Sync latest bundler & rubygems development version

Merged: https://github.com/ruby/ruby/pull/4533
2021-05-28 12:47:49 +02:00 · 2021-05-28 12:47:49 +02:00 · 6e2240a2f9 · 2021-07-07 13:30:45 +09:00
commit 6e2240a2f9
parent 9952e9358e
111 changed files with 1575 additions and 1099 deletions
--- a/lib/bundler.rb
+++ b/lib/bundler.rb
@ -69,6 +69,7 @@ module Bundler
  autoload :SharedHelpers,          File.expand_path("bundler/shared_helpers", __dir__)
  autoload :Source,                 File.expand_path("bundler/source", __dir__)
  autoload :SourceList,             File.expand_path("bundler/source_list", __dir__)
  autoload :SourceMap,              File.expand_path("bundler/source_map", __dir__)
  autoload :SpecSet,                File.expand_path("bundler/spec_set", __dir__)
  autoload :StubSpecification,      File.expand_path("bundler/stub_specification", __dir__)
  autoload :UI,                     File.expand_path("bundler/ui", __dir__)
--- a/lib/bundler/cli.rb
+++ b/lib/bundler/cli.rb
@ -308,39 +308,19 @@ module Bundler
      end
    end
-    unless Bundler.feature_flag.bundler_3_mode?
+    desc "show GEM [OPTIONS]", "Shows all gems that are part of the bundle, or the path to a given gem"
-      desc "show GEM [OPTIONS]", "Shows all gems that are part of the bundle, or the path to a given gem"
+    long_desc <<-D
-      long_desc <<-D
+      Show lists the names and versions of all gems that are required by your Gemfile.
-        Show lists the names and versions of all gems that are required by your Gemfile.
+      Calling show with [GEM] will list the exact location of that gem on your machine.
-        Calling show with [GEM] will list the exact location of that gem on your machine.
+    D
-      D
+    method_option "paths", :type => :boolean,
-      method_option "paths", :type => :boolean,
+                           :banner => "List the paths of all gems that are required by your Gemfile."
-                             :banner => "List the paths of all gems that are required by your Gemfile."
+    method_option "outdated", :type => :boolean,
-      method_option "outdated", :type => :boolean,
+                              :banner => "Show verbose output including whether gems are outdated."
-                                :banner => "Show verbose output including whether gems are outdated."
+    def show(gem_name = nil)
-      def show(gem_name = nil)
+      SharedHelpers.major_deprecation(2, "the `--outdated` flag to `bundle show` was undocumented and will be removed without replacement") if ARGV.include?("--outdated")
-        if ARGV[0] == "show"
+      require_relative "cli/show"
-          rest = ARGV[1..-1]
+      Show.new(options, gem_name).run
          if flag = rest.find{|arg| ["--verbose", "--outdated"].include?(arg) }
            Bundler::SharedHelpers.major_deprecation(2, "the `#{flag}` flag to `bundle show` was undocumented and will be removed without replacement")
          else
            new_command = rest.find {|arg| !arg.start_with?("--") } ? "info" : "list"
            new_arguments = rest.map do |arg|
              next arg if arg != "--paths"
              next "--path" if new_command == "info"
            end
            old_argv = ARGV.join(" ")
            new_argv = [new_command, *new_arguments.compact].join(" ")
            Bundler::SharedHelpers.major_deprecation(2, "use `bundle #{new_argv}` instead of `bundle #{old_argv}`")
          end
        end
        require_relative "cli/show"
        Show.new(options, gem_name).run
      end
    end
    desc "list", "List all gems in the bundle"
--- a/lib/bundler/cli/check.rb
+++ b/lib/bundler/cli/check.rb
@ -11,9 +11,11 @@ module Bundler
    def run
      Bundler.settings.set_command_option_if_given :path, options[:path]
      definition = Bundler.definition
      definition.validate_runtime!
      begin
-        definition = Bundler.definition
+        definition.resolve_only_locally!
        definition.validate_runtime!
        not_installed = definition.missing_specs
      rescue GemNotFound, VersionConflict
        Bundler.ui.error "Bundler can't satisfy your Gemfile's dependencies."
--- a/lib/bundler/cli/install.rb
+++ b/lib/bundler/cli/install.rb
@ -58,7 +58,10 @@ module Bundler
      definition.validate_runtime!
      installer = Installer.install(Bundler.root, definition, options)
-      Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle?
+
      Bundler.settings.temporary(:cache_all_platforms => options[:local] ? false : Bundler.settings[:cache_all_platforms]) do
        Bundler.load.cache if Bundler.app_cache.exist? && !options["no-cache"] && !Bundler.frozen_bundle?
      end
      Bundler.ui.confirm "Bundle complete! #{dependencies_count_for(definition)}, #{gems_installed_for(definition)}."
      Bundler::CLI::Common.output_without_groups_message(:install)
--- a/lib/bundler/cli/lock.rb
+++ b/lib/bundler/cli/lock.rb
@ -21,9 +21,13 @@ module Bundler
      Bundler::Fetcher.disable_endpoint = options["full-index"]
      update = options[:update]
      conservative = options[:conservative]
      if update.is_a?(Array) # unlocking specific gems
        Bundler::CLI::Common.ensure_all_gems_in_lockfile!(update)
-        update = { :gems => update, :lock_shared_dependencies => options[:conservative] }
+        update = { :gems => update, :conservative => conservative }
      elsif update
        update = { :conservative => conservative } if conservative
      end
      definition = Bundler.definition(update)
--- a/lib/bundler/cli/outdated.rb
+++ b/lib/bundler/cli/outdated.rb
@ -146,17 +146,16 @@ module Bundler
    end
    def retrieve_active_spec(definition, current_spec)
-      if strict
+      active_spec = definition.resolve.find_by_name_and_platform(current_spec.name, current_spec.platform)
-        active_spec = definition.find_resolved_spec(current_spec)
+      return unless active_spec
      else
        active_specs = definition.find_indexed_specs(current_spec)
        if !current_spec.version.prerelease? && !options[:pre] && active_specs.size > 1
          active_specs.delete_if {|b| b.respond_to?(:version) && b.version.prerelease? }
        end
        active_spec = active_specs.last
      end
-      active_spec
+      return active_spec if strict
      active_specs = active_spec.source.specs.search(current_spec.name).select {|spec| spec.match_platform(current_spec.platform) }.sort_by(&:version)
      if !current_spec.version.prerelease? && !options[:pre] && active_specs.size > 1
        active_specs.delete_if {|b| b.respond_to?(:version) && b.version.prerelease? }
      end
      active_specs.last
    end
    def print_gems(gems_list)
--- a/lib/bundler/cli/update.rb
+++ b/lib/bundler/cli/update.rb
@ -27,9 +27,14 @@ module Bundler
        raise InvalidOption, "Cannot specify --all along with specific options."
      end
      conservative = options[:conservative]
      if full_update
-        # We're doing a full update
+        if conservative
-        Bundler.definition(true)
+          Bundler.definition(:conservative => conservative)
        else
          Bundler.definition(true)
        end
      else
        unless Bundler.default_lockfile.exist?
          raise GemfileLockNotFound, "This Bundle hasn't been installed yet. " \
@ -43,7 +48,7 @@ module Bundler
        end
        Bundler.definition(:gems => gems, :sources => sources, :ruby => options[:ruby],
-                           :lock_shared_dependencies => options[:conservative],
+                           :conservative => conservative,
                           :bundler => options[:bundler])
      end
--- a/lib/bundler/definition.rb
+++ b/lib/bundler/definition.rb
@ -112,17 +112,18 @@ module Bundler
      end
      @locked_gem_sources = @locked_sources.select {|s| s.is_a?(Source::Rubygems) }
-      @disable_multisource = @locked_gem_sources.all?(&:disable_multisource?)
+      @multisource_allowed = @locked_gem_sources.any?(&:multiple_remotes?) && Bundler.frozen_bundle?
-      unless @disable_multisource
+      if @multisource_allowed
-        msg = "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. You should run `bundle update` or generate your lockfile from scratch."
+        unless sources.aggregate_global_source?
          msg = "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. Make sure you run `bundle install` in non frozen mode and commit the result to make your lockfile secure."
-        Bundler::SharedHelpers.major_deprecation 2, msg
+          Bundler::SharedHelpers.major_deprecation 2, msg
        end
        @sources.merged_gem_lockfile_sections!
      end
      @unlock[:gems] ||= []
      @unlock[:sources] ||= []
      @unlock[:ruby] ||= if @ruby_version && locked_ruby_version_object
        @ruby_version.diff(locked_ruby_version_object)
@ -135,8 +136,10 @@ module Bundler
      @path_changes = converge_paths
      @source_changes = converge_sources
-      unless @unlock[:lock_shared_dependencies]
+      if @unlock[:conservative]
-        eager_unlock = expand_dependencies(@unlock[:gems], true)
+        @unlock[:gems] ||= @dependencies.map(&:name)
      else
        eager_unlock = expand_dependencies(@unlock[:gems] || [], true)
        @unlock[:gems] = @locked_specs.for(eager_unlock, [], false, false, false).map(&:name)
      end
@ -161,8 +164,14 @@ module Bundler
      end
    end
-    def disable_multisource?
+    def multisource_allowed?
-      @disable_multisource
+      @multisource_allowed
    end
    def resolve_only_locally!
      @remote = false
      sources.local_only!
      resolve
    end
    def resolve_with_cache!
@ -224,7 +233,6 @@ module Bundler
      Bundler.ui.debug "The definition is missing #{missing.map(&:full_name)}"
      true
    rescue BundlerError => e
      @index = nil
      @resolve = nil
      @specs = nil
      @gem_version_promoter = nil
@ -255,7 +263,7 @@ module Bundler
    def specs_for(groups)
      deps = dependencies_for(groups)
-      specs.for(expand_dependencies(deps))
+      SpecSet.new(specs.for(expand_dependencies(deps)))
    end
    def dependencies_for(groups)
@ -287,50 +295,6 @@ module Bundler
      end
    end
    def index
      @index ||= Index.build do |idx|
        dependency_names = @dependencies.map(&:name)
        sources.all_sources.each do |source|
          source.dependency_names = dependency_names - pinned_spec_names(source)
          idx.add_source source.specs
          dependency_names.concat(source.unmet_deps).uniq!
        end
        double_check_for_index(idx, dependency_names)
      end
    end
    # Suppose the gem Foo depends on the gem Bar.  Foo exists in Source A.  Bar has some versions that exist in both
    # sources A and B.  At this point, the API request will have found all the versions of Bar in source A,
    # but will not have found any versions of Bar from source B, which is a problem if the requested version
    # of Foo specifically depends on a version of Bar that is only found in source B. This ensures that for
    # each spec we found, we add all possible versions from all sources to the index.
    def double_check_for_index(idx, dependency_names)
      pinned_names = pinned_spec_names
      loop do
        idxcount = idx.size
        names = :names # do this so we only have to traverse to get dependency_names from the index once
        unmet_dependency_names = lambda do
          return names unless names == :names
          new_names = sources.all_sources.map(&:dependency_names_to_double_check)
          return names = nil if new_names.compact!
          names = new_names.flatten(1).concat(dependency_names)
          names.uniq!
          names -= pinned_names
          names
        end
        sources.all_sources.each do |source|
          source.double_check_for(unmet_dependency_names)
        end
        break if idxcount == idx.size
      end
    end
    private :double_check_for_index
    def has_rubygems_remotes?
      sources.rubygems_sources.any? {|s| s.remotes.any? }
    end
@ -539,14 +503,6 @@ module Bundler
      end
    end
    def find_resolved_spec(current_spec)
      specs.find_by_name_and_platform(current_spec.name, current_spec.platform)
    end
    def find_indexed_specs(current_spec)
      index[current_spec.name].select {|spec| spec.match_platform(current_spec.platform) }.sort_by(&:version)
    end
    attr_reader :sources
    private :sources
@ -563,6 +519,10 @@ module Bundler
    private
    def precompute_source_requirements_for_indirect_dependencies?
      sources.non_global_rubygems_sources.all?(&:dependency_api_available?) && !sources.aggregate_global_source?
    end
    def current_ruby_platform_locked?
      return false unless generic_local_platform == Gem::Platform::RUBY
@ -677,7 +637,7 @@ module Bundler
    end
    def converge_rubygems_sources
-      return false if disable_multisource?
+      return false unless multisource_allowed?
      return false if locked_gem_sources.empty?
@ -688,9 +648,9 @@ module Bundler
      changes = false
      # If there is a RubyGems source in both
-      locked_gem_sources.each do |locked_gem|
+      locked_gem_sources.each do |locked_gem_source|
        # Merge the remotes from the Gemfile into the Gemfile.lock
-        changes |= locked_gem.replace_remotes(actual_remotes, Bundler.settings[:allow_deployment_source_credential_changes])
+        changes |= locked_gem_source.replace_remotes(actual_remotes, Bundler.settings[:allow_deployment_source_credential_changes])
      end
      changes
@ -789,8 +749,6 @@ module Bundler
        end
      end
      unlock_source_unlocks_spec = Bundler.feature_flag.unlock_source_unlocks_spec?
      converged = []
      @locked_specs.each do |s|
        # Replace the locked dependency's source with the equivalent source from the Gemfile
@ -802,11 +760,6 @@ module Bundler
        next if s.source.nil?
        next if @unlock[:sources].include?(s.source.name)
        # XXX This is a backwards-compatibility fix to preserve the ability to
        # unlock a single gem by passing its name via `--source`. See issue #3759
        # TODO: delete in Bundler 2
        next if unlock_source_unlocks_spec && @unlock[:sources].include?(s.name)
        # If the spec is from a path source and it doesn't exist anymore
        # then we unlock it.
@ -838,7 +791,7 @@ module Bundler
      resolve = SpecSet.new(converged)
      @locked_specs_incomplete_for_platform = !resolve.for(expand_dependencies(requested_dependencies & deps), @unlock[:gems], true, true)
-      resolve = resolve.for(expand_dependencies(deps, true), @unlock[:gems], false, false, false)
+      resolve = SpecSet.new(resolve.for(expand_dependencies(deps, true), [], false, false, false).reject{|s| @unlock[:gems].include?(s.name) })
      diff    = nil
      # Now, we unlock any sources that do not have anymore gems pinned to it
@ -909,26 +862,22 @@ module Bundler
    end
    def source_requirements
      # Load all specs from remote sources
      index
      # Record the specs available in each gem's source, so that those
      # specs will be available later when the resolver knows where to
      # look for that gemspec (or its dependencies)
-      source_requirements = { :default => sources.default_source }.merge(dependency_source_requirements)
+      source_requirements = if precompute_source_requirements_for_indirect_dependencies?
        { :default => sources.default_source }.merge(source_map.all_requirements)
      else
        { :default => Source::RubygemsAggregate.new(sources, source_map) }.merge(source_map.direct_requirements)
      end
      metadata_dependencies.each do |dep|
        source_requirements[dep.name] = sources.metadata_source
      end
-      source_requirements[:global] = index unless Bundler.feature_flag.disable_multisource?
