| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
https://github.com/rubygems/rubygems/commit/bb66253f2c
|
|
|
|
|
|
|
|
|
| |
Looks for the CHECKSUMS section in the lockfile, activating the feature
only if the section exists. Without a CHECKSUMS section, Bundler will
continue as normal, validating checksums when gems are installed while
checksums from the compact index are present.
https://github.com/rubygems/rubygems/commit/2353cc93a4
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/93619c97ff
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we started locking the specific platform in the lockfile, that has
created an annoying situation for users that don't develop on Linux.
They will create a lockfile on their machines, locking their local
platform, for example, darwin. But then that lockfile won't work
automatically when deploying to Heroku for example, because the lockfile
is frozen and the Linux platform is not included.
There's the chance though that resolving against two platforms (Linux +
the local platform) won't succeed while resolving for just the current
platform will. So, instead, we check other platform specific variants
available for the resolution we initially found, and lock those
platforms and specs too if they satisfy the resolution.
This is only done when generating new lockfiles from scratch, existing
lockfiles should keep working as before, and it's only done for "ruby
platforms", i.e., not Java or Windows which have their own complexities,
and so are excluded.
With this change, we expect that MacOS users can bundle locally and
deploy to Heroku without needing to do anything special.
https://github.com/rubygems/rubygems/commit/5f24f06bc5
|
|
|
|
|
|
|
|
| |
compatibility.
Save checksums using = as separator.
https://github.com/rubygems/rubygems/commit/a36ad7d160
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improve error reporting for checksums, raises a new error class.
Solve for multi-source checksum errors.
Add CHECKSUMS to tool/bundler/(dev|standard|rubocop)26_gems.rb
https://github.com/rubygems/rubygems/commit/26ceee0e76
Co-authored-by: Samuel Giddins <segiddins@segiddins.me>
|
|
|
|
|
|
|
| |
code.
(https://github.com/rubygems/rubygems/pull/6917)
https://github.com/rubygems/rubygems/commit/2238bdaadc
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
if possible
1. Use the checksum provided by the server if provided: provides security
knowing if the gem you downloaded matches the gem on the server
2. Calculate the checksum from the gem on disk: provides security knowing
if the gem has changed between installs
3. In some cases, neither is possible in which case we don't put anything
in the checksum and we maintain functionality as it is today
Add the checksums to specs in the index if we already have them
Prior to checksums, we didn't lose any information when overwriting specs
in the index with stubs. But now when we overwrite EndpointSpecifications
or RemoteSpecifications with more generic specs, we could lose checksum
info. This manually sets checksum info so we keep it in the index.
https://github.com/rubygems/rubygems/commit/de00a4f153
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We lock the checksum for each resolved spec under a new CHECKSUMS
section in the lockfile.
If the locked spec does not resolve for the local platform, we preserve
the locked checksum, similar to how we preserve specs.
Checksum locking only makes sense on install. The compact index
information is only available then.
https://github.com/rubygems/rubygems/commit/bde37ca6bf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
remote gemfiles
If a legacy multi remote Gemfile depends transitively on a default gem,
then in standalone mode we'd fail to fetch the proper version from the
source that includes it, since we were adding it to `specs` (instead of
`remote_specs`), which was already including the default version of the
gem, and thus preventing the remote version from "overwriting that" and
being added to the index. We should add it to the `remote_specs` index
directly instead.
https://github.com/rubygems/rubygems/commit/05f4f9dfc0
|
|
|
|
|
|
|
|
|
|
| |
On legacy Gemfiles with multiple remote sources, where all of them
support the compact index API, we were still falling back to full
indexes.
Fixing this also allows to simplifying the code.
https://github.com/rubygems/rubygems/commit/b1357c8e72
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/258476c38a
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/86b574824d
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/3139587be9
|
|
|
|
|
|
|
|
|
| |
* Replaces the wording of "is forbidden" with "cannot be used"
* Fixes the method signature of VersionRange::Empty#eql?
https://github.com/rubygems/rubygems/commit/8c6b3f130b
Co-authored-by: Daniel Colson <danieljamescolson@gmail.com>
|
|
|
|
| |
from https://github.com/rubygems/rubygems/commit/0635c1423db5d7c461d53bf0c3329bca75de7609
|
|
|
|
|
|
| |
https://github.com/rubygems/rubygems/pull/5960
Co-authored-by: David Rodríguez <deivid.rodriguez@riseup.net>
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/16c3535413afebcdbab7582c6017c27b5da8a8dc
|
|
|
|
| |
Merge from https://github.com/rubygems/rubygems/commit/2af2520b4a7ab1c6eb1fdc3d2ef4d8c062d96ad7
|
|
|
|
|
|
|
|
|
|
|
| |
Generally this warning is skipped for gemspec development dependencies.
