chore(deps): update dependency bundler to '~> 2.6.0'

[ziltoidbot]

This PR contains the following updates:

Package	Update	Change
bundler (source, changelog)	minor	'~> 2.4.22' -> '~> 2.6.0'

---

Release Notes

rubygems/rubygems (bundler)

v2.6.1

Compare Source

Bug fixes:

• Fix missing Gem::Uri.redact on some Ruby 3.1 versions #​8337
• Fix bundle lock --add-checksums when gems are already installed #​8326

v2.6.0

Compare Source

Security:

• Fix gemfury credentials written to logs in verbose mode #​8283
• Fix private registry credentials being written to logs #​8222

Breaking changes:

• Drop ruby 3.0 support #​8091
• Remove client-side MD5 ETag transition from compact index client #​7677

Deprecations:

• Cancel bundle console deprecation #​8218
• Warn when platform of installed gem differs from platform in the lockfile #​8029
• Cancel deprecation of Gemfiles without a global source #​8213

Features:

• Add a lockfile_checksums configuration to include checksums in fresh lockfiles #​8219
• Add bundle lock --add-checksums to add checksums to an existing lockfile #​8214

Performance:

• Enable a couple of performance cops #​8261
• Remove override of worker jobs for bundle install --local #​8248

Enhancements:

• Support bundle exec <relative-path-to-script> when Kernel.exec is used under the hood #​8294
• Improve working with different rubies using the same lockfile #​8251
• Define a few inspect methods to help debugging #​8266
• Include original error when openssl fails to load #​8232
• Automatically fix lockfile when it's missing dependencies #​8103
• Fix some JRuby warnings when using bundler/setup with Ruby's -w flag #​8205
• Add a --normalize-platforms flag to bundle lock #​7896
• Add plugin hooks for Bundler.require #​3439

Bug fixes:

• Fix restarting with locked version when $PROGRAM_NAME has been changed #​8320
• Restore the previous cache format for git sources #​8296
• Fix installs of subdependencies of unlocked dependencies to be conservative #​8281
• Fix test task name on generated readme when using test-unit #​8291
• Fix bundle exec executable detection on windows #​8276
• Fix bundle remove sometimes not removing gems #​8278
• Fix issue with git gems locking incorrect specs sometimes #​8269

Documentation:

• Normalize command flag documentation and make sure all flags are documented #​8313
• Add missing man pages for bundle env and bundle licenses #​8315
• Add man page for 'bundle issue' command #​8271
• Add man page for 'bundle fund' command #​8258
• Move pry-related contents to debugging.md #​8263
• Add debugging instruction on Windows #​8236
• Unify rubygems and bundler docs directory #​8159

v2.5.23

Compare Source

Enhancements:

• Add useful error message for plugin load #​7639
• Indent github workflow steps for generated gems #​8193
• Improve several permission errors #​8168
• Add bundle add --quiet option #​8157

Bug fixes:

• Fix incompatible encodings error when paths with UTF-8 characters are involved #​8196
• Update --ext=rust to support compiling the native extension from source #​7610
• Print a proper error when there's a previous empty installation path with bad permissions #​8169
• Fix running bundler (with a final r) in a bundle exec context #​8165
• Handle two gemspec usages in same Gemfile with same dep and compatible requirements #​7999
• Fix bundle check sometimes locking gems under the wrong source #​8148

Documentation:

• Remove confusing bundle config documentation #​8177
• Rename bundler inline's install parameter and clarify docs #​8170
• Clarify bundle install --quiet documentation #​8163

v2.5.22

Compare Source

Enhancements:

• Update vendored uri and net-http #​8112

Bug fixes:

• Fix bundler sometimes crashing because of trying to use a version of psych compiled for a different Ruby #​8104

v2.5.21

Compare Source

Bug fixes:

• Fix bug report template printed when changing a path source to a git source in frozen mode #​8079
• Fix stub.activated? sometimes returning false after activation under bundler #​8073
• Fix old cache format detection when application is not source controlled #​8076
• Fix bundler/inline resetting ENV changes #​8059

v2.5.20

Compare Source

Enhancements:

• Don't try to auto-install dev versions of Bundler not available remotely #​8045
• Don't try to install locked bundler when --local is passed #​8041

