| Age | Commit message (Collapse) | Author |
|---|
|
aren't writable:
- ### Problem
Running `bundle doctor` warn about files that aren't writable.
This makes the output of `bundle doctor` very verbose for something
I believe isn't really an issue.
### Context
Rubygems keeps the files original permission at the time the gem
is packaged.
Many gem maintainers have decided that the permissions of the files
in their bundled would be 0444, this includes amongst others:
minitest, selenium, brakeman...
Any git gems that had a 0444 permissions at some point in its git
history would also be reported (as bundle doctor look in the
`cache/bundler/git/<gem>/object` path).
While it completely make sense to report when files aren't readable,
maybe it's worth questioning the usefulness of reporting files
that can't be written and what problem this causes to the user
(if any).
### Solution
Removed the check for unwritable file.
### Side note
I also tweaked the "No issues ..." message logic as it was doing
the opposite (reporting an issue when there is none and vice versa).
This wasn't caught in tests because as a stub on `Bundler.ui.info`
was missing.
https://github.com/rubygems/rubygems/commit/9a426b9495
Notes:
Merged: https://github.com/ruby/ruby/pull/12804
|
|
Notes:
Merged-By: ioquatix <samuel@codeotaku.com>
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/12790
|
|
protected folders
As long as there's nothing new to install and gems are already there.
If not, give a meaningful error about what happened.
This was how things already worked until
https://github.com/rubygems/rubygems/commit/345ec45f5a87, so this commit partially
reverts that change.
https://github.com/rubygems/rubygems/commit/794b0ecb39
|
|
https://github.com/rubygems/rubygems/commit/24d4281d86
|
|
https://github.com/rubygems/rubygems/commit/677e17aa2e
|
|
being created
https://github.com/rubygems/rubygems/commit/f2f2ac9680
|
|
Unfortunately this requires reverting a previous enhancement of
reinstalling gems if they incorrectly ship with an empty installation
dir.
However, there's no way to distinguish this kind of bad state from a gem
that's empty for real, for example, sorbet-static-and-runtime.
This reverts commit https://github.com/rubygems/rubygems/commit/9720a9b980d2, and adds a
spec to make sure empty gems are not reinstalled every time.
https://github.com/rubygems/rubygems/commit/7c102394af
|
|
Real gems hardly ever do this, so don't do it ourselves for testing
either.
https://github.com/rubygems/rubygems/commit/2c8960cfb4
|
|
Also, Binding#local_variable_get and #local_variable_set rejects an
access to numbered parameters.
[Bug #20965] [Bug #21049]
Notes:
Merged: https://github.com/ruby/ruby/pull/12746
|
|
Sometimes security reports believe they have found a vulnerability
because they find a domain we don't own being used in the rubygems
repository. Though there is nothing vulnerable about using 'fake'
domains in tests when they are never hit, it nonetheless reduces
confusion for everyone if we constrain our test domains to domains
we actually own and control.
https://github.com/rubygems/rubygems/commit/e77ebbe2fc
|
|
There's no reason to call `converge_specs` when adding additional
lower bound requirements to prevent downgrades, and it actually causes
the extra requirements to be missed sometimes.
Loop over the originally locked specs directly, adding the additional
precaution of not adding the requirement if the Gemfile dependency has
changed and it no longer matches the locked spec.
https://github.com/rubygems/rubygems/commit/5154506912
|
|
To make it consistent with the spec above it.
https://github.com/rubygems/rubygems/commit/9a00bf8db9
|
|
are incorrect
Resolver had internal logic to prioritize locked versions when sorting
versions, however part of it was not being actually hit because of how
unlocking worked in the resolver: a package was allow to be unlocked
when that was explicit requested or when the list of unlocks was empty.
That did not make a lot of sense and other cases were working because
the explicit list of unlocks was getting "artificially filled".
Now we consider a package unlocked when explicitly requested (`bundle
update <package>`), or when everything is being unlocked (`bundle
install` with no lockfile or `bundle update`).
This makes things simpler and gets the edge case added as a test case
working as expected.
https://github.com/rubygems/rubygems/commit/b8e55087f0
|
|
https://github.com/rubygems/rubygems/commit/ffabab65f2
|
|
https://github.com/rubygems/rubygems/commit/8cbe6573b4
|
|
Bundler does not really have a concept of "development dependencies",
like RubyGems has. Bundler has the more generic concept of "groups".
Under the hood, the `gemspec` DSL will put gemspec development
dependencies under a `:development` Gemfile group, but there's no reason
to instantiate these as development dependencies, they are regular
runtime dependencies, except that they belong in a group named
:development.
