Merge pull request #6666 from rubygems/release/bundler_2.4.13_rubygems_3.4.13

deivid-rodriguez · web-flow · commit 26eb456c6c69 · 2023-05-10T09:50:31.000+02:00
Prepare RubyGems 3.4.13 and Bundler 2.4.13
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+# 3.4.13 / 2023-05-09
+
+## Enhancements:
+
+* Installs bundler 2.4.13 as a default gem.
+
 # 3.4.12 / 2023-04-11
 
 ## Enhancements:
diff --git a/Manifest.txt b/Manifest.txt
@@ -180,6 +180,7 @@ bundler/lib/bundler/rubygems_ext.rb
 bundler/lib/bundler/rubygems_gem_installer.rb
 bundler/lib/bundler/rubygems_integration.rb
 bundler/lib/bundler/runtime.rb
+bundler/lib/bundler/safe_marshal.rb
 bundler/lib/bundler/self_manager.rb
 bundler/lib/bundler/settings.rb
 bundler/lib/bundler/settings/validator.rb
diff --git a/bundler/CHANGELOG.md b/bundler/CHANGELOG.md
@@ -1,3 +1,13 @@
+# 2.4.13 (May 9, 2023)
+
+## Bug fixes:
+
+  - Fix unexpected fallbacks to full index by adding FalseClass and Time to the SafeMarshal list [#6655](https://github.com/rubygems/rubygems/pull/6655)
+
+## Documentation:
+
+  - Fix broken hyperlinks in bundle cache documentation [#6606](https://github.com/rubygems/rubygems/pull/6606)
+
 # 2.4.12 (April 11, 2023)
 
 ## Enhancements:
diff --git a/bundler/lib/bundler.rb b/bundler/lib/bundler.rb
@@ -39,16 +39,6 @@ module Bundler
   environment_preserver.replace_with_backup
   SUDO_MUTEX = Thread::Mutex.new
 
-  SAFE_MARSHAL_CLASSES = [Symbol, TrueClass, String, Array, Hash, Gem::Version, Gem::Specification].freeze
-  SAFE_MARSHAL_ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed."
-  SAFE_MARSHAL_PROC = proc do |object|
-    object.tap do
-      unless SAFE_MARSHAL_CLASSES.include?(object.class)
-        raise TypeError, format(SAFE_MARSHAL_ERROR, object.class, SAFE_MARSHAL_CLASSES.join(", "))
-      end
-    end
-  end
-
   autoload :Definition,             File.expand_path("bundler/definition", __dir__)
   autoload :Dependency,             File.expand_path("bundler/dependency", __dir__)
   autoload :Deprecate,              File.expand_path("bundler/deprecate", __dir__)
@@ -86,6 +76,7 @@ module Bundler
   autoload :UI,                     File.expand_path("bundler/ui", __dir__)
   autoload :URICredentialsFilter,   File.expand_path("bundler/uri_credentials_filter", __dir__)
   autoload :URINormalizer,          File.expand_path("bundler/uri_normalizer", __dir__)
+  autoload :SafeMarshal,            File.expand_path("bundler/safe_marshal", __dir__)
 
   class << self
     def configure
@@ -523,7 +514,7 @@ def read_file(file)
     end
 
     def safe_load_marshal(data)
-      load_marshal(data, :marshal_proc => SAFE_MARSHAL_PROC)
+      load_marshal(data, :marshal_proc => SafeMarshal.proc)
     end
 