+      source_requirements[:default_bundler] = source_requirements["bundler"] || sources.default_source
      source_requirements[:default_bundler] = source_requirements["bundler"] || source_requirements[:default]
      source_requirements["bundler"] = sources.metadata_source # needs to come last to override
      source_requirements
    end
    def pinned_spec_names(skip = nil)
      dependency_source_requirements.reject {|_, source| source == skip }.keys
    end
    def requested_groups
      groups - Bundler.settings[:without] - @optional_groups + Bundler.settings[:with]
    end
@ -984,16 +933,8 @@ module Bundler
      Bundler.settings[:allow_deployment_source_credential_changes] && source.equivalent_remotes?(sources.rubygems_remotes)
    end
-    def dependency_source_requirements
+    def source_map
-      @dependency_source_requirements ||= begin
+      @source_map ||= SourceMap.new(sources, dependencies)
        source_requirements = {}
        default = sources.default_source
        dependencies.each do |dep|
          dep_source = dep.source || default
          source_requirements[dep.name] = dep_source
        end
        source_requirements
      end
    end
  end
 end
--- a/lib/bundler/feature_flag.rb
+++ b/lib/bundler/feature_flag.rb
@ -31,7 +31,6 @@ module Bundler
    settings_flag(:auto_clean_without_path) { bundler_3_mode? }
    settings_flag(:cache_all) { bundler_3_mode? }
    settings_flag(:default_install_uses_path) { bundler_3_mode? }
    settings_flag(:disable_multisource) { bundler_3_mode? }
    settings_flag(:forget_cli_options) { bundler_3_mode? }
    settings_flag(:global_gem_cache) { bundler_3_mode? }
    settings_flag(:path_relative_to_cwd) { bundler_3_mode? }
@ -39,7 +38,6 @@ module Bundler
    settings_flag(:print_only_version_number) { bundler_3_mode? }
    settings_flag(:setup_makes_kernel_gem_public) { !bundler_3_mode? }
    settings_flag(:suppress_install_using_messages) { bundler_3_mode? }
    settings_flag(:unlock_source_unlocks_spec) { !bundler_3_mode? }
    settings_flag(:update_requires_all_flag) { bundler_4_mode? }
    settings_flag(:use_gem_version_promoter_for_major_updates) { bundler_3_mode? }
--- a/lib/bundler/fetcher/compact_index.rb
+++ b/lib/bundler/fetcher/compact_index.rb
@ -116,7 +116,7 @@ module Bundler
      def bundle_worker(func = nil)
        @bundle_worker ||= begin
          worker_name = "Compact Index (#{display_uri.host})"
-          Bundler::Worker.new(Bundler.current_ruby.rbx? ? 1 : 25, worker_name, func)
+          Bundler::Worker.new(Bundler.settings.processor_count, worker_name, func)
        end
        @bundle_worker.tap do |worker|
          worker.instance_variable_set(:@func, func) if func
--- a/lib/bundler/fetcher/downloader.rb
+++ b/lib/bundler/fetcher/downloader.rb
@ -68,8 +68,7 @@ module Bundler
        raise CertificateFailureError.new(uri)
      rescue *HTTP_ERRORS => e
        Bundler.ui.trace e
-        case e.message
+        if e.is_a?(SocketError) || e.message =~ /host down:/
        when /host down:/, /getaddrinfo: nodename nor servname provided/
          raise NetworkDownError, "Could not reach host #{uri.host}. Check your network " \
            "connection and try again."
        else
--- a/lib/bundler/fetcher/index.rb
+++ b/lib/bundler/fetcher/index.rb
@ -1,7 +1,6 @@
 # frozen_string_literal: true
 require_relative "base"
 require "rubygems/remote_fetcher"
 module Bundler
  class Fetcher
--- a/lib/bundler/friendly_errors.rb
+++ b/lib/bundler/friendly_errors.rb
@ -49,8 +49,6 @@ module Bundler
          "Alternatively, you can increase the amount of memory the JVM is able to use by running Bundler with jruby -J-Xmx1024m -S bundle (JRuby defaults to 500MB)."
      else request_issue_report_for(error)
      end
    rescue StandardError
      raise error
    end
    def exit_status(error)
@ -111,8 +109,8 @@ module Bundler
        First, try this link to see if there are any existing issue reports for this error:
        #{issues_url(e)}
-        If there aren't any reports for this error yet, please create copy and paste the report template above into a new issue. Don't forget to anonymize any private data! The new issue form is located at:
+        If there aren't any reports for this error yet, please copy and paste the report template above into a new issue. Don't forget to anonymize any private data! The new issue form is located at:
-        https://github.com/rubygems/rubygems/issues/new?labels=Bundler
+        https://github.com/rubygems/rubygems/issues/new?labels=Bundler&template=bundler-related-issue.md
      EOS
    end
--- a/lib/bundler/index.rb
+++ b/lib/bundler/index.rb
@ -122,10 +122,9 @@ module Bundler
      names
    end
    # returns a list of the dependencies
    def unmet_dependency_names
      dependency_names.select do |name|
-        name != "bundler" && search(name).empty?
+        search(name).empty?
      end
    end
--- a/lib/bundler/installer.rb
+++ b/lib/bundler/installer.rb
@ -222,14 +222,7 @@ module Bundler
      # Parallelization has some issues on Windows, so it's not yet the default
      return 1 if Gem.win_platform?
-      processor_count
+      Bundler.settings.processor_count
    end
    def processor_count
      require "etc"
      Etc.nprocessors
    rescue StandardError
      1
    end
    def load_plugins
--- a/lib/bundler/man/bundle-add.1
+++ b/lib/bundler/man/bundle-add.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-ADD" "1" "April 2021" "" ""
+.TH "BUNDLE\-ADD" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-add\fR \- Add gem to the Gemfile and run bundle install
--- a/lib/bundler/man/bundle-binstubs.1
+++ b/lib/bundler/man/bundle-binstubs.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-BINSTUBS" "1" "April 2021" "" ""
+.TH "BUNDLE\-BINSTUBS" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-binstubs\fR \- Install the binstubs of the listed gems
--- a/lib/bundler/man/bundle-cache.1
+++ b/lib/bundler/man/bundle-cache.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-CACHE" "1" "April 2021" "" ""
+.TH "BUNDLE\-CACHE" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-cache\fR \- Package your needed \fB\.gem\fR files into your application
--- a/lib/bundler/man/bundle-check.1
+++ b/lib/bundler/man/bundle-check.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-CHECK" "1" "April 2021" "" ""
+.TH "BUNDLE\-CHECK" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-check\fR \- Verifies if dependencies are satisfied by installed gems
--- a/lib/bundler/man/bundle-clean.1
+++ b/lib/bundler/man/bundle-clean.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-CLEAN" "1" "April 2021" "" ""
+.TH "BUNDLE\-CLEAN" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-clean\fR \- Cleans up unused gems in your bundler directory
--- a/lib/bundler/man/bundle-config.1
+++ b/lib/bundler/man/bundle-config.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-CONFIG" "1" "April 2021" "" ""
+.TH "BUNDLE\-CONFIG" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-config\fR \- Set bundler configuration options
@ -56,9 +56,6 @@ Executing \fBbundle config unset \-\-local <name> <value>\fR will delete the con
 .P
 Executing bundle with the \fBBUNDLE_IGNORE_CONFIG\fR environment variable set will cause it to ignore all configuration\.
 .
 .P
 Executing \fBbundle config set \-\-local disable_multisource true\fR upgrades the warning about the Gemfile containing multiple primary sources to an error\. Executing \fBbundle config unset disable_multisource\fR downgrades this error to a warning\.
 .
 .SH "REMEMBERING OPTIONS"
 Flags passed to \fBbundle install\fR or the Bundler runtime, such as \fB\-\-path foo\fR or \fB\-\-without production\fR, are remembered between commands and saved to your local application\'s configuration (normally, \fB\./\.bundle/config\fR)\.
 .
@ -184,9 +181,6 @@ The following is a list of all configuration keys and their purpose\. You can le
 \fBdisable_local_revision_check\fR (\fBBUNDLE_DISABLE_LOCAL_REVISION_CHECK\fR): Allow Bundler to use a local git override without checking if the revision present in the lockfile is present in the repository\.
 .
 .IP "\(bu" 4
 \fBdisable_multisource\fR (\fBBUNDLE_DISABLE_MULTISOURCE\fR): When set, Gemfiles containing multiple sources will produce errors instead of warnings\. Use \fBbundle config unset disable_multisource\fR to unset\.
 .
 .IP "\(bu" 4
 \fBdisable_shared_gems\fR (\fBBUNDLE_DISABLE_SHARED_GEMS\fR): Stop Bundler from accessing gems installed to RubyGems\' normal location\.
 .
 .IP "\(bu" 4
@ -280,9 +274,6 @@ The following is a list of all configuration keys and their purpose\. You can le
 \fBtimeout\fR (\fBBUNDLE_TIMEOUT\fR): The seconds allowed before timing out for network requests\. Defaults to \fB10\fR\.
 .
 .IP "\(bu" 4
 \fBunlock_source_unlocks_spec\fR (\fBBUNDLE_UNLOCK_SOURCE_UNLOCKS_SPEC\fR): Whether running \fBbundle update \-\-source NAME\fR unlocks a gem with the given name\. Defaults to \fBtrue\fR\.
 .
 .IP "\(bu" 4
 \fBupdate_requires_all_flag\fR (\fBBUNDLE_UPDATE_REQUIRES_ALL_FLAG\fR): Require passing \fB\-\-all\fR to \fBbundle update\fR when everything should be updated, and disallow passing no options to \fBbundle update\fR\.
 .
 .IP "\(bu" 4
--- a/lib/bundler/man/bundle-config.1.ronn
+++ b/lib/bundler/man/bundle-config.1.ronn
@ -47,10 +47,6 @@ configuration only from the local application.
 Executing bundle with the `BUNDLE_IGNORE_CONFIG` environment variable set will
 cause it to ignore all configuration.
 Executing `bundle config set --local disable_multisource true` upgrades the warning about
 the Gemfile containing multiple primary sources to an error. Executing `bundle
 config unset disable_multisource` downgrades this error to a warning.
 ## REMEMBERING OPTIONS
 Flags passed to `bundle install` or the Bundler runtime, such as `--path foo` or
@ -178,10 +174,6 @@ learn more about their operation in [bundle install(1)](bundle-install.1.html).
 * `disable_local_revision_check` (`BUNDLE_DISABLE_LOCAL_REVISION_CHECK`):
   Allow Bundler to use a local git override without checking if the revision
   present in the lockfile is present in the repository.
 * `disable_multisource` (`BUNDLE_DISABLE_MULTISOURCE`):
   When set, Gemfiles containing multiple sources will produce errors
   instead of warnings.
   Use `bundle config unset disable_multisource` to unset.
 * `disable_shared_gems` (`BUNDLE_DISABLE_SHARED_GEMS`):
   Stop Bundler from accessing gems installed to RubyGems' normal location.
 * `disable_version_check` (`BUNDLE_DISABLE_VERSION_CHECK`):
@ -268,9 +260,6 @@ learn more about their operation in [bundle install(1)](bundle-install.1.html).
   The location where RubyGems installs binstubs. Defaults to `Gem.bindir`.
 * `timeout` (`BUNDLE_TIMEOUT`):
   The seconds allowed before timing out for network requests. Defaults to `10`.
 * `unlock_source_unlocks_spec` (`BUNDLE_UNLOCK_SOURCE_UNLOCKS_SPEC`):
   Whether running `bundle update --source NAME` unlocks a gem with the given
   name. Defaults to `true`.
 * `update_requires_all_flag` (`BUNDLE_UPDATE_REQUIRES_ALL_FLAG`):
   Require passing `--all` to `bundle update` when everything should be updated,
   and disallow passing no options to `bundle update`.
--- a/lib/bundler/man/bundle-doctor.1
+++ b/lib/bundler/man/bundle-doctor.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-DOCTOR" "1" "April 2021" "" ""
+.TH "BUNDLE\-DOCTOR" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-doctor\fR \- Checks the bundle for common problems
--- a/lib/bundler/man/bundle-exec.1
+++ b/lib/bundler/man/bundle-exec.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-EXEC" "1" "April 2021" "" ""
+.TH "BUNDLE\-EXEC" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-exec\fR \- Execute a command in the context of the bundle
--- a/lib/bundler/man/bundle-gem.1
+++ b/lib/bundler/man/bundle-gem.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-GEM" "1" "April 2021" "" ""
+.TH "BUNDLE\-GEM" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-gem\fR \- Generate a project skeleton for creating a rubygem
--- a/lib/bundler/man/bundle-info.1
+++ b/lib/bundler/man/bundle-info.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-INFO" "1" "April 2021" "" ""
+.TH "BUNDLE\-INFO" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-info\fR \- Show information for the given gem in your bundle
--- a/lib/bundler/man/bundle-init.1
+++ b/lib/bundler/man/bundle-init.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-INIT" "1" "April 2021" "" ""
+.TH "BUNDLE\-INIT" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-init\fR \- Generates a Gemfile into the current working directory
--- a/lib/bundler/man/bundle-inject.1
+++ b/lib/bundler/man/bundle-inject.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-INJECT" "1" "April 2021" "" ""
+.TH "BUNDLE\-INJECT" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-inject\fR \- Add named gem(s) with version requirements to Gemfile
--- a/lib/bundler/man/bundle-install.1
+++ b/lib/bundler/man/bundle-install.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-INSTALL" "1" "April 2021" "" ""
+.TH "BUNDLE\-INSTALL" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-install\fR \- Install the dependencies specified in your Gemfile
--- a/lib/bundler/man/bundle-list.1
+++ b/lib/bundler/man/bundle-list.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-LIST" "1" "April 2021" "" ""
+.TH "BUNDLE\-LIST" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-list\fR \- List all the gems in the bundle
--- a/lib/bundler/man/bundle-lock.1
+++ b/lib/bundler/man/bundle-lock.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-LOCK" "1" "April 2021" "" ""
+.TH "BUNDLE\-LOCK" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-lock\fR \- Creates / Updates a lockfile without installing
--- a/lib/bundler/man/bundle-open.1
+++ b/lib/bundler/man/bundle-open.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-OPEN" "1" "April 2021" "" ""
+.TH "BUNDLE\-OPEN" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-open\fR \- Opens the source directory for a gem in your bundle
--- a/lib/bundler/man/bundle-outdated.1
+++ b/lib/bundler/man/bundle-outdated.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-OUTDATED" "1" "April 2021" "" ""
+.TH "BUNDLE\-OUTDATED" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-outdated\fR \- List installed gems with newer versions available
--- a/lib/bundler/man/bundle-platform.1
+++ b/lib/bundler/man/bundle-platform.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-PLATFORM" "1" "April 2021" "" ""
+.TH "BUNDLE\-PLATFORM" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-platform\fR \- Displays platform compatibility information
--- a/lib/bundler/man/bundle-pristine.1
+++ b/lib/bundler/man/bundle-pristine.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-PRISTINE" "1" "April 2021" "" ""
+.TH "BUNDLE\-PRISTINE" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-pristine\fR \- Restores installed gems to their pristine condition
--- a/lib/bundler/man/bundle-remove.1
+++ b/lib/bundler/man/bundle-remove.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-REMOVE" "1" "April 2021" "" ""
+.TH "BUNDLE\-REMOVE" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-remove\fR \- Removes gems from the Gemfile
--- a/lib/bundler/man/bundle-show.1
+++ b/lib/bundler/man/bundle-show.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-SHOW" "1" "April 2021" "" ""
+.TH "BUNDLE\-SHOW" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-show\fR \- Shows all the gems in your bundle, or the path to a gem
--- a/lib/bundler/man/bundle-update.1
+++ b/lib/bundler/man/bundle-update.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-UPDATE" "1" "April 2021" "" ""
+.TH "BUNDLE\-UPDATE" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-update\fR \- Update your gems to the latest available versions
@ -79,7 +79,7 @@ Do not allow any gem to be updated past latest \fB\-\-patch\fR | \fB\-\-minor\fR
 .
