Update dependency bundler to v4

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
bundler (source, changelog)	'~> 2.0' → '~> 4.0'

---

Release Notes

ruby/rubygems (bundler)

v4.0.12

Compare Source

Enhancements:

• Make bundle config get return status 1 when the value is not set. Pull request #​9505 by willnet
• Use Pathname#absolute?. Pull request #​9529 by nobu
• Deprecate parsing non-lockfile content in LockfileParser. Pull request #​9502 by kurotaky
• Print a warning for a potential confusion from the indirect dependencies. Pull request #​5029 by junaruga
• Respect Gemfile bundler setting in Bundler.setup. Pull request #​4892 by godfat

Bug fixes:

• Gracefully handle missing checksums in Compact Index. Pull request #​9492 by jneen
• Skip git source exclusion when lockfile cannot backfill. Pull request #​9544 by yahonda
• Fix bundle config gemfile unset behavior. Pull request #​9514 by afurm

v4.0.11

Compare Source

Enhancements:

• Update gem creation guide URL to rubygems.org. Pull request #​9500 by nissyi-gh
• Lock the checksum of Bundler itself in the lockfile. Pull request #​9366 by Edouard-chin

Bug fixes:

• Fix installing gems with native extensions + transitive dependencies. Pull request #​9477 by nicholasdower
• Fix the bundler version not being updated in dev/test lockfile. Pull request #​9463 by Edouard-chin
• Ensure the release CI doesn't break due to the Bundler checksum feature. Pull request #​9436 by Edouard-chin

Documentation:

• Fix formatting for BUNDLE_PREFER_PATCH variable in man page. Pull request #​9474 by toy

v4.0.10

Compare Source

Enhancements:

• Ignore warnings with spec different platforms. Pull request #​8508 by hsbt
• Improve error message when current platform is not in lockfile. Pull request #​9439 by 55728
• Cache package version selection. Pull request #​9410 by Edouard-chin
• Check happy path first when comparing gem version. Pull request #​9417 by Edouard-chin
• [feature] default_cli_command for config what command bundler runs when no specific command is provided. Pull request #​8886 by jonbarlo
• Introduce a fast path for comparing Gem::Version. Pull request #​9414 by Edouard-chin

Bug fixes:

• Restore rb_sys dependency for Rust. Pull request #​9416 by bangseongbeom

v4.0.9

Compare Source

Enhancements:

• Check the git version only once per bundle install. Pull request #​9406 by Edouard-chin
• Normalize the number of workers when performing parallel operations. Pull request #​9400 by Edouard-chin
• Add exponential backoff to bundler retries. Pull request #​9163 by ChrisBr
• Introduce a priority queue. Pull request #​9389 by Edouard-chin
• Split the download and install process of a gem. Pull request #​9381 by Edouard-chin

Bug fixes:

• Retry git fetch without --depth for dumb HTTP transport. Pull request #​9405 by hsbt

v4.0.8

Compare Source

Enhancements:

• Add a new Bundler config to control how many specs are fetched #​9363
• Restrict GitHub Actions workflow permissions for newgem #​9361

Bug fixes:

• Fix plugin new version not registering #​9355

v4.0.7

Compare Source

Enhancements:

• Don't check whether a plugin needs to be installed: #​9328
• [rust gem] Major improvements for gem scaffolding (rebased) #​8455
• Fix(bundler): only preload git sources for requested groups #​9234
• Raise error when gem contains capital letters #​5432

Bug fixes:

• Fix Bundler crashing when it tries to install plugin: #​9335
• Run git operations in parallel (take 2): #​9323
• Add support for help flag in plugin commands #​9263

Documentation:

• [DOC] Fix link in Bundler #​9315

v4.0.6

Compare Source

Bug fixes:

• Fix gzip cache corruption when recovering from HTTP 416 responses #​9272
• Fallback git/path sources to default source #​9301
• Ensure revision is always re-resolved in git_proxy.rb #​9294

Documentation:

• Clarify local gem override docs to require git-sourced gems #​9305

v4.0.5

Compare Source

Enhancements:

• Fix Bundler that re-exec $0 when a version is present in the config: #​9249

Bug fixes:

• Only use parent source with Git and Path sources #​9269

v4.0.4

Compare Source

Enhancements:

• Validate more options for add sub-command #​5905
• Support Ruby 4.1 #​9219

Bug fixes:

• Fix dependency source bug in bundler #​9213
• Retain current bundler version on bundle clean #​9221

v4.0.3

Compare Source

Enhancements:

• Fall back to ruby platform gem when precompiled variant is incompatible #​9211

v4.0.2

Compare Source

Enhancements:

• Support single quotes in mise format ruby version #​9183
• Tweak the Bundler's "X gems now installed message": #​9194

Bug fixes:

• Allow to show cli_help with bundler executable #​9198
• Allow bundle pristine to work for git gems in the same repo #​9196

v4.0.1

Compare Source

Enhancements:

• Ignore warnings with spec different platforms. Pull request #​8508 by hsbt
• Improve error message when current platform is not in lockfile. Pull request #​9439 by 55728
• Cache package version selection. Pull request #​9410 by Edouard-chin
• Check happy path first when comparing gem version. Pull request #​9417 by Edouard-chin
• [feature] default_cli_command for config what command bundler runs when no specific command is provided. Pull request #​8886 by jonbarlo
• Introduce a fast path for comparing Gem::Version. Pull request #​9414 by Edouard-chin