Bug fixes:

• Fix bundler/inline overwriting lockfiles #​8055
• Ensure refs directory in cached git source #​8047
• Fix bundle outdated with --group option #​8052

v2.5.19

Compare Source

Enhancements:

• Raise original errors when unexpected errors happen during Gemfile evaluation #​8003
• Make an exe file executable when generating new gems #​8020
• Gracefully handle gem activation conflicts in inline mode #​5535
• Don't include hook templates in cached git source #​8013
• Fix some errors about a previous installation folder that's unsafe to remove, when there's no need to remove it #​7985
• Emit progress to stderr during bundle outdated --parseable #​7966
• Reject unknown platforms when running bundle lock --add-platform #​7967
• Emit progress to stderr when --print is passed to bundle lock #​7957

Bug fixes:

• Fix bundle install --local hitting the network when default gems are included #​8027
• Remove temporary .lock files unintentionally left around by gem installer #​8022
• Fix bundle exec rake install failing when local gem has extensions #​7977
• Load gemspecs in the context of its parent also when using local overrides #​7993
• Fix bundler/inline failing in Ruby 3.2 due to conflicting securerandom versions #​7984
• Don't blow up when explicit version is removed from some git sources #​7973
• Fix gem exec rails new project failing on Ruby 3.2 #​7960

Documentation:

• Improve bundle add man page #​5903
• Add some documentation about backwards compatibility #​7964

v2.5.18

Compare Source

Enhancements:

• Don't remove existing platform gems when PLATFORMS section is badly indented #​7916

Bug fixes:

• Fix error message when Bundler refuses to install due to frozen being set without a lockfile #​7955
• Fix several issues with the --prefer-local flag #​7951
• Restore support for passing relative paths to git: sources #​7950
• Regenerate previous git application caches that didn't include bare repos #​7926
• Fix bundle update <indirect_dep> failing to upgrade when versions present in two different sources #​7915

Documentation:

• Change new gem README template to have copyable code blocks #​7935

v2.5.17

Compare Source

Enhancements:

• Print better log message when current platform is not present in the lockfile #​7891
• Explicitly encode Gem::Dependency to yaml #​7867
• Enable lockfile checksums on future Bundler 3 when there's no previous lockfile #​7805

Bug fixes:

• Fix truffleruby removing gems from lockfile #​7795
• Fix bundle check exit code when gem git source is not checked out #​7894
• Generate gems.rb from Gemfile.tt template for bundle-gem #​7853
• Fix git source cache being used as the install location #​4469
• Fix bundle exec gem uninstall #​7886

v2.5.16

Compare Source

Bug fixes:

• Fix platform removal regression when platforms: used in the Gemfile #​7864
• Fix standalone script when default gems with extensions are used #​7870
• Fix another case of bundle lock --add-platform doing nothing #​7848
• Fix bad error messages when using bundle add with frozen mode set #​7845
• Fix generic platform gems getting incorrectly removed from lockfile #​7833

Performance:

• Use caller_locations instead of splitting caller #​7708

v2.5.15

Compare Source

Enhancements:

• Support --no-test, --no-ci, and --no-linter options #​7780
• Allow bundle command in new gems with invalid metadata #​7707

Bug fixes:

• Protect creating RubyGems binstubs with a file lock #​7841
• Only allow valid values for --test, --ci, and --linter options #​7801
• Fix bundle lock --add-platform <current_platform> doing nothing #​7803
• Print a proper error when bin dir does not have writable permission bit #​7794

Documentation:

• Regenerate bundler docs for June 2024 #​7787

v2.5.14

Compare Source

Bug fixes:

• Fix credentials being re-added when re-resolving without a full unlock #​7767
• Fix bundle update <gem_name> edge case #​7770
• Fix bundle fund when the gemfile contains optional groups #​7758

v2.5.13

Compare Source

Bug fixes:

• Fix funding metadata not being printed in some situations #​7746
• Make sure to not re-resolve when a not fully specific local platform is locked #​7751
• Don't print bug report template when bin dir is not writable #​7748

v2.5.12

Compare Source

Enhancements:

• Keep credentials in lockfile if they are already there #​7720
• Auto switch to locked bundler version even when using binstubs #​7719
• Don't validate local gemspecs twice unnecessarily #​7725
• Improve default gem handling by treating default gems as any other gem #​7673

