diff options
| author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2022-01-19 13:28:23 +0900 |
|---|---|---|
| committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2022-01-19 15:01:44 +0900 |
| commit | d22511fd7595ef1819baa42851d598d95b8f4d00 (patch) | |
| tree | 83e823c033f5c39c314cf4379f0bac5c43adf3d4 | |
| parent | 5646f4b67b75e7e558c994ff8cbd374e4b4bd3b5 (diff) | |
Merge rubygems/rubygems HEAD.
Picked at 12aeef6ba9a3be0022be9934c1a3e4c46a03ed3a
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/5462
35 files changed, 400 insertions, 234 deletions
diff --git a/lib/bundler/cli.rb b/lib/bundler/cli.rb index f6e20e7c67..16651dfad9 100644 --- a/lib/bundler/cli.rb +++ b/lib/bundler/cli.rb @@ -809,17 +809,10 @@ module Bundler current = Gem::Version.new(VERSION) return if current >= latest - latest_installed = Bundler.rubygems.find_name("bundler").map(&:version).max - installation = "To install the latest version, run `gem install bundler#{" --pre" if latest.prerelease?}`" - if latest_installed && latest_installed > current - suggestion = "To update to the most recent installed version (#{latest_installed}), run `bundle update --bundler`" - suggestion = "#{installation}\n#{suggestion}" if latest_installed < latest - else - suggestion = installation - end - - Bundler.ui.warn "The latest bundler is #{latest}, but you are currently running #{current}.\n#{suggestion}" + Bundler.ui.warn \ + "The latest bundler is #{latest}, but you are currently running #{current}.\n" \ + "To update to the most recent version, run `bundle update --bundler`" rescue RuntimeError nil end diff --git a/lib/bundler/cli/update.rb b/lib/bundler/cli/update.rb index 95a8886ea5..b49182655b 100644 --- a/lib/bundler/cli/update.rb +++ b/lib/bundler/cli/update.rb @@ -11,12 +11,16 @@ module Bundler def run Bundler.ui.level = "warn" if options[:quiet] + update_bundler = options[:bundler] + + Bundler.self_manager.update_bundler_and_restart_with_it_if_needed(update_bundler) if update_bundler + Plugin.gemfile_install(Bundler.default_gemfile) if Bundler.feature_flag.plugins? sources = Array(options[:source]) groups = Array(options[:group]).map(&:to_sym) - full_update = gems.empty? && sources.empty? && groups.empty? && !options[:ruby] && !options[:bundler] + full_update = gems.empty? && sources.empty? && groups.empty? && !options[:ruby] && !update_bundler if full_update && !options[:all] if Bundler.feature_flag.update_requires_all_flag? @@ -49,7 +53,7 @@ module Bundler Bundler.definition(:gems => gems, :sources => sources, :ruby => options[:ruby], :conservative => conservative, - :bundler => options[:bundler]) + :bundler => update_bundler) end Bundler::CLI::Common.configure_gem_version_promoter(Bundler.definition, options) diff --git a/lib/bundler/compact_index_client.rb b/lib/bundler/compact_index_client.rb index d5dbeb3b10..127a50e810 100644 --- a/lib/bundler/compact_index_client.rb +++ b/lib/bundler/compact_index_client.rb @@ -73,12 +73,6 @@ module Bundler end.flatten(1) end - def spec(name, version, platform = nil) - Bundler::CompactIndexClient.debug { "spec(name = #{name}, version = #{version}, platform = #{platform})" } - update_info(name) - @cache.specific_dependency(name, version, platform) - end - def update_and_parse_checksums! Bundler::CompactIndexClient.debug { "update_and_parse_checksums!" } return @info_checksums_by_name if @parsed_checksums diff --git a/lib/bundler/compact_index_client/cache.rb b/lib/bundler/compact_index_client/cache.rb index c2cd069ec1..2d83777139 100644 --- a/lib/bundler/compact_index_client/cache.rb +++ b/lib/bundler/compact_index_client/cache.rb @@ -76,15 +76,6 @@ module Bundler end end - def specific_dependency(name, version, platform) - pattern = [version, platform].compact.join("-") - return nil if pattern.empty? - - gem_lines = info_path(name).read - gem_line = gem_lines[/^#{Regexp.escape(pattern)}\b.*/, 0] - gem_line ? parse_gem(gem_line) : nil - end - private def lines(path) diff --git a/lib/bundler/definition.rb b/lib/bundler/definition.rb index f985e6a374..c31c41f76d 100644 --- a/lib/bundler/definition.rb +++ b/lib/bundler/definition.rb @@ -310,14 +310,6 @@ module Bundler end end - def locked_bundler_version - if @locked_bundler_version && @locked_bundler_version < Gem::Version.new(Bundler::VERSION) - new_version = Bundler::VERSION - end - - new_version || @locked_bundler_version || Bundler::VERSION - end - def locked_ruby_version return unless ruby_version if @unlock[:ruby] || !