From 865221f0ba69f07f700e06b2d2f0a859a01dd233 Mon Sep 17 00:00:00 2001 From: Hiroshi SHIBATA Date: Mon, 28 Jun 2021 19:25:33 +0900 Subject: Merge RubyGems-3.2.21 and Bundler-2.2.21 --- lib/bundler.rb | 2 +- lib/bundler/cli/install.rb | 13 ++- lib/bundler/definition.rb | 18 ++-- lib/bundler/feature_flag.rb | 1 - lib/bundler/fetcher/compact_index.rb | 2 +- lib/bundler/installer.rb | 9 +- lib/bundler/resolver.rb | 2 + lib/bundler/settings.rb | 8 +- lib/bundler/source/rubygems.rb | 6 +- lib/bundler/source_list.rb | 6 +- lib/bundler/templates/newgem/newgem.gemspec.tt | 2 +- lib/bundler/version.rb | 2 +- lib/rubygems.rb | 2 +- lib/rubygems/config_file.rb | 2 +- lib/rubygems/request.rb | 2 +- lib/rubygems/util/licenses.rb | 109 ++++++++++++++++++++++++- 16 files changed, 147 insertions(+), 39 deletions(-) (limited to 'lib') diff --git a/lib/bundler.rb b/lib/bundler.rb index b2363a25f4..8b9e870f7b 100644 --- a/lib/bundler.rb +++ b/lib/bundler.rb @@ -198,7 +198,7 @@ module Bundler def frozen_bundle? frozen = settings[:deployment] - frozen ||= settings[:frozen] unless feature_flag.deployment_means_frozen? + frozen ||= settings[:frozen] frozen end diff --git a/lib/bundler/cli/install.rb b/lib/bundler/cli/install.rb index c702eb14d1..47c1da10e7 100644 --- a/lib/bundler/cli/install.rb +++ b/lib/bundler/cli/install.rb @@ -33,12 +33,8 @@ module Bundler options[:local] = true if Bundler.app_cache.exist? - if Bundler.feature_flag.deployment_means_frozen? - Bundler.settings.set_command_option :deployment, true - else - Bundler.settings.set_command_option :deployment, true if options[:deployment] - Bundler.settings.set_command_option :frozen, true if options[:frozen] - end + Bundler.settings.set_command_option :deployment, true if options[:deployment] + Bundler.settings.set_command_option :frozen, true if options[:frozen] end # When install is called with --no-deployment, disable deployment mode @@ -62,7 +58,10 @@ module Bundler definition.validate_runtime! installer = Installer.install(Bundler.root, definition, options) - Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle? + + Bundler.settings.temporary(:cache_all_platforms => options[:local] ? false : Bundler.settings[:cache_all_platforms]) do + Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle? + end Bundler.ui.confirm "Bundle complete! #{dependencies_count_for(definition)}, #{gems_installed_for(definition)}." Bundler::CLI::Common.output_without_groups_message(:install) diff --git a/lib/bundler/definition.rb b/lib/bundler/definition.rb index bc75e83908..274b558c1b 100644 --- a/lib/bundler/definition.rb +++ b/lib/bundler/definition.rb @@ -107,12 +107,14 @@ module Bundler end @locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) } - @disable_multisource = @locked_gem_sources.all?(&:disable_multisource?) + @multisource_allowed = @locked_gem_sources.any?