     def load_gemspec(file, validate = false)
diff --git a/bundler/lib/bundler/man/bundle-cache.1 b/bundler/lib/bundler/man/bundle-cache.1
@@ -13,7 +13,7 @@
 alias: \fBpackage\fR, \fBpack\fR
 .
 .SH "DESCRIPTION"
-Copy all of the \fB\.gem\fR files needed to run the application into the \fBvendor/cache\fR directory\. In the future, when running [bundle install(1)][bundle\-install], use the gems in the cache in preference to the ones on \fBrubygems\.org\fR\.
+Copy all of the \fB\.gem\fR files needed to run the application into the \fBvendor/cache\fR directory\. In the future, when running \fBbundle install(1)\fR \fIbundle\-install\.1\.html\fR, use the gems in the cache in preference to the ones on \fBrubygems\.org\fR\.
 .
 .SH "GIT AND PATH GEMS"
 The \fBbundle cache\fR command can also package \fB:git\fR and \fB:path\fR dependencies besides \.gem files\. This needs to be explicitly enabled via the \fB\-\-all\fR option\. Once used, the \fB\-\-all\fR option will be remembered\.
@@ -22,7 +22,7 @@ The \fBbundle cache\fR command can also package \fB:git\fR and \fB:path\fR depen
 When using gems that have different packages for different platforms, Bundler supports caching of gems for other platforms where the Gemfile has been resolved (i\.e\. present in the lockfile) in \fBvendor/cache\fR\. This needs to be enabled via the \fB\-\-all\-platforms\fR option\. This setting will be remembered in your local bundler configuration\.
 .
 .SH "REMOTE FETCHING"
-By default, if you run \fBbundle install(1)\fR](bundle\-install\.1\.html) after running bundle cache(1) \fIbundle\-cache\.1\.html\fR, bundler will still connect to \fBrubygems\.org\fR to check whether a platform\-specific gem exists for any of the gems in \fBvendor/cache\fR\.
+By default, if you run \fBbundle install(1)\fR \fIbundle\-install\.1\.html\fR after running bundle cache(1) \fIbundle\-cache\.1\.html\fR, bundler will still connect to \fBrubygems\.org\fR to check whether a platform\-specific gem exists for any of the gems in \fBvendor/cache\fR\.
 .
 .P
 For instance, consider this Gemfile(5):
diff --git a/bundler/lib/bundler/man/bundle-cache.1.ronn b/bundler/lib/bundler/man/bundle-cache.1.ronn
@@ -10,7 +10,7 @@ alias: `package`, `pack`
 ## DESCRIPTION
 
 Copy all of the `.gem` files needed to run the application into the
-`vendor/cache` directory. In the future, when running [bundle install(1)][bundle-install],
+`vendor/cache` directory. In the future, when running [`bundle install(1)`](bundle-install.1.html),
 use the gems in the cache in preference to the ones on `rubygems.org`.
 
 ## GIT AND PATH GEMS
@@ -29,7 +29,7 @@ bundler configuration.
 
 ## REMOTE FETCHING
 
-By default, if you run `bundle install(1)`](bundle-install.1.html) after running
+By default, if you run [`bundle install(1)`](bundle-install.1.html) after running
 [bundle cache(1)](bundle-cache.1.html), bundler will still connect to `rubygems.org`
 to check whether a platform-specific gem exists for any of the gems
 in `vendor/cache`.
diff --git a/bundler/lib/bundler/safe_marshal.rb b/bundler/lib/bundler/safe_marshal.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Bundler
+  module SafeMarshal
+    ALLOWED_CLASSES = [
+      Array,
+      FalseClass,
+      Gem::Specification,
+      Gem::Version,
+      Hash,
+      String,
+      Symbol,
+      Time,
+      TrueClass,
+    ].freeze
+
+    ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed."
+
+    PROC = proc do |object|
+      object.tap do
+        unless ALLOWED_CLASSES.include?(object.class)
+          raise TypeError, format(ERROR, object.class, ALLOWED_CLASSES.join(", "))
+        end
+      end
+    end
+
+    def self.proc
+      PROC
+    end
+  end
+end
diff --git a/bundler/lib/bundler/version.rb b/bundler/lib/bundler/version.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.4.12".freeze
+  VERSION = "2.4.13".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i
diff --git a/bundler/spec/bundler/bundler_spec.rb b/bundler/spec/bundler/bundler_spec.rb
@@ -28,14 +28,42 @@
       expect(Bundler.safe_load_marshal(data)).to eq(simple_structure)
     end
 
