From 487c4a5aeaa09e979173beb9bcffebbdb5a770ad Mon Sep 17 00:00:00 2001
From: Jarek Prokop <jprokop@redhat.com>
Date: Apr 11 2023 17:33:37 +0000
Subject: Fix bundler improperly resolving archful gems in Gemfile.lock.


For more information see:
https://github.com/sclorg/s2i-ruby-container/issues/469

Upstream backport requested in
https://bugs.ruby-lang.org/issues/19576

Resolves: rhbz#2178171

---

diff --git a/ruby.spec b/ruby.spec
index 5c0ddd2..03f01d7 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -195,6 +195,16 @@ Patch28: ruby-irb-1.4.1-set-rdoc-soft-dep.patch
 # https://github.com/ruby/ruby/commit/bffadcd6d46ccfccade79ce0efb60ced8eac4483
 # https://bugs.ruby-lang.org/issues/19529#note-7
 Patch29: ruby-3.1.4-Skip-test_compaction_bug_19529-if-compaction-unsupported.patch
+# Bundler does not correctly resolve archful gems in 2.3.26.
+# Example of such an issue
+# https://github.com/sclorg/s2i-ruby-container/issues/469
+# The patch is an amalgamation of the following:
+# https://github.com/rubygems/rubygems/pull/6225
+# https://github.com/rubygems/rubygems/commit/7b64c64262a7a980c0eb23b96ea56cf72ea06e89
+# Backport requested in
+# https://bugs.ruby-lang.org/issues/19576
+Patch30: rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch
+Patch31: rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch
 
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Suggests: rubypick
@@ -667,6 +677,11 @@ rm -rf ext/fiddle/libffi*
 %patch27 -p1
 %patch28 -p1
 %patch29 -p1
+%patch30 -p2
+
+pushd spec/bundler
+%patch31 -p3
+popd
 
 # Provide an example of usage of the tapset:
 cp -a %{SOURCE3} .
@@ -1541,6 +1556,8 @@ DISABLE_TESTS="$DISABLE_TESTS -n !/Fiddle::TestFunction#test_argument_count/"
 - Upgrade to Ruby 3.1.4.
 - Fix ReDoS vulnerability in URI (CVE-2023-28755)
 - Fix ReDoS vulnerability in Time (CVE-2023-28756)
+- Fix bundler improperly resolving archful gems in Gemfile.lock.
+  Resolves: rhbz#2178171
 