(&:multiple_remotes?) && (sources.aggregate_global_source? || Bundler.frozen_bundle?) - unless @disable_multisource - msg = "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. You should run `bundle update` or generate your lockfile from scratch." + if @multisource_allowed + unless sources.aggregate_global_source? + msg = "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. Make sure you run `bundle install` in non frozen mode and commit the result to make your lockfile secure." - Bundler::SharedHelpers.major_deprecation 2, msg + Bundler::SharedHelpers.major_deprecation 2, msg + end @sources.merged_gem_lockfile_sections! end @@ -156,8 +158,8 @@ module Bundler end end - def disable_multisource? - @disable_multisource + def multisource_allowed? + @multisource_allowed end def resolve_only_locally! @@ -510,7 +512,7 @@ module Bundler private def precompute_source_requirements_for_indirect_dependencies? - sources.non_global_rubygems_sources.all?(&:dependency_api_available?) && sources.no_aggregate_global_source? + sources.non_global_rubygems_sources.all?(&:dependency_api_available?) && !sources.aggregate_global_source? end def current_ruby_platform_locked? @@ -627,7 +629,7 @@ module Bundler end def converge_rubygems_sources - return false if disable_multisource? + return false unless multisource_allowed? return false if locked_gem_sources.empty? diff --git a/lib/bundler/feature_flag.rb b/lib/bundler/feature_flag.rb index 53d76b8ae8..aee127ba80 100644 --- a/lib/bundler/feature_flag.rb +++ b/lib/bundler/feature_flag.rb @@ -31,7 +31,6 @@ module Bundler settings_flag(:auto_clean_without_path) { bundler_3_mode? } settings_flag(:cache_all) { bundler_3_mode? } settings_flag(:default_install_uses_path) { bundler_3_mode? } - settings_flag(:deployment_means_frozen) { bundler_3_mode? } settings_flag(:forget_cli_options) { bundler_3_mode? } settings_flag(:global_gem_cache) { bundler_3_mode? } settings_flag(:path_relative_to_cwd) { bundler_3_mode? } diff --git a/lib/bundler/fetcher/compact_index.rb b/lib/bundler/fetcher/compact_index.rb index 0304155bdd..bc69b884ec 100644 --- a/lib/bundler/fetcher/compact_index.rb +++ b/lib/bundler/fetcher/compact_index.rb @@ -111,7 +111,7 @@ module Bundler def bundle_worker(func = nil) @bundle_worker ||= begin worker_name = "Compact Index (#{display_uri.host})" - Bundler::Worker.new(Bundler.current_ruby.rbx? ? 1 : 25, worker_name, func) + Bundler::Worker.new(Bundler.settings.processor_count, worker_name, func) end @bundle_worker.tap do |worker| worker.instance_variable_set(:@func, func) if func diff --git a/lib/bundler/installer.rb b/lib/bundler/installer.rb index 09c8b1c157..a88fb91cb5 100644 --- a/lib/bundler/installer.rb +++ b/lib/bundler/installer.rb @@ -222,14 +222,7 @@ module Bundler # Parallelization has some issues on Windows, so it's not yet the default return 1 if Gem.win_platform? - processor_count - end - - def processor_count - require "etc" - Etc.nprocessors - rescue StandardError - 1 + Bundler.settings.processor_count end def load_plugins diff --git a/lib/bundler/resolver.rb b/lib/bundler/resolver.rb index 9a25e49d4b..fac5070619 100644 --- a/lib/bundler/resolver.rb +++ b/lib/bundler/resolver.rb @@ -30,8 +30,10 @@ module Bundler @resolver = Molinillo::Resolver.new(self, self) @search_for = {} @base_dg = Molinillo::DependencyGraph.new + aggregate_global_source = @source_requirements[:default].is_a?