 .TP
 \fB\-\-conservative\fR
-Use bundle install conservative update behavior and do not allow shared dependencies to be updated\.
+Use bundle install conservative update behavior and do not allow indirect dependencies to be updated\.
 .
 .SH "UPDATING ALL GEMS"
 If you run \fBbundle update \-\-all\fR, bundler will ignore any previously installed gems and resolve all dependencies again based on the latest versions of all gems available in the sources\.
@ -208,13 +208,13 @@ In this case, the two gems have their own set of dependencies, but they share \f
 In short, by default, when you update a gem using \fBbundle update\fR, bundler will update all dependencies of that gem, including those that are also dependencies of another gem\.
 .
 .P
-To prevent updating shared dependencies, prior to version 1\.14 the only option was the \fBCONSERVATIVE UPDATING\fR behavior in bundle install(1) \fIbundle\-install\.1\.html\fR:
+To prevent updating indirect dependencies, prior to version 1\.14 the only option was the \fBCONSERVATIVE UPDATING\fR behavior in bundle install(1) \fIbundle\-install\.1\.html\fR:
 .
 .P
 In this scenario, updating the \fBthin\fR version manually in the Gemfile(5), and then running bundle install(1) \fIbundle\-install\.1\.html\fR will only update \fBdaemons\fR and \fBeventmachine\fR, but not \fBrack\fR\. For more information, see the \fBCONSERVATIVE UPDATING\fR section of bundle install(1) \fIbundle\-install\.1\.html\fR\.
 .
 .P
-Starting with 1\.14, specifying the \fB\-\-conservative\fR option will also prevent shared dependencies from being updated\.
+Starting with 1\.14, specifying the \fB\-\-conservative\fR option will also prevent indirect dependencies from being updated\.
 .
 .SH "PATCH LEVEL OPTIONS"
 Version 1\.14 introduced 4 patch\-level options that will influence how gem versions are resolved\. One of the following options can be used: \fB\-\-patch\fR, \fB\-\-minor\fR or \fB\-\-major\fR\. \fB\-\-strict\fR can be added to further influence resolution\.
--- a/lib/bundler/man/bundle-update.1.ronn
+++ b/lib/bundler/man/bundle-update.1.ronn
@ -80,7 +80,7 @@ gem.
  Do not allow any gem to be updated past latest `--patch` | `--minor` | `--major`.
 * `--conservative`:
-  Use bundle install conservative update behavior and do not allow shared dependencies to be updated.
+  Use bundle install conservative update behavior and do not allow indirect dependencies to be updated.
 ## UPDATING ALL GEMS
@ -195,7 +195,7 @@ In short, by default, when you update a gem using `bundle update`, bundler will
 update all dependencies of that gem, including those that are also dependencies
 of another gem.
-To prevent updating shared dependencies, prior to version 1.14 the only option
+To prevent updating indirect dependencies, prior to version 1.14 the only option
 was the `CONSERVATIVE UPDATING` behavior in [bundle install(1)](bundle-install.1.html):
 In this scenario, updating the `thin` version manually in the Gemfile(5),
@ -203,7 +203,7 @@ and then running [bundle install(1)](bundle-install.1.html) will only update `da
 but not `rack`. For more information, see the `CONSERVATIVE UPDATING` section
 of [bundle install(1)](bundle-install.1.html).
-Starting with 1.14, specifying the `--conservative` option will also prevent shared
+Starting with 1.14, specifying the `--conservative` option will also prevent indirect
 dependencies from being updated.
 ## PATCH LEVEL OPTIONS
--- a/lib/bundler/man/bundle-viz.1
+++ b/lib/bundler/man/bundle-viz.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE\-VIZ" "1" "April 2021" "" ""
+.TH "BUNDLE\-VIZ" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\-viz\fR \- Generates a visual dependency graph for your Gemfile
--- a/lib/bundler/man/bundle.1
+++ b/lib/bundler/man/bundle.1
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "BUNDLE" "1" "April 2021" "" ""
+.TH "BUNDLE" "1" "June 2021" "" ""
 .
 .SH "NAME"
 \fBbundle\fR \- Ruby Dependency Management
--- a/lib/bundler/man/gemfile.5
+++ b/lib/bundler/man/gemfile.5
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "GEMFILE" "5" "April 2021" "" ""
+.TH "GEMFILE" "5" "June 2021" "" ""
 .
 .SH "NAME"
 \fBGemfile\fR \- A format for describing gem dependencies for Ruby programs
--- a/lib/bundler/plugin/api/source.rb
+++ b/lib/bundler/plugin/api/source.rb
@ -244,6 +244,20 @@ module Bundler
          specs.unmet_dependency_names
        end
        # Used by definition.
        #
        # Note: Do not override if you don't know what you are doing.
        def spec_names
          specs.spec_names
        end
        # Used by definition.
        #
        # Note: Do not override if you don't know what you are doing.
        def add_dependency_names(names)
          @dependencies |= Array(names)
        end
        # Note: Do not override if you don't know what you are doing.
        def can_lock?(spec)
          spec.source == self
--- a/lib/bundler/resolver.rb
+++ b/lib/bundler/resolver.rb
@ -21,23 +21,19 @@ module Bundler
      base = SpecSet.new(base) unless base.is_a?(SpecSet)
      resolver = new(source_requirements, base, gem_version_promoter, additional_base_requirements, platforms)
      result = resolver.start(requirements)
-      SpecSet.new(result).for(requirements.reject{|dep| dep.name.end_with?("\0") })
+      SpecSet.new(SpecSet.new(result).for(requirements.reject{|dep| dep.name.end_with?("\0") }))
    end
    def initialize(source_requirements, base, gem_version_promoter, additional_base_requirements, platforms)
      @source_requirements = source_requirements
      @index_requirements = source_requirements.each_with_object({}) do |source_requirement, index_requirements|
        name, source = source_requirement
        index_requirements[name] = name == :global ? source : source.specs
      end
      @base = base
      @resolver = Molinillo::Resolver.new(self, self)
      @search_for = {}
      @base_dg = Molinillo::DependencyGraph.new
      aggregate_global_source = @source_requirements[:default].is_a?(Source::RubygemsAggregate)
      @base.each do |ls|
        dep = Dependency.new(ls.name, ls.version)
        ls.source = source_for(ls.name) unless aggregate_global_source
        @base_dg.add_vertex(ls.name, DepProxy.get_proxy(dep, ls.platform), true)
      end
      additional_base_requirements.each {|d| @base_dg.add_vertex(d.name, d) }
@ -45,7 +41,6 @@ module Bundler
      @resolving_only_for_ruby = platforms == [Gem::Platform::RUBY]
      @gem_version_promoter = gem_version_promoter
      @use_gvp = Bundler.feature_flag.use_gem_version_promoter_for_major_updates? || !@gem_version_promoter.major?
      @no_aggregate_global_source = @source_requirements[:global].nil?
    end
    def start(requirements)
@ -55,7 +50,6 @@ module Bundler
      verify_gemfile_dependencies_are_found!(requirements)
      dg = @resolver.resolve(requirements, @base_dg)
      dg.
        tap {|resolved| validate_resolved_specs!(resolved) }.
        map(&:payload).
        reject {|sg| sg.name.end_with?("\0") }.
        map(&:to_specs).
@ -171,16 +165,11 @@ module Bundler
    end
    def index_for(dependency)
-      source = @index_requirements[dependency.name]
+      source_for(dependency.name).specs
-      if source
+    end
-        source
+
-      elsif @no_aggregate_global_source
+    def source_for(name)
-        Index.build do |idx|
+      @source_requirements[name] || @source_requirements[:default]
          dependency.all_sources.each {|s| idx.add_source(s.specs) }
        end
      else
        @index_requirements[:global]
      end
    end
    def results_for(dependency, base)
@ -211,23 +200,10 @@ module Bundler
      dependencies.map(&:dep) == other_dependencies.map(&:dep)
    end
    def relevant_sources_for_vertex(vertex)
      if vertex.root?
        [@source_requirements[vertex.name]]
      elsif @no_aggregate_global_source
        vertex.recursive_predecessors.map do |v|
          @source_requirements[v.name]
        end.compact << @source_requirements[:default]
      else
        []
      end
    end
    def sort_dependencies(dependencies, activated, conflicts)
      dependencies.sort_by do |dependency|
        name = name_for(dependency)
        vertex = activated.vertex_named(name)
        dependency.all_sources = relevant_sources_for_vertex(vertex)
        [
          @base_dg.vertex_named(name) ? 0 : 1,
          vertex.payload ? 0 : 1,
@ -369,7 +345,7 @@ module Bundler
            if other_bundler_required
              o << "\n\n"
-              candidate_specs = @index_requirements[:default_bundler].search(conflict_dependency)
+              candidate_specs = source_for(:default_bundler).specs.search(conflict_dependency)
              if candidate_specs.any?
                target_version = candidate_specs.last.version
                new_command = [File.basename($PROGRAM_NAME), "_#{target_version}_", *ARGV].join(" ")
@ -386,11 +362,7 @@ module Bundler
          elsif !conflict.existing
            o << "\n"
-            relevant_sources = if conflict.requirement.source
+            relevant_source = conflict.requirement.source || source_for(name)
              [conflict.requirement.source]
            else
              conflict.requirement.all_sources
            end.compact.map(&:to_s).uniq.sort
            metadata_requirement = name.end_with?("\0")
@ -403,12 +375,10 @@ module Bundler
            end
            o << " "
-            o << if relevant_sources.empty?
+            o << if metadata_requirement
-              "in any of the sources.\n"
+              "is not available in #{relevant_source}"
            elsif metadata_requirement
              "is not available in #{relevant_sources.join(" or ")}"
            else
-              "in any of the relevant sources:\n  #{relevant_sources * "\n  "}\n"
+              "in #{relevant_source}.\n"
            end
          end
        end,
@ -422,27 +392,5 @@ module Bundler
        end
      )
    end
    def validate_resolved_specs!(resolved_specs)
      resolved_specs.each do |v|
        name = v.name
        sources = relevant_sources_for_vertex(v)
        next unless sources.any?
        if default_index = sources.index(@source_requirements[:default])
          sources.delete_at(default_index)
        end
        sources.reject! {|s| s.specs.search(name).empty? }
        sources.uniq!
        next if sources.size <= 1
        msg = ["The gem '#{name}' was found in multiple relevant sources."]
        msg.concat sources.map {|s| "  * #{s}" }.sort
        msg << "You #{@no_aggregate_global_source ? :must : :should} add this gem to the source block for the source you wish it to be installed from."
        msg = msg.join("\n")
        raise SecurityError, msg if @no_aggregate_global_source
        Bundler.ui.warn "Warning: #{msg}"
      end
    end
  end
 end
--- a/lib/bundler/rubygems_ext.rb
+++ b/lib/bundler/rubygems_ext.rb
@ -105,7 +105,7 @@ module Gem
  end
  class Dependency
-    attr_accessor :source, :groups, :all_sources
+    attr_accessor :source, :groups
    alias_method :eql?, :==
@ -116,7 +116,7 @@ module Gem
    end
    def to_yaml_properties
-      instance_variables.reject {|p| ["@source", "@groups", "@all_sources"].include?(p.to_s) }
+      instance_variables.reject {|p| ["@source", "@groups"].include?(p.to_s) }
    end
    def to_lock
--- a/lib/bundler/rubygems_integration.rb
+++ b/lib/bundler/rubygems_integration.rb
@ -526,13 +526,14 @@ module Bundler
      Bundler::Retry.new("download gem from #{uri}").attempts do
        fetcher.download(spec, uri, path)
      end
    rescue Gem::RemoteFetcher::FetchError => e
      raise Bundler::HTTPError, "Could not download gem from #{uri} due to underlying error <#{e.message}>"
    end
    def gem_remote_fetcher
-      require "resolv"
+      require "rubygems/remote_fetcher"
      proxy = configuration[:http_proxy]
-      dns = Resolv::DNS.new
+      Gem::RemoteFetcher.new(proxy)
      Gem::RemoteFetcher.new(proxy, dns)
    end
    def gem_from_path(path, policy = nil)
--- a/lib/bundler/settings.rb
+++ b/lib/bundler/settings.rb
@ -20,7 +20,6 @@ module Bundler
      disable_exec_load
      disable_local_branch_check
      disable_local_revision_check
      disable_multisource
      disable_shared_gems
      disable_version_check
      force_ruby_platform
@ -45,7 +44,6 @@ module Bundler
      silence_deprecations
      silence_root_warning
      suppress_install_using_messages
      unlock_source_unlocks_spec
      update_requires_all_flag
      use_gem_version_promoter_for_major_updates
    ].freeze
@ -210,6 +208,13 @@ module Bundler
      locations
    end
    def processor_count
      require "etc"
      Etc.nprocessors
    rescue StandardError
      1
    end
    # for legacy reasons, in Bundler 2, we do not respect :disable_shared_gems
    def path
      configs.each do |_level, settings|
@ -442,7 +447,20 @@ module Bundler
        valid_file = file.exist? && !file.size.zero?
        return {} unless valid_file
        require_relative "yaml_serializer"
-        YAMLSerializer.load file.read
+        YAMLSerializer.load(file.read).inject({}) do |config, (k, v)|
          new_k = k
          if k.include?("-")
            Bundler.ui.warn "Your #{file} config includes `#{k}`, which contains the dash character (`-`).\n" \
              "This is deprecated, because configuration through `ENV` should be possible, but `ENV` keys cannot include dashes.\n" \
              "Please edit #{file} and replace any dashes in configuration keys with a triple underscore (`___`)."
            new_k = k.gsub("-", "___")
          end
          config[new_k] = v
          config
        end
      end
    end
--- a/lib/bundler/source.rb
+++ b/lib/bundler/source.rb
@ -7,6 +7,7 @@ module Bundler
    autoload :Metadata, File.expand_path("source/metadata", __dir__)
    autoload :Path,     File.expand_path("source/path", __dir__)
    autoload :Rubygems, File.expand_path("source/rubygems", __dir__)
    autoload :RubygemsAggregate, File.expand_path("source/rubygems_aggregate", __dir__)
    attr_accessor :dependency_names
@ -35,10 +36,16 @@ module Bundler
    def local!; end
    def local_only!; end
    def cached!; end
    def remote!; end
    def add_dependency_names(names)
      @dependency_names = Array(dependency_names) | Array(names)
    end
    # it's possible that gems from one source depend on gems from some
    # other source, so now we download gemspecs and iterate over those
    # dependencies, looking for gems we don't have info on yet.
@ -48,6 +55,10 @@ module Bundler
      specs.dependency_names
    end
    def spec_names
      specs.spec_names
    end
    def include?(other)
      other == self
    end
--- a/lib/bundler/source/rubygems.rb
+++ b/lib/bundler/source/rubygems.rb
@ -26,6 +26,12 @@ module Bundler
        Array(options["remotes"]).reverse_each {|r| add_remote(r) }
      end
      def local_only!
        @specs = nil
        @allow_local = true
        @allow_remote = false
      end
      def local!
        return if @allow_local
@ -61,13 +67,13 @@ module Bundler
        o.is_a?(Rubygems) && (o.credless_remotes - credless_remotes).empty?
      end
-      def disable_multisource?
+      def multiple_remotes?
-        @remotes.size <= 1
+        @remotes.size > 1
      end
      def can_lock?(spec)
-        return super if disable_multisource?
+        return super unless multiple_remotes?
-        spec.source.is_a?(Rubygems)
+        include?(spec.source)
      end
      def options
@ -259,8 +265,16 @@ module Bundler
        !equivalent
      end
      def spec_names
        if @allow_remote && dependency_api_available?
          remote_specs.spec_names
        else
          []
        end
      end
      def unmet_deps
-        if @allow_remote && api_fetchers.any?