@locked_ruby_version diff --git a/lib/bundler/endpoint_specification.rb b/lib/bundler/endpoint_specification.rb index 6cf597b943..f3260a38e6 100644 --- a/lib/bundler/endpoint_specification.rb +++ b/lib/bundler/endpoint_specification.rb @@ -5,14 +5,15 @@ module Bundler class EndpointSpecification < Gem::Specification include MatchPlatform - attr_reader :name, :version, :platform, :required_rubygems_version, :required_ruby_version, :checksum + attr_reader :name, :version, :platform, :checksum attr_accessor :source, :remote, :dependencies - def initialize(name, version, platform, dependencies, metadata = nil) + def initialize(name, version, platform, spec_fetcher, dependencies, metadata = nil) super() @name = name @version = Gem::Version.create version @platform = platform + @spec_fetcher = spec_fetcher @dependencies = dependencies.map {|dep, reqs| build_dependency(dep, reqs) } @loaded_from = nil @@ -21,6 +22,14 @@ module Bundler parse_metadata(metadata) end + def required_ruby_version + @required_ruby_version ||= _remote_specification.required_ruby_version + end + + def required_rubygems_version + @required_rubygems_version ||= _remote_specification.required_rubygems_version + end + def fetch_platform @platform end @@ -105,12 +114,21 @@ module Bundler private + def _remote_specification + @_remote_specification ||= @spec_fetcher.fetch_spec([@name, @version, @platform]) + end + def local_specification_path "#{base_dir}/specifications/#{full_name}.gemspec" end def parse_metadata(data) - return unless data + unless data + @required_ruby_version = nil + @required_rubygems_version = nil + return + end + data.each do |k, v| next unless v case k.to_s diff --git a/lib/bundler/fetcher.rb b/lib/bundler/fetcher.rb index a453157e68..89103fe1ec 100644 --- a/lib/bundler/fetcher.rb +++ b/lib/bundler/fetcher.rb @@ -129,17 +129,15 @@ module Bundler specs = fetchers.last.specs(gem_names) else specs = [] - fetchers.shift until fetchers.first.available? || fetchers.empty? - fetchers.dup.each do |f| - break unless f.api_fetcher? && !gem_names || !specs = f.specs(gem_names) - fetchers.delete(f) + @fetchers = fetchers.drop_while do |f| + !f.available? || (f.api_fetcher? && !gem_names) || !specs = f.specs(gem_names) end @use_api = false if fetchers.none?(&:api_fetcher?) end specs.each do |name, version, platform, dependencies, metadata| spec = if dependencies - EndpointSpecification.new(name, version, platform, dependencies, metadata) + EndpointSpecification.new(name, version, platform, self, dependencies, metadata) else RemoteSpecification.new(name, version, platform, self) end @@ -272,8 +270,7 @@ module Bundler # cached gem specification path, if one exists def gemspec_cached_path(spec_file_name) paths = Bundler.rubygems.spec_cache_dirs.map {|dir| File.join(dir, spec_file_name) } - paths = paths.select {|path| File.file? path } - paths.first + paths.find {|path| File.file? path } end HTTP_ERRORS = [ @@ -301,8 +298,6 @@ module Bundler store end - private - def remote_uri @remote.uri end diff --git a/lib/bundler/fetcher/compact_index.rb b/lib/bundler/fetcher/compact_index.rb index aa828af6b1..b23176588f 100644 --- a/lib/bundler/fetcher/compact_index.rb +++ b/lib/bundler/fetcher/compact_index.rb @@ -57,16 +57,6 @@ module Bundler gem_info end - def fetch_spec(spec) - spec -= [nil, "ruby", ""] - contents = compact_index_client.spec(*spec) - return nil if contents.nil? - contents.unshift(spec.first) - contents[3].map! {|d| Gem::Dependency.new(*d) } - EndpointSpecification.new(*contents) - end - compact_index_request :fetch_spec - def available? unless SharedHelpers.md5_available? Bundler.ui.debug("FIPS mode is enabled, bundler can't use the CompactIndex API") diff --git a/lib/bundler/fetcher/index.rb b/lib/bundler/fetcher/index.rb index 0d14c47aa7..6bb9fcc193 100644 --- a/lib/bundler/fetcher/index.rb +++ b/lib/bundler/fetcher/index.rb @@ -21,32 +21,6 @@ module Bundler raise HTTPError, "Could not fetch specs from #{display_uri} due to underlying error <#{e.message}>" end end - - def fetch_spec(spec) - spec -= [nil, "ruby", ""] - spec_file_name = "#{spec.join "-"}.gemspec" - - uri = Bundler::URI.parse("#{remote_uri}#{Gem::MARSHAL_SPEC_DIR}#{spec_file_name}.rz") - if uri.scheme == "file" - path = Bundler.rubygems.correct_for_windows_path(uri.path) - Bundler.load_marshal Bundler.rubygems.inflate(Gem.read_binary(path)) - elsif cached_spec_path = gemspec_cached_path(spec_file_name) - Bundler.load_gemspec(cached_spec_path) - else - Bundler.load_marshal Bundler.rubygems.inflate(downloader.fetch(uri).body) - end - rescue MarshalError - raise HTTPError, "Gemspec #{spec} contained invalid data.\n" \ - "Your network or your gem server is probably having issues right now." - end - - private - - # cached gem specification path, if one exists - def gemspec_cached_path(spec_file_name) - paths = Bundler.rubygems.spec_cache_dirs.map {|dir| File.join(dir, spec_file_name) } - paths.find {|path| File.file? path } - end end end end diff --git a/lib/bundler/lazy_specification.rb b/lib/bundler/lazy_specification.rb index 4eb228f314..fd7c8defdc 100644 --- a/lib/bundler/lazy_specification.rb +++ b/lib/bundler/lazy_specification.rb @@ -90,11 +90,11 @@ module Bundler MatchPlatform.platforms_match?(spec.platform, platform_object) end installable_candidates = same_platform_candidates.select do |spec| - !spec.is_a?(EndpointSpecification) || + spec.is_a?(StubSpecification) || (spec.required_ruby_version.satisfied_by?(Gem.ruby_version) && spec.required_rubygems_version.satisfied_by?