(Source::RubygemsAggregate) @base.each do |ls| dep = Dependency.new(ls.name, ls.version) + ls.source = source_for(ls.name) unless aggregate_global_source @base_dg.add_vertex(ls.name, DepProxy.get_proxy(dep, ls.platform), true) end additional_base_requirements.each {|d| @base_dg.add_vertex(d.name, d) } diff --git a/lib/bundler/settings.rb b/lib/bundler/settings.rb index 11227314a7..13fcb447d0 100644 --- a/lib/bundler/settings.rb +++ b/lib/bundler/settings.rb @@ -16,7 +16,6 @@ module Bundler clean default_install_uses_path deployment - deployment_means_frozen disable_checksum_validation disable_exec_load disable_local_branch_check @@ -210,6 +209,13 @@ module Bundler locations end + def processor_count + require "etc" + Etc.nprocessors + rescue StandardError + 1 + end + # for legacy reasons, in Bundler 2, we do not respect :disable_shared_gems def path configs.each do |_level, settings| diff --git a/lib/bundler/source/rubygems.rb b/lib/bundler/source/rubygems.rb index 590c3ec939..0e9b4e02a5 100644 --- a/lib/bundler/source/rubygems.rb +++ b/lib/bundler/source/rubygems.rb @@ -67,12 +67,12 @@ module Bundler o.is_a?(Rubygems) && (o.credless_remotes - credless_remotes).empty? end - def disable_multisource? - @remotes.size <= 1 + def multiple_remotes? + @remotes.size > 1 end def can_lock?(spec) - return super if disable_multisource? + return super unless multiple_remotes? spec.source.is_a?(Rubygems) end diff --git a/lib/bundler/source_list.rb b/lib/bundler/source_list.rb index 584d693dea..9a7f0ea0a2 100644 --- a/lib/bundler/source_list.rb +++ b/lib/bundler/source_list.rb @@ -32,8 +32,8 @@ module Bundler @merged_gem_lockfile_sections = true end - def no_aggregate_global_source? - global_rubygems_source.remotes.size <= 1 + def aggregate_global_source? + global_rubygems_source.multiple_remotes? end def add_path_source(options = {}) @@ -185,6 +185,8 @@ module Bundler end def equal_source?(source, other_source) + return source.include?(other_source) if source.is_a?(Source::Rubygems) && other_source.is_a?(Source::Rubygems) && !merged_gem_lockfile_sections? + source == other_source end diff --git a/lib/bundler/templates/newgem/newgem.gemspec.tt b/lib/bundler/templates/newgem/newgem.gemspec.tt index 7032004076..91ce856bff 100644 --- a/lib/bundler/templates/newgem/newgem.gemspec.tt +++ b/lib/bundler/templates/newgem/newgem.gemspec.tt @@ -16,7 +16,7 @@ Gem::Specification.new do |spec| <%- end -%> spec.required_ruby_version = ">= <%= config[:required_ruby_version] %>" - spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'" + spec.metadata["allowed_push_host"] = "TODO: Set to 'https://mygemserver.com'" spec.metadata["homepage_uri"] = spec.homepage spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here." diff --git a/lib/bundler/version.rb b/lib/bundler/version.rb index 4302fb9892..1c34797243 100644 --- a/lib/bundler/version.rb +++ b/lib/bundler/version.rb @@ -1,7 +1,7 @@ # frozen_string_literal: false module Bundler - VERSION = "2.2.20".freeze + VERSION = "2.2.21".freeze def self.bundler_major_version @bundler_major_version ||= VERSION.split(".").first.to_i diff --git a/lib/rubygems.rb b/lib/rubygems.rb index 57d0140d8b..9d16f6ecf8 100644 --- a/lib/rubygems.rb +++ b/lib/rubygems.rb @@ -8,7 +8,7 @@ require 'rbconfig' module Gem - VERSION = "3.2.20".freeze + VERSION = "3.2.21".freeze end # Must be first since it unloads the prelude from 1.9.2 diff --git a/lib/rubygems/config_file.rb