+        if @allow_remote && dependency_api_available?
          remote_specs.unmet_dependency_names
        else
          []
@ -276,7 +290,7 @@ module Bundler
      def double_check_for(unmet_dependency_names)
        return unless @allow_remote
-        return unless api_fetchers.any?
+        return unless dependency_api_available?
        unmet_dependency_names = unmet_dependency_names.call
        unless unmet_dependency_names.nil?
@ -298,17 +312,20 @@ module Bundler
        remote_specs.each do |spec|
          case spec
          when EndpointSpecification, Gem::Specification, StubSpecification, LazySpecification
-            names.concat(spec.runtime_dependencies)
+            names.concat(spec.runtime_dependencies.map(&:name))
          when RemoteSpecification # from the full index
            return nil
          else
            raise "unhandled spec type (#{spec.inspect})"
          end
        end
        names.map!(&:name) if names
        names
      end
      def dependency_api_available?
        api_fetchers.any?
      end
      protected
      def credless_remotes
@ -387,10 +404,6 @@ module Bundler
            next if gemfile =~ /^bundler\-[\d\.]+?\.gem/
            s ||= Bundler.rubygems.spec_from_gem(gemfile)
            s.source = self
            if Bundler.rubygems.spec_missing_extensions?(s, false)
              Bundler.ui.debug "Source #{self} is ignoring #{s} because it is missing extensions"
              next
            end
            idx << s
          end
--- a/lib/bundler/source/rubygems_aggregate.rb
+++ b/lib/bundler/source/rubygems_aggregate.rb
@ -0,0 +1,64 @@
 # frozen_string_literal: true
 module Bundler
  class Source
    class RubygemsAggregate
      attr_reader :source_map, :sources
      def initialize(sources, source_map)
        @sources = sources
        @source_map = source_map
        @index = build_index
      end
      def specs
        @index
      end
      def to_s
        "any of the sources"
      end
      private
      def build_index
        Index.build do |idx|
          dependency_names = source_map.pinned_spec_names
          sources.all_sources.each do |source|
            source.dependency_names = dependency_names - source_map.pinned_spec_names(source)
            idx.add_source source.specs
            dependency_names.concat(source.unmet_deps).uniq!
          end
          double_check_for_index(idx, dependency_names)
        end
      end
      # Suppose the gem Foo depends on the gem Bar.  Foo exists in Source A.  Bar has some versions that exist in both
      # sources A and B.  At this point, the API request will have found all the versions of Bar in source A,
      # but will not have found any versions of Bar from source B, which is a problem if the requested version
      # of Foo specifically depends on a version of Bar that is only found in source B. This ensures that for
      # each spec we found, we add all possible versions from all sources to the index.
      def double_check_for_index(idx, dependency_names)
        pinned_names = source_map.pinned_spec_names
        names = :names # do this so we only have to traverse to get dependency_names from the index once
        unmet_dependency_names = lambda do
          return names unless names == :names
          new_names = sources.all_sources.map(&:dependency_names_to_double_check)
          return names = nil if new_names.compact!
          names = new_names.flatten(1).concat(dependency_names)
          names.uniq!
          names -= pinned_names
          names
        end
        sources.all_sources.each do |source|
          source.double_check_for(unmet_dependency_names)
        end
      end
    end
  end
 end
--- a/lib/bundler/source_list.rb
+++ b/lib/bundler/source_list.rb
@ -21,15 +21,19 @@ module Bundler
      @rubygems_sources       = []
      @metadata_source        = Source::Metadata.new
-      @disable_multisource = true
+      @merged_gem_lockfile_sections = false
    end
-    def disable_multisource?
+    def merged_gem_lockfile_sections?
-      @disable_multisource
+      @merged_gem_lockfile_sections
    end
    def merged_gem_lockfile_sections!
-      @disable_multisource = false
+      @merged_gem_lockfile_sections = true
    end
    def aggregate_global_source?
      global_rubygems_source.multiple_remotes?
    end
    def add_path_source(options = {})
@ -70,7 +74,11 @@ module Bundler
    end
    def rubygems_sources
-      @rubygems_sources + [global_rubygems_source]
+      non_global_rubygems_sources + [global_rubygems_source]
    end
    def non_global_rubygems_sources
      @rubygems_sources
    end
    def rubygems_remotes
@ -81,16 +89,27 @@ module Bundler
      path_sources + git_sources + plugin_sources + rubygems_sources + [metadata_source]
    end
    def non_default_explicit_sources
      all_sources - [default_source, metadata_source]
    end
    def get(source)
      source_list_for(source).find {|s| equal_source?(source, s) || equivalent_source?(source, s) }
    end
    def lock_sources
-      lock_sources = (path_sources + git_sources + plugin_sources).sort_by(&:to_s)
+      lock_other_sources + lock_rubygems_sources
-      if disable_multisource?
+    end
-        lock_sources + rubygems_sources.sort_by(&:to_s).uniq
+
    def lock_other_sources
      (path_sources + git_sources + plugin_sources).sort_by(&:to_s)
    end
    def lock_rubygems_sources
      if merged_gem_lockfile_sections?
        [combine_rubygems_sources]
      else
-        lock_sources << combine_rubygems_sources
+        rubygems_sources.sort_by(&:to_s).uniq
      end
    end
@ -104,7 +123,7 @@ module Bundler
        end
      end
-      replacement_rubygems = !disable_multisource? &&
+      replacement_rubygems = merged_gem_lockfile_sections? &&
        replacement_sources.detect {|s| s.is_a?(Source::Rubygems) }
      @global_rubygems_source = replacement_rubygems if replacement_rubygems
@ -113,6 +132,10 @@ module Bundler
      false
    end
    def local_only!
      all_sources.each(&:local_only!)
    end
    def cached!
      all_sources.each(&:cached!)
    end
@ -162,6 +185,8 @@ module Bundler
    end
    def equal_source?(source, other_source)
      return source.include?(other_source) if source.is_a?(Source::Rubygems) && other_source.is_a?(Source::Rubygems) && !merged_gem_lockfile_sections?
      source == other_source
    end
--- a/lib/bundler/source_map.rb
+++ b/lib/bundler/source_map.rb
@ -0,0 +1,58 @@
 # frozen_string_literal: true
 module Bundler
  class SourceMap
    attr_reader :sources, :dependencies
    def initialize(sources, dependencies)
      @sources = sources
      @dependencies = dependencies
    end
    def pinned_spec_names(skip = nil)
      direct_requirements.reject {|_, source| source == skip }.keys
    end
    def all_requirements
      requirements = direct_requirements.dup
      unmet_deps = sources.non_default_explicit_sources.map do |source|
        (source.spec_names - pinned_spec_names).each do |indirect_dependency_name|
          previous_source = requirements[indirect_dependency_name]
          if previous_source.nil?
            requirements[indirect_dependency_name] = source
          else
            no_ambiguous_sources = Bundler.feature_flag.bundler_3_mode?
            msg = ["The gem '#{indirect_dependency_name}' was found in multiple relevant sources."]
            msg.concat [previous_source, source].map {|s| "  * #{s}" }.sort
            msg << "You #{no_ambiguous_sources ? :must : :should} add this gem to the source block for the source you wish it to be installed from."
            msg = msg.join("\n")
            raise SecurityError, msg if no_ambiguous_sources
            Bundler.ui.warn "Warning: #{msg}"
          end
        end
        source.unmet_deps
      end
      sources.default_source.add_dependency_names(unmet_deps.flatten - requirements.keys)
      requirements
    end
    def direct_requirements
      @direct_requirements ||= begin
        requirements = {}
        default = sources.default_source
        dependencies.each do |dep|
          dep_source = dep.source || default
          dep_source.add_dependency_names(dep.name)
          requirements[dep.name] = dep_source
        end
        requirements
      end
    end
  end
 end
--- a/lib/bundler/spec_set.rb
+++ b/lib/bundler/spec_set.rb
@ -46,11 +46,7 @@ module Bundler
        specs << spec
      end
-      check ? true : SpecSet.new(specs)
+      check ? true : specs
    end
    def valid_for?(deps)
      self.for(deps, [], true)
    end
    def [](key)
@ -77,7 +73,7 @@ module Bundler
    end
    def materialize(deps, missing_specs = nil)
-      materialized = self.for(deps, [], false, true, !missing_specs).to_a
+      materialized = self.for(deps, [], false, true, !missing_specs)
      materialized.group_by(&:source).each do |source, specs|
        next unless specs.any?{|s| s.is_a?(LazySpecification) }
--- a/lib/bundler/templates/newgem/newgem.gemspec.tt
+++ b/lib/bundler/templates/newgem/newgem.gemspec.tt
@ -14,9 +14,9 @@ Gem::Specification.new do |spec|
 <%- if config[:mit] -%>
  spec.license = "MIT"
 <%- end -%>
-  spec.required_ruby_version = Gem::Requirement.new(">= <%= config[:required_ruby_version] %>")
+  spec.required_ruby_version = ">= <%= config[:required_ruby_version] %>"
-  spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
+  spec.metadata["allowed_push_host"] = "TODO: Set to 'https://mygemserver.com'"
  spec.metadata["homepage_uri"] = spec.homepage
  spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."
--- a/lib/rubygems/command.rb
+++ b/lib/rubygems/command.rb
@ -355,6 +355,8 @@ class Gem::Command
  def add_option(*opts, &handler) # :yields: value, options
    group_name = Symbol === opts.first ? opts.shift : :options
    raise "Do not pass an empty string in opts" if opts.include?("")
    @option_groups[group_name] << [opts, handler]
  end
--- a/lib/rubygems/commands/build_command.rb
+++ b/lib/rubygems/commands/build_command.rb
@ -23,7 +23,7 @@ class Gem::Commands::BuildCommand < Gem::Command
      options[:output] = value
    end
-    add_option '-C PATH', '', 'Run as if gem build was started in <PATH> instead of the current working directory.' do |value, options|
+    add_option '-C PATH', 'Run as if gem build was started in <PATH> instead of the current working directory.' do |value, options|
      options[:build_path] = value
    end
  end
--- a/lib/rubygems/commands/cert_command.rb
+++ b/lib/rubygems/commands/cert_command.rb
@ -7,37 +7,9 @@ class Gem::Commands::CertCommand < Gem::Command
    super 'cert', 'Manage RubyGems certificates and signing settings',
          :add => [], :remove => [], :list => [], :build => [], :sign => []
-    OptionParser.accept OpenSSL::X509::Certificate do |certificate_file|
+    add_option('-a', '--add CERT',
-      begin
+               'Add a trusted certificate.') do |cert_file, options|
-        certificate = OpenSSL::X509::Certificate.new File.read certificate_file
+      options[:add] << open_cert(cert_file)
      rescue Errno::ENOENT
        raise OptionParser::InvalidArgument, "#{certificate_file}: does not exist"
      rescue OpenSSL::X509::CertificateError
        raise OptionParser::InvalidArgument,
          "#{certificate_file}: invalid X509 certificate"
      end
      [certificate, certificate_file]
    end
    OptionParser.accept OpenSSL::PKey::RSA do |key_file|
      begin
        passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
        key = OpenSSL::PKey::RSA.new File.read(key_file), passphrase
      rescue Errno::ENOENT
        raise OptionParser::InvalidArgument, "#{key_file}: does not exist"
      rescue OpenSSL::PKey::RSAError
        raise OptionParser::InvalidArgument, "#{key_file}: invalid RSA key"
      end
      raise OptionParser::InvalidArgument,
            "#{key_file}: private key not found" unless key.private?
      key
    end
    add_option('-a', '--add CERT', OpenSSL::X509::Certificate,
               'Add a trusted certificate.') do |(cert, _), options|
      options[:add] << cert
    end
    add_option('-l', '--list [FILTER]',
@ -60,15 +32,15 @@ class Gem::Commands::CertCommand < Gem::Command
      options[:build] << email_address
    end
-    add_option('-C', '--certificate CERT', OpenSSL::X509::Certificate,
+    add_option('-C', '--certificate CERT',
-               'Signing certificate for --sign') do |(cert, cert_file), options|
+               'Signing certificate for --sign') do |cert_file, options|
-      options[:issuer_cert] = cert
+      options[:issuer_cert] = open_cert(cert_file)
      options[:issuer_cert_file] = cert_file
    end
-    add_option('-K', '--private-key KEY', OpenSSL::PKey::RSA,
+    add_option('-K', '--private-key KEY',
-               'Key for --sign or --build') do |key, options|
+               'Key for --sign or --build') do |key_file, options|
-      options[:key] = key
+      options[:key] = open_private_key(key_file)
    end
    add_option('-s', '--sign CERT',
@ -97,7 +69,39 @@ class Gem::Commands::CertCommand < Gem::Command
    say "Added '#{certificate.subject}'"
  end
  def check_openssl
    return if Gem::HAVE_OPENSSL
    alert_error "OpenSSL library is required for the cert command"
    terminate_interaction 1
  end
  def open_cert(certificate_file)
    check_openssl
    OpenSSL::X509::Certificate.new File.read certificate_file
  rescue Errno::ENOENT
    raise OptionParser::InvalidArgument, "#{certificate_file}: does not exist"
  rescue OpenSSL::X509::CertificateError
    raise OptionParser::InvalidArgument,
      "#{certificate_file}: invalid X509 certificate"
  end
  def open_private_key(key_file)
    check_openssl
    passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
    key = OpenSSL::PKey::RSA.new File.read(key_file), passphrase
    raise OptionParser::InvalidArgument,
      "#{key_file}: private key not found" unless key.private?
    key
  rescue Errno::ENOENT
    raise OptionParser::InvalidArgument, "#{key_file}: does not exist"
  rescue OpenSSL::PKey::RSAError
    raise OptionParser::InvalidArgument, "#{key_file}: invalid RSA key"
  end
  def execute
    check_openssl
    options[:add].each do |certificate|
      add_certificate certificate
    end
@ -311,4 +315,4 @@ For further reading on signing gems see `ri Gem::Security`.