I think because it's common to override them in the Gemfile to change
the source, for example.
But the order of conditions was not correct and the warning was still
being printed in one case.
https://github.com/rubygems/rubygems/commit/da9d1d6a3f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A while ago, we fixed resolution when using old dependency endpoints to
also consider metadata dependencies, by requesting the full gemspec from
the marsahaled index, which includes this information as opposed to
these old APIs. This has made resolution slower, but correct, but also
introduced the issue that some old marshaled gemspecs don't include the
`required_rubygems_version` field because they were created with a
RubyGems version that predates its addition.
Use a default value in this case.
https://github.com/rubygems/rubygems/commit/5dc94afcc0
Co-authored-by: Ilya Dudarenko <i.dudarenko@tinkoff.ru>
|
|
|
|
|
|
| |
required_rubygems_version
https://github.com/rubygems/rubygems/commit/91f07a0208
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have two representations of a source. Once used for sorting, which
should not depend on the source's state, but solely on its static
information, like remotes. Another one used for error and informational
messages, which should properly inform about the exact state of the
source when the message is printed.
This commit makes the latter be the default implementation of `to_s`, so
that error and informational messages are more accurate by default.
https://github.com/rubygems/rubygems/commit/b5f2b88957
|
| |
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/06f5efce02
|
|
|
|
|
|
|
| |
It doesn't really add much, in my opinion. We want to be helpful, but
also concise when possible.
https://github.com/rubygems/rubygems/commit/9d56009cf7
|
|
|
|
|
|
| |
This is in preparation for deprecating source-less gemfiles.
https://github.com/rubygems/rubygems/commit/d6493fa3e2
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
55634a8af18a52df86c4275d70fa1179118bcc20
|
| |
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/27e0e4ecb6
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/4d1a0c465a
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/746a4b3d74
|
|
|
|
| |
https://github.com/rubygems/rubygems/commit/ade0c441d5
|
|
|
|
|
|
|
| |
The inner specs have separated specs for the `< 3` and `= 2` cases, so
this outer tag is incorrect.
https://github.com/rubygems/rubygems/commit/61e905ca27
|
|
|
|
|
|
|
|
| |
Instead, use the non-deprecated option except when specifically testing
deprecated CLI flags. In that case, pass the flag directly and limit
the specs to `bundler < 3`.
https://github.com/rubygems/rubygems/commit/3d5e186241
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Features:
- Add caller information to some deprecation messages to make them easier to fix [#7361](https://github.com/bundler/bundler/pull/7361)
- Reconcile `bundle cache` vs `bundle package` everywhere. Now in docs, CLI help and everywhere else `bundle cache` is the preferred version and `bundle package` remains as an alias [#7389](https://github.com/bundler/bundler/pull/7389)
- Display some basic `bundler` documentation together with ruby's RDoc based documentation [#7394](https://github.com/bundler/bundler/pull/7394)
Bugfixes:
- Fix typos deprecation message and upgrading docs [#7374](https://github.com/bundler/bundler/pull/7374)
- Deprecation warnings about `taint` usage on ruby 2.7 [#7385](https://github.com/bundler/bundler/pull/7385)
- Fix `--help` flag not correctly delegating to `man` when used with command aliases [#7388](https://github.com/bundler/bundler/pull/7388)
- `bundle add` should cache newly added gems if an application cache exists [#7393](https://github.com/bundler/bundler/pull/7393)
- Stop using an insecure folder as a "fallback home" when user home is not defined [#7416](https://github.com/bundler/bundler/pull/7416)
- Fix `bundler/inline` warning about `Bundler.root` redefinition [#7417](https://github.com/bundler/bundler/pull/7417)
|
|
|
|
| |
https://github.com/bundler/bundler/commit/4c6a3c3cf7
|
|
|
|
| |
https://github.com/bundler/bundler/commit/5946d62ad0
|
|
|
|
| |
Pick from 8dd59e3ba97eb80a599f8149f31bf40773b69dc0
|
|
|
|
|
|
| |
https://github.com/bundler/bundler/commit/a53709556b95a914e874b22ed2116a46b0528852
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67539 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66710 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
| |
We have the platform issue on heroku:
* https://gist.github.com/schneems/26452540f6e2bbbcf2ea144f45f6b305
* https://github.com/heroku/heroku-buildpack-ruby/issues/833
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
| |
* It update bundler 2 mode to bundler 3.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65523 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
| |
* bin/*, lib/bundler/*, lib/bundler.rb, spec/bundler, man/*:
Merge from latest stable branch of bundler/bundler repository and
added workaround patches. I will backport them into upstream.
* common.mk, defs/gmake.mk: Added `test-bundler` task for test suite
of bundler.
* tool/sync_default_gems.rb: Added sync task for bundler.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65509 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|