b/lib/rubygems/config_file.rb index 9dc41a2995..3746d7aab0 100644 --- a/lib/rubygems/config_file.rb +++ b/lib/rubygems/config_file.rb @@ -320,7 +320,7 @@ if you believe they were disclosed to a third party. config = load_file(credentials_path).merge(host => api_key) dirname = File.dirname credentials_path - Dir.mkdir(dirname) unless File.exist? dirname + FileUtils.mkdir_p(dirname) unless File.exist? dirname Gem.load_yaml diff --git a/lib/rubygems/request.rb b/lib/rubygems/request.rb index 1ed0fbcb99..5bda0b2e5e 100644 --- a/lib/rubygems/request.rb +++ b/lib/rubygems/request.rb @@ -44,7 +44,7 @@ class Gem::Request end def self.configure_connection_for_https(connection, cert_files) - raise Gem::Exception.new('OpenSSl is not available. Install OpenSSL and rebuild Ruby (preferred) or use non-HTTPS sources') unless Gem::HAVE_OPENSSL + raise Gem::Exception.new('OpenSSL is not available. Install OpenSSL and rebuild Ruby (preferred) or use non-HTTPS sources') unless Gem::HAVE_OPENSSL connection.use_ssl = true connection.verify_mode = diff --git a/lib/rubygems/util/licenses.rb b/lib/rubygems/util/licenses.rb index 29bf310ea0..98cbd8929b 100644 --- a/lib/rubygems/util/licenses.rb +++ b/lib/rubygems/util/licenses.rb @@ -18,6 +18,8 @@ class Gem::Licenses AFL-2.1 AFL-3.0 AGPL-1.0 + AGPL-1.0-only + AGPL-1.0-or-later AGPL-3.0 AGPL-3.0-only AGPL-3.0-or-later @@ -25,6 +27,7 @@ class Gem::Licenses AML AMPAS ANTLR-PD + ANTLR-PD-fallback APAFML APL-1.0 APSL-1.0 @@ -48,29 +51,41 @@ class Gem::Licenses BSD-2-Clause-FreeBSD BSD-2-Clause-NetBSD BSD-2-Clause-Patent + BSD-2-Clause-Views BSD-3-Clause BSD-3-Clause-Attribution BSD-3-Clause-Clear BSD-3-Clause-LBNL + BSD-3-Clause-Modification + BSD-3-Clause-No-Military-License BSD-3-Clause-No-Nuclear-License BSD-3-Clause-No-Nuclear-License-2014 BSD-3-Clause-No-Nuclear-Warranty + BSD-3-Clause-Open-MPI BSD-4-Clause + BSD-4-Clause-Shortened BSD-4-Clause-UC BSD-Protection BSD-Source-Code BSL-1.0 + BUSL-1.1 Bahyph Barr Beerware BitTorrent-1.0 BitTorrent-1.1 + BlueOak-1.0.0 Borceux + C-UDA-1.0 + CAL-1.0 + CAL-1.0-Combined-Work-Exception CATOSL-1.1 CC-BY-1.0 CC-BY-2.0 CC-BY-2.5 CC-BY-3.0 + CC-BY-3.0-AT + CC-BY-3.0-US CC-BY-4.0 CC-BY-NC-1.0 CC-BY-NC-2.0 @@ -81,6 +96,7 @@ class Gem::Licenses CC-BY-NC-ND-2.0 CC-BY-NC-ND-2.5 CC-BY-NC-ND-3.0 + CC-BY-NC-ND-3.0-IGO CC-BY-NC-ND-4.0 CC-BY-NC-SA-1.0 CC-BY-NC-SA-2.0 @@ -94,12 +110,17 @@ class Gem::Licenses CC-BY-ND-4.0 CC-BY-SA-1.0 CC-BY-SA-2.0 + CC-BY-SA-2.0-UK + CC-BY-SA-2.1-JP CC-BY-SA-2.5 CC-BY-SA-3.0 + CC-BY-SA-3.0-AT CC-BY-SA-4.0 + CC-PDDC CC0-1.0 CDDL-1.0 CDDL-1.1 + CDL-1.0 CDLA-Permissive-1.0 CDLA-Sharing-1.0 CECILL-1.0 @@ -108,6 +129,11 @@ class Gem::Licenses CECILL-2.1 CECILL-B CECILL-C + CERN-OHL-1.1 + CERN-OHL-1.2 + CERN-OHL-P-2.0 + CERN-OHL-S-2.0 + CERN-OHL-W-2.0 CNRI-Jython CNRI-Python CNRI-Python-GPL-Compatible @@ -123,12 +149,14 @@ class Gem::Licenses Cube D-FSL-1.0 DOC + DRL-1.0 DSDP Dotseqn ECL-1.0 ECL-2.0 EFL-1.0 EFL-2.0 + EPICS EPL-1.0 EPL-2.0 EUDatagrid @@ -144,17 +172,32 @@ class Gem::Licenses FTL Fair Frameworx-1.0 + FreeBSD-DOC FreeImage + GD GFDL-1.1 + GFDL-1.1-invariants-only + GFDL-1.1-invariants-or-later + GFDL-1.1-no-invariants-only + GFDL-1.1-no-invariants-or-later GFDL-1.1-only GFDL-1.1-or-later