    # It's simple, but is all we need
    email =~ /\A.+@.+\z/
  end
-end if Gem::HAVE_OPENSSL
+end
--- a/lib/rubygems/config_file.rb
+++ b/lib/rubygems/config_file.rb
@ -320,7 +320,7 @@ if you believe they were disclosed to a third party.
    config = load_file(credentials_path).merge(host => api_key)
    dirname = File.dirname credentials_path
-    Dir.mkdir(dirname) unless File.exist? dirname
+    FileUtils.mkdir_p(dirname) unless File.exist? dirname
    Gem.load_yaml
--- a/lib/rubygems/ext/ext_conf_builder.rb
+++ b/lib/rubygems/ext/ext_conf_builder.rb
@ -23,11 +23,11 @@ class Gem::Ext::ExtConfBuilder < Gem::Ext::Builder
    # spaces do not work.
    #
    # Details: https://github.com/rubygems/rubygems/issues/977#issuecomment-171544940
-    tmp_dest = get_relative_path(tmp_dest, extension_dir)
+    tmp_dest_relative = get_relative_path(tmp_dest.clone, extension_dir)
    Tempfile.open %w[siteconf .rb], extension_dir do |siteconf|
      siteconf.puts "require 'rbconfig'"
-      siteconf.puts "dest_path = #{tmp_dest.dump}"
+      siteconf.puts "dest_path = #{tmp_dest_relative.dump}"
      %w[sitearchdir sitelibdir].each do |dir|
        siteconf.puts "RbConfig::MAKEFILE_CONFIG['#{dir}'] = dest_path"
        siteconf.puts "RbConfig::CONFIG['#{dir}'] = dest_path"
@ -63,8 +63,8 @@ class Gem::Ext::ExtConfBuilder < Gem::Ext::Builder
        make dest_path, results, extension_dir
-        if tmp_dest
+        if tmp_dest_relative
-          full_tmp_dest = File.join(extension_dir, tmp_dest)
+          full_tmp_dest = File.join(extension_dir, tmp_dest_relative)
          # TODO remove in RubyGems 3
          if Gem.install_extension_in_lib and lib_dir
--- a/lib/rubygems/installer.rb
+++ b/lib/rubygems/installer.rb
@ -728,6 +728,10 @@ class Gem::Installer
      raise Gem::InstallError, "#{spec} has an invalid extensions"
    end
    if spec.platform.to_s =~ /\R/
      raise Gem::InstallError, "#{spec.platform} is an invalid platform"
    end
    unless spec.specification_version.to_s =~ /\A\d+\z/
      raise Gem::InstallError, "#{spec} has an invalid specification_version"
    end
--- a/lib/rubygems/request.rb
+++ b/lib/rubygems/request.rb
@ -44,7 +44,7 @@ class Gem::Request
  end
  def self.configure_connection_for_https(connection, cert_files)
-    raise Gem::Exception.new('OpenSSl is not available. Install OpenSSL and rebuild Ruby (preferred) or use non-HTTPS sources') unless Gem::HAVE_OPENSSL
+    raise Gem::Exception.new('OpenSSL is not available. Install OpenSSL and rebuild Ruby (preferred) or use non-HTTPS sources') unless Gem::HAVE_OPENSSL
    connection.use_ssl = true
    connection.verify_mode =
--- a/lib/rubygems/specification.rb
+++ b/lib/rubygems/specification.rb
@ -2421,7 +2421,6 @@ class Gem::Specification < Gem::BasicSpecification
  # still have their default values are omitted.
  def to_ruby
    require_relative 'openssl'
    mark_version
    result = []
    result << "# -*- encoding: utf-8 -*-"
@ -2455,16 +2454,21 @@ class Gem::Specification < Gem::BasicSpecification
      :has_rdoc,
      :default_executable,
      :metadata,
      :signing_key,
    ]
    @@attributes.each do |attr_name|
      next if handled.include? attr_name
      current_value = self.send(attr_name)
      if current_value != default_value(attr_name) || self.class.required_attribute?(attr_name)
-        result << "  s.#{attr_name} = #{ruby_code current_value}" unless defined?(OpenSSL::PKey::RSA) && current_value.is_a?(OpenSSL::PKey::RSA)
+        result << "  s.#{attr_name} = #{ruby_code current_value}"
      end
    end
    if String === signing_key
      result << "  s.signing_key = #{signing_key.dump}.freeze"
    end
    if @installed_by_version
      result << nil
      result << "  s.installed_by_version = \"#{Gem::VERSION}\" if s.respond_to? :installed_by_version"
--- a/lib/rubygems/specification_policy.rb
+++ b/lib/rubygems/specification_policy.rb
@ -124,25 +124,26 @@ class Gem::SpecificationPolicy
    end
    metadata.each do |key, value|
      entry = "metadata['#{key}']"
      if !key.kind_of?(String)
        error "metadata keys must be a String"
      end
      if key.size > 128
-        error "metadata key too large (#{key.size} > 128)"
+        error "metadata key is too large (#{key.size} > 128)"
      end
      if !value.kind_of?(String)
-        error "metadata values must be a String"
+        error "#{entry} value must be a String"
      end
      if value.size > 1024
-        error "metadata value too large (#{value.size} > 1024)"
+        error "#{entry} value is too large (#{value.size} > 1024)"
      end
      if METADATA_LINK_KEYS.include? key
        if value !~ VALID_URI_PATTERN
-          error "metadata['#{key}'] has invalid link: #{value.inspect}"
+          error "#{entry} has invalid link: #{value.inspect}"
        end
      end
    end
--- a/lib/rubygems/uninstaller.rb
+++ b/lib/rubygems/uninstaller.rb
@ -261,7 +261,10 @@ class Gem::Uninstaller
    safe_delete { FileUtils.rm_r gem }
-    Gem::RDoc.new(spec).remove
+    begin
      Gem::RDoc.new(spec).remove
    rescue NameError
    end
    gemspec = spec.spec_file
--- a/lib/rubygems/util/licenses.rb
+++ b/lib/rubygems/util/licenses.rb
@ -18,6 +18,8 @@ class Gem::Licenses
    AFL-2.1
    AFL-3.0
    AGPL-1.0
    AGPL-1.0-only
    AGPL-1.0-or-later
    AGPL-3.0
    AGPL-3.0-only
    AGPL-3.0-or-later
@ -25,6 +27,7 @@ class Gem::Licenses
    AML
    AMPAS
    ANTLR-PD
    ANTLR-PD-fallback
    APAFML
    APL-1.0
    APSL-1.0
@ -48,29 +51,41 @@ class Gem::Licenses
    BSD-2-Clause-FreeBSD
    BSD-2-Clause-NetBSD
    BSD-2-Clause-Patent
    BSD-2-Clause-Views
    BSD-3-Clause
    BSD-3-Clause-Attribution
    BSD-3-Clause-Clear
    BSD-3-Clause-LBNL
    BSD-3-Clause-Modification
    BSD-3-Clause-No-Military-License
    BSD-3-Clause-No-Nuclear-License
    BSD-3-Clause-No-Nuclear-License-2014
    BSD-3-Clause-No-Nuclear-Warranty
    BSD-3-Clause-Open-MPI
    BSD-4-Clause
    BSD-4-Clause-Shortened
    BSD-4-Clause-UC
    BSD-Protection
    BSD-Source-Code
    BSL-1.0
    BUSL-1.1
    Bahyph
    Barr
    Beerware
    BitTorrent-1.0
    BitTorrent-1.1
    BlueOak-1.0.0
    Borceux
    C-UDA-1.0
    CAL-1.0
    CAL-1.0-Combined-Work-Exception
    CATOSL-1.1
    CC-BY-1.0
    CC-BY-2.0
    CC-BY-2.5
    CC-BY-3.0
    CC-BY-3.0-AT
    CC-BY-3.0-US
    CC-BY-4.0
    CC-BY-NC-1.0
    CC-BY-NC-2.0
@ -81,6 +96,7 @@ class Gem::Licenses
    CC-BY-NC-ND-2.0
    CC-BY-NC-ND-2.5
    CC-BY-NC-ND-3.0
    CC-BY-NC-ND-3.0-IGO
    CC-BY-NC-ND-4.0
    CC-BY-NC-SA-1.0
    CC-BY-NC-SA-2.0
@ -94,12 +110,17 @@ class Gem::Licenses
    CC-BY-ND-4.0
    CC-BY-SA-1.0
    CC-BY-SA-2.0
    CC-BY-SA-2.0-UK
    CC-BY-SA-2.1-JP
    CC-BY-SA-2.5
    CC-BY-SA-3.0
    CC-BY-SA-3.0-AT
    CC-BY-SA-4.0
    CC-PDDC
    CC0-1.0
    CDDL-1.0
    CDDL-1.1
    CDL-1.0
    CDLA-Permissive-1.0
    CDLA-Sharing-1.0
    CECILL-1.0
@ -108,6 +129,11 @@ class Gem::Licenses
    CECILL-2.1
    CECILL-B
    CECILL-C
    CERN-OHL-1.1
    CERN-OHL-1.2
    CERN-OHL-P-2.0
    CERN-OHL-S-2.0
    CERN-OHL-W-2.0
    CNRI-Jython
    CNRI-Python
    CNRI-Python-GPL-Compatible
@ -123,12 +149,14 @@ class Gem::Licenses
    Cube
    D-FSL-1.0
    DOC
    DRL-1.0
    DSDP
    Dotseqn
    ECL-1.0
    ECL-2.0
    EFL-1.0
    EFL-2.0
    EPICS
    EPL-1.0
    EPL-2.0
    EUDatagrid
@ -144,17 +172,32 @@ class Gem::Licenses
    FTL
    Fair
    Frameworx-1.0
    FreeBSD-DOC
    FreeImage
    GD
    GFDL-1.1
    GFDL-1.1-invariants-only
    GFDL-1.1-invariants-or-later
    GFDL-1.1-no-invariants-only
    GFDL-1.1-no-invariants-or-later
    GFDL-1.1-only
    GFDL-1.1-or-later
    GFDL-1.2
    GFDL-1.2-invariants-only
    GFDL-1.2-invariants-or-later
    GFDL-1.2-no-invariants-only
    GFDL-1.2-no-invariants-or-later
    GFDL-1.2-only
    GFDL-1.2-or-later
    GFDL-1.3
    GFDL-1.3-invariants-only
    GFDL-1.3-invariants-or-later
    GFDL-1.3-no-invariants-only
    GFDL-1.3-no-invariants-or-later
    GFDL-1.3-only
    GFDL-1.3-or-later
    GL2PS
    GLWTPL
    GPL-1.0
    GPL-1.0+
    GPL-1.0-only
@ -178,7 +221,10 @@ class Gem::Licenses
    Glide
    Glulxe
    HPND
    HPND-sell-variant
    HTMLTIDY
    HaskellReport
    Hippocratic-2.1
    IBM-pibs
    ICU
    IJG
@ -191,6 +237,7 @@ class Gem::Licenses
    Intel
    Intel-ACPI
    Interbase-1.0
    JPNIC
    JSON
    JasPer-2.0
    LAL-1.2
@ -221,11 +268,15 @@ class Gem::Licenses
    LiLiQ-R-1.1
    LiLiQ-Rplus-1.1
    Libpng
    Linux-OpenIB
    MIT
    MIT-0
    MIT-CMU
    MIT-Modern-Variant
    MIT-advertising
    MIT-enna
    MIT-feh
    MIT-open-group
    MITNFA
    MPL-1.0
    MPL-1.1
@ -237,12 +288,18 @@ class Gem::Licenses
    MakeIndex
    MirOS
    Motosoto
    MulanPSL-1.0
    MulanPSL-2.0
    Multics
    Mup
    NAIST-2003
    NASA-1.3
    NBPL-1.0
    NCGL-UK-2.0
    NCSA
    NGPL
    NIST-PD
    NIST-PD-fallback
    NLOD-1.0
    NLPL
    NOSL
@ -251,6 +308,7 @@ class Gem::Licenses
    NPOSL-3.0
    NRL
    NTP
    NTP-0
    Naumen
    Net-SNMP
    NetCDF
@ -258,11 +316,23 @@ class Gem::Licenses
    Nokia
    Noweb
    Nunit
    O-UDA-1.0
    OCCT-PL
    OCLC-2.0
    ODC-By-1.0
    ODbL-1.0
    OFL-1.0
    OFL-1.0-RFN
    OFL-1.0-no-RFN
    OFL-1.1
    OFL-1.1-RFN
    OFL-1.1-no-RFN
    OGC-1.0
    OGDL-Taiwan-1.0
    OGL-Canada-2.0
    OGL-UK-1.0
    OGL-UK-2.0
    OGL-UK-3.0
    OGTSL
    OLDAP-1.1
    OLDAP-1.2
@ -292,7 +362,12 @@ class Gem::Licenses
    PDDL-1.0
    PHP-3.0
    PHP-3.01
    PSF-2.0
    Parity-6.0.0
    Parity-7.0.0
    Plexus
    PolyForm-Noncommercial-1.0.0
    PolyForm-Small-Business-1.0.0
    PostgreSQL
    Python-2.0
    QPL-1.0
@ -310,15 +385,21 @@ class Gem::Licenses
    SGI-B-1.0
    SGI-B-1.1
    SGI-B-2.0
    SHL-0.5
    SHL-0.51
    SISSL
    SISSL-1.2
    SMLNJ
    SMPPL
    SNIA
    SPL-1.0
    SSH-OpenSSH
    SSH-short
    SSPL-1.0
    SWL
    Saxpath
    Sendmail
    Sendmail-8.23
    SimPL-2.0
    Sleepycat
    Spencer-86
@ -326,11 +407,15 @@ class Gem::Licenses
    Spencer-99
    StandardML-NJ
    SugarCRM-1.1.3
    TAPR-OHL-1.0
    TCL
    TCP-wrappers
    TMate
    TORQUE-1.1
    TOSL
    TU-Berlin-1.0
    TU-Berlin-2.0
    UCL-1.0
    UPL-1.0
    Unicode-DFS-2015
    Unicode-DFS-2016
@ -360,16 +445,22 @@ class Gem::Licenses
    Zimbra-1.3
    Zimbra-1.4
    Zlib
    blessing
    bzip2-1.0.5
    bzip2-1.0.6
    copyleft-next-0.3.0
    copyleft-next-0.3.1
    curl
    diffmark
    dvipdfm
    eCos-2.0
    eGenix
    etalab-2.0
    gSOAP-1.3b
    gnuplot
    iMatix
    libpng-2.0
    libselinux-1.0
    libtiff
    mpich2
    psfrag
@ -395,12 +486,26 @@ class Gem::Licenses
    Font-exception-2.0
    GCC-exception-2.0
    GCC-exception-3.1
    GPL-3.0-linking-exception
    GPL-3.0-linking-source-exception
    GPL-CC-1.0
    LGPL-3.0-linking-exception
    LLVM-exception
    LZMA-exception
    Libtool-exception
    Linux-syscall-note
    Nokia-Qt-exception-1.1
    OCCT-exception-1.0
    OCaml-LGPL-linking-exception
    OpenJDK-assembly-exception-1.0
    PS-or-PDF-font-exception-20170817
    Qt-GPL-exception-1.0
    Qt-LGPL-exception-1.1
    Qwt-exception-1.0
    SHL-2.0
    SHL-2.1
    Swift-exception
    Universal-FOSS-exception-1.0
    WxWindows-exception-3.1
    eCos-exception-2.0
    freertos-exception-2.0
@ -413,10 +518,10 @@ class Gem::Licenses
  REGEXP = %r{
    \A
-    (
+    (?:
      #{Regexp.union(LICENSE_IDENTIFIERS)}
      \+?
-      (\s WITH \s #{Regexp.union(EXCEPTION_IDENTIFIERS)})?