 * Fri Jan 20 2023 Jun Aruga <jaruga@redhat.com> - 3.1.3-174
 - Fix for tzdata-2022g.
diff --git a/rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch b/rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch
new file mode 100644
index 0000000..157a5be
--- /dev/null
+++ b/rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch
@@ -0,0 +1,144 @@
+From 0985592ad2d815ac461100807f5b2621e5f49b21 Mon Sep 17 00:00:00 2001
+From: Jarek Prokop <jprokop@redhat.com>
+Date: Fri, 31 Mar 2023 11:54:07 +0200
+Subject: [PATCH 1/2] Provide fix for bundler Gemfile resolving regression.
+
+Instead of resolving to correct Ruby platform, it preferred the
+archful package, that is actually incompatible.
+
+See https://github.com/sclorg/s2i-ruby-container/issues/469
+for an example of the bug.
+
+Commit taken from:
+<https://github.com/rubygems/rubygems/pull/6225>
+and adapted:
+<https://github.com/rubygems/rubygems/commit/7b64c64262a7a980c0eb23b96ea56cf72ea06e89>
+for the PR#6225.
+---
+ bundler/lib/bundler/index.rb              |  5 ++
+ bundler/lib/bundler/lazy_specification.rb | 64 ++++++++++-------------
+ 2 files changed, 34 insertions(+), 35 deletions(-)
+
+diff --git a/bundler/lib/bundler/index.rb b/bundler/lib/bundler/index.rb
+index ed16c90a3..903e220d5 100644
+--- a/bundler/lib/bundler/index.rb
++++ b/bundler/lib/bundler/index.rb
+@@ -71,6 +71,7 @@ def local_search(query)
+       when Gem::Specification, RemoteSpecification, LazySpecification, EndpointSpecification then search_by_spec(query)
+       when String then specs_by_name(query)
+       when Gem::Dependency then search_by_dependency(query)
++      when Array then search_by_name_and_version(*query)
+       else
+         raise "You can't search for a #{query.inspect}."
+       end
+@@ -173,6 +174,10 @@ def search_by_dependency(dependency)
+       end
+     end
+ 
++    def search_by_name_and_version(name, version)
++      specs_by_name(name).select { |spec| spec.version == version }
++    end
++
+     EMPTY_SEARCH = [].freeze
+ 
+     def search_by_spec(spec)
+diff --git a/bundler/lib/bundler/lazy_specification.rb b/bundler/lib/bundler/lazy_specification.rb
+index 949e8264b..e8bee25ab 100644
+--- a/bundler/lib/bundler/lazy_specification.rb
++++ b/bundler/lib/bundler/lazy_specification.rb
+@@ -13,7 +13,6 @@ def initialize(name, version, platform, source = nil)
+       @dependencies  = []
+       @platform      = platform || Gem::Platform::RUBY
+       @source        = source
+-      @specification = nil
+     end
+ 
+     def full_name
+@@ -76,37 +75,41 @@ def to_lock
+     def materialize_for_installation
+       source.local!
+ 
+-      candidates = if source.is_a?(Source::Path) || !ruby_platform_materializes_to_ruby_platform?
+-        target_platform = ruby_platform_materializes_to_ruby_platform? ? platform : local_platform
++      matching_specs = source.specs.search(use_exact_resolved_specifications? ? self : [name, version])
++      return self if matching_specs.empty?
+ 
+-        GemHelpers.select_best_platform_match(source.specs.search(Dependency.new(name, version)), target_platform)
+-      else
+-        source.specs.search(self)
+-      end
++      candidates = if use_exact_resolved_specifications?
++                     matching_specs
++                   else
++                     target_platform = ruby_platform_materializes_to_ruby_platform? ? platform : local_platform
++
++                     installable_candidates = GemHelpers.select_best_platform_match(matching_specs, target_platform)
++
++                     specification = __materialize__(installable_candidates)
++                     return specification unless specification.nil?
+ 
+-      return self if candidates.empty?
++                     if target_platform != platform
++                       installable_candidates = GemHelpers.select_best_platform_match(matching_specs, platform)
++                     end
++
++                     installable_candidates
++                   end
+ 
+       __materialize__(candidates)
+     end
+ 
+     def __materialize__(candidates)
+-      @specification = begin
+-        search = candidates.reverse.find do |spec|
+-          spec.is_a?(StubSpecification) ||
+-            (spec.matches_current_ruby? &&
+-              spec.matches_current_rubygems?)
+-        end
+-        if search.nil? && Bundler.frozen_bundle?
+-          search = candidates.last
+-        else
+-          search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification))
+-        end
+-        search
++      search = candidates.reverse.find do |spec|
++        spec.is_a?(StubSpecification) ||
++          (spec.matches_current_ruby? &&
++           spec.matches_current_rubygems?)
+       end
+-    end
+-
+-    def respond_to?(*args)
+-      super || @specification ? @specification.respond_to?(*args) : nil
++      if search.nil? && Bundler.frozen_bundle?
++        search = candidates.last
++      else
++        search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification))
++      end
++      search
+     end
+ 
+     def to_s
+@@ -127,17 +130,8 @@ def git_version
+     end
+ 
+     private
+-
+-    def to_ary
+-      nil
+-    end
+-
+-    def method_missing(method, *args, &blk)
+-      raise "LazySpecification has not been materialized yet (calling :#{method} #{args.inspect})" unless @specification
+-
+-      return super unless respond_to?(method)
+-
+-      @specification.send(method, *args, &blk)
++    def use_exact_resolved_specifications?
++      @use_exact_resolved_specifications ||= !source.is_a?(Source::Path) && ruby_platform_materializes_to_ruby_platform?
+     end
+ 
+     #
+-- 
+2.40.0
+
diff --git a/rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch b/rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch
new file mode 100644
index 0000000..33f29d4
--- /dev/null
+++ b/rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch
@@ -0,0 +1,60 @@
+From cb3d287a91e9b6762e47635137d6024fe39e117d Mon Sep 17 00:00:00 2001
+From: Jarek Prokop <jprokop@redhat.com>
+Date: Fri, 31 Mar 2023 12:06:21 +0200
+Subject: [PATCH] Tests from bundler's PR#6225.
+
+See <https://github.com/rubygems/rubygems/pull/6225>.
+---
+ .../install/gemfile/specific_platform_spec.rb | 36 +++++++++++++++++++
+ 1 file changed, 36 insertions(+)
+
+diff --git a/bundler/spec/install/gemfile/specific_platform_spec.rb b/bundler/spec/install/gemfile/specific_platform_spec.rb
+index 98efec396..a29446305 100644
+--- a/bundler/spec/install/gemfile/specific_platform_spec.rb
++++ b/bundler/spec/install/gemfile/specific_platform_spec.rb
+@@ -104,6 +104,42 @@
+       L
+     end
+ 
++    it "still installs the generic RUBY variant if necessary even when running on a legacy lockfile locked only to RUBY" do
++      build_repo4 do
++        build_gem "nokogiri", "1.3.10"
++        build_gem "nokogiri", "1.3.10" do |s|
++          s.platform = "arm64-darwin"
++          s.required_ruby_version = "< #{Gem.ruby_version}"
++        end
++
++        build_gem "bundler", "2.1.4"
++      end
++
++      gemfile <<~G
++        source "#{file_uri_for(gem_repo4)}"
++        gem "nokogiri"
++      G
++
++      lockfile <<-L
++        GEM
++          remote: #{file_uri_for(gem_repo4)}/
++          specs:
++            nokogiri (1.3.10)
++        PLATFORMS
++          ruby
++        DEPENDENCIES
++          nokogiri
++        RUBY VERSION
++          2.5.3p105
++        BUNDLED WITH
++           2.1.4
++      L
++
++      simulate_platform "arm64-darwin-22" do
++        bundle "update --bundler", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s }
++      end
++    end
++
+     it "doesn't discard previously installed platform specific gem and fall back to ruby on subsequent bundles" do
+       build_repo2 do
+         build_gem("libv8", "8.4.255.0")
+-- 
+2.40.0
+