diff options
author | Martin Emde <martin.emde@gmail.com> | 2023-12-01 14:20:51 -0800 |
---|---|---|
committer | git <svn-admin@ruby-lang.org> | 2023-12-05 21:09:53 +0000 |
commit | 5f0ea3f590f8983669fe478bc9eace6880353b84 (patch) | |
tree | ca777e6b654fa43b841e3286a9b35a0869987d2e /spec/bundler/install/gemfile/path_spec.rb | |
parent | a33632e1ca7af1e3ba34cff05643aa067561a8cc (diff) |
[rubygems/rubygems] Converts Bundler lockfile checksum validation to opt-in only
Looks for the CHECKSUMS section in the lockfile, activating the feature
only if the section exists. Without a CHECKSUMS section, Bundler will
continue as normal, validating checksums when gems are installed while
checksums from the compact index are present.
https://github.com/rubygems/rubygems/commit/2353cc93a4
Diffstat (limited to 'spec/bundler/install/gemfile/path_spec.rb')
-rw-r--r-- | spec/bundler/install/gemfile/path_spec.rb | 73 |
1 files changed, 36 insertions, 37 deletions
diff --git a/spec/bundler/install/gemfile/path_spec.rb b/spec/bundler/install/gemfile/path_spec.rb index 3af8412eab..d6e008a7c4 100644 --- a/spec/bundler/install/gemfile/path_spec.rb +++ b/spec/bundler/install/gemfile/path_spec.rb @@ -98,6 +98,11 @@ RSpec.describe "bundle install with explicit source paths" do gem "aaa", :path => "./aaa" G + checksums = checksums_section_when_existing do |c| + c.no_checksum "aaa", "1.0" + c.no_checksum "demo", "1.0" + end + lockfile = <<~L PATH remote: . @@ -119,11 +124,7 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES aaa! demo! - - CHECKSUMS - #{gem_no_checksum("aaa", "1.0")} - #{gem_no_checksum("demo", "1.0")} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} L @@ -345,6 +346,11 @@ RSpec.describe "bundle install with explicit source paths" do lockfile_path = lib_path("foo/Gemfile.lock") + checksums = checksums_section_when_existing do |c| + c.no_checksum "foo", "0.1.0" + c.checksum gem_repo4, "graphql", "2.0.15" + end + original_lockfile = <<~L PATH remote: . @@ -362,11 +368,7 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum("foo", "0.1.0")} - #{checksum_for_repo_gem(gem_repo4, "graphql", "2.0.15")} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} L @@ -673,6 +675,11 @@ RSpec.describe "bundle install with explicit source paths" do expect(the_bundle).to include_gems "rack 0.9.1" + checksums = checksums_section_when_existing do |c| + c.no_checksum "foo", "1.0" + c.checksum gem_repo1, "rack", "0.9.1" + end + expect(lockfile).to eq <<~G PATH remote: #{lib_path("foo")} @@ -690,11 +697,7 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum("foo", "1.0")} - #{checksum_for_repo_gem(gem_repo1, "rack", "0.9.1")} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G @@ -722,11 +725,7 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum("foo", "1.0")} - #{checksum_for_repo_gem(gem_repo1, "rack", "0.9.1")} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G @@ -743,6 +742,11 @@ RSpec.describe "bundle install with explicit source paths" do expect(the_bundle).to include_gems "rack 0.9.1" + checksums = checksums_section_when_existing do |c| + c.no_checksum "foo", "1.0" + c.checksum gem_repo1, "rack", "0.9.1" + end + expect(lockfile).to eq <<~G PATH remote: #{lib_path("foo")} @@ -760,11 +764,7 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum("foo", "1.0")} - #{checksum_for_repo_gem(gem_repo1, "rack", "0.9.1")} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G @@ -776,6 +776,8 @@ RSpec.describe "bundle install with explicit source paths" do bundle "install" + checksums.checksum gem_repo1, "rake", "13.0.1" + expect(lockfile).to eq <<~G PATH remote: #{lib_path("foo")} @@ -795,12 +797,7 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum("foo", "1.0")} - #{checksum_for_repo_gem(gem_repo1, "rack", "0.9.1")} - #{checksum_for_repo_gem(gem_repo1, "rake", "13.0.1")} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G @@ -813,6 +810,10 @@ RSpec.describe "bundle install with explicit source paths" do s.add_dependency "rack", "0.9.1" end + checksums = checksums_section_when_existing do |c| + c.no_checksum "foo", "1.0" + end + lockfile <<~L PATH remote: #{lib_path("foo")} @@ -824,13 +825,15 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES foo! - + #{checksums} BUNDLED WITH #{Bundler::VERSION} L bundle "lock" + checksums.no_checksum "rack", "0.9.1" + expect(lockfile).to eq <<~G PATH remote: #{lib_path("foo")} @@ -848,11 +851,7 @@ RSpec.describe "bundle install with explicit source paths" do DEPENDENCIES foo! - - CHECKSUMS - #{gem_no_checksum("foo", "1.0")} - #{gem_no_checksum("rack", "0.9.1")} - + #{checksums} BUNDLED WITH #{Bundler::VERSION} G |