diff options
author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2021-06-14 12:55:54 +0900 |
---|---|---|
committer | nagachika <nagachika@ruby-lang.org> | 2021-07-07 10:03:15 +0900 |
commit | 1e98ec27f6ab893d7c9c1d48214fbe9bb2aa049c (patch) | |
tree | ccec4cac42bde6676ae6914976dff64656dea667 | |
parent | f63d3bbb6e27daaac8211c57929d62add4fef1ad (diff) |
Merge RubyGems-3.2.20 and Bundler-2.2.20
25 files changed, 192 insertions, 22 deletions
diff --git a/lib/bundler/bundler.gemspec b/lib/bundler/bundler.gemspec index 1a2ced54d3..f91798ab64 100644 --- a/lib/bundler/bundler.gemspec +++ b/lib/bundler/bundler.gemspec @@ -39,7 +39,7 @@ Gem::Specification.new do |s| # include the gemspec itself because warbler breaks w/o it s.files += %w[bundler.gemspec] - s.extra_rdoc_files = %w[CHANGELOG.md LICENSE.md README.md] + s.files += %w[CHANGELOG.md LICENSE.md README.md] s.bindir = "exe" s.executables = %w[bundle bundler] s.require_paths = ["lib"] diff --git a/lib/bundler/cli/check.rb b/lib/bundler/cli/check.rb index 19c0aaea06..65c51337d2 100644 --- a/lib/bundler/cli/check.rb +++ b/lib/bundler/cli/check.rb @@ -11,9 +11,11 @@ module Bundler def run Bundler.settings.set_command_option_if_given :path, options[:path] + definition = Bundler.definition + definition.validate_runtime! + begin - definition = Bundler.definition - definition.validate_runtime! + definition.resolve_only_locally! not_installed = definition.missing_specs rescue GemNotFound, VersionConflict Bundler.ui.error "Bundler can't satisfy your Gemfile's dependencies." diff --git a/lib/bundler/cli/outdated.rb b/lib/bundler/cli/outdated.rb index d86ed2d002..d5183b060b 100644 --- a/lib/bundler/cli/outdated.rb +++ b/lib/bundler/cli/outdated.rb @@ -147,6 +147,8 @@ module Bundler def retrieve_active_spec(definition, current_spec) active_spec = definition.resolve.find_by_name_and_platform(current_spec.name, current_spec.platform) + return unless active_spec + return active_spec if strict active_specs = active_spec.source.specs.search(current_spec.name).select {|spec| spec.match_platform(current_spec.platform) }.sort_by(&:version) diff --git a/lib/bundler/definition.rb b/lib/bundler/definition.rb index bdf287b1e7..bc75e83908 100644 --- a/lib/bundler/definition.rb +++ b/lib/bundler/definition.rb @@ -160,6 +160,12 @@ module Bundler @disable_multisource end + def resolve_only_locally! + @remote = false + sources.local_only! + resolve + end + def resolve_with_cache! sources.cached! resolve diff --git a/lib/bundler/fetcher/index.rb b/lib/bundler/fetcher/index.rb index 08b041897e..0d14c47aa7 100644 --- a/lib/bundler/fetcher/index.rb +++ b/lib/bundler/fetcher/index.rb @@ -1,7 +1,6 @@ # frozen_string_literal: true require_relative "base" -require "rubygems/remote_fetcher" module Bundler class Fetcher diff --git a/lib/bundler/friendly_errors.rb b/lib/bundler/friendly_errors.rb index c5a19d3eea..db43e0f654 100644 --- a/lib/bundler/friendly_errors.rb +++ b/lib/bundler/friendly_errors.rb @@ -49,8 +49,6 @@ module Bundler "Alternatively, you can increase the amount of memory the JVM is able to use by running Bundler with jruby -J-Xmx1024m -S bundle (JRuby defaults to 500MB)." else request_issue_report_for(error) end - rescue StandardError - raise error end def exit_status(error) @@ -111,7 +109,7 @@ module Bundler First, try this link to see if there are any existing issue reports for this error: #{issues_url(e)} - If there aren't any reports for this error yet, please create copy and paste the report template above into a new issue. Don't forget to anonymize any private data! The new issue form is located at: + If there aren't any reports for this error yet, please copy and paste the report template above into a new issue. Don't forget to anonymize any private data! The new issue form is located at: https://github.com/rubygems/rubygems/issues/new?labels=Bundler&template=bundler-related-issue.md EOS end diff --git a/lib/bundler/rubygems_integration.rb b/lib/bundler/rubygems_integration.rb