(Gem.rubygems_version)) end - search = installable_candidates.last || same_platform_candidates.last + search = installable_candidates.last search.dependencies = dependencies if search && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification)) search end diff --git a/lib/bundler/lockfile_generator.rb b/lib/bundler/lockfile_generator.rb index 3bc6bd7339..0578a93fdc 100644 --- a/lib/bundler/lockfile_generator.rb +++ b/lib/bundler/lockfile_generator.rb @@ -71,7 +71,7 @@ module Bundler end def add_bundled_with - add_section("BUNDLED WITH", definition.locked_bundler_version.to_s) + add_section("BUNDLED WITH", Bundler::VERSION) end def add_section(name, value) diff --git a/lib/bundler/resolver.rb b/lib/bundler/resolver.rb index 22d61fba36..bd579a5f0c 100644 --- a/lib/bundler/resolver.rb +++ b/lib/bundler/resolver.rb @@ -358,24 +358,18 @@ module Bundler o << "\n" o << %(Running `bundle update` will rebuild your snapshot from scratch, using only\n) o << %(the gems in your Gemfile, which may resolve the conflict.\n) - elsif !conflict.existing + elsif !conflict.existing && !name.end_with?("\0") o << "\n" relevant_source = conflict.requirement.source || source_for(name) - metadata_requirement = name.end_with?("\0") - extra_message = if conflict.requirement_trees.first.size > 1 ", which is required by gem '#{SharedHelpers.pretty_dependency(conflict.requirement_trees.first[-2])}'," else "" end - if metadata_requirement - o << "#{SharedHelpers.pretty_dependency(conflict.requirement)}#{extra_message} is not available in #{relevant_source}" - else - o << gem_not_found_message(name, conflict.requirement, relevant_source, extra_message) - end + o << gem_not_found_message(name, conflict.requirement, relevant_source, extra_message) end end, :version_for_spec => lambda {|spec| spec.version }, diff --git a/lib/bundler/resolver/spec_group.rb b/lib/bundler/resolver/spec_group.rb index 8f4fd18c46..232520de77 100644 --- a/lib/bundler/resolver/spec_group.rb +++ b/lib/bundler/resolver/spec_group.rb @@ -95,7 +95,7 @@ module Bundler def metadata_dependencies(platform) spec = @specs[platform].first - return [] unless spec.is_a?(Gem::Specification) + return [] if spec.is_a?(LazySpecification) dependencies = [] if !spec.required_ruby_version.nil? && !spec.required_ruby_version.none? dependencies << DepProxy.get_proxy(Gem::Dependency.new("Ruby\0", spec.required_ruby_version), platform) diff --git a/lib/bundler/self_manager.rb b/lib/bundler/self_manager.rb index 024b2bfbf2..827f3f9222 100644 --- a/lib/bundler/self_manager.rb +++ b/lib/bundler/self_manager.rb @@ -9,46 +9,58 @@ module Bundler def restart_with_locked_bundler_if_needed return unless needs_switching? && installed? - restart_with_locked_bundler + restart_with(lockfile_version) end def install_locked_bundler_and_restart_with_it_if_needed return unless needs_switching? - install_and_restart_with_locked_bundler + Bundler.ui.info \ + "Bundler #{current_version} is running, but your lockfile was generated with #{lockfile_version}. " \ + "Installing Bundler #{lockfile_version} and restarting using that version." + + install_and_restart_with(lockfile_version) + end + + def update_bundler_and_restart_with_it_if_needed(target) + return unless autoswitching_applies? + + spec = resolve_update_version_from(target) + return unless spec + + version = spec.version + + Bundler.ui.info "Updating bundler to #{version}." + + install(spec) + + restart_with(version) end private - def install_and_restart_with_locked_bundler - bundler_dep = Gem::Dependency.new("bundler", lockfile_version) - spec = fetch_spec_for(bundler_dep) - return if spec.nil? + def install_and_restart_with(version) + requirement = Gem::Requirement.new(version) + spec = find_latest_matching_spec(requirement) - Bundler.ui.info \ - "Bundler #{current_version} is running, but your lockfile was generated with #{lockfile_version}. " \ - "Installing Bundler #{lockfile_version} and restarting using that version." + if spec.nil? + Bundler.ui.warn "Your lockfile is locked to a version of bundler (#{lockfile_version}) that doesn't exist at https://rubygems.org/. Going on using #{current_version}" + return + end - spec.source.install(spec) + install(spec) rescue StandardError => e Bundler.ui.trace e Bundler.ui.warn "There was an error installing the locked bundler version (#{lockfile_version}), rerun with the `--verbose` flag for more details. Going on using bundler #{current_version}." else - restart_with_locked_bundler + restart_with(version) end - def fetch_spec_for(bundler_dep) - source = Bundler::Source::Rubygems.new("remotes" => "https://rubygems.org") - source.remote! - source.add_dependency_names("bundler") - spec = source.specs.search(bundler_dep).first - if spec.nil? - Bundler.ui.warn "Your lockfile is locked to a version of bundler (#{lockfile_version}) that doesn't exist at https://rubygems.org/. Going on using #{current_version}" - end - spec + def install(spec) + spec.source.install(spec) end - def restart_with_locked_bundler + def restart_with(version) configured_gem_home = ENV["GEM_HOME"] configured_gem_path = ENV["GEM_PATH"] @@ -57,20 +69,79 @@ module Bundler Bundler.with_original_env do Kernel.exec( - { "GEM_HOME" => configured_gem_home, "GEM_PATH" => configured_gem_path, "BUNDLER_VERSION" => lockfile_version }, + { "GEM_HOME" => configured_gem_home, "GEM_PATH" => configured_gem_path, "BUNDLER_VERSION" => version.to_s }, *cmd ) end end def needs_switching? + autoswitching_applies? && + released?(lockfile_version) && + !running?