class Bundler::ChecksumMismatchError

def initialize(lock_name, existing, checksum)

def initialize(lock_name, existing, checksum)
  @lock_name = lock_name
  @existing = existing
  @checksum = checksum
end

def message

def message
  <<~MESSAGE
    Bundler found mismatched checksums. This is a potential security risk.
      #{@lock_name} #{@existing.to_lock}
        from #{@existing.sources.join("\n    and ")}
      #{@lock_name} #{@checksum.to_lock}
        from #{@checksum.sources.join("\n    and ")}
    #{mismatch_resolution_instructions}
    To ignore checksum security warnings, disable checksum validation with
      `bundle config set --local disable_checksum_validation true`
  MESSAGE
end

def mismatch_resolution_instructions

def mismatch_resolution_instructions
  removable, remote = [@existing, @checksum].partition(&:removable?)
  case removable.size
  when 0
    msg = +"Mismatched checksums each have an authoritative source:\n"
    msg << "  1. #{@existing.sources.reject(&:removable?).map(&:to_s).join(" and ")}\n"
    msg << "  2. #{@checksum.sources.reject(&:removable?).map(&:to_s).join(" and ")}\n"
    msg << "You may need to alter your Gemfile sources to resolve this issue.\n"
  when 1
    msg = +"If you trust #{remote.first.sources.first}, to resolve this issue you can:\n"
    msg << removable.first.removal_instructions
  when 2
    msg = +"To resolve this issue you can either:\n"
    msg << @checksum.removal_instructions
    msg << "or if you are sure that the new checksum from #{@checksum.sources.first} is correct:\n"
    msg << @existing.removal_instructions
  end
end