index d060e21f50..21ce12ecda 100644 --- a/lib/bundler/rubygems_integration.rb +++ b/lib/bundler/rubygems_integration.rb @@ -526,13 +526,14 @@ module Bundler Bundler::Retry.new("download gem from #{uri}").attempts do fetcher.download(spec, uri, path) end + rescue Gem::RemoteFetcher::FetchError => e + raise Bundler::HTTPError, "Could not download gem from #{uri} due to underlying error <#{e.message}>" end def gem_remote_fetcher - require "resolv" + require "rubygems/remote_fetcher" proxy = configuration[:http_proxy] - dns = Resolv::DNS.new - Gem::RemoteFetcher.new(proxy, dns) + Gem::RemoteFetcher.new(proxy) end def gem_from_path(path, policy = nil) diff --git a/lib/bundler/source.rb b/lib/bundler/source.rb index f39072791c..5388a7681e 100644 --- a/lib/bundler/source.rb +++ b/lib/bundler/source.rb @@ -36,6 +36,8 @@ module Bundler def local!; end + def local_only!; end + def cached!; end def remote!; end diff --git a/lib/bundler/source/rubygems.rb b/lib/bundler/source/rubygems.rb index ee317957f0..590c3ec939 100644 --- a/lib/bundler/source/rubygems.rb +++ b/lib/bundler/source/rubygems.rb @@ -26,6 +26,12 @@ module Bundler Array(options["remotes"]).reverse_each {|r| add_remote(r) } end + def local_only! + @specs = nil + @allow_local = true + @allow_remote = false + end + def local! return if @allow_local diff --git a/lib/bundler/source_list.rb b/lib/bundler/source_list.rb index f7eb3a1c03..584d693dea 100644 --- a/lib/bundler/source_list.rb +++ b/lib/bundler/source_list.rb @@ -132,6 +132,10 @@ module Bundler false end + def local_only! + all_sources.each(&:local_only!) + end + def cached! all_sources.each(&:cached!) end diff --git a/lib/bundler/version.rb b/lib/bundler/version.rb index de2a02d140..4302fb9892 100644 --- a/lib/bundler/version.rb +++ b/lib/bundler/version.rb @@ -1,7 +1,7 @@ # frozen_string_literal: false module Bundler - VERSION = "2.2.19".freeze + VERSION = "2.2.20".freeze def self.bundler_major_version @bundler_major_version ||= VERSION.split(".").first.to_i diff --git a/lib/rubygems.rb b/lib/rubygems.rb index f1f7a30a73..57d0140d8b 100644 --- a/lib/rubygems.rb +++ b/lib/rubygems.rb @@ -8,7 +8,7 @@ require 'rbconfig' module Gem - VERSION = "3.2.19".freeze + VERSION = "3.2.20".freeze end # Must be first since it unloads the prelude from 1.9.2 diff --git a/lib/rubygems/installer.rb b/lib/rubygems/installer.rb index 7af51056b7..8c286605e1 100644 --- a/lib/rubygems/installer.rb +++ b/lib/rubygems/installer.rb @@ -728,6 +728,10 @@ class Gem::Installer raise Gem::InstallError, "#{spec} has an invalid extensions" end + if spec.platform.to_s =~ /\R/ + raise Gem::InstallError, "#{spec.platform} is an invalid platform" + end + unless spec.specification_version.to_s =~ /\A\d+\z/ raise Gem::InstallError, "#{spec} has an invalid specification_version" end diff --git a/lib/rubygems/specification_policy.rb b/lib/rubygems/specification_policy.rb index 2b8b05635e..86277a2058 100644 --- a/lib/rubygems/specification_policy.rb +++ b/lib/rubygems/specification_policy.rb @@ -124,25 +124,26 @@ class Gem::SpecificationPolicy end metadata.each do |key, value| + entry = "metadata['#{key}']" if !key.kind_of?(String) error "metadata keys must be a String" end if key.size > 128 - error "metadata key too large (#{key.size} > 128)" + error "metadata key is too large (#{key.size} > 128)" end if !value.kind_of?(String) - error "metadata values must be a String" + error "#{entry} value must be a String" end if value.size > 1024 - error "metadata value too large (#{value.size} > 1024)" + error "#{entry} value is too large (#{value.size} > 1024)" end if METADATA_LINK_KEYS.include? key if value !