Bug fixes:

• Restore rb_sys dependency for Rust. Pull request #​9416 by bangseongbeom

v4.0.0

Compare Source

Features:

• Support bundle install --lockfile option #​9111
• Add support for lockfile in Gemfile and bundle install --no-lock #​9059
• Add --ext=go to bundle gem #​8183
• Update Bundler::CurrentRuby::ALL_RUBY_VERSIONS #​9058
• Introduce bundle list --format=json #​8728

Performance:

• Run git operations in parallel to speed things up: #​9100
• Replace instance method look up in plugin installer #​9094
• Adjust the API_REQUEST_LIMIT to make less network roundtrip #​9071

Enhancements:

• Make BUNDLE_LOCKFILE environment variable have precedence over lockfile method in Gemfile #​9146
• Improve banner message for the default command #​9145
• Introduce install_or_cli_help and use it default bundle command #​9136
• Add go_gem/rake_task for Go native extension gem skeleton #​9105
• Warn users that bundle now display the help: #​9092
• Use DidYouMean::SpellChecker for gem suggestions in Bundler #​3857
• Update all vendored libraries to latest version #​9089
• We don't need to allow some warning now #​9074
• Support to embedded Pathname #​9056
• Enforce activation of irb when running with bundle console #​9033
• Update Magnus version in Rust extension gem template #​9025
• Add checksum of gems hosted on private servers: #​9004
• Loading support on Windows #​8254
• Improve error message when the same source is specified through gemspec and path #​8460
• Raise an error in frozen mode if some registry gems have empty checksums #​8888
• Bump vendored thor to 1.4.0 #​8883
• Delay default path and global cache changes to Bundler 5 #​8867
• Fix spacing in bundle gem newgem.gemspec.tt #​8865
• Add some missing deprecation messages #​8844

Bug fixes:

• Fixed checksums generation issue when no source is specified #​9133
• Check for file existence before deletion from cache #​9095
• Use method_defined?(:method, false) #​9098
• Handle BUNDLER_VERSION being set to an empty string #​6928
• Fix bundle install when the Gemfile contains "install_if" git gems: #​8992
• Fix installation issue related to path sources and precompiled gems #​8973
• Fix outdated lockfile during bundle lock when source changes #​8962
• Raise error on missing version file #​8963
• Fix bundle cache --frozen and bundle cache --no-prune not printing a deprecation message #​8926
• Fix local installation incorrectly forced if there's a vendor/cache directory and frozen mode is set #​8925
• Fix bundle lock --update <gem> with --lockfile flag updating all gems #​8922
• Fix bundle show --verbose and recommend it as an alternative to bundle show --outdated #​8915
• Fix bundle cache --no-all not printing a deprecation warning #​8912
• Fix bundle update foo unable to update foo in an edge case #​8897
• Fix Bundler printing more flags than actually passed in verbose mode #​8914
• Fix bundler failing to install sorbet-static in truffleruby when there's no lockfile #​8872
• Cancel deprecation of --force flag to bundle install and bundle update #​8843

Security:

• Bump up vendored URI to 1.0.4 #​9031

Breaking changes:

• Fix triple spacing when generating lockfile #​9076
• Hide patchlevel from lockfile #​7772
• Remove bundler_4_mode #​9038
• Pick and add extra changes for 4.0.0 version #​9018
• Replaced Bundler::SharedHelpers.major_deprecation to feature_removed! or feature_deprecated! #​9016
• Removed legacy_check option from SpecSet#for #​9015
• Make update_requires_all_flag to settings #​9011
• Make default cli command settings #​9010
• Make global_gem_cache flag to settings #​9009
• Consolidate removal of Bundler.rubygems.all_specs #​9008
• Consolidate removal of Bundler::SpecSet#- and Bundler::SpecSet#<< #​9007
• Replaced Bundler.feature_flag.plugins? to Bundler.settings #​9006
• Make bundle show --outdated raise an error #​8980
• Make --local-git flag to bundle plugin install raise an error #​8979
• Switch cache_all to be true by default #​8975
• Completely forbid passing --ext to bundle gem without a value #​8976
• Switch lockfile_checksums to be true by default #​8981
• Make bundle install --binstubs raise an error #​8978
• Make bundle remove --install raise an error #​8977
• Remove support for multiple global sources in Gemfile & lockfile #​8968
• Remove allow_offline_install setting #​8969
• Completely remove --rubocop flag to bundle gem, and related configuration #​8967
• Completely remove all remembered CLI flags #​8958
• Remove implementation of deployment, capistrano and vlad entrypoints #​8957
• Remove deprecated Bundler.*clean*, and Bundler.environment helpers #​8924
• Remove deprecated bundle viz and bundle inject commands #​8923
• Removed to workaround for Bundler 2.2 #​8903

Documentation:

• Unified UPGRADING.md and extract blog.rubygems.org #​9148
• Remove italic formatting from changelog section headers #​9128
• Small clarifications to Bundler 4 upgrade docs #​8964
• Improve documentation of bundle doctor, bundle plugin, and bundle config #​8919
• Make sure all CLI flags and subcommands are documented #​8861
• Clarify documentation about new default gem installation directory in Bundler 4 #​8857
• Use mailto link in Code of Conduct #​8849
• Update Code of Conduct email to conduct@rubygems.org #​8848
• Add missing link to irb repo in DEBUGGING.md #​8842

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Gemfile.lock

Unknown switches "--bundler"