(lockfile_version) && + !updating? + end + + def autoswitching_applies? ENV["BUNDLER_VERSION"].nil? && Bundler.rubygems.supports_bundler_trampolining? && SharedHelpers.in_bundle? && - lockfile_version && - !lockfile_version.end_with?(".dev") && - lockfile_version != current_version && - !updating? + lockfile_version + end + + def resolve_update_version_from(target) + requirement = Gem::Requirement.new(target) + update_candidate = find_latest_matching_spec(requirement) + + if update_candidate.nil? + raise InvalidOption, "The `bundle update --bundler` target version (#{target}) does not exist" + end + + resolved_version = update_candidate.version + needs_update = requirement.specific? ? !running?(resolved_version) : running_older_than?(resolved_version) + + return unless needs_update + + update_candidate + end + + def local_specs + @local_specs ||= Bundler::Source::Rubygems.new("allow_local" => true).specs.select {|spec| spec.name == "bundler" } + end + + def remote_specs + @remote_specs ||= begin + source = Bundler::Source::Rubygems.new("remotes" => "https://rubygems.org") + source.remote! + source.add_dependency_names("bundler") + source.specs + end + end + + def find_latest_matching_spec(requirement) + local_result = find_latest_matching_spec_from_collection(local_specs, requirement) + return local_result if local_result && requirement.specific? + + remote_result = find_latest_matching_spec_from_collection(remote_specs, requirement) + return remote_result if local_result.nil? + + [local_result, remote_result].max + end + + def find_latest_matching_spec_from_collection(specs, requirement) + specs.sort.reverse_each.find {|spec| requirement.satisfied_by?(spec.version) } + end + + def running?(version) + version == current_version + end + + def running_older_than?(version) + current_version < version + end + + def released?(version) + !version.to_s.end_with?(".dev") end def updating? @@ -80,15 +151,18 @@ module Bundler def installed? Bundler.configure - Bundler.rubygems.find_bundler(lockfile_version) + Bundler.rubygems.find_bundler(lockfile_version.to_s) end def current_version - @current_version ||= Bundler::VERSION + @current_version ||= Gem::Version.new(Bundler::VERSION) end def lockfile_version - @lockfile_version ||= Bundler::LockfileParser.bundled_with + return @lockfile_version if defined?(@lockfile_version) + + parsed_version = Bundler::LockfileParser.bundled_with + @lockfile_version = parsed_version ? Gem::Version.new(parsed_version) : nil end end end diff --git a/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb b/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb index f52ced2bcd..bf013307f1 100644 --- a/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb +++ b/lib/bundler/vendor/thor/lib/thor/actions/inject_into_file.rb @@ -107,10 +107,7 @@ class Bundler::Thor # def replace!(regexp, string, force) content = File.read(destination) - before, after = content.split(regexp, 2) - snippet = (behavior == :after ? after : before).to_s - - if force || !snippet.include?(replacement) + if force || !content.include?(replacement) success = content.gsub!(regexp, string) File.open(destination, "wb") { |file| file.write(content) } unless pretend? diff --git a/lib/bundler/vendor/thor/lib/thor/version.rb b/lib/bundler/vendor/thor/lib/thor/version.rb index a3efa9f762..48a4788b3b 100644 --- a/lib/bundler/vendor/thor/lib/thor/version.rb +++ b/lib/bundler/vendor/thor/lib/thor/version.rb @@ -1,3 +1,3 @@ class Bundler::Thor - VERSION = "1.1.0" + VERSION = "1.2.1" end diff --git a/lib/rubygems.rb b/lib/rubygems.rb index 26fb93cbfb..c568981e52 100644 --- a/lib/rubygems.rb +++ b/lib/rubygems.rb @@ -606,17 +606,10 @@ An Array (#{env.inspect}) was passed in from #{caller[3]} def self.load_yaml return if @yaml_loaded - begin - # Try requiring the gem version *or* stdlib version of psych. - require 'psych' - rescue ::LoadError - # If we can't load psych, that's fine, go on. - else - require_relative 'rubygems/psych_additions' - require_relative 'rubygems/psych_tree' - end + require 'psych' + require_relative 'rubygems/psych_additions' + require_relative 'rubygems/psych_tree' - require 'yaml' require_relative 'rubygems/safe_yaml' @yaml_loaded = true diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb index 58d021d99a..a81c5f307c 100644 --- a/lib/rubygems/package.rb +++ b/lib/rubygems/package.rb @@ -230,7 +230,7 @@ class Gem::Package tar.add_file_signed 'checksums.yaml.gz', 0444, @signer do |io| gzip_to io do |gz_io| - YAML.dump checksums_by_algorithm, gz_io + Psych.dump checksums_by_algorithm, gz_io end end end diff --git a/lib/rubygems/package/old.rb b/lib/rubygems/package/old.rb index 25317ef23f..301d403411 100644 --- a/lib/rubygems/package/old.rb +++ b/lib/rubygems/package/old.rb @@ -145,7 +145,7 @@ class Gem::Package::Old < Gem::Package begin @spec = Gem::Specification.from_yaml yaml - rescue YAML::SyntaxError + rescue Psych::SyntaxError raise Gem::Exception, "Failed to parse gem specification out of gem file" end rescue ArgumentError diff --git a/lib/rubygems/psych_additions.rb b/lib/rubygems/psych_additions.rb index 1ddd74421c..a13c1ec676 100644 --- a/lib/rubygems/psych_additions.rb +++ b/lib/rubygems/psych_additions.