GFDL-1.2 + GFDL-1.2-invariants-only + GFDL-1.2-invariants-or-later + GFDL-1.2-no-invariants-only + GFDL-1.2-no-invariants-or-later GFDL-1.2-only GFDL-1.2-or-later GFDL-1.3 + GFDL-1.3-invariants-only + GFDL-1.3-invariants-or-later + GFDL-1.3-no-invariants-only + GFDL-1.3-no-invariants-or-later GFDL-1.3-only GFDL-1.3-or-later GL2PS + GLWTPL GPL-1.0 GPL-1.0+ GPL-1.0-only @@ -178,7 +221,10 @@ class Gem::Licenses Glide Glulxe HPND + HPND-sell-variant + HTMLTIDY HaskellReport + Hippocratic-2.1 IBM-pibs ICU IJG @@ -191,6 +237,7 @@ class Gem::Licenses Intel Intel-ACPI Interbase-1.0 + JPNIC JSON JasPer-2.0 LAL-1.2 @@ -221,11 +268,15 @@ class Gem::Licenses LiLiQ-R-1.1 LiLiQ-Rplus-1.1 Libpng + Linux-OpenIB MIT + MIT-0 MIT-CMU + MIT-Modern-Variant MIT-advertising MIT-enna MIT-feh + MIT-open-group MITNFA MPL-1.0 MPL-1.1 @@ -237,12 +288,18 @@ class Gem::Licenses MakeIndex MirOS Motosoto + MulanPSL-1.0 + MulanPSL-2.0 Multics Mup + NAIST-2003 NASA-1.3 NBPL-1.0 + NCGL-UK-2.0 NCSA NGPL + NIST-PD + NIST-PD-fallback NLOD-1.0 NLPL NOSL @@ -251,6 +308,7 @@ class Gem::Licenses NPOSL-3.0 NRL NTP + NTP-0 Naumen Net-SNMP NetCDF @@ -258,11 +316,23 @@ class Gem::Licenses Nokia Noweb Nunit + O-UDA-1.0 OCCT-PL OCLC-2.0 + ODC-By-1.0 ODbL-1.0 OFL-1.0 + OFL-1.0-RFN + OFL-1.0-no-RFN OFL-1.1 + OFL-1.1-RFN + OFL-1.1-no-RFN + OGC-1.0 + OGDL-Taiwan-1.0 + OGL-Canada-2.0 + OGL-UK-1.0 + OGL-UK-2.0 + OGL-UK-3.0 OGTSL OLDAP-1.1 OLDAP-1.2 @@ -292,7 +362,12 @@ class Gem::Licenses PDDL-1.0 PHP-3.0 PHP-3.01 + PSF-2.0 + Parity-6.0.0 + Parity-7.0.0 Plexus + PolyForm-Noncommercial-1.0.0 + PolyForm-Small-Business-1.0.0 PostgreSQL Python-2.0 QPL-1.0 @@ -310,15 +385,21 @@ class Gem::Licenses SGI-B-1.0 SGI-B-1.1 SGI-B-2.0 + SHL-0.5 + SHL-0.51 SISSL SISSL-1.2 SMLNJ SMPPL SNIA SPL-1.0 + SSH-OpenSSH + SSH-short + SSPL-1.0 SWL Saxpath Sendmail + Sendmail-8.23 SimPL-2.0 Sleepycat Spencer-86 @@ -326,11 +407,15 @@ class Gem::Licenses Spencer-99 StandardML-NJ SugarCRM-1.1.3 + TAPR-OHL-1.0 TCL TCP-wrappers TMate TORQUE-1.1 TOSL + TU-Berlin-1.0 + TU-Berlin-2.0 + UCL-1.0 UPL-1.0 Unicode-DFS-2015 Unicode-DFS-2016 @@ -360,16 +445,22 @@ class Gem::Licenses Zimbra-1.3 Zimbra-1.4 Zlib + blessing bzip2-1.0.5 bzip2-1.0.6 + copyleft-next-0.3.0 + copyleft-next-0.3.1 curl diffmark dvipdfm eCos-2.0 eGenix + etalab-2.0 gSOAP-1.3b gnuplot iMatix + libpng-2.0 + libselinux-1.0 libtiff mpich2 psfrag @@ -395,12 +486,26 @@ class Gem::Licenses Font-exception-2.0 GCC-exception-2.0 GCC-exception-3.1 + GPL-3.0-linking-exception + GPL-3.0-linking-source-exception + GPL-CC-1.0 + LGPL-3.0-linking-exception + LLVM-exception LZMA-exception Libtool-exception Linux-syscall-note Nokia-Qt-exception-1.1 OCCT-exception-1.0 + OCaml-LGPL-linking-exception + OpenJDK-assembly-exception-1.0 + PS-or-PDF-font-exception-20170817 + Qt-GPL-exception-1.0 + Qt-LGPL-exception-1.1 Qwt-exception-1.0 + SHL-2.0 + SHL-2.1 + Swift-exception + Universal-FOSS-exception-1.0 WxWindows-exception-3.1 eCos-exception-2.0 freertos-exception-2.0 @@ -413,10 +518,10 @@ class Gem::Licenses REGEXP = %r{ \A - ( + (?: #{Regexp.union(LICENSE_IDENTIFIERS)} \+? - (\s WITH \s #{Regexp.union(EXCEPTION_IDENTIFIERS)})? + (?:\s WITH \s #{Regexp.union(EXCEPTION_IDENTIFIERS)})? | #{NONSTANDARD} ) \Z -- cgit v1.2.3