~ VALID_URI_PATTERN - error "metadata['#{key}'] has invalid link: #{value.inspect}" + error "#{entry} has invalid link: #{value.inspect}" end end end diff --git a/lib/rubygems/test_case.rb b/lib/rubygems/test_case.rb index b3e23360ed..24e8ac853e 100644 --- a/lib/rubygems/test_case.rb +++ b/lib/rubygems/test_case.rb @@ -553,6 +553,10 @@ class Gem::TestCase < Test::Unit::TestCase Gem.pre_uninstall_hooks.clear end + def without_any_upwards_gemfiles + ENV["BUNDLE_GEMFILE"] = File.join(@tempdir, "Gemfile") + end + ## # A git_gem is used with a gem dependencies file. The gem created here # has no files, just a gem specification for the given +name+ and +version+. diff --git a/spec/bundler/bundler/fetcher/index_spec.rb b/spec/bundler/bundler/fetcher/index_spec.rb index b8ce46321e..f0db07583c 100644 --- a/spec/bundler/bundler/fetcher/index_spec.rb +++ b/spec/bundler/bundler/fetcher/index_spec.rb @@ -1,5 +1,7 @@ # frozen_string_literal: true +require "rubygems/remote_fetcher" + RSpec.describe Bundler::Fetcher::Index do let(:downloader) { nil } let(:remote) { nil } diff --git a/spec/bundler/commands/check_spec.rb b/spec/bundler/commands/check_spec.rb index 2fb03186be..2860c82a12 100644 --- a/spec/bundler/commands/check_spec.rb +++ b/spec/bundler/commands/check_spec.rb @@ -288,6 +288,66 @@ RSpec.describe "bundle check" do end end + describe "when using only scoped rubygems sources" do + before do + gemfile <<~G + source "#{file_uri_for(gem_repo1)}" do + gem "rack" + end + G + end + + it "returns success when the Gemfile is satisfied" do + system_gems "rack-1.0.0", :path => default_bundle_path + bundle :check + expect(out).to include("The Gemfile's dependencies are satisfied") + end + end + + describe "when using only scoped rubygems sources with indirect dependencies" do + before do + build_repo4 do + build_gem "depends_on_rack" do |s| + s.add_dependency "rack" + end + + build_gem "rack" + end + + gemfile <<~G + source "#{file_uri_for(gem_repo4)}" do + gem "depends_on_rack" + end + G + end + + it "returns success when the Gemfile is satisfied and generates a correct lockfile" do + system_gems "depends_on_rack-1.0", "rack-1.0", :gem_repo => gem_repo4, :path => default_bundle_path + bundle :check + expect(out).to include("The Gemfile's dependencies are satisfied") + expect(lockfile).to eq <<~L + GEM + specs: + + GEM + remote: #{file_uri_for(gem_repo4)}/ + specs: + depends_on_rack (1.0) + rack + rack (1.0) + + PLATFORMS + #{lockfile_platforms} + + DEPENDENCIES + depends_on_rack! + + BUNDLED WITH + #{Bundler::VERSION} + L + end + end + describe "BUNDLED WITH" do def lock_with(bundler_version = nil) lock = <<-L diff --git a/spec/bundler/commands/outdated_spec.rb b/spec/bundler/commands/outdated_spec.rb index fd54e18b6c..731d67af1b 100644 --- a/spec/bundler/commands/outdated_spec.rb +++ b/spec/bundler/commands/outdated_spec.rb @@ -1292,4 +1292,53 @@ RSpec.describe "bundle outdated" do expect(out).to end_with(expected_output) end end + + context "when a gem is no longer a dependency after a full update" do + before do + build_repo4 do + build_gem "mini_portile2", "2.5.2" do |s| + s.add_dependency "net-ftp", "~> 0.1" + end + + build_gem "mini_portile2", "2.5.3" + + build_gem "net-ftp", "0.1.2" + end + + gemfile <<~G + source "#{file_uri_for(gem_repo4)}" + + gem "mini_portile2" + G + + lockfile <<~L + GEM + remote: #{file_uri_for(gem_repo4)}/ + specs: + mini_portile2 (2.5.2) + net-ftp (~> 0.1) + net-ftp (0.1.2) + + PLATFORMS + #{lockfile_platforms} + + DEPENDENCIES + mini_portile2 + + BUNDLED WITH + #{Bundler::VERSION} + L + end + + it "works" do + bundle "outdated", :raise_on_error => false + + expected_output = <<~TABLE.strip + Gem Current Latest Requested Groups + mini_portile2 2.5.2 2.5.3 >= 0 default + TABLE + + expect(out).to end_with(expected_output) + end + end end diff --git a/spec/bundler/install/global_cache_spec.rb b/spec/bundler/install/global_cache_spec.rb index f3609715fb..68ebef2d89 100644 --- a/spec/bundler/install/global_cache_spec.rb +++ b/spec/bundler/install/global_cache_spec.rb @@ -113,6 +113,8 @@ RSpec.describe "global gem caching" do expect(source2_global_cache("rack-0.9.1.gem")).to exist bundle :install, :artifice => "compact_index_no_gem", :raise_on_error => false expect(err).to include("Internal Server Error 500") + expect(err).not_to