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true # This exists just to satisfy bugs in marshal'd gemspecs that -# contain a reference to YAML::PrivateType. We prune these out +# contain a reference to Psych::PrivateType. We prune these out # in Specification._load, but if we don't have the constant, Marshal # blows up. diff --git a/lib/rubygems/safe_yaml.rb b/lib/rubygems/safe_yaml.rb index e905052e1c..81f99ee26e 100644 --- a/lib/rubygems/safe_yaml.rb +++ b/lib/rubygems/safe_yaml.rb @@ -24,33 +24,33 @@ module Gem runtime ].freeze - if ::YAML.respond_to? :safe_load + if ::Psych.respond_to? :safe_load def self.safe_load(input) if Gem::Version.new(Psych::VERSION) >= Gem::Version.new('3.1.0.pre1') - ::YAML.safe_load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, aliases: true) + ::Psych.safe_load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, aliases: true) else - ::YAML.safe_load(input, PERMITTED_CLASSES, PERMITTED_SYMBOLS, true) + ::Psych.safe_load(input, PERMITTED_CLASSES, PERMITTED_SYMBOLS, true) end end def self.load(input) if Gem::Version.new(Psych::VERSION) >= Gem::Version.new('3.1.0.pre1') - ::YAML.safe_load(input, permitted_classes: [::Symbol]) + ::Psych.safe_load(input, permitted_classes: [::Symbol]) else - ::YAML.safe_load(input, [::Symbol]) + ::Psych.safe_load(input, [::Symbol]) end end else unless Gem::Deprecate.skip - warn "YAML safe loading is not available. Please upgrade psych to a version that supports safe loading (>= 2.0)." + warn "Psych safe loading is not available. Please upgrade psych to a version that supports safe loading (>= 2.0)." end def self.safe_load(input, *args) - ::YAML.load input + ::Psych.load input end def self.load(input) - ::YAML.load input + ::Psych.load input end end end diff --git a/lib/rubygems/security.rb b/lib/rubygems/security.rb index f21c175642..fc23c1c481 100644 --- a/lib/rubygems/security.rb +++ b/lib/rubygems/security.rb @@ -261,7 +261,7 @@ require_relative 'openssl' # 2. Grab the public key from the gemspec # # gem spec some_signed_gem-1.0.gem cert_chain | \ -# ruby -ryaml -e 'puts YAML.load($stdin)' > public_key.crt +# ruby -rpsych -e 'puts Psych.load($stdin)' > public_key.crt # # 3. Generate a SHA1 hash of the data.tar.gz # diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb index f572257525..06e50244a7 100644 --- a/lib/rubygems/specification.rb +++ b/lib/rubygems/specification.rb @@ -1279,10 +1279,10 @@ class Gem::Specification < Gem::BasicSpecification raise TypeError, "invalid Gem::Specification format #{array.inspect}" end - # Cleanup any YAML::PrivateType. They only show up for an old bug + # Cleanup any Psych::PrivateType. They only show up for an old bug # where nil => null, so just convert them to nil based on the type. - array.map! {|e| e.kind_of?(YAML::PrivateType) ? nil : e } + array.map! {|e| e.kind_of?(Psych::PrivateType) ? nil : e } spec.instance_variable_set :@rubygems_version, array[0] # spec version diff --git a/spec/bundler/bundler/cli_spec.rb b/spec/bundler/bundler/cli_spec.rb index c5de12c211..28ade90138 100644 --- a/spec/bundler/bundler/cli_spec.rb +++ b/spec/bundler/bundler/cli_spec.rb @@ -170,7 +170,7 @@ RSpec.describe "bundle executable" do bundle "fail", :env => { "BUNDLER_VERSION" => bundler_version }, :raise_on_error => false expect(err).to start_with(<<-EOS.strip) The latest bundler is #{latest_version}, but you are currently running #{bundler_version}. -To install the latest version, run `gem install bundler` +To update to the most recent version, run `bundle update --bundler` EOS end @@ -195,7 +195,7 @@ To install the latest version, run `gem install bundler` bundle "fail", :env => { "BUNDLER_VERSION" => bundler_version }, :raise_on_error => false expect(err).to start_with(<<-EOS.strip) The latest bundler is #{latest_version}, but you are currently running #{bundler_version}. -To install the latest version, run `gem install bundler --pre` +To update to the most recent version, run `bundle update --bundler` EOS end end diff --git a/spec/bundler/bundler/endpoint_specification_spec.rb b/spec/bundler/bundler/endpoint_specification_spec.rb index 2e2c16ec44..02a90d507a 100644 --- a/spec/bundler/bundler/endpoint_specification_spec.rb +++ b/spec/bundler/bundler/endpoint_specification_spec.rb @@ -5,9 +5,10 @@ RSpec.describe Bundler::EndpointSpecification do let(:version) { "1.0.0" } let(:platform) { Gem::Platform::RUBY } let(:dependencies) { [] } + let(:spec_fetcher) { double(:spec_fetcher) } let(:metadata) { nil } - subject(:spec) { described_class.new(name, version, platform, dependencies, metadata) } + subject(:spec) { described_class.new(name, version, platform, spec_fetcher, dependencies, metadata) } describe "#build_dependency" do let(:name) { "foo" } @@ -48,7 +49,9 @@ RSpec.describe Bundler::EndpointSpecification do end it "supports equality comparison" do - other_spec = described_class.new("bar", version, platform, dependencies, metadata) + remote_spec = double(:remote_spec, :required_ruby_version => nil, :required_rubygems_version => nil) + allow(spec_fetcher).to receive(:fetch_spec).and_return(remote_spec) + other_spec = described_class.new("bar", version, platform, spec_fetcher, dependencies, metadata) expect(spec).to eql(spec) expect(spec).to_not eql(other_spec) end diff --git a/spec/bundler/commands/binstubs_spec.rb b/spec/bundler/commands/binstubs_spec.rb index 14b0069b6e..9e446ff267 100644 --- a/spec/bundler/commands/binstubs_spec.rb +++ b/spec/bundler/commands/binstubs_spec.rb @@ -182,7 +182,7 @@ RSpec.describe "bundle binstubs <gem>" do end context "and the version is older and the same major" do - let(:system_bundler_version) { "2.3.1" } + let(:system_bundler_version) { "2.3.3" } before do lockfile lockfile.gsub(/BUNDLED WITH\n .