Bug fixes:

• Fix slow and incorrect resolution when adding sorbet to a Gemfile and the lockfile only includes "RUBY" in the platforms section #​7731
• Fix duplicated config keys generated when fallback_timeout uri option is used #​7704
• Fix bundle exec no longer working in truffleruby after explicit require of pathname was removed #​7703
• Don't let bundle config report a path without a Gemfile as "local app" #​7687

Documentation:

• Clarify BUNDLE_USER_CONFIG is a file #​7668

v2.5.11

Compare Source

Deprecations:

• Deprecate Bundler constants #​7653

Enhancements:

• Bump bundle gem generated COC to Contributor Covenant 2.1 #​7692
• Retry a full clone when git server does not support shallow capabilities #​7649

Bug fixes:

• Fix regression when caching gems from secondary sources #​7659
• Fix error when Bundler installation is corrupted #​7642
• Fix crash caused by RubyGems require gem activation logic running before Bundler can properly register its own monkeypatches #​7647

Performance:

• Update cache checksums to decrease string allocations #​7637
• Fix performance regression in applications with a local cache #​7680

Documentation:

• Recommend bin/rake over rake in contributing docs #​7648
• Monthly man update for May 2024 #​7640
• Clarify Bundler support policy #​7633

v2.5.10

Compare Source

Security:

• Never write credentials to lockfiles #​7560

Enhancements:

• Add auto_install support to require "bundler/setup" #​6561
• Add --glob flag to bundle add #​7557

Bug fixes:

• Make sure bundle update <specific_gems> can always update to the latest resolvable version of each requested gem #​7558
• Show better error when installed gemspecs are unreadable #​7603
• Fix bundle update not working on an out of sync lockfile #​7607
• Don't upcase Windows ENV before backing it up #​7574
• Properly resolve aliases when bundle help is run #​7601
• Fix issue installing gems with linux-musl variant on non musl linux #​7583

Documentation:

• Clarify bundle check behaviour in docs #​7613

v2.5.9

Compare Source

Bug fixes:

• Fix installing plugins via relative paths #​7571

v2.5.8

Compare Source

Enhancements:

• Allow installing plugins from path via CLI #​6960
• Improve validation of bundle plugin install options #​7529

Bug fixes:

• Fix resolver error message when it runs out of versions due to --strict --patch filtering out everything #​7527
• Fix incorrect bundle update --bundler message #​7516

v2.5.7

Compare Source

Deprecations:

• Deprecate bundle plugin install --local-git= #​7048

Enhancements:

• Ignore commented out keys in config file #​7514
• Fix exclusion of .gemspec file itself in bundle gem generated gemspec file #​7488
• Remove redundant configs from bundle gem generated rubocop configuration #​7478
• Add gitlab: git source shorthand #​7449
• Use full path for instance_eval in Bundler::DSL#eval_gemfile #​7471

Documentation:

• Use https instead of http in documentation links #​7481

v2.5.6

Compare Source

Deprecations:

• Refactor lockfile generation and deprecate Definition#lock with explicit lockfile #​7047

Enhancements:

• Bump required_ruby_version to be used in bundle gem template #​7430

Bug fixes:

• Fix musl platform not being added to the lockfile #​7441
• Let Bundler.with_original_env properly restore env variables originally empty #​7383

v2.5.5

Compare Source

Bug fixes:

• Fix development dependency not being added if introduced by two gemspecs #​7358
• Fix ETag quoting regression in If-None-Match header of compact index request #​7352

Documentation:

• Refer to underscores as underscores #​7364

v2.5.4

Compare Source

Bug fixes:

• Fix resolution when different platform specific gems have different dependencies #​7324

v2.5.3

Compare Source

Bug fixes:

• Fix incorrect error when Gemfile overrides a gemspec development dependency #​7319

v2.5.2

Compare Source

Enhancements:

• Add useful error message for plugin load #​7639
• Indent github workflow steps for generated gems #​8193
• Improve several permission errors #​8168
• Add bundle add --quiet option #​8157

Bug fixes:

