diff options
| author | Martin Emde <martin.emde@gmail.com> | 2023-12-01 14:20:51 -0800 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2023-12-05 21:09:53 +0000 |
| commit | 5f0ea3f590f8983669fe478bc9eace6880353b84 (patch) | |
| tree | ca777e6b654fa43b841e3286a9b35a0869987d2e /spec/bundler/cache/gems_spec.rb | |
| parent | a33632e1ca7af1e3ba34cff05643aa067561a8cc (diff) | |
[rubygems/rubygems] Converts Bundler lockfile checksum validation to opt-in only
Looks for the CHECKSUMS section in the lockfile, activating the feature
only if the section exists. Without a CHECKSUMS section, Bundler will
continue as normal, validating checksums when gems are installed while
checksums from the compact index are present.
https://github.com/rubygems/rubygems/commit/2353cc93a4
Diffstat (limited to 'spec/bundler/cache/gems_spec.rb')
| -rw-r--r-- | spec/bundler/cache/gems_spec.rb | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/spec/bundler/cache/gems_spec.rb b/spec/bundler/cache/gems_spec.rb index 2f5da4e7e4..73c7db1e88 100644 --- a/spec/bundler/cache/gems_spec.rb +++ b/spec/bundler/cache/gems_spec.rb @@ -289,11 +289,24 @@ RSpec.describe "bundle cache" do expect(cached_gem("rack-1.0.0")).to exist end - it "raises an error when the gem file is altered and produces a different checksum" do + it "raises an error when the gem is altered and produces a different checksum" do cached_gem("rack-1.0.0").rmtree build_gem "rack", "1.0.0", :path => bundled_app("vendor/cache") + + checksums = checksums_section do |c| + c.checksum gem_repo1, "rack", "1.0.0" + end + simulate_new_machine + lockfile <<-L + GEM + remote: #{file_uri_for(gem_repo2)}/ + specs: + rack (1.0.0) + #{checksums} + L + bundle :install, :raise_on_error => false expect(exitstatus).to eq(37) expect(err).to include("Bundler found mismatched checksums.") @@ -305,6 +318,22 @@ RSpec.describe "bundle cache" do expect(cached_gem("rack-1.0.0")).to exist end + it "installs a modified gem with a non-matching checksum when checksums is not opted in" do + cached_gem("rack-1.0.0").rmtree + build_gem "rack", "1.0.0", :path => bundled_app("vendor/cache") + simulate_new_machine + + lockfile <<-L + GEM + remote: #{file_uri_for(gem_repo2)}/ + specs: + rack (1.0.0) + L + + bundle :install + expect(cached_gem("rack-1.0.0")).to exist + end + it "handles directories and non .gem files in the cache" do bundled_app("vendor/cache/foo").mkdir File.open(bundled_app("vendor/cache/bar"), "w") {|f| f.write("not a gem") } |