-heal corrupted `Gemfile.lock` with no specs [#6423](https://github.com/rubygems/rubygems/pull/6423)
12
+ - Auto-heal on corrupted lockfile with missing deps [#6400](https://github.com/rubygems/rubygems/pull/6400)
13
+ - Give a better message when Gemfile branch does not exist [#6383](https://github.com/rubygems/rubygems/pull/6383)
14
+
15
+ ## Bug fixes:
16
+
17
+ - Respect --no-install option for git: sources [#6088](https://github.com/rubygems/rubygems/pull/6088)
18
+ - Fix `gems.rb` lockfile for bundler version lookup in template [#6413](https://github.com/rubygems/rubygems/pull/6413)
19
+
20
+ ## Documentation:
21
+
22
+ - Switch supporting explanations to all Ruby Central [#6419](https://github.com/rubygems/rubygems/pull/6419)
23
+
1
24
  # 2.4.7 (February 15, 2023)
2
25
 
3
26
  ## Enhancements:
data/bundler/README.md CHANGED
@@ -46,12 +46,9 @@ If you'd like to contribute to Bundler, that's awesome, and we <3 you. We've put
46
46
 
47
47
  If you'd like to request a substantial change to Bundler or its documentation, refer to the [Bundler RFC process](https://github.com/rubygems/rfcs) for more information.
48
48
 
49
- While some Bundler contributors are compensated by Ruby Together, the project maintainers make decisions independent of Ruby Together. As a project, we welcome contributions regardless of the author's affiliation with Ruby Together.
50
-
51
49
  ### Supporting
52
50
 
53
- <a href="https://rubytogether.org/"><img src="https://rubytogether.org/images/rubies.svg" width="150"></a><br>
54
- <a href="https://rubytogether.org/">Ruby Together</a> pays some Bundler maintainers for their ongoing work. As a grassroots initiative committed to supporting the critical Ruby infrastructure you rely on, Ruby Together is funded entirely by the Ruby community. Contribute today <a href="https://rubytogether.org/developers">as an individual</a> or (better yet) <a href="https://rubytogether.org/companies">as a company</a> to ensure that Bundler, RubyGems, and other shared tooling is around for years to come.
51
+ RubyGems is managed by [Ruby Central](https://rubycentral.org), a non-profit organization that supports the Ruby community through projects like this one, as well as [RubyConf](https://rubyconf.org), [RailsConf](https://railsconf.org), and [RubyGems.org](https://rubygems.org). You can support Ruby Central by attending or [sponsoring](sponsors@rubycentral.org) a conference, or by [joining as a supporting member](https://rubycentral.org/#/portal/signup).
55
52
 
56
53
  ### Code of Conduct
57
54
 
@@ -4,8 +4,8 @@ module Bundler
4
4
  # Represents metadata from when the Bundler gem was built.
5
5
  module BuildMetadata
6
6
  # begin ivars
7
- @built_at = "2023-02-15".freeze
8
- @git_commit_sha = "5d717a27e0".freeze
7
+ @built_at = "2023-03-08".freeze
8
+ @git_commit_sha = "a67b2657a0".freeze
9
9
  @release = true
10
10
  # end ivars
11
11
 
@@ -2,7 +2,7 @@
2
2
 
3
3
  module Bundler
4
4
  class EnvironmentPreserver
5
- INTENTIONALLY_NIL = "BUNDLER_ENVIRONMENT_PRESERVER_INTENTIONALLY_NIL".freeze
5
+ INTENTIONALLY_NIL = "BUNDLER_ENVIRONMENT_PRESERVER_INTENTIONALLY_NIL"
6
6
  BUNDLER_KEYS = %w[
7
7
  BUNDLE_BIN_PATH
8
8
  BUNDLE_GEMFILE
@@ -16,7 +16,7 @@ module Bundler
16
16
  RUBYLIB
17
17
  RUBYOPT
18
18
  ].map(&:freeze).freeze
19
- BUNDLER_PREFIX = "BUNDLER_ORIG_".freeze
19
+ BUNDLER_PREFIX = "BUNDLER_ORIG_"
20
20
 