+      (?:\s WITH \s #{Regexp.union(EXCEPTION_IDENTIFIERS)})?
      | #{NONSTANDARD}
    )
    \Z
--- a/spec/bundler/bundler/definition_spec.rb
+++ b/spec/bundler/bundler/definition_spec.rb
@ -268,7 +268,7 @@ RSpec.describe Bundler::Definition do
            bundled_app_lock,
            updated_deps_in_gemfile,
            source_list,
-            :gems => ["shared_owner_a"], :lock_shared_dependencies => true
+            :gems => ["shared_owner_a"], :conservative => true
          )
          locked = definition.send(:converge_locked_specs).map(&:name)
          expect(locked).to eq %w[isolated_dep isolated_owner shared_dep shared_owner_b]
@ -278,33 +278,6 @@ RSpec.describe Bundler::Definition do
    end
  end
  describe "find_resolved_spec" do
    it "with no platform set in SpecSet" do
      ss = Bundler::SpecSet.new([build_stub_spec("a", "1.0"), build_stub_spec("b", "1.0")])
      dfn = Bundler::Definition.new(nil, [], mock_source_list, true)
      dfn.instance_variable_set("@specs", ss)
      found = dfn.find_resolved_spec(build_spec("a", "0.9", "ruby").first)
      expect(found.name).to eq "a"
      expect(found.version.to_s).to eq "1.0"
    end
  end
  describe "find_indexed_specs" do
    it "with no platform set in indexed specs" do
      index = Bundler::Index.new
      %w[1.0.0 1.0.1 1.1.0].each {|v| index << build_stub_spec("foo", v) }
      dfn = Bundler::Definition.new(nil, [], mock_source_list, true)
      dfn.instance_variable_set("@index", index)
      found = dfn.find_indexed_specs(build_spec("foo", "0.9", "ruby").first)
      expect(found.length).to eq 3
    end
  end
  def build_stub_spec(name, version)
    Bundler::StubSpecification.new(name, version, nil, nil)
  end
  def mock_source_list
    Class.new do
      def all_sources
--- a/spec/bundler/bundler/fetcher/downloader_spec.rb
+++ b/spec/bundler/bundler/fetcher/downloader_spec.rb
@ -231,16 +231,7 @@ RSpec.describe Bundler::Fetcher::Downloader do
        end
      end
-      context "when error message is about getaddrinfo issues" do
+      context "when error message is not about host down" do
        let(:message) { "getaddrinfo: nodename nor servname provided for http://www.uri-to-fetch.com" }
        it "should raise a Bundler::Fetcher::NetworkDownError" do
          expect { subject.request(uri, options) }.to raise_error(Bundler::Fetcher::NetworkDownError,
            /Could not reach host www.uri-to-fetch.com/)
        end
      end
      context "when error message is about neither host down or getaddrinfo" do
        let(:message) { "other error about network" }
        it "should raise a Bundler::HTTPError" do
--- a/spec/bundler/bundler/fetcher/index_spec.rb
+++ b/spec/bundler/bundler/fetcher/index_spec.rb
@ -1,5 +1,7 @@
 # frozen_string_literal: true
 require "rubygems/remote_fetcher"
 RSpec.describe Bundler::Fetcher::Index do
  let(:downloader)  { nil }
  let(:remote)      { nil }
--- a/spec/bundler/bundler/settings_spec.rb
+++ b/spec/bundler/bundler/settings_spec.rb
@ -312,16 +312,26 @@ that would suck --ehhh=oh geez it looks like i might have broken bundler somehow
  describe "BUNDLE_ keys format" do
    let(:settings) { described_class.new(bundled_app(".bundle")) }
-    it "converts older keys without double dashes" do
+    it "converts older keys without double underscore" do
      config("BUNDLE_MY__PERSONAL.RACK" => "~/Work/git/rack")
      expect(settings["my.personal.rack"]).to eq("~/Work/git/rack")
    end
-    it "converts older keys without trailing slashes and double dashes" do
+    it "converts older keys without trailing slashes and double underscore" do
      config("BUNDLE_MIRROR__HTTPS://RUBYGEMS.ORG" => "http://rubygems-mirror.org")
      expect(settings["mirror.https://rubygems.org/"]).to eq("http://rubygems-mirror.org")
    end
    it "converts older keys with dashes" do
      config("BUNDLE_MY-PERSONAL-SERVER__ORG" => "my-personal-server.org")
      expect(Bundler.ui).to receive(:warn).with(
        "Your #{bundled_app(".bundle/config")} config includes `BUNDLE_MY-PERSONAL-SERVER__ORG`, which contains the dash character (`-`).\n" \
        "This is deprecated, because configuration through `ENV` should be possible, but `ENV` keys cannot include dashes.\n" \
        "Please edit #{bundled_app(".bundle/config")} and replace any dashes in configuration keys with a triple underscore (`___`)."
      )
      expect(settings["my-personal-server.org"]).to eq("my-personal-server.org")
    end
    it "reads newer keys format properly" do
      config("BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/" => "http://rubygems-mirror.org")
      expect(settings["mirror.https://rubygems.org/"]).to eq("http://rubygems-mirror.org")
--- a/spec/bundler/commands/cache_spec.rb
+++ b/spec/bundler/commands/cache_spec.rb
@ -298,6 +298,30 @@ RSpec.describe "bundle cache" do
      expect(out).to include("frozen").or include("deployment")
    end
  end
  context "with gems with extensions" do
    before do
      build_repo2 do
        build_gem "racc", "2.0" do |s|
          s.add_dependency "rake"
          s.extensions << "Rakefile"
          s.write "Rakefile", "task(:default) { puts 'INSTALLING rack' }"
        end
      end
      gemfile <<~G
        source "#{file_uri_for(gem_repo2)}"
        gem "racc"
      G
    end
    it "installs them properly from cache to a different path" do
      bundle "cache"
      bundle "config set --local path vendor/bundle"
      bundle "install --local"
    end
  end
 end
 RSpec.describe "bundle install with gem sources" do
@ -317,7 +341,7 @@ RSpec.describe "bundle install with gem sources" do
      expect(the_bundle).to include_gems "rack 1.0.0"
    end
-    it "does not hit the remote at all" do
+    it "does not hit the remote at all in frozen mode" do
      build_repo2
      install_gemfile <<-G
        source "#{file_uri_for(gem_repo2)}"
@ -334,6 +358,24 @@ RSpec.describe "bundle install with gem sources" do
      expect(the_bundle).to include_gems "rack 1.0.0"
    end
    it "does not hit the remote at all when cache_all_platforms configured" do
      build_repo2
      install_gemfile <<-G
        source "#{file_uri_for(gem_repo2)}"
        gem "rack"
      G
      bundle :cache
      simulate_new_machine
      FileUtils.rm_rf gem_repo2
      bundle "config set --local cache_all_platforms true"
      bundle "config set --local path vendor/bundle"
      bundle "install --local"
      expect(out).not_to include("Fetching gem metadata")
      expect(the_bundle).to include_gems "rack 1.0.0"
    end
    it "does not reinstall already-installed gems" do
      install_gemfile <<-G
        source "#{file_uri_for(gem_repo1)}"
--- a/spec/bundler/commands/check_spec.rb
+++ b/spec/bundler/commands/check_spec.rb
@ -288,6 +288,66 @@ RSpec.describe "bundle check" do
    end
  end
  describe "when using only scoped rubygems sources" do
    before do
      gemfile <<~G
        source "#{file_uri_for(gem_repo1)}" do
          gem "rack"
        end
      G
    end
    it "returns success when the Gemfile is satisfied" do
      system_gems "rack-1.0.0", :path => default_bundle_path
      bundle :check
      expect(out).to include("The Gemfile's dependencies are satisfied")
    end
  end
  describe "when using only scoped rubygems sources with indirect dependencies" do
    before do
      build_repo4 do
        build_gem "depends_on_rack" do |s|
          s.add_dependency "rack"
        end
        build_gem "rack"
      end
      gemfile <<~G
        source "#{file_uri_for(gem_repo4)}" do
          gem "depends_on_rack"
        end
      G
    end
    it "returns success when the Gemfile is satisfied and generates a correct lockfile" do
      system_gems "depends_on_rack-1.0", "rack-1.0", :gem_repo => gem_repo4, :path => default_bundle_path
      bundle :check
      expect(out).to include("The Gemfile's dependencies are satisfied")
      expect(lockfile).to eq <<~L
        GEM
          specs:
        GEM
          remote: #{file_uri_for(gem_repo4)}/
          specs:
            depends_on_rack (1.0)
              rack
            rack (1.0)
        PLATFORMS
          #{lockfile_platforms}
        DEPENDENCIES
          depends_on_rack!
        BUNDLED WITH
           #{Bundler::VERSION}
      L
    end
  end
  describe "BUNDLED WITH" do
    def lock_with(bundler_version = nil)
      lock = <<-L
--- a/spec/bundler/commands/lock_spec.rb
+++ b/spec/bundler/commands/lock_spec.rb
@ -533,7 +533,7 @@ RSpec.describe "bundle lock" do
         #{Bundler::VERSION}
    L
-    bundle "lock --add-platform x86_64-linux", :artifice => :compact_index, :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s }
+    bundle "lock --add-platform x86_64-linux", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s }
  end
  context "when an update is available" do
--- a/spec/bundler/commands/outdated_spec.rb
+++ b/spec/bundler/commands/outdated_spec.rb
@ -205,8 +205,8 @@ RSpec.describe "bundle outdated" do
    end
    it "works" do
-      bundle :install, :artifice => :compact_index
+      bundle :install, :artifice => "compact_index"
-      bundle :outdated, :artifice => :compact_index, :raise_on_error => false
+      bundle :outdated, :artifice => "compact_index", :raise_on_error => false
      expected_output = <<~TABLE
        Gem  Current  Latest  Requested  Groups
@ -1292,4 +1292,53 @@ RSpec.describe "bundle outdated" do
      expect(out).to end_with(expected_output)
    end
  end
  context "when a gem is no longer a dependency after a full update" do
    before do
      build_repo4 do
        build_gem "mini_portile2", "2.5.2" do |s|
          s.add_dependency "net-ftp", "~> 0.1"
        end
        build_gem "mini_portile2", "2.5.3"
        build_gem "net-ftp", "0.1.2"
      end
      gemfile <<~G
        source "#{file_uri_for(gem_repo4)}"
        gem "mini_portile2"
      G
      lockfile <<~L
        GEM
          remote: #{file_uri_for(gem_repo4)}/
          specs:
            mini_portile2 (2.5.2)
              net-ftp (~> 0.1)
            net-ftp (0.1.2)
        PLATFORMS
          #{lockfile_platforms}
        DEPENDENCIES
          mini_portile2
        BUNDLED WITH
           #{Bundler::VERSION}
      L
    end
    it "works" do
      bundle "outdated", :raise_on_error => false
      expected_output = <<~TABLE.strip
        Gem            Current  Latest  Requested  Groups
        mini_portile2  2.5.2    2.5.3   >= 0       default
      TABLE
      expect(out).to end_with(expected_output)
    end
  end
 end
--- a/spec/bundler/commands/update_spec.rb
+++ b/spec/bundler/commands/update_spec.rb
@ -411,18 +411,7 @@ RSpec.describe "bundle update" do
      build_repo2
    end
-    it "should not update gems not included in the source that happen to have the same name", :bundler => "< 3" do
+    it "should not update gems not included in the source that happen to have the same name" do
      install_gemfile <<-G
        source "#{file_uri_for(gem_repo2)}"
        gem "activesupport"
      G
      update_repo2 { build_gem "activesupport", "3.0" }
      bundle "update --source activesupport"
      expect(the_bundle).to include_gem "activesupport 3.0"
    end
    it "should not update gems not included in the source that happen to have the same name", :bundler => "3" do
      install_gemfile <<-G
        source "#{file_uri_for(gem_repo2)}"
        gem "activesupport"
@ -433,19 +422,15 @@ RSpec.describe "bundle update" do
      expect(the_bundle).not_to include_gem "activesupport 3.0"
    end
-    context "with unlock_source_unlocks_spec set to false" do
+    it "should not update gems not included in the source that happen to have the same name" do
-      before { bundle "config set unlock_source_unlocks_spec false" }
+      install_gemfile <<-G
        source "#{file_uri_for(gem_repo2)}"
        gem "activesupport"
      G
      update_repo2 { build_gem "activesupport", "3.0" }
-      it "should not update gems not included in the source that happen to have the same name" do
+      bundle "update --source activesupport"
-        install_gemfile <<-G
+      expect(the_bundle).not_to include_gems "activesupport 3.0"
          source "#{file_uri_for(gem_repo2)}"
          gem "activesupport"
        G
        update_repo2 { build_gem "activesupport", "3.0" }
        bundle "update --source activesupport"
        expect(the_bundle).not_to include_gems "activesupport 3.0"
      end
    end
  end
@ -465,20 +450,7 @@ RSpec.describe "bundle update" do
      G
    end
-    it "should not update the child dependencies of a gem that has the same name as the source", :bundler => "< 3" do
+    it "should not update the child dependencies of a gem that has the same name as the source" do
      update_repo2 do
        build_gem "fred", "2.0"
        build_gem "harry", "2.0" do |s|
          s.add_dependency "fred"
        end
      end
      bundle "update --source harry"
      expect(the_bundle).to include_gems "harry 2.0"
      expect(the_bundle).to include_gems "fred 1.0"
    end
    it "should not update the child dependencies of a gem that has the same name as the source", :bundler => "3" do
      update_repo2 do
        build_gem "fred", "2.0"
        build_gem "harry", "2.0" do |s|
@ -510,21 +482,7 @@ RSpec.describe "bundle update" do
      G
    end
-    it "should not update the child dependencies of a gem that has the same name as the source", :bundler => "< 3" do
+    it "should not update the child dependencies of a gem that has the same name as the source" do
      update_repo2 do
        build_gem "george", "2.0"
        build_gem "harry", "2.0" do |s|
          s.add_dependency "george"
        end
      end
      bundle "update --source harry"
      expect(the_bundle).to include_gems "harry 2.0"
      expect(the_bundle).to include_gems "fred 1.0"
      expect(the_bundle).to include_gems "george 1.0"
    end
    it "should not update the child dependencies of a gem that has the same name as the source", :bundler => "3" do
      update_repo2 do
        build_gem "george", "2.0"
        build_gem "harry", "2.0" do |s|
@ -649,8 +607,8 @@ RSpec.describe "bundle update" do
    end
    it "works" do
-      bundle :install, :artifice => :compact_index
+      bundle :install, :artifice => "compact_index"
-      bundle "update oj", :artifice => :compact_index
+      bundle "update oj", :artifice => "compact_index"
      expect(out).to include("Bundle updated!")