-    it "loads Gem::Version" do
-      gem_version = Gem::Version.new("3.7.2")
-      data = Marshal.dump(gem_version)
-      expect(Bundler.safe_load_marshal(data)).to eq(gem_version)
-    end
-
     it "loads Gem::Specification" do
-      gem_spec = Gem::Specification.new("name", "3.7.2")
+      gem_spec = Gem::Specification.new do |s|
+        s.name = "bundler"
+        s.version = Gem::Version.new("2.4.7")
+        s.installed_by_version = Gem::Version.new("0")
+        s.authors = ["André Arko",
+                     "Samuel Giddins",
+                     "Colby Swandale",
+                     "Hiroshi Shibata",
+                     "David Rodríguez",
+                     "Grey Baker",
+                     "Stephanie Morillo",
+                     "Chris Morris",
+                     "James Wen",
+                     "Tim Moore",
+                     "André Medeiros",
+                     "Jessica Lynn Suttles",
+                     "Terence Lee",
+                     "Carl Lerche",
+                     "Yehuda Katz"]
+        s.date = Time.utc(2023, 2, 15)
+        s.description = "Bundler manages an application's dependencies through its entire life, across many machines, systematically and repeatably"
+        s.email = ["team@bundler.io"]
+        s.homepage = "https://bundler.io"
+        s.metadata = { "bug_tracker_uri" => "https://github.com/rubygems/rubygems/issues?q=is%3Aopen+is%3Aissue+label%3ABundler",
+                       "changelog_uri" => "https://github.com/rubygems/rubygems/blob/master/bundler/CHANGELOG.md",
+                       "homepage_uri" => "https://bundler.io/",
+                       "source_code_uri" => "https://github.com/rubygems/rubygems/tree/master/bundler" }
+        s.require_paths = ["lib"]
+        s.required_ruby_version = Gem::Requirement.new([">= 2.6.0"])
+        s.required_rubygems_version = Gem::Requirement.new([">= 3.0.1"])
+        s.rubygems_version = "3.4.7"
+        s.specification_version = 4
+        s.summary = "The best way to manage your application's dependencies"
+        s.license = false
+      end
       data = Marshal.dump(gem_spec)
       expect(Bundler.safe_load_marshal(data)).to eq(gem_spec)
     end
diff --git a/bundler/spec/commands/info_spec.rb b/bundler/spec/commands/info_spec.rb
@@ -215,7 +215,7 @@
       G
 
       bundle "info rac"
-      expect(out).to match(/\A1 : rack\n2 : rack-obama\n0 : - exit -(\n>)?\z/)
+      expect(out).to match(/\A1 : rack\n2 : rack-obama\n0 : - exit -(\n>.*)?\z/)
     end
   end
 
diff --git a/bundler/spec/commands/show_spec.rb b/bundler/spec/commands/show_spec.rb
@@ -173,7 +173,7 @@
       G
 
       bundle "show rac"
-      expect(out).to match(/\A1 : rack\n2 : rack-obama\n0 : - exit -(\n>)?\z/)
+      expect(out).to match(/\A1 : rack\n2 : rack-obama\n0 : - exit -(\n>.*)?\z/)
     end
   end
 
diff --git a/bundler/tool/bundler/dev_gems.rb.lock b/bundler/tool/bundler/dev_gems.rb.lock
@@ -54,4 +54,4 @@ DEPENDENCIES
   webrick (~> 1.6)
 
 BUNDLED WITH
-   2.4.12
+   2.4.13
diff --git a/bundler/tool/bundler/release_gems.rb.lock b/bundler/tool/bundler/release_gems.rb.lock
@@ -49,4 +49,4 @@ DEPENDENCIES
   octokit (~> 4.18)
 
 BUNDLED WITH
-   2.4.12
+   2.4.13
diff --git a/bundler/tool/bundler/rubocop_gems.rb.lock b/bundler/tool/bundler/rubocop_gems.rb.lock
@@ -70,4 +70,4 @@ DEPENDENCIES
   test-unit
 
 BUNDLED WITH
-   2.4.12
+   2.4.13
diff --git a/bundler/tool/bundler/standard_gems.rb.lock b/bundler/tool/bundler/standard_gems.rb.lock
@@ -78,4 +78,4 @@ DEPENDENCIES
   test-unit
 
 BUNDLED WITH
-   2.4.12
+   2.4.13
diff --git a/bundler/tool/bundler/test_gems.rb.lock b/bundler/tool/bundler/test_gems.rb.lock
@@ -42,4 +42,4 @@ DEPENDENCIES
   webrick (= 1.7.0)
 