21
21
  def self.from_env
22
22
  new(env_to_hash(ENV), BUNDLER_KEYS)
@@ -102,11 +102,11 @@ module Bundler
102
102
  uri = Bundler::URI.parse("#{remote_uri}#{Gem::MARSHAL_SPEC_DIR}#{spec_file_name}.rz")
103
103
  if uri.scheme == "file"
104
104
  path = Bundler.rubygems.correct_for_windows_path(uri.path)
105
- Bundler.load_marshal Bundler.rubygems.inflate(Gem.read_binary(path))
105
+ Bundler.safe_load_marshal Bundler.rubygems.inflate(Gem.read_binary(path))
106
106
  elsif cached_spec_path = gemspec_cached_path(spec_file_name)
107
107
  Bundler.load_gemspec(cached_spec_path)
108
108
  else
109
- Bundler.load_marshal Bundler.rubygems.inflate(downloader.fetch(uri).body)
109
+ Bundler.safe_load_marshal Bundler.rubygems.inflate(downloader.fetch(uri).body)
110
110
  end
111
111
  rescue MarshalError
112
112
  raise HTTPError, "Gemspec #{spec} contained invalid data.\n" \
@@ -13,8 +13,8 @@ module Bundler
13
13
  attr_reader :specs, :all_specs, :sources
14
14
  protected :specs, :all_specs
15
15
 
16
- RUBY = "ruby".freeze
17
- NULL = "\0".freeze
16
+ RUBY = "ruby"
17
+ NULL = "\0"
18
18
 
19
19
  def initialize
20
20
  @sources = []
@@ -2,7 +2,7 @@
2
2
 
3
3
  module Bundler
4
4
  class Injector
5
- INJECTED_GEMS = "injected gems".freeze
5
+ INJECTED_GEMS = "injected gems"
6
6
 
7
7
  def self.inject(new_deps, options = {})
8
8
  injector = new(new_deps, options)
@@ -47,13 +47,6 @@ module Bundler
47
47
  dependencies.all? {|d| installed_specs.include? d.name }
48
48
  end
49
49
 
50
- # Check whether spec's dependencies are missing, which can indicate a
51
- # corrupted lockfile
52
- def dependencies_missing?(all_specs)
53
- spec_names = all_specs.map(&:name)
54
- dependencies.any? {|d| !spec_names.include? d.name }
55
- end
56
-
57
50
  # Represents only the non-development dependencies, the ones that are
58
51
  # itself and are in the total list.
59
52
  def dependencies
@@ -123,11 +116,7 @@ module Bundler
123
116
  unmet_dependencies.each do |spec, unmet_spec_dependencies|
124
117
  unmet_spec_dependencies.each do |unmet_spec_dependency|
125
118
  found = @specs.find {|s| s.name == unmet_spec_dependency.name && !unmet_spec_dependency.matches_spec?(s.spec) }
126
- if found
127
- warning << "* #{unmet_spec_dependency}, dependency of #{spec.full_name}, unsatisfied by #{found.full_name}"
128
- else
129
- warning << "* #{unmet_spec_dependency}, dependency of #{spec.full_name} but missing from lockfile"
130
- end
119
+ warning << "* #{unmet_spec_dependency}, dependency of #{spec.full_name}, unsatisfied by #{found.full_name}"
131
120
  end
132
121
  end
133
122
 
