Auto merge of #5388 - rhenium:topic/defer-requiring-rubygems-spec_fetcher, r=segiddins

bundlerbot · bundlerbot · commit c7f3d05ec033 · 2017-02-16T05:57:19.000Z
Defer requiring rubygems/spec_fetcher until it becomes necessary Avoid conflict between two versions of openssl gem on 'bundle exec' if a newer and non-default version of openssl gem is installed to the system. rubygems/spec_fetcher loads openssl through resolv and securerandom when running with Ruby <= 2.4. This is not a proper fix for #5235 as other standard libraries that Bundler currently loads will be gemified as well in Ruby >= 2.5, however, this will fix openssl's case. Reference: #5235 Fixes: ruby/openssl#103 --- Reproduce: 1. Install Ruby 2.4.0 (comes with openssl 2.0.2) 2. Run `gem install openssl` to install openssl 2.0.3 3. Create a Gemfile and run `bundle install` 4. Run `bundle exec ruby -e'require "openssl"'
diff --git a/lib/bundler/lazy_specification.rb b/lib/bundler/lazy_specification.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 require "uri"
-require "rubygems/spec_fetcher"
 require "bundler/match_platform"
 
 module Bundler
diff --git a/lib/bundler/remote_specification.rb b/lib/bundler/remote_specification.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 require "uri"
-require "rubygems/spec_fetcher"
 
 module Bundler
   # Represents a lazily loaded gem specification, where the full specification
diff --git a/lib/bundler/rubygems_integration.rb b/lib/bundler/rubygems_integration.rb
@@ -213,6 +213,7 @@ def ext_lock
     end
 
     def fetch_specs(all, pre, &blk)
+      require "rubygems/spec_fetcher"
       specs = Gem::SpecFetcher.new.list(all, pre)
       specs.each { yield } if block_given?
       specs
diff --git a/lib/bundler/source/rubygems.rb b/lib/bundler/source/rubygems.rb
@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 require "uri"
 require "rubygems/user_interaction"
-require "rubygems/spec_fetcher"
 
 module Bundler
   class Source
diff --git a/spec/runtime/setup_spec.rb b/spec/runtime/setup_spec.rb
@@ -1080,8 +1080,8 @@ def lock_with(ruby_version = nil)
     end
   end
 
-  describe "when Psych is not in the Gemfile", :ruby => "~> 2.2" do
-    it "does not load Psych" do
+  describe "with gemified standard libraries" do
+    it "does not load Psych", :ruby => "~> 2.2" do
       gemfile ""
       ruby <<-RUBY
         require 'bundler/setup'
@@ -1093,6 +1093,17 @@ def lock_with(ruby_version = nil)
       expect(pre_bundler).to eq("undefined")
       expect(post_bundler).to match(/\d+\.\d+\.\d+/)
     end
+
+    it "does not load openssl" do
+      install_gemfile! ""
+      ruby! <<-RUBY
+        require "bundler/setup"
+        puts defined?(OpenSSL) || "undefined"
+        require "openssl"
+        puts defined?(OpenSSL) || "undefined"
+      RUBY
+      expect(out).to eq("undefined\nconstant")
+    end
   end
 
   describe "after setup" do