 BUNDLED WITH
-   2.4.12
+   2.4.13
diff --git a/lib/rubygems.rb b/lib/rubygems.rb
@@ -8,7 +8,7 @@
 require "rbconfig"
 
 module Gem
-  VERSION = "3.4.12"
+  VERSION = "3.4.13"
 end
 
 # Must be first since it unloads the prelude from 1.9.2
diff --git a/rubygems-update.gemspec b/rubygems-update.gemspec
@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |s|
   s.name = "rubygems-update"
-  s.version = "3.4.12"
+  s.version = "3.4.13"
   s.authors = ["Jim Weirich", "Chad Fowler", "Eric Hodel", "Luis Lavena", "Aaron Patterson", "Samuel Giddins", "André Arko", "Evan Phoenix", "Hiroshi SHIBATA"]
   s.email = ["", "", "drbrain@segment7.net", "luislavena@gmail.com", "aaron@tenderlovemaking.com", "segiddins@segiddins.me", "andre@arko.net", "evan@phx.io", "hsbt@ruby-lang.org"]
 

Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@`
`13`	`13`	`alias: \fBpackage\fR, \fBpack\fR`
`14`	`14`	`.`
`15`	`15`	`.SH "DESCRIPTION"`
`16`		`-Copy all of the \fB\.gem\fR files needed to run the application into the \fBvendor/cache\fR directory\. In the future, when running [bundle install(1)][bundle\-install], use the gems in the cache in preference to the ones on \fBrubygems\.org\fR\.`
	`16`	`+Copy all of the \fB\.gem\fR files needed to run the application into the \fBvendor/cache\fR directory\. In the future, when running \fBbundle install(1)\fR \fIbundle\-install\.1\.html\fR, use the gems in the cache in preference to the ones on \fBrubygems\.org\fR\.`
`17`	`17`	`.`
`18`	`18`	`.SH "GIT AND PATH GEMS"`
`19`	`19`	`The \fBbundle cache\fR command can also package \fB:git\fR and \fB:path\fR dependencies besides \.gem files\. This needs to be explicitly enabled via the \fB\-\-all\fR option\. Once used, the \fB\-\-all\fR option will be remembered\.`
`@@ -22,7 +22,7 @@ The \fBbundle cache\fR command can also package \fB:git\fR and \fB:path\fR depen`
`22`	`22`	`When using gems that have different packages for different platforms, Bundler supports caching of gems for other platforms where the Gemfile has been resolved (i\.e\. present in the lockfile) in \fBvendor/cache\fR\. This needs to be enabled via the \fB\-\-all\-platforms\fR option\. This setting will be remembered in your local bundler configuration\.`
`23`	`23`	`.`
`24`	`24`	`.SH "REMOTE FETCHING"`
`25`		`-By default, if you run \fBbundle install(1)\fR](bundle\-install\.1\.html) after running bundle cache(1) \fIbundle\-cache\.1\.html\fR, bundler will still connect to \fBrubygems\.org\fR to check whether a platform\-specific gem exists for any of the gems in \fBvendor/cache\fR\.`
	`25`	`+By default, if you run \fBbundle install(1)\fR \fIbundle\-install\.1\.html\fR after running bundle cache(1) \fIbundle\-cache\.1\.html\fR, bundler will still connect to \fBrubygems\.org\fR to check whether a platform\-specific gem exists for any of the gems in \fBvendor/cache\fR\.`
`26`	`26`	`.`
`27`	`27`	`.P`
`28`	`28`	`For instance, consider this Gemfile(5):`
Original file line number	Diff line number	Diff line change
`@@ -215,7 +215,7 @@`
`215`	`215`	`G`
`216`	`216`
`217`	`217`	`bundle "info rac"`
`218`		`- expect(out).to match(/\A1 : rack\n2 : rack-obama\n0 : - exit -(\n>)?\z/)`
	`218`	`+ expect(out).to match(/\A1 : rack\n2 : rack-obama\n0 : - exit -(\n>.*)?\z/)`
`219`	`219`	`end`
`220`	`220`	`end`
`221`	`221`