      expect(the_bundle).to include_gems "oj 3.11.5"
@ -1106,9 +1064,9 @@ RSpec.describe "bundle update conservative" do
        gem 'shared_owner_b'
      G
-      lockfile <<-L
+      lockfile <<~L
        GEM
-          remote: #{file_uri_for(gem_repo4)}
+          remote: #{file_uri_for(gem_repo4)}/
          specs:
            isolated_dep (2.0.1)
            isolated_owner (1.0.1)
@ -1120,12 +1078,12 @@ RSpec.describe "bundle update conservative" do
              shared_dep (~> 5.0)
        PLATFORMS
-          ruby
+          #{specific_local_platform}
        DEPENDENCIES
          isolated_owner
          shared_owner_a
          shared_owner_b
          isolated_owner
        BUNDLED WITH
           #{Bundler::VERSION}
@ -1147,7 +1105,42 @@ RSpec.describe "bundle update conservative" do
    it "should not eagerly unlock with --conservative" do
      bundle "update --conservative shared_owner_a isolated_owner"
-      expect(the_bundle).to include_gems "isolated_owner 1.0.2", "isolated_dep 2.0.2", "shared_dep 5.0.1", "shared_owner_a 3.0.2", "shared_owner_b 4.0.1"
+      expect(the_bundle).to include_gems "isolated_owner 1.0.2", "isolated_dep 2.0.1", "shared_dep 5.0.1", "shared_owner_a 3.0.2", "shared_owner_b 4.0.1"
    end
    it "should only update direct dependencies when fully updating with --conservative" do
      bundle "update --conservative"
      expect(the_bundle).to include_gems "isolated_owner 1.0.2", "isolated_dep 2.0.1", "shared_dep 5.0.1", "shared_owner_a 3.0.2", "shared_owner_b 4.0.2"
    end
    it "should only change direct dependencies when updating the lockfile with --conservative" do
      bundle "lock --update --conservative"
      expect(lockfile).to eq <<~L
        GEM
          remote: #{file_uri_for(gem_repo4)}/
          specs:
            isolated_dep (2.0.1)
            isolated_owner (1.0.2)
              isolated_dep (~> 2.0)
            shared_dep (5.0.1)
            shared_owner_a (3.0.2)
              shared_dep (~> 5.0)
            shared_owner_b (4.0.2)
              shared_dep (~> 5.0)
        PLATFORMS
          #{specific_local_platform}
        DEPENDENCIES
          isolated_owner
          shared_owner_a
          shared_owner_b
        BUNDLED WITH
           #{Bundler::VERSION}
      L
    end
    it "should match bundle install conservative update behavior when not eagerly unlocking" do
--- a/spec/bundler/install/gemfile/groups_spec.rb
+++ b/spec/bundler/install/gemfile/groups_spec.rb
@ -358,7 +358,7 @@ RSpec.describe "bundle install with groups" do
      G
      ruby <<-R
-        require "#{lib_dir}/bundler"
+        require "#{entrypoint}"
        Bundler.setup :default
        Bundler.require :default
        puts RACK
--- a/spec/bundler/install/gemfile/sources_spec.rb
+++ b/spec/bundler/install/gemfile/sources_spec.rb
--- a/spec/bundler/install/gemfile/specific_platform_spec.rb
+++ b/spec/bundler/install/gemfile/specific_platform_spec.rb
@ -141,10 +141,10 @@ RSpec.describe "bundle install with specific platforms" do
           2.1.4
      L
-      bundle "install --verbose", :artifice => :compact_index, :env => { "BUNDLER_VERSION" => "2.1.4", "BUNDLER_SPEC_GEM_REPO" => gem_repo2.to_s }
+      bundle "install --verbose", :artifice => "compact_index", :env => { "BUNDLER_VERSION" => "2.1.4", "BUNDLER_SPEC_GEM_REPO" => gem_repo2.to_s }
      expect(out).to include("Installing libv8 8.4.255.0 (universal-darwin)")
-      bundle "add mini_racer --verbose", :artifice => :compact_index, :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo2.to_s }
+      bundle "add mini_racer --verbose", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo2.to_s }
      expect(out).to include("Using libv8 8.4.255.0 (universal-darwin)")
    end
--- a/spec/bundler/install/gems/compact_index_spec.rb
+++ b/spec/bundler/install/gems/compact_index_spec.rb
@ -366,31 +366,6 @@ The checksum of /versions does not match the checksum provided by the server! So
    expect(the_bundle).to include_gems "activesupport 1.2.3"
  end
  it "considers all possible versions of dependencies from all api gem sources when using blocks", :bundler => "< 3" do
    # In this scenario, the gem "somegem" only exists in repo4.  It depends on specific version of activesupport that
    # exists only in repo1.  There happens also be a version of activesupport in repo4, but not the one that version 1.0.0
    # of somegem wants. This test makes sure that bundler actually finds version 1.2.3 of active support in the other
    # repo and installs it.
    build_repo4 do
      build_gem "activesupport", "1.2.0"
      build_gem "somegem", "1.0.0" do |s|
        s.add_dependency "activesupport", "1.2.3" # This version exists only in repo1
      end
    end
    gemfile <<-G
      source "#{source_uri}"
      source "#{source_uri}/extra" do
        gem 'somegem', '1.0.0'
      end
    G
    bundle :install, :artifice => "compact_index_extra_api"
    expect(the_bundle).to include_gems "somegem 1.0.0"
    expect(the_bundle).to include_gems "activesupport 1.2.3"
  end
  it "prints API output properly with back deps" do
    build_repo2 do
      build_gem "back_deps" do |s|
@ -467,7 +442,7 @@ The checksum of /versions does not match the checksum provided by the server! So
    expect(the_bundle).to include_gems "foo 1.0"
  end
-  it "fetches again when more dependencies are found in subsequent sources using --deployment", :bundler => "< 3" do
+  it "fetches again when more dependencies are found in subsequent sources using deployment mode", :bundler => "< 3" do
    build_repo2 do
      build_gem "back_deps" do |s|
        s.add_dependency "foo"
@ -482,8 +457,8 @@ The checksum of /versions does not match the checksum provided by the server! So
    G
    bundle :install, :artifice => "compact_index_extra"
-
+    bundle "config --set local deployment true"
-    bundle "install --deployment", :artifice => "compact_index_extra"
+    bundle :install, :artifice => "compact_index_extra"
    expect(the_bundle).to include_gems "back_deps 1.0"
  end
--- a/spec/bundler/install/gems/dependency_api_spec.rb
+++ b/spec/bundler/install/gems/dependency_api_spec.rb
@ -338,31 +338,6 @@ RSpec.describe "gemcutter's dependency API" do
    expect(the_bundle).to include_gems "activesupport 1.2.3"
  end
  it "considers all possible versions of dependencies from all api gem sources using blocks" do
    # In this scenario, the gem "somegem" only exists in repo4.  It depends on specific version of activesupport that
    # exists only in repo1.  There happens also be a version of activesupport in repo4, but not the one that version 1.0.0
    # of somegem wants. This test makes sure that bundler actually finds version 1.2.3 of active support in the other
    # repo and installs it.
    build_repo4 do
      build_gem "activesupport", "1.2.0"
      build_gem "somegem", "1.0.0" do |s|
        s.add_dependency "activesupport", "1.2.3" # This version exists only in repo1
      end
    end
    gemfile <<-G
      source "#{source_uri}"
      source "#{source_uri}/extra" do
        gem 'somegem', '1.0.0'
      end
    G
    bundle :install, :artifice => "endpoint_extra_api"
    expect(the_bundle).to include_gems "somegem 1.0.0"
    expect(the_bundle).to include_gems "activesupport 1.2.3"
  end
  it "prints API output properly with back deps" do
    build_repo2 do
      build_gem "back_deps" do |s|
@ -438,7 +413,7 @@ RSpec.describe "gemcutter's dependency API" do
    expect(the_bundle).to include_gems "foo 1.0"
  end
-  it "fetches again when more dependencies are found in subsequent sources using --deployment", :bundler => "< 3" do
+  it "fetches again when more dependencies are found in subsequent sources using deployment mode", :bundler => "< 3" do
    build_repo2 do
      build_gem "back_deps" do |s|
        s.add_dependency "foo"
@ -453,8 +428,8 @@ RSpec.describe "gemcutter's dependency API" do
    G
    bundle :install, :artifice => "endpoint_extra"
-
+    bundle "config set --local deployment true"
-    bundle "install --deployment", :artifice => "endpoint_extra"
+    bundle :install, :artifice => "endpoint_extra"
    expect(the_bundle).to include_gems "back_deps 1.0"
  end
@ -474,7 +449,6 @@ RSpec.describe "gemcutter's dependency API" do
    G
    bundle :install, :artifice => "endpoint_extra"
    bundle "config set --local deployment true"
    bundle "install", :artifice => "endpoint_extra"
    expect(the_bundle).to include_gems "back_deps 1.0"
--- a/spec/bundler/install/global_cache_spec.rb
+++ b/spec/bundler/install/global_cache_spec.rb
@ -113,6 +113,8 @@ RSpec.describe "global gem caching" do
        expect(source2_global_cache("rack-0.9.1.gem")).to exist
        bundle :install, :artifice => "compact_index_no_gem", :raise_on_error => false
        expect(err).to include("Internal Server Error 500")
        expect(err).not_to include("please copy and paste the report template above into a new issue")
        # rack 1.0.0 is not installed and rack 0.9.1 is not
        expect(the_bundle).not_to include_gems "rack 1.0.0"
        expect(the_bundle).not_to include_gems "rack 0.9.1"
@ -126,6 +128,8 @@ RSpec.describe "global gem caching" do
        expect(source2_global_cache("rack-0.9.1.gem")).to exist
        bundle :install, :artifice => "compact_index_no_gem", :raise_on_error => false
        expect(err).to include("Internal Server Error 500")
        expect(err).not_to include("please copy and paste the report template above into a new issue")
        # rack 0.9.1 is not installed and rack 1.0.0 is not
        expect(the_bundle).not_to include_gems "rack 0.9.1"
        expect(the_bundle).not_to include_gems "rack 1.0.0"
--- a/spec/bundler/lock/lockfile_spec.rb
+++ b/spec/bundler/lock/lockfile_spec.rb
@ -1347,7 +1347,7 @@ RSpec.describe "the lockfile format" do
        expect do
          ruby <<-RUBY
-                   require '#{lib_dir}/bundler'
+                   require '#{entrypoint}'
                   Bundler.setup
                 RUBY
        end.not_to change { File.mtime(bundled_app_lock) }
--- a/spec/bundler/other/major_deprecation_spec.rb
+++ b/spec/bundler/other/major_deprecation_spec.rb
@ -409,10 +409,38 @@ RSpec.describe "major deprecations" do
      )
    end
    it "doesn't show lockfile deprecations if there's a lockfile", :bundler => "< 3" do
      bundle "install"
      expect(deprecations).to include(
        "Your Gemfile contains multiple primary sources. " \
        "Using `source` more than once without a block is a security risk, and " \
        "may result in installing unexpected gems. To resolve this warning, use " \
        "a block to indicate which gems should come from the secondary source."
      )
      expect(deprecations).not_to include(
        "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. " \
        "Make sure you run `bundle install` in non frozen mode and commit the result to make your lockfile secure."
      )
      bundle "config set --local frozen true"
      bundle "install"
      expect(deprecations).to include(
        "Your Gemfile contains multiple primary sources. " \
        "Using `source` more than once without a block is a security risk, and " \
        "may result in installing unexpected gems. To resolve this warning, use " \
        "a block to indicate which gems should come from the secondary source."
      )
      expect(deprecations).not_to include(
        "Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. " \
        "Make sure you run `bundle install` in non frozen mode and commit the result to make your lockfile secure."
      )
    end
    pending "fails with a helpful error", :bundler => "3"
  end
-  context "bundle install with a lockfile with a single rubygems section with multiple remotes" do
+  context "bundle install in frozen mode with a lockfile with a single rubygems section with multiple remotes" do
    before do
      build_repo gem_repo3 do
        build_gem "rack", "0.9.1"
@ -441,12 +469,14 @@ RSpec.describe "major deprecations" do
        BUNDLED WITH
           #{Bundler::VERSION}
      L
      bundle "config set --local frozen true"
    end
    it "shows a deprecation", :bundler => "< 3" do
      bundle "install"
-      expect(deprecations).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. You should run `bundle update` or generate your lockfile from scratch.")
+      expect(deprecations).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure. Make sure you run `bundle install` in non frozen mode and commit the result to make your lockfile secure.")
    end
    pending "fails with a helpful error", :bundler => "3"
@ -461,7 +491,7 @@ RSpec.describe "major deprecations" do
      G
      ruby <<-RUBY
-        require '#{lib_dir}/bundler'
+        require '#{entrypoint}'
        Bundler.setup
        Bundler.setup
@ -569,18 +599,6 @@ The :gist git source is deprecated, and will be removed in the future. Add this
      G
    end
    context "without flags" do
      before do
        bundle :show
      end
      it "prints a deprecation warning recommending `bundle list`", :bundler => "< 3" do
        expect(deprecations).to include("use `bundle list` instead of `bundle show`")
      end
      pending "fails with a helpful message", :bundler => "3"
    end
    context "with --outdated flag" do
      before do
        bundle "show --outdated"
@ -592,54 +610,6 @@ The :gist git source is deprecated, and will be removed in the future. Add this
      pending "fails with a helpful message", :bundler => "3"
    end
    context "with --verbose flag" do
      before do
        bundle "show --verbose"
      end
      it "prints a deprecation warning informing about its removal", :bundler => "< 3" do
        expect(deprecations).to include("the `--verbose` flag to `bundle show` was undocumented and will be removed without replacement")
      end
      pending "fails with a helpful message", :bundler => "3"
    end
    context "with a gem argument" do
      before do
        bundle "show rack"
      end
      it "prints a deprecation warning recommending `bundle info`", :bundler => "< 3" do
        expect(deprecations).to include("use `bundle info rack` instead of `bundle show rack`")
      end
      pending "fails with a helpful message", :bundler => "3"
    end
    context "with the --paths option" do
      before do
        bundle "show --paths"
      end
      it "prints a deprecation warning recommending `bundle list`", :bundler => "< 3" do
        expect(deprecations).to include("use `bundle list` instead of `bundle show --paths`")
      end
      pending "fails with a helpful message", :bundler => "3"
    end
    context "with a gem argument and the --paths option" do
      before do
        bundle "show rack --paths"
      end
      it "prints deprecation warning recommending `bundle info`", :bundler => "< 3" do
        expect(deprecations).to include("use `bundle info rack --path` instead of `bundle show rack --paths`")
      end
      pending "fails with a helpful message", :bundler => "3"
    end
  end
  context "bundle console" do
--- a/spec/bundler/realworld/double_check_spec.rb
+++ b/spec/bundler/realworld/double_check_spec.rb
@ -25,9 +25,9 @@ RSpec.describe "double checking sources", :realworld => true do
    RUBY
    cmd = <<-RUBY
-      require "#{lib_dir}/bundler"
+      require "#{entrypoint}"
      require "#{spec_dir}/support/artifice/vcr"
-      require "#{lib_dir}/bundler/inline"
+      require "#{entrypoint}/inline"
      gemfile(true) do
        source "https://rubygems.org"
        gem "rails", path: "."
--- a/spec/bundler/realworld/edgecases_spec.rb
+++ b/spec/bundler/realworld/edgecases_spec.rb
@ -4,9 +4,9 @@ RSpec.describe "real world edgecases", :realworld => true do
  def rubygems_version(name, requirement)
    ruby <<-RUBY
      require "#{spec_dir}/support/artifice/vcr"
-      require "#{lib_dir}/bundler"
+      require "#{entrypoint}"
-      require "#{lib_dir}/bundler/source/rubygems/remote"
+      require "#{entrypoint}/source/rubygems/remote"
-      require "#{lib_dir}/bundler/fetcher"
+      require "#{entrypoint}/fetcher"
      rubygem = Bundler.ui.silence do
        source = Bundler::Source::Rubygems::Remote.new(Bundler::URI("https://rubygems.org"))
        fetcher = Bundler::Fetcher.new(source)
--- a/spec/bundler/runtime/inline_spec.rb
+++ b/spec/bundler/runtime/inline_spec.rb
@ -2,7 +2,7 @@
 RSpec.describe "bundler/inline#gemfile" do
  def script(code, options = {})
-    requires = ["#{lib_dir}/bundler/inline"]
+    requires = ["#{entrypoint}/inline"]
    requires.unshift "#{spec_dir}/support/artifice/" + options.delete(:artifice) if options.key?(:artifice)
    requires = requires.map {|r| "require '#{r}'" }.join("\n")
    ruby("#{requires}\n\n" + code, options)
@ -93,7 +93,7 @@ RSpec.describe "bundler/inline#gemfile" do
  it "lets me use my own ui object" do
    script <<-RUBY, :artifice => "endpoint"
-      require '#{lib_dir}/bundler'
+      require '#{entrypoint}'
      class MyBundlerUI < Bundler::UI::Silent
        def confirm(msg, newline = nil)
          puts "CONFIRMED!"