@@ -224,8 +213,6 @@ module Bundler
224
213
  if spec.dependencies_installed? @specs
225
214
  spec.state = :enqueued
226
215
  worker_pool.enq spec
227
- elsif spec.dependencies_missing? @specs
228
- spec.state = :failed
229
216
  end
230
217
  end
231
218
  end
@@ -45,7 +45,7 @@ module Bundler
45
45
  # gems with the same name, but different platform
46
46
  # are ordered consistently
47
47
  specs.sort_by(&:full_name).each do |spec|
48
- next if spec.name == "bundler".freeze
48
+ next if spec.name == "bundler"
49
49
  out << spec.to_lock
50
50
  end
51
51
  end
@@ -4,15 +4,15 @@ module Bundler
4
4
  class LockfileParser
5
5
  attr_reader :sources, :dependencies, :specs, :platforms, :bundler_version, :ruby_version
6
6
 
7
- BUNDLED = "BUNDLED WITH".freeze
8
- DEPENDENCIES = "DEPENDENCIES".freeze
9
- PLATFORMS = "PLATFORMS".freeze
10
- RUBY = "RUBY VERSION".freeze
11
- GIT = "GIT".freeze
12
- GEM = "GEM".freeze
13
- PATH = "PATH".freeze
14
- PLUGIN = "PLUGIN SOURCE".freeze
15
- SPECS = " specs:".freeze
7
+ BUNDLED = "BUNDLED WITH"
8
+ DEPENDENCIES = "DEPENDENCIES"
9
+ PLATFORMS = "PLATFORMS"
10
+ RUBY = "RUBY VERSION"
11
+ GIT = "GIT"
12
+ GEM = "GEM"
13
+ PATH = "PATH"
14
+ PLUGIN = "PLUGIN SOURCE"
15
+ SPECS = " specs:"
16
16
  OPTIONS = /^ ([a-z]+): (.*)$/i.freeze
17
17
  SOURCE = [GIT, GEM, PATH, PLUGIN].freeze
18
18
 
@@ -15,7 +15,7 @@ module Bundler
15
15
  class UnknownSourceError < PluginError; end
16
16
  class PluginInstallError < PluginError; end
17
17
 
18
- PLUGIN_FILE_NAME = "plugins.rb".freeze
18
+ PLUGIN_FILE_NAME = "plugins.rb"
19
19
 
20
20
  module_function
21
21
 
@@ -453,7 +453,7 @@ module Bundler
453
453
  fetcher = gem_remote_fetcher
454
454
  fetcher.headers = { "X-Gemfile-Source" => remote.original_uri.to_s } if remote.original_uri
455
455
  string = fetcher.fetch_path(path)
456
- Bundler.load_marshal(string)
456
+ Bundler.safe_load_marshal(string)
457
457
  rescue Gem::RemoteFetcher::FetchError
458
458
  # it's okay for prerelease to fail
459
459
  raise unless name == "prerelease_specs"
@@ -12,7 +12,10 @@ if Bundler::SharedHelpers.in_bundle?
12
12
  Bundler.ui.error e.message
13
13
  Bundler.ui.warn e.backtrace.join("\n") if ENV["DEBUG"]
14
14
  if e.is_a?(Bundler::GemNotFound)
15
- Bundler.ui.warn "Run `bundle install` to install missing gems."
15
+ suggested_cmd = "bundle install"
16
+ original_gemfile = Bundler.original_env["BUNDLE_GEMFILE"]
17
+ suggested_cmd += " --gemfile #{original_gemfile}" if original_gemfile
18
+ Bundler.ui.warn "Run `#{suggested_cmd}` to install missing gems."
16
19
  end
17
20
  exit e.status_code
18
21
  end
@@ -28,8 +28,9 @@ module Bundler
28
28
  def initialize(command, path, extra_info = nil)
29
29
  @command = command
30
30
 
31
- msg = String.new
32
- msg << "Git error: command `#{command}` in directory #{path} has failed."
31
+ msg = String.new("Git error: command `#{command}`")
32
+ msg << " in directory #{path}" if path
33
+ msg << " has failed."
33
34
  msg << "\n#{extra_info}" if extra_info
34
35
  super msg
35
36
  end
@@ -153,9 +154,20 @@ module Bundler
153
154
  SharedHelpers.filesystem_access(path.dirname) do |p|
154
155
  FileUtils.mkdir_p(p)
155
156
  end
156
- git_retry "clone", "--bare", "--no-hardlinks", "--quiet", *extra_clone_args, "--", configured_uri, path.to_s
157
157
 