*$/m, "BUNDLED WITH\n 2.3.0") @@ -191,7 +191,7 @@ RSpec.describe "bundle binstubs <gem>" do it "installs and runs the exact version of bundler", :rubygems => ">= 3.3.0.dev" do sys_exec "bin/bundle install --verbose", :artifice => "vcr" expect(exitstatus).not_to eq(42) - expect(out).to include("Bundler 2.3.1 is running, but your lockfile was generated with 2.3.0. Installing Bundler 2.3.0 and restarting using that version.") + expect(out).to include("Bundler 2.3.3 is running, but your lockfile was generated with 2.3.0. Installing Bundler 2.3.0 and restarting using that version.") expect(out).to include("Using bundler 2.3.0") expect(err).not_to include("Activating bundler (~> 2.3.0) failed:") end @@ -199,8 +199,8 @@ RSpec.describe "bundle binstubs <gem>" do it "runs the available version of bundler", :rubygems => "< 3.3.0.dev" do sys_exec "bin/bundle install --verbose" expect(exitstatus).not_to eq(42) - expect(out).not_to include("Bundler 2.3.1 is running, but your lockfile was generated with 2.3.0. Installing Bundler 2.3.0 and restarting using that version.") - expect(out).to include("Using bundler 2.3.1") + expect(out).not_to include("Bundler 2.3.3 is running, but your lockfile was generated with 2.3.0. Installing Bundler 2.3.0 and restarting using that version.") + expect(out).to include("Using bundler 2.3.3") expect(err).not_to include("Activating bundler (~> 2.3.0) failed:") end end diff --git a/spec/bundler/commands/update_spec.rb b/spec/bundler/commands/update_spec.rb index 3878c47799..ee5d53c527 100644 --- a/spec/bundler/commands/update_spec.rb +++ b/spec/bundler/commands/update_spec.rb @@ -1120,18 +1120,33 @@ RSpec.describe "bundle update --bundler" do source "#{file_uri_for(gem_repo4)}" gem "rack" G - allow(Bundler::SharedHelpers).to receive(:find_gemfile).and_return(bundled_app_gemfile) lockfile lockfile.sub(/(^\s*)#{Bundler::VERSION}($)/, '\11.0.0\2') FileUtils.rm_r gem_repo4 - bundle :update, :bundler => true, :verbose => true - expect(the_bundle).to include_gem "rack 1.0" + bundle :update, :bundler => true, :artifice => "compact_index", :verbose => true + expect(out).to include("Using bundler #{Bundler::VERSION}") + + expect(lockfile).to eq <<~L + GEM + remote: #{file_uri_for(gem_repo4)}/ + specs: + rack (1.0) + + PLATFORMS + #{lockfile_platforms} + + DEPENDENCIES + rack + + BUNDLED WITH + #{Bundler::VERSION} + L - expect(the_bundle.locked_gems.bundler_version).to eq v(Bundler::VERSION) + expect(the_bundle).to include_gem "rack 1.0" end - it "updates the bundler version in the lockfile without re-resolving if the locked version is already installed" do + it "updates the bundler version in the lockfile without re-resolving if the highest version is already installed" do system_gems "bundler-2.3.3" build_repo4 do @@ -1144,7 +1159,7 @@ RSpec.describe "bundle update --bundler" do G lockfile lockfile.sub(/(^\s*)#{Bundler::VERSION}($)/, "2.3.3") - bundle :update, :bundler => true, :artifice => "vcr", :verbose => true + bundle :update, :bundler => true, :artifice => "compact_index", :verbose => true expect(out).to include("Using bundler #{Bundler::VERSION}") expect(lockfile).to eq <<~L @@ -1165,6 +1180,149 @@ RSpec.describe "bundle update --bundler" do expect(the_bundle).to include_gem "rack 1.0" end + + it "updates the bundler version in the lockfile even if the latest version is not installed", :ruby_repo, :realworld do + pristine_system_gems "bundler-2.3.3" + + build_repo4 do + build_gem "rack", "1.0" + end + + install_gemfile <<-G + source "#{file_uri_for(gem_repo4)}" + gem "rack" + G + lockfile lockfile.sub(/(^\s*)#{Bundler::VERSION}($)/, "2.3.3") + + bundle :update, :bundler => true, :artifice => "vcr", :verbose => true + + # Only updates properly on modern RubyGems. + + if Gem.rubygems_version >= Gem::Version.new("3.3.0.dev") + expect(out).to include("Updating bundler to 2.3.4") + expect(out).to include("Using bundler 2.3.4") + expect(out).not_to include("Installing Bundler 2.3.3 and restarting using that version.") + + expect(lockfile).to eq <<~L + GEM + remote: #{file_uri_for(gem_repo4)}/ + specs: + rack (1.0) + + PLATFORMS + #{lockfile_platforms} + + DEPENDENCIES + rack + + BUNDLED WITH + 2.3.4 + L + + expect(the_bundle).to include_gems "bundler 2.3.4" + end + + expect(the_bundle).to include_gems "rack 1.0" + end + + it "errors if the explicit target version does not exist", :realworld do + pristine_system_gems "bundler-2.3.3" + + build_repo4 do + build_gem "rack", "1.0" + end + + install_gemfile <<-G + source "#{file_uri_for(gem_repo4)}" + gem "rack" + G + lockfile