diff options
author | Martin Emde <martin.emde@gmail.com> | 2023-12-01 14:20:51 -0800 |
---|---|---|
committer | git <svn-admin@ruby-lang.org> | 2023-12-05 21:09:53 +0000 |
commit | 5f0ea3f590f8983669fe478bc9eace6880353b84 (patch) | |
tree | ca777e6b654fa43b841e3286a9b35a0869987d2e /spec/bundler/bundler | |
parent | a33632e1ca7af1e3ba34cff05643aa067561a8cc (diff) |
[rubygems/rubygems] Converts Bundler lockfile checksum validation to opt-in only
Looks for the CHECKSUMS section in the lockfile, activating the feature
only if the section exists. Without a CHECKSUMS section, Bundler will
continue as normal, validating checksums when gems are installed while
checksums from the compact index are present.
https://github.com/rubygems/rubygems/commit/2353cc93a4
Diffstat (limited to 'spec/bundler/bundler')
-rw-r--r-- | spec/bundler/bundler/definition_spec.rb | 40 |
1 files changed, 22 insertions, 18 deletions
diff --git a/spec/bundler/bundler/definition_spec.rb b/spec/bundler/bundler/definition_spec.rb index 64856863ed..367cb7bcff 100644 --- a/spec/bundler/bundler/definition_spec.rb +++ b/spec/bundler/bundler/definition_spec.rb @@ -56,6 +56,11 @@ RSpec.describe Bundler::Definition do s.add_dependency "rack", "1.0" end + checksums = checksums_section_when_existing do |c| + c.no_checksum "foo", "1.0" + c.checksum gem_repo1, "rack", "1.0.0" + end + bundle :install, :env => { "DEBUG" => "1" } expect(out).to match(/re-resolving dependencies/) @@ -76,11 +81,7 @@ RSpec.describe Bundler::Definition do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum "foo", "1.0"} - #{checksum_for_repo_gem gem_repo1, "rack", "1.0.0"} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G @@ -110,6 +111,11 @@ RSpec.describe Bundler::Definition do s.add_development_dependency "net-ssh", "1.0" end + checksums = checksums_section_when_existing do |c| + c.no_checksum "foo", "1.0" + c.checksum gem_repo1, "rack", "1.0.0" + end + install_gemfile <<-G source "#{file_uri_for(gem_repo1)}" gem "foo", :path => "#{lib_path("foo")}" @@ -135,17 +141,17 @@ RSpec.describe Bundler::Definition do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum "foo", "1.0"} - #{checksum_for_repo_gem gem_repo1, "rack", "1.0.0"} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G end it "for a locked gem for another platform" do + checksums = checksums_section_when_existing do |c| + c.no_checksum "only_java", "1.1", "java" + end + install_gemfile <<-G source "#{file_uri_for(gem_repo1)}" gem "only_java", platform: :jruby @@ -166,16 +172,17 @@ RSpec.describe Bundler::Definition do DEPENDENCIES only_java - - CHECKSUMS - only_java (1.1-java) - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G end it "for a rubygems gem" do + checksums = checksums_section_when_existing do |c| + c.checksum gem_repo1, "foo", "1.0" + end + install_gemfile <<-G source "#{file_uri_for(gem_repo1)}" gem "foo" @@ -195,10 +202,7 @@ RSpec.describe Bundler::Definition do DEPENDENCIES foo - - CHECKSUMS - #{checksum_for_repo_gem gem_repo1, "foo", "1.0"} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G |