158
- extra_ref
158
+ command = ["clone", "--bare", "--no-hardlinks", "--quiet", *extra_clone_args, "--", configured_uri, path.to_s]
159
+ command_with_no_credentials = check_allowed(command)
160
+
161
+ Bundler::Retry.new("`#{command_with_no_credentials}`", [MissingGitRevisionError]).attempts do
162
+ _, err, status = capture(command, nil)
163
+ return extra_ref if status.success?
164
+
165
+ if err.include?("Could not find remote branch")
166
+ raise MissingGitRevisionError.new(command_with_no_credentials, nil, explicit_ref, credential_filtered_uri)
167
+ else
168
+ raise GitCommandError.new(command_with_no_credentials, path, err)
169
+ end
170
+ end
159
171
  end
160
172
 
161
173
  def clone_needs_unshallow?
@@ -173,6 +173,7 @@ module Bundler
173
173
  end
174
174
 
175
175
  def install(spec, options = {})
176
+ return if Bundler.settings[:no_install]
176
177
  force = options[:force]
177
178
 
178
179
  print_using_message "Using #{version_message(spec, options[:previous_spec])} from #{self}"
@@ -11,7 +11,7 @@ module Bundler
11
11
 
12
12
  protected :original_path
13
13
 
14
- DEFAULT_GLOB = "{,*,*/*}.gemspec".freeze
14
+ DEFAULT_GLOB = "{,*,*/*}.gemspec"
15
15
 
16
16
  def initialize(options)
17
17
  @options = options.dup
@@ -24,6 +24,7 @@ module Bundler
24
24
 
25
25
  name = dep[0].name
26
26
  platform = dep[1]
27
+ incomplete = false
27
28
 
28
29
  key = [name, platform]
29
30
  next if handled.key?(key)
@@ -36,10 +37,15 @@ module Bundler
36
37
 
37
38
  specs_for_dep.first.dependencies.each do |d|
38
39
  next if d.type == :development
40
+ incomplete = true if d.name != "bundler" && lookup[d.name].empty?
39
41
  deps << [d, dep[1]]
40
42
  end
41
- elsif check
42
- @incomplete_specs += lookup[name]
43
+ else
44
+ incomplete = true
45
+ end
46
+
47
+ if incomplete && check
48
+ @incomplete_specs += lookup[name].any? ? lookup[name] : [LazySpecification.new(name, nil, nil)]
43
49
  end
44
50
  end
45
51
 
@@ -47,7 +47,7 @@ m = Module.new do
47
47
  def lockfile
48
48
  lockfile =
49
49
  case File.basename(gemfile)
50
- when "gems.rb" then gemfile.sub(/\.rb$/, gemfile)
50
+ when "gems.rb" then gemfile.sub(/\.rb$/, ".locked")
51
51
  else "#{gemfile}.lock"
52
52
  end
53
53
  File.expand_path(lockfile)
@@ -29,7 +29,7 @@ Gem::Specification.new do |spec|
29
29
  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
30
30
  spec.files = Dir.chdir(__dir__) do
31
31
  `git ls-files -z`.split("\x0").reject do |f|
32
- (File.expand_path(f) == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|circleci)|appveyor)})
32
+ (File.expand_path(f) == __FILE__) || f.start_with?(*%w[bin/ test/ spec/ features/ .git .circleci appveyor])
33
33
  end
34
34
  end
35
35
  spec.bindir = "exe"
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: false
2
2
 
3
3
  module Bundler
4
- VERSION = "2.4.7".freeze
4
+ VERSION = "2.4.8".freeze
5
5
 