lockfile.sub(/(^\s*)#{Bundler::VERSION}($)/, "2.3.3") + + bundle :update, :bundler => "999.999.999", :artifice => "vcr", :raise_on_error => false + + # Only gives a meaningful error message on modern RubyGems. + + if Gem.rubygems_version >= Gem::Version.new("3.3.0.dev") + expect(last_command).to be_failure + expect(err).to include("The `bundle update --bundler` target version (999.999.999) does not exist") + end + end + + it "allows updating to development versions if already installed locally" do + system_gems "bundler-2.3.0.dev" + + build_repo4 do + build_gem "rack", "1.0" + end + + install_gemfile <<-G + source "#{file_uri_for(gem_repo4)}" + gem "rack" + G + + bundle :update, :bundler => "2.3.0.dev" + + # Only updates properly on modern RubyGems. + + if Gem.rubygems_version >= Gem::Version.new("3.3.0.dev") + expect(lockfile).to eq <<~L + GEM + remote: #{file_uri_for(gem_repo4)}/ + specs: + rack (1.0) + + PLATFORMS + #{lockfile_platforms} + + DEPENDENCIES + rack + + BUNDLED WITH + 2.3.0.dev + L + + expect(out).to include("Using bundler 2.3.0.dev") + end + end + + it "does not touch the network if not necessary" do + system_gems "bundler-2.3.3" + + build_repo4 do + build_gem "rack", "1.0" + end + + install_gemfile <<-G + source "#{file_uri_for(gem_repo4)}" + gem "rack" + G + + bundle :update, :bundler => "2.3.3", :raise_on_error => false + + expect(out).not_to include("Fetching gem metadata from https://rubygems.org/") + + # Only updates properly on modern RubyGems. + + if Gem.rubygems_version >= Gem::Version.new("3.3.0.dev") + expect(lockfile).to eq <<~L + GEM + remote: #{file_uri_for(gem_repo4)}/ + specs: + rack (1.0) + + PLATFORMS + #{lockfile_platforms} + + DEPENDENCIES + rack + + BUNDLED WITH + 2.3.3 + L + + expect(out).to include("Using bundler 2.3.3") + end + end end # these specs are slow and focus on integration and therefore are not exhaustive. unit specs elsewhere handle that. diff --git a/spec/bundler/install/gemfile/gemspec_spec.rb b/spec/bundler/install/gemfile/gemspec_spec.rb index 6d9cd2daff..e7cf8f08d2 100644 --- a/spec/bundler/install/gemfile/gemspec_spec.rb +++ b/spec/bundler/install/gemfile/gemspec_spec.rb @@ -179,7 +179,7 @@ RSpec.describe "bundle install from an existing gemspec" do gemspec :path => '#{tmp.join("foo")}' G - bundle "update --bundler", :verbose => true + bundle "update --bundler", :artifice => "compact_index", :verbose => true expect(the_bundle).to include_gems "foo 1.0", "platform_specific 1.0 JAVA" end diff --git a/spec/bundler/install/gems/dependency_api_spec.rb b/spec/bundler/install/gems/dependency_api_spec.rb index 9738a75474..79317a7fad 100644 --- a/spec/bundler/install/gems/dependency_api_spec.rb +++ b/spec/bundler/install/gems/dependency_api_spec.rb @@ -402,17 +402,6 @@ RSpec.describe "gemcutter's dependency API" do expect(the_bundle).to include_gems "back_deps 1.0" end - it "uses the endpoint if all sources support it" do - gemfile <<-G - source "#{source_uri}" - - gem 'foo' - G - - bundle :install, :artifice => "endpoint_api_missing" - expect(the_bundle).to include_gems "foo 1.0" - end - it "fetches again when more dependencies are found in subsequent sources using deployment mode", :bundler => "< 3" do build_repo2 do build_gem "back_deps" do |s| diff --git a/spec/bundler/install/gems/resolving_spec.rb b/spec/bundler/install/gems/resolving_spec.rb index 4cf57f439e..b0209489b9 100644 --- a/spec/bundler/install/gems/resolving_spec.rb +++ b/spec/bundler/install/gems/resolving_spec.rb @@ -224,6 +224,27 @@ RSpec.describe "bundle install with install-time dependencies" do expect(the_bundle).to include_gems("rack 1.2") end + it "installs the older version when using servers not implementing the compact index API" do + build_repo2 do + build_gem "rack", "1.2" do |s| + s.executables = "rackup" + end + + build_gem "rack", "9001.0.0" do |s| + s.required_ruby_version = "> 9000" + end + end + + install_gemfile <<-G, :artifice => "endpoint", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo2.to_s } + ruby "#{RUBY_VERSION}" + source "http://localgemserver.test/" + gem 'rack' + G + + expect(out).to_not include("rack-9001.0.0 requires ruby version > 9000") + expect(the_bundle).to include_gems("rack 1.2") + end + it "installs the older version under rate limiting conditions" do build_repo4 do build_gem "rack", "9001.0.0" do |s| @@ -284,8 +305,6 @@ RSpec.describe "bundle install with install-time dependencies" do shared_examples_for "ruby version conflicts" do it "raises an error during resolution" do - skip "ruby requirement includes platform and it shouldn't" if Gem.win_platform? - install_gemfile <<-G, :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo2.to_s }, :raise_on_error => false source "http://localgemserver.test/" ruby #{ruby_requirement} @@ -301,8 +320,6 @@ RSpec.describe "bundle install with install-time dependencies" do require_ruby was resolved to 1.0, which depends on Ruby\0 (> 9000) - - Ruby\0 (> 9000), which is required by gem 'require_ruby', is not available in the local ruby installation E expect(err).to end_with(nice_error) end @@ -341,7 +358,15 @@ RSpec.describe "bundle install with install-time dependencies" do G expect(err).to_not