diff options
author | Daniel Niknam <mhmd.niknam@gmail.com> | 2021-07-24 17:25:48 +1000 |
---|---|---|
committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2021-07-27 09:25:57 +0900 |
commit | 1ef360230ec0bf078124a3001ef2e1ae7886e236 (patch) | |
tree | a3fefe258b29fd1b569b5feddb5728bdeffaa67d /spec/bundler/bundler | |
parent | 2f9e0cf1819b8679abe79494f622e1a42d7e021d (diff) |
[rubygems/rubygems] Deprecate Gemfile without an explicit global source
Raise a warning when parsing a Gemfile and it doesn't have a global source. Gemfiles like this, specially now that rubygems sources are are no longer merged into a single source for security, are very confusing because they generate a different lockfile depending on the gems you have locally installed. This is because bundler always use an implicit global source that defaults to locally installed gems.
https://github.com/rubygems/rubygems/commit/b7523ad21c
Diffstat (limited to 'spec/bundler/bundler')
-rw-r--r-- | spec/bundler/bundler/dsl_spec.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/spec/bundler/bundler/dsl_spec.rb b/spec/bundler/bundler/dsl_spec.rb index a47dd6e399..cfc4a7855d 100644 --- a/spec/bundler/bundler/dsl_spec.rb +++ b/spec/bundler/bundler/dsl_spec.rb @@ -241,4 +241,21 @@ RSpec.describe Bundler::Dsl do end end end + + describe "#check_primary_source_safety" do + context "when a global source is not defined implicitly" do + it "will raise a major deprecation warning" do + not_a_global_source = double("not-a-global-source", no_remotes?: true, multiple_remotes?: false) + allow(Bundler::Source::Rubygems).to receive(:new).and_return(not_a_global_source) + + warning = "This Gemfile does not include an explicit global source. " \ + "Not using an explicit global source may result in a different lockfile being generated depending on " \ + "the gems you have installed locally before bundler is run." \ + "Instead, define a global source in your Gemfile like this: source \"https://rubygems.org\"." + expect(Bundler::SharedHelpers).to receive(:major_deprecation).with(2, warning) + + subject.check_primary_source_safety + end + end + end end |