By never instantiating development dependencies at all, we avoid having
to introduce hacks to "undo" the type Bundler does not know about, and I
also think the error messages read better.
https://github.com/rubygems/rubygems/commit/9a06fa5bda
|
|
And avoid installing any gems.
https://github.com/rubygems/rubygems/commit/c12700c7e4
|
|
Bundler DSL, in favor of using `platform :windows`
This commit is only deprecation and does not change/remove any actual functionality.
https://github.com/rubygems/rubygems/commit/0ca6dc3984
|
|
https://github.com/rubygems/rubygems/commit/aee52d2874
Co-authored-by: johnnyshields <27655+johnnyshields@users.noreply.github.com>
|
|
Otherwise it doesn't work as expected and it may skip specs.
https://github.com/rubygems/rubygems/commit/d6af077174
|
|
These should always run.
https://github.com/rubygems/rubygems/commit/0818eb104f
|
|
https://github.com/rubygems/rubygems/commit/de8b3016db
|
|
gems are available locally
Filtering out remote specs should only apply where there are locally
installed specs. Otherwise they should always be considered.
https://github.com/rubygems/rubygems/commit/118f8389a1
|
|
When Bundler refuses to install in frozen mode, sometimes it would
incorrectly claim that some dependencies have been added to the Gemfile
when that's not really the case. Fix that by making sure
`locked_dependencies` always has all locked dependencies, even when
unlocking,
Additionally, the suggestion to run `bundle install` is also confusing
when unlocking, since `bundle update` is what has been run. So skip that
part as well when unlocking.
https://github.com/rubygems/rubygems/commit/64d84ad7d8
|
|
options
https://github.com/rubygems/rubygems/commit/5b6077a1e8
|
|
This feature is not really deprecated, it's removed.
https://github.com/rubygems/rubygems/commit/e7f5f061f5
|
|
Platforms specific gems not compatible with the current Ruby should not
make `bundle cache` fail and should not get removed from the cache since
they still may be useful in other rubies.
https://github.com/rubygems/rubygems/commit/717b43f565
|
|
definition
https://github.com/rubygems/rubygems/commit/d24d0b5c43
|
|
for reading
Notes:
Merged: https://github.com/ruby/ruby/pull/12710
|
|
https://github.com/rubygems/rubygems/commit/9720a9b980
|
|
The previous wording was too specific, there may be situations when the
gem has actually never installed (so never deleted either).
https://github.com/rubygems/rubygems/commit/e4a0d71fbe
|
|
Currently evenn if the require actually fails, they suggest that the
file was actually loaded, which is confusing. I reworded them to reduce
this confusion.
|
|
Most of the stuff is not actually necessary.
|
|
If anything, I think this may be causing some false positives.
|
|
methods:
- Follow up to https://github.com/rubygems/rubygems/pull/8430#discussion_r1927239555.
The maglev platform was not supported by Bundler, so calling
`gem "foo", platforms: ["maglev"]` would raise an error.
The helpers added in the `CurrentRuby` class were used at a time
when maglev was supported (as explained in https://github.com/rubygems/rubygems/commit/45ec86e2e528).
Support of maglev was most likely dropped at some point and the helpers
in the `CurrentRuby` class were not deprecated/removed.
We decided to deprecate them now.
https://github.com/rubygems/rubygems/commit/66388babf8
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/12616
|
|
* Move out from quarantine a Marshal.dump spec for Float
Co-authored-by: Benoit Daloze <eregontp@gmail.com>
Notes:
Merged-By: eregon <eregontp@gmail.com>
|
|
When a positive integer limit is given, `rand` method of a RNG object
is expected to return a value between 0 and the limit (exclusive).
Fix shuffle_spec.rb like as the similar code in sample_spec.rb, and
add tests for greater values.
TODO:
- Return a value that is equal to or greater than the limit given to
the RNG object.
- Extract common code about RNG objects to a shared file.
Notes:
Merged: https://github.com/ruby/ruby/pull/12690
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/12682
|
|
|
|
https://github.com/rubygems/rubygems/commit/f9bf58573f
|
|
https://github.com/rubygems/rubygems/commit/770b19d859
|
|
- Similar change than https://github.com/rubygems/rubygems/commit/29a1be0008e6,
keep a single source of truth where we store the platform.
The only change worth highlighing is the platform "maglev".
It was not part of the supported platform of dependencies,
so calling `gem 'foo', plaftorm: 'maglev'` would not work.
However, it was supposed to according to https://github.com/rubygems/rubygems/commit/45ec86e2e528.
That's why it was possible to do `Bundler.current_ruby.maglev?` or
`Bundler.current_ruby.maglev_30?`.
I didn't change the current behaviour and maglev is not supported,
though I kept the `*maglev` methods as I believe CurrentRuby is
public API.
https://github.com/rubygems/rubygems/commit/29e219ebcf
|
|
- Fix https://github.com/rubygems/rubygems/pull/8427
- Similar to https://github.com/rubygems/rubygems/commit/7cd19d824d17.
Tweaked a bit the test supposed to prevent this error by checking
whether the dep respond to these methods.
https://github.com/rubygems/rubygems/commit/62012eaeb6
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/12679
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/12679
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/12679
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/12675
|
|
But we stub-out GEM_HOME variable for test-bundled-gems and others on ruby/ruby. It means
the installation path mismatched with GEM_HOME variable always. We can't test this example
collectly.
```
1)
Gem.bin_path finds executables of default gems, which are the only files shipped for default gems FAILED
Expected File.exist? "/Users/hsbt/Documents/github.com/ruby/ruby/.bundle/gems/bundler-2.7.0.dev/exe/bundle"
to be truthy but was false
```
|