include("Gem::InstallError: require_rubygems requires RubyGems version > 9000") - expect(err).to include("require_rubygems-1.0 requires rubygems version > 9000, which is incompatible with the current version, #{Gem::VERSION}") + nice_error = strip_whitespace(<<-E).strip + Bundler found conflicting requirements for the RubyGems\0 version: + In Gemfile: + RubyGems\0 (= #{Gem::VERSION}) + + require_rubygems was resolved to 1.0, which depends on + RubyGems\0 (> 9000) + E + expect(err).to end_with(nice_error) end end end diff --git a/spec/bundler/support/artifice/endpoint_api_missing.rb b/spec/bundler/support/artifice/endpoint_api_missing.rb deleted file mode 100644 index 755c42e836..0000000000 --- a/spec/bundler/support/artifice/endpoint_api_missing.rb +++ /dev/null @@ -1,18 +0,0 @@ -# frozen_string_literal: true - -require_relative "endpoint" - -Artifice.deactivate - -class EndpointApiMissing < Endpoint - get "/fetch/actual/gem/:id" do - warn params[:id] - if params[:id] == "rack-1.0.gemspec.rz" - halt 404 - else - File.binread("#{gem_repo2}/quick/Marshal.4.8/#{params[:id]}") - end - end -end - -Artifice.activate_with(EndpointApiMissing) diff --git a/test/rubygems/helper.rb b/test/rubygems/helper.rb index b1c6b84dc2..d97d930476 100644 --- a/test/rubygems/helper.rb +++ b/test/rubygems/helper.rb @@ -685,10 +685,10 @@ class Gem::TestCase < Test::Unit::TestCase # Load a YAML string, the psych 3 way def load_yaml(yaml) - if YAML.respond_to?(:unsafe_load) - YAML.unsafe_load(yaml) + if Psych.respond_to?(:unsafe_load) + Psych.unsafe_load(yaml) else - YAML.load(yaml) + Psych.load(yaml) end end @@ -696,10 +696,10 @@ class Gem::TestCase < Test::Unit::TestCase # Load a YAML file, the psych 3 way def load_yaml_file(file) - if YAML.respond_to?(:unsafe_load_file) - YAML.unsafe_load_file(file) + if Psych.respond_to?(:unsafe_load_file) + Psych.unsafe_load_file(file) else - YAML.load_file(file) + Psych.load_file(file) end end diff --git a/test/rubygems/test_gem_package.rb b/test/rubygems/test_gem_package.rb index 48dcbee9f1..9172b7eef5 100644 --- a/test/rubygems/test_gem_package.rb +++ b/test/rubygems/test_gem_package.rb @@ -822,7 +822,7 @@ class TestGemPackage < Gem::Package::TarTestCase } tar.add_file 'checksums.yaml.gz', 0444 do |io| Zlib::GzipWriter.wrap io do |gz_io| - gz_io.write YAML.dump bogus_checksums + gz_io.write Psych.dump bogus_checksums end end end @@ -868,7 +868,7 @@ class TestGemPackage < Gem::Package::TarTestCase tar.add_file 'checksums.yaml.gz', 0444 do |io| Zlib::GzipWriter.wrap io do |gz_io| - gz_io.write YAML.dump checksums + gz_io.write Psych.dump checksums end end diff --git a/tool/bundler/rubocop_gems.rb.lock b/tool/bundler/rubocop_gems.rb.lock index 0841db9112..486980390f 100644 --- a/tool/bundler/rubocop_gems.rb.lock +++ b/tool/bundler/rubocop_gems.rb.lock @@ -2,17 +2,17 @@ GEM remote: https://rubygems.org/ specs: ast (2.4.2) - diff-lcs (1.4.4) - minitest (5.14.4) + diff-lcs (1.5.0) + minitest (5.15.0) parallel (1.21.0) - parser (3.0.2.0) + parser (3.1.0.0) ast (~> 2.4.1) power_assert (2.0.1) - rainbow (3.0.0) + rainbow (3.1.1) rake (13.0.6) - rake-compiler (1.1.1) + rake-compiler (1.1.7) rake - regexp_parser (2.1.1) + regexp_parser (2.2.0) rexml (3.2.5) rspec (3.10.0) rspec-core (~> 3.10.0) @@ -27,19 +27,19 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.10.0) rspec-support (3.10.3) - rubocop (1.23.0) + rubocop (1.24.1) parallel (~> 1.10) parser (>= 3.0.0.0) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml - rubocop-ast (>= 1.12.0, < 2.0) + rubocop-ast (>= 1.15.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.13.0) + rubocop-ast (1.15.1) parser (>= 3.0.1.1) ruby-progressbar (1.11.0) - test-unit (3.5.1) + test-unit (3.5.3) power_assert unicode-display_width (2.1.0) diff --git a/tool/bundler/standard_gems.rb.lock b/tool/bundler/standard_gems.rb.lock index 42b12ef2ed..3f46ba78a3 100644 --- a/tool/bundler/standard_gems.rb.lock +++ b/tool/bundler/standard_gems.rb.lock @@ -2,17 +2,17 @@ GEM remote: https://rubygems.org/ specs: ast (2.4.2) - diff-lcs (1.4.4) - minitest (5.14.4) + diff-lcs (1.5.0) + minitest (5.15.0) parallel (1.21.0) - parser (3.0.2.0) + parser (3.1.0.0) ast (~> 2.4.1) power_assert (2.0.1) - rainbow (3.0.0) + rainbow (3.1.1) rake (13.0.6) - rake-compiler (1.1.1) + rake-compiler (1.1.7) rake - regexp_parser (2.1.1) + regexp_parser (2.2.0) rexml (3.2.5) rspec (3.10.0) rspec-core (~> 3.10.0) @@ -27,25 +27,25 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.10.0) rspec-support (3.10.3) - rubocop (1.22.3) + rubocop (1.24.1) parallel (~> 1.10) parser (>= 3.0.0.0) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml - rubocop-ast (>= 1.12.0, < 2.0) + rubocop-ast (>= 1.15.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.13.0) + rubocop-ast (1.15.1) parser (>= 3.0.1.1) - rubocop-performance (1.11.5) + rubocop-performance (1.13.1) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) ruby-progressbar (1.11.0) - standard (1.4.0) - rubocop (= 1.22.3) - rubocop-performance (= 1.11.5) - test-unit (3.5.1) + standard (1.6.0) + rubocop (= 1.24.1) + rubocop-performance (= 1.13.1) + test-unit (3.5.3) power_assert unicode-display_width (2.1.0) |