@ -110,7 +110,7 @@ RSpec.describe "bundler/inline#gemfile" do
  it "has an option for quiet installation" do
    script <<-RUBY, :artifice => "endpoint"
-      require '#{lib_dir}/bundler/inline'
+      require '#{entrypoint}/inline'
      gemfile(true, :quiet => true) do
        source "https://notaserver.com"
@ -136,7 +136,7 @@ RSpec.describe "bundler/inline#gemfile" do
  it "does not mutate the option argument" do
    script <<-RUBY
-      require '#{lib_dir}/bundler'
+      require '#{entrypoint}'
      options = { :ui => Bundler::UI::Shell.new }
      gemfile(false, options) do
        path "#{lib_path}" do
@ -218,7 +218,7 @@ RSpec.describe "bundler/inline#gemfile" do
        rake
      BUNDLED WITH
-         1.13.6
+         #{Bundler::VERSION}
    G
    script <<-RUBY
--- a/spec/bundler/runtime/load_spec.rb
+++ b/spec/bundler/runtime/load_spec.rb
@ -82,7 +82,7 @@ RSpec.describe "Bundler.load" do
      G
      ruby <<-RUBY
-        require "#{lib_dir}/bundler"
+        require "#{entrypoint}"
        Bundler.setup :default
        Bundler.require :default
        puts RACK
--- a/spec/bundler/runtime/platform_spec.rb
+++ b/spec/bundler/runtime/platform_spec.rb
@ -22,7 +22,7 @@ RSpec.describe "Bundler.setup with multi platform stuff" do
    ruby <<-R
      begin
-        require '#{lib_dir}/bundler'
+        require '#{entrypoint}'
        Bundler.ui.silence { Bundler.setup }
      rescue Bundler::GemNotFound => e
        puts "WIN"
--- a/spec/bundler/runtime/require_spec.rb
+++ b/spec/bundler/runtime/require_spec.rb
@ -192,7 +192,7 @@ RSpec.describe "Bundler.require" do
      G
      cmd = <<-RUBY
-        require '#{lib_dir}/bundler'
+        require '#{entrypoint}'
        Bundler.require
      RUBY
      ruby(cmd)
--- a/spec/bundler/runtime/setup_spec.rb
+++ b/spec/bundler/runtime/setup_spec.rb
@ -108,8 +108,8 @@ RSpec.describe "Bundler.setup" do
  context "load order" do
    def clean_load_path(lp)
      without_bundler_load_path = ruby("puts $LOAD_PATH").split("\n")
-      lp -= without_bundler_load_path
+      lp -= [*without_bundler_load_path, lib_dir.to_s]
-      lp.map! {|p| p.sub(/^#{Regexp.union system_gem_path.to_s, default_bundle_path.to_s, lib_dir.to_s}/i, "") }
+      lp.map! {|p| p.sub(system_gem_path.to_s, "") }
    end
    it "puts loaded gems after -I and RUBYLIB", :ruby_repo do
@ -143,12 +143,8 @@ RSpec.describe "Bundler.setup" do
        gem "rails"
      G
      # We require an absolute path because relying on the $LOAD_PATH behaves
      # inconsistently depending on whether we're in a ruby-core setup (and
      # bundler's lib is in RUBYLIB) or not.
      ruby <<-RUBY
-        require '#{lib_dir}/bundler'
+        require 'bundler'
        Bundler.setup
        puts $LOAD_PATH
      RUBY
@ -157,7 +153,6 @@ RSpec.describe "Bundler.setup" do
      expect(load_path).to start_with(
        "/gems/rails-2.3.2/lib",
        "/gems/bundler-#{Bundler::VERSION}/lib",
        "/gems/activeresource-2.3.2/lib",
        "/gems/activerecord-2.3.2/lib",
        "/gems/actionpack-2.3.2/lib",
@ -168,6 +163,8 @@ RSpec.describe "Bundler.setup" do
    end
    it "falls back to order the load path alphabetically for backwards compatibility" do
      bundle "config set path.system true"
      install_gemfile <<-G
        source "#{file_uri_for(gem_repo1)}"
        gem "weakling"
@ -175,12 +172,8 @@ RSpec.describe "Bundler.setup" do
        gem "terranova"
      G
      # We require an absolute path because relying on the $LOAD_PATH behaves
      # inconsistently depending on whether we're in a ruby-core setup (and
      # bundler's lib is in RUBYLIB) or not.
      ruby <<-RUBY
-        require '#{lib_dir}/bundler/setup'
+        require 'bundler/setup'
        puts $LOAD_PATH
      RUBY
@ -200,8 +193,6 @@ RSpec.describe "Bundler.setup" do
      gem "rack"
    G
    entrypoint = mis_activates_prerelease_default_bundler? ? "#{lib_dir}/bundler" : "bundler"
    ruby <<-R
      require '#{entrypoint}'
@ -474,8 +465,6 @@ RSpec.describe "Bundler.setup" do
      break_git!
      entrypoint = mis_activates_prerelease_default_bundler? ? "#{lib_dir}/bundler" : "bundler"
      ruby <<-R
        require "#{entrypoint}"
@ -1126,9 +1115,8 @@ end
    context "is not present" do
      it "does not change the lock" do
        entrypoint = mis_activates_prerelease_default_bundler? ? "#{lib_dir}/bundler/setup" : "bundler/setup"
        lockfile lock_with(nil)
-        ruby "require '#{entrypoint}'"
+        ruby "require '#{entrypoint}/setup'"
        lockfile_should_be lock_with(nil)
      end
    end
@ -1145,10 +1133,9 @@ end
    context "is older" do
      it "does not change the lock" do
        entrypoint = mis_activates_prerelease_default_bundler? ? "#{lib_dir}/bundler/setup" : "bundler/setup"
        system_gems "bundler-1.10.1"
        lockfile lock_with("1.10.1")
-        ruby "require '#{entrypoint}'"
+        ruby "require '#{entrypoint}/setup'"
        lockfile_should_be lock_with("1.10.1")
      end
    end
@ -1219,9 +1206,8 @@ end
  describe "with gemified standard libraries" do
    it "does not load Psych" do
      gemfile ""
      entrypoint = mis_activates_prerelease_default_bundler? ? "#{lib_dir}/bundler/setup" : "bundler/setup"
      ruby <<-RUBY
-        require '#{entrypoint}'
+        require '#{entrypoint}/setup'
        puts defined?(Psych::VERSION) ? Psych::VERSION : "undefined"
        require 'psych'
        puts Psych::VERSION
@ -1422,9 +1408,4 @@ end
      expect(last_command.stdboth).to eq("true")
    end
  end
  # Tested rubygems does not include https://github.com/rubygems/rubygems/pull/2728 and will not always end up activating the current bundler
  def mis_activates_prerelease_default_bundler?
    Gem.rubygems_version < Gem::Version.new("3.1.a")
  end
 end
--- a/spec/bundler/support/artifice/endpoint.rb
+++ b/spec/bundler/support/artifice/endpoint.rb
@ -45,10 +45,14 @@ class Endpoint < Sinatra::Base
        Pathname.new(ENV["BUNDLER_SPEC_GEM_REPO"])
      else
        case request.host
        when "gem.repo1"
          Spec::Path.gem_repo1
        when "gem.repo2"
          Spec::Path.gem_repo2
        when "gem.repo3"
          Spec::Path.gem_repo3
        when "gem.repo4"
          Spec::Path.gem_repo4
        else
          Spec::Path.gem_repo1
        end
--- a/spec/bundler/support/helpers.rb
+++ b/spec/bundler/support/helpers.rb
@ -60,7 +60,7 @@ module Spec
    def run(cmd, *args)
      opts = args.last.is_a?(Hash) ? args.pop : {}
      groups = args.map(&:inspect).join(", ")
-      setup = "require '#{lib_dir}/bundler' ; Bundler.ui.silence { Bundler.setup(#{groups}) }"
+      setup = "require '#{entrypoint}' ; Bundler.ui.silence { Bundler.setup(#{groups}) }"
      ruby([setup, cmd].join(" ; "), opts)
    end
@ -468,9 +468,8 @@ module Spec
      ENV["BUNDLER_SPEC_WINDOWS"] = old
    end
    # workaround for missing https://github.com/rubygems/rubygems/commit/929e92d752baad3a08f3ac92eaec162cb96aedd1
    def simulate_bundler_version_when_missing_prerelease_default_gem_activation
-      return yield unless Gem.rubygems_version < Gem::Version.new("3.1.0.pre.1")
+      return yield unless rubygems_version_failing_to_activate_bundler_prereleases
      old = ENV["BUNDLER_VERSION"]
      ENV["BUNDLER_VERSION"] = Bundler::VERSION
@ -479,15 +478,20 @@ module Spec
      ENV["BUNDLER_VERSION"] = old
    end
    # workaround for missing https://github.com/rubygems/rubygems/commit/929e92d752baad3a08f3ac92eaec162cb96aedd1
    def env_for_missing_prerelease_default_gem_activation
-      if Gem.rubygems_version < Gem::Version.new("3.1.0.pre.1")
+      if rubygems_version_failing_to_activate_bundler_prereleases
        { "BUNDLER_VERSION" => Bundler::VERSION }
      else
        {}
      end
    end
    # versions providing a bundler version finder but not including
    # https://github.com/rubygems/rubygems/commit/929e92d752baad3a08f3ac92eaec162cb96aedd1
    def rubygems_version_failing_to_activate_bundler_prereleases
      Gem.rubygems_version < Gem::Version.new("3.1.0.pre.1") && Gem.rubygems_version >= Gem::Version.new("2.7.0")
    end
    def revision_for(path)
      sys_exec("git rev-parse HEAD", :dir => path).strip
    end
--- a/spec/bundler/support/indexes.rb
+++ b/spec/bundler/support/indexes.rb
@ -20,12 +20,11 @@ module Spec
      default_source = instance_double("Bundler::Source::Rubygems", :specs => @index)
      source_requirements = { :default => default_source }
      @deps.each do |d|
        source_requirements[d.name] = d.source = default_source
        @platforms.each do |p|
          source_requirements[d.name] = d.source = default_source
          deps << Bundler::DepProxy.get_proxy(d, p)
        end
      end
      source_requirements ||= {}
      args[0] ||= [] # base
      args[1] ||= Bundler::GemVersionPromoter.new # gem_version_promoter
      args[2] ||= [] # additional_base_requirements
--- a/spec/bundler/support/matchers.rb
+++ b/spec/bundler/support/matchers.rb
@ -156,7 +156,7 @@ module Spec
            actual_source = out.split("\n").last
            next "Expected #{name} (#{version}) to be installed from `#{source}`, was actually from `#{actual_source}`"
          end
-          next "Command to check forgem inclusion of gem #{full_name} failed"
+          next "Command to check for inclusion of gem #{full_name} failed"
        end.compact
        @errors.empty?
--- a/spec/bundler/support/path.rb
+++ b/spec/bundler/support/path.rb
@ -213,6 +213,13 @@ module Spec
      root.join("lib")
    end
    # Sometimes rubygems version under test does not include
    # https://github.com/rubygems/rubygems/pull/2728 and will not always end up
    # activating the current bundler. In that case, require bundler absolutely.
    def entrypoint
      Gem.rubygems_version < Gem::Version.new("3.1.a") ? "#{lib_dir}/bundler" : "bundler"
    end
    def global_plugin_gem(*args)
      home ".bundle", "plugin", "gems", *args
    end
--- a/test/rubygems/helper.rb
+++ b/test/rubygems/helper.rb
@ -544,6 +544,10 @@ class Gem::TestCase < Test::Unit::TestCase
    Gem.pre_uninstall_hooks.clear
  end
  def without_any_upwards_gemfiles
    ENV["BUNDLE_GEMFILE"] = File.join(@tempdir, "Gemfile")
  end
  ##
  # A git_gem is used with a gem dependencies file.  The gem created here
  # has no files, just a gem specification for the given +name+ and +version+.
@ -1291,7 +1295,7 @@ Also, a list:
  end
  def ruby_with_rubygems_in_load_path
-    [Gem.ruby, "-I", File.expand_path("../../lib", __dir__)]
+    [Gem.ruby, "-I", $LOAD_PATH.find{|p| p == File.dirname($LOADED_FEATURES.find{|f| f.end_with?("/rubygems.rb") }) }]
  end
  def with_clean_path_to_ruby
@ -1591,7 +1595,7 @@ class Object
    metaclass.send :undef_method, name
    metaclass.send :alias_method, name, new_name
    metaclass.send :undef_method, new_name
-  end unless method_defined?(:stub) # lib/resolv/test_dns.rb also has the same method definition
+  end
 end
 require_relative 'utilities'
--- a/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem
+++ b/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem
--- a/test/rubygems/test_gem_bundler_version_finder.rb
+++ b/test/rubygems/test_gem_bundler_version_finder.rb
@ -6,14 +6,12 @@ class TestGemBundlerVersionFinder < Gem::TestCase
    super
    @argv = ARGV.dup
    @env = ENV.to_hash.clone
    ENV.delete("BUNDLER_VERSION")
    @dollar_0 = $0
    without_any_upwards_gemfiles
  end
  def teardown
    ARGV.replace @argv
    ENV.replace @env
    $0 = @dollar_0
    super
--- a/test/rubygems/test_gem_command.rb
+++ b/test/rubygems/test_gem_command.rb
@ -189,6 +189,18 @@ class TestGemCommand < Gem::TestCase
    assert_match %r{Usage: gem doit}, @ui.output
  end
  def test_add_option
    assert_nothing_raised RuntimeError do
      @cmd.add_option('--force', 'skip validation of the spec') {|v,o| }
    end
  end
  def test_add_option_with_empty
    assert_raise RuntimeError, "Do not pass an empty string in opts" do
      @cmd.add_option('', 'skip validation of the spec') {|v,o| }
    end
  end
  def test_option_recognition
    @cmd.add_option('-h', '--help [COMMAND]', 'Get help on COMMAND') do |value, options|
      options[:help] = true
--- a/test/rubygems/test_gem_commands_help_command.rb
+++ b/test/rubygems/test_gem_commands_help_command.rb
@ -35,6 +35,13 @@ class TestGemCommandsHelpCommand < Gem::TestCase
    end
  end
  def test_gem_help_build
    util_gem 'build' do |out, err|
      assert_match(/-C PATH *Run as if gem build was started in <PATH>/, out)
      assert_equal '', err
    end
  end
  def test_gem_help_commands
    mgr = Gem::CommandManager.new
--- a/test/rubygems/test_gem_commands_push_command.rb
+++ b/test/rubygems/test_gem_commands_push_command.rb
@ -155,7 +155,6 @@ class TestGemCommandsPushCommand < Gem::TestCase
      @host => @api_key,
    }
    FileUtils.mkdir_p File.dirname Gem.configuration.credentials_path
    File.open Gem.configuration.credentials_path, 'w' do |f|
      f.write keys.to_yaml
    end
@ -190,7 +189,6 @@ class TestGemCommandsPushCommand < Gem::TestCase
      @host => @api_key,
    }
    FileUtils.mkdir_p File.dirname Gem.configuration.credentials_path
    File.open Gem.configuration.credentials_path, 'w' do |f|
      f.write keys.to_yaml
    end
@ -232,7 +230,6 @@ class TestGemCommandsPushCommand < Gem::TestCase
      :rubygems_api_key => @api_key,
    }
    FileUtils.mkdir_p File.dirname Gem.configuration.credentials_path
    File.open Gem.configuration.credentials_path, 'w' do |f|
      f.write keys.to_yaml
    end
@ -274,7 +271,6 @@ class TestGemCommandsPushCommand < Gem::TestCase
      @host => @api_key,
    }
    FileUtils.mkdir_p File.dirname Gem.configuration.credentials_path
    File.open Gem.configuration.credentials_path, 'w' do |f|
      f.write keys.to_yaml
    end
@ -305,7 +301,6 @@ class TestGemCommandsPushCommand < Gem::TestCase
      host => api_key,
    }
    FileUtils.mkdir_p File.dirname Gem.configuration.credentials_path
    File.open Gem.configuration.credentials_path, 'w' do |f|
      f.write keys.to_yaml
    end
--- a/Show More
+++ b/Show More