6
6
  def self.bundler_major_version
7
7
  @bundler_major_version ||= VERSION.split(".").first.to_i
@@ -39,8 +39,8 @@ module Bundler
39
39
  environment_preserver.replace_with_backup
40
40
  SUDO_MUTEX = Thread::Mutex.new
41
41
 
42
- SAFE_MARSHAL_CLASSES = [Symbol, TrueClass, String, Array, Hash].freeze
43
- SAFE_MARSHAL_ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed.".freeze
42
+ SAFE_MARSHAL_CLASSES = [Symbol, TrueClass, String, Array, Hash, Gem::Version, Gem::Specification].freeze
43
+ SAFE_MARSHAL_ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed."
44
44
  SAFE_MARSHAL_PROC = proc do |object|
45
45
  object.tap do
46
46
  unless SAFE_MARSHAL_CLASSES.include?(object.class)
@@ -506,7 +506,7 @@ EOF
506
506
  if File.file?(executable) && File.executable?(executable)
507
507
  executable
508
508
  elsif paths = ENV["PATH"]
509
- quote = '"'.freeze
509
+ quote = '"'
510
510
  paths.split(File::PATH_SEPARATOR).find do |path|
511
511
  path = path[1..-2] if path.start_with?(quote) && path.end_with?(quote)
512
512
  executable_path = File.expand_path(executable, path)
@@ -525,12 +525,6 @@ EOF
525
525
  load_marshal(data, :marshal_proc => SAFE_MARSHAL_PROC)
526
526
  end
527
527
 
528
- def load_marshal(data, marshal_proc: nil)
529
- Marshal.load(data, marshal_proc)
530
- rescue TypeError => e
531
- raise MarshalError, "#{e.class}: #{e.message}"
532
- end
533
-
534
528
  def load_gemspec(file, validate = false)
535
529
  @gemspec_cache ||= {}
536
530
  key = File.expand_path(file)
@@ -619,6 +613,12 @@ EOF
619
613
 
620
614
  private
621
615
 
616
+ def load_marshal(data, marshal_proc: nil)
617
+ Marshal.load(data, marshal_proc)
618
+ rescue TypeError => e
619
+ raise MarshalError, "#{e.class}: #{e.message}"
620
+ end
621
+
622
622
  def eval_yaml_gemspec(path, contents)
623
623
  Kernel.require "psych"
624
624
 
@@ -21,7 +21,7 @@ module Gem::BundlerVersionFinder
21
21
  end
22
22
 
23
23
  def self.bundle_update_bundler_version
24
- return unless File.basename($0) == "bundle".freeze
24
+ return unless File.basename($0) == "bundle"
25
25
  return unless "update".start_with?(ARGV.first || " ")
26
26
  bundler_version = nil
27
27
  update_index = nil
@@ -201,11 +201,15 @@ class Gem::Command
201
201
  # respectively.
202
202
  def get_all_gem_names_and_versions
203
203
  get_all_gem_names.map do |name|
204
- if /\A(.*):(#{Gem::Requirement::PATTERN_RAW})\z/ =~ name
205
- [$1, $2]
206
- else
207
- [name]
208
- end
204
+ extract_gem_name_and_version(name)
205
+ end
206
+ end
207
+
208
+ def extract_gem_name_and_version(name) # :nodoc:
209
+ if /\A(.*):(#{Gem::Requirement::PATTERN_RAW})\z/ =~ name
210
+ [$1, $2]
211
+ else
212
+ [name]
209
213
  end
210
214
  end
211
215
 
@@ -624,7 +628,7 @@ class Gem::Command
624
628
 
625
629
  # :stopdoc:
626
630
 
627
- HELP = <<-HELP.freeze
631
+ HELP = <<-HELP
628
632
  RubyGems is a package manager for Ruby.
629
633
 
630
634
  Usage:
@@ -43,6 +43,7 @@ class Gem::CommandManager
43
43
  :contents,
44
44
  :dependency,
45
45
  :environment,
46
+ :exec,
46
47
  :fetch,
47
48
  :generate_index,
48
49
  :help,