Security:
- In README generated by
bundle gem, do not fill rubygems.org install commands with the gem name automatically #6093 - Use safe Marshal deserialization for dependency API response #6141
Breaking changes:
- Remove Travis CI from gem skeleton #6150
- Drop support for Ruby 2.3, 2.4, 2.5 and RubyGems 2.5, 2.6, 2.7 #6107
- Completely remove "auto-sudo" feature #5888
Deprecations:
- Turn
--extoption ofbundle geminto string. Deprecate usage without explicit value #6144
Features:
- Add
--ext=rustsupport tobundle gemfor creating simple gems with Rust extensions #6149 - Migrate our resolver engine to PubGrub #5960
Performance:
- Make cloning git repos faster #4475
Enhancements:
- Add
bundle lock --update --bundler#6134 - Support for pre flag in
bundle update/bundle lock#5258 - Improve error message when changing Gemfile to a mistyped git ref #6130
- Remove special handling of some
LoadErrorandNoMethodError#6115
Bug fixes:
- Don't unlock dependencies of a gemspec when its version changes #6184
- Fix platform specific version for libv8-node and other allowlisted gems not being chosen in Truffleruby #6169
- Fix
bundle outdatedwith both--groupsand--parseableflags #6148 - Auto-heal lockfile when it's missing specs #6132
- Fix unintentional downgrades when gemspec DSL is used #6131
- Fix display of previous gem version when previously downloaded already #6110
- Fix hang when a lockfile gem does not resolve on the current platform #6070