include("please copy and paste the report template above into a new issue") + # rack 1.0.0 is not installed and rack 0.9.1 is not expect(the_bundle).not_to include_gems "rack 1.0.0" expect(the_bundle).not_to include_gems "rack 0.9.1" @@ -126,6 +128,8 @@ RSpec.describe "global gem caching" do expect(source2_global_cache("rack-0.9.1.gem")).to exist bundle :install, :artifice => "compact_index_no_gem", :raise_on_error => false expect(err).to include("Internal Server Error 500") + expect(err).not_to include("please copy and paste the report template above into a new issue") + # rack 0.9.1 is not installed and rack 1.0.0 is not expect(the_bundle).not_to include_gems "rack 0.9.1" expect(the_bundle).not_to include_gems "rack 1.0.0" diff --git a/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem b/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem Binary files differnew file mode 100644 index 0000000000..58a13535c2 --- /dev/null +++ b/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem diff --git a/test/rubygems/test_gem_bundler_version_finder.rb b/test/rubygems/test_gem_bundler_version_finder.rb index 08e189b26f..4126898048 100644 --- a/test/rubygems/test_gem_bundler_version_finder.rb +++ b/test/rubygems/test_gem_bundler_version_finder.rb @@ -6,14 +6,12 @@ class TestGemBundlerVersionFinder < Gem::TestCase super @argv = ARGV.dup - @env = ENV.to_hash.clone - ENV.delete("BUNDLER_VERSION") @dollar_0 = $0 + without_any_upwards_gemfiles end def teardown ARGV.replace @argv - ENV.replace @env $0 = @dollar_0 super diff --git a/test/rubygems/test_gem_dependency.rb b/test/rubygems/test_gem_dependency.rb index 69208d3258..d4ef220064 100644 --- a/test/rubygems/test_gem_dependency.rb +++ b/test/rubygems/test_gem_dependency.rb @@ -3,6 +3,12 @@ require 'rubygems/test_case' require 'rubygems/dependency' class TestGemDependency < Gem::TestCase + def setup + super + + without_any_upwards_gemfiles + end + def test_initialize d = dep "pkg", "> 1.0" diff --git a/test/rubygems/test_gem_installer.rb b/test/rubygems/test_gem_installer.rb index 417570b68d..4b795d60cf 100644 --- a/test/rubygems/test_gem_installer.rb +++ b/test/rubygems/test_gem_installer.rb @@ -1776,6 +1776,26 @@ gem 'other', version end end + def test_pre_install_checks_malicious_platform_before_eval + gem_with_ill_formated_platform = File.expand_path("packages/ill-formatted-platform-1.0.0.10.gem", __dir__) + + installer = Gem::Installer.at( + gem_with_ill_formated_platform, + :install_dir => @gem_home, + :user_install => false, + :force => true + ) + + use_ui @ui do + e = assert_raise Gem::InstallError do + installer.pre_install_checks + end + + assert_equal "x86-mswin32\n system('id > /tmp/nyangawa')# is an invalid platform", e.message + assert_empty @ui.output + end + end + def test_shebang installer = setup_base_installer diff --git a/test/rubygems/test_gem_specification.rb b/test/rubygems/test_gem_specification.rb index 63a9b4ff17..226ec40bf0 100644 --- a/test/rubygems/test_gem_specification.rb +++ b/test/rubygems/test_gem_specification.rb @@ -3612,7 +3612,7 @@ Did you mean 'Ruby'? @m2.validate end - assert_equal "metadata key too large (129 > 128)", e.message + assert_equal "metadata key is too large (129 > 128)", e.message end end @@ -3629,7 +3629,7 @@ Did you mean 'Ruby'? @m2.validate end - assert_equal "metadata values must be a String", e.message + assert_equal "metadata['fail'] value must be a String", e.message end end @@ -3646,7 +3646,7 @@ Did you mean 'Ruby'? @m2.validate end - assert_equal "metadata value too large (1025 > 1024)", e.message + assert_equal "metadata['fail'] value is too large (1025 > 1024)", e.message end end diff --git a/test/rubygems/test_kernel.rb b/test/rubygems/test_kernel.rb index c427203b35..b7c809f87d 100644 --- a/test/rubygems/test_kernel.rb +++ b/test/rubygems/test_kernel.rb @@ -8,6 +8,8 @@ class TestKernel < Gem::TestCase @old_path = $:.dup util_make_gems + + without_any_upwards_gemfiles end def teardown |