• Fix incompatible encodings error when paths with UTF-8 characters are involved #​8196
• Update --ext=rust to support compiling the native extension from source #​7610
• Print a proper error when there's a previous empty installation path with bad permissions #​8169
• Fix running bundler (with a final r) in a bundle exec context #​8165
• Handle two gemspec usages in same Gemfile with same dep and compatible requirements #​7999
• Fix bundle check sometimes locking gems under the wrong source #​8148

Documentation:

• Remove confusing bundle config documentation #​8177
• Rename bundler inline's install parameter and clarify docs #​8170
• Clarify bundle install --quiet documentation #​8163

v2.5.1

Compare Source

Enhancements:

• Raise original errors when unexpected errors happen during Gemfile evaluation #​8003
• Make an exe file executable when generating new gems #​8020
• Gracefully handle gem activation conflicts in inline mode #​5535
• Don't include hook templates in cached git source #​8013
• Fix some errors about a previous installation folder that's unsafe to remove, when there's no need to remove it #​7985
• Emit progress to stderr during bundle outdated --parseable #​7966
• Reject unknown platforms when running bundle lock --add-platform #​7967
• Emit progress to stderr when --print is passed to bundle lock #​7957

Bug fixes:

• Fix bundle install --local hitting the network when default gems are included #​8027
• Remove temporary .lock files unintentionally left around by gem installer #​8022
• Fix bundle exec rake install failing when local gem has extensions #​7977
• Load gemspecs in the context of its parent also when using local overrides #​7993
• Fix bundler/inline failing in Ruby 3.2 due to conflicting securerandom versions #​7984
• Don't blow up when explicit version is removed from some git sources #​7973
• Fix gem exec rails new project failing on Ruby 3.2 #​7960

Documentation:

• Improve bundle add man page #​5903
• Add some documentation about backwards compatibility #​7964

v2.5.0

Compare Source

Breaking changes:

• Drop ruby 2.6 and 2.7 support #​7116
• The :mswin, :mswin64, :mingw, and :x64_mingw Gemfile platform values are soft-deprecated and aliased to :windows #​6391

Features:

• Leverage ruby feature to warn when requiring default gems not included in the bundle that will be turned into bundled gems in the future #​6831
• Introduce bundle config set version feature to choose the version of Bundler that should be used and potentially disable using the lockfile version by setting it to system #​6817

Performance:

• Use match? when regexp match data is unused #​7263
• Avoid some allocations when evaluating ruby Gemfile DSL #​7251
• Reduce array allocations when loading definition #​7199
• Avoid re-compiling static regexp in a loop #​7198
• Reduce allocations when installing gems with bundler #​6977
• Use a shared connection pool for fetching gems #​7079
• Reduce allocations when parsing compact index #​6971

Enhancements:

• Add 3.4 as a supported ruby version in Gemfile DSL #​7264
• Improve install advice when some gems are not found #​7265
• Vendor net-http, net-protocol, resolv, and timeout to reduce conflicts between Gemfile gems and internal dependencies #​6793
• Allow bundle pristine to run in parallel #​6927
• Make bundle lock always touch the lockfile in non-frozen mode #​7220
• Use Minitest::TestTask in a template file for minitest #​7234
• Add missing services to CI detection and make it consistent between RubyGems and Bundler #​7205
• Allow auto-install to install missing git gems #​7197
• Stop remembering cli flags like --jobs or --retry in configuration #​7191
• Simplify remembered flags deprecation message #​7189
• Make sure to require "rubygems" explicitly #​7139
• Handle development dependencies duplicated in gemspec vs Gemfile #​6014
• Make lockfiles generated on macOS include a lock for Linux by default #​5700
• Only add a dummy bundler spec to the metadata source when necessary #​4443

Bug fixes:

• Resolve ruby file: ".ruby-version" relative to containing Gemfile #​7250
• Implement opaque ETag in Compact Index to avoid falling back to old index in servers with different etag implementations #​7122
• Fix bundle install --system deprecation advice #​7190
• Fix invalid platform removal missing adjacent platforms #​7170

Documentation:

• Add missing --prefer-local to Synopsis in bundle-install.1.ronn #​7194
• Update GitHub organization of Standard Ruby in bundle gem output and generated configuration #​6818
• Replace "prior to" with "immediately after" in bundle gem generated README file #​6338

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.