diff options
author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2021-03-10 12:08:20 +0900 |
---|---|---|
committer | NARUSE, Yui <nurse@users.noreply.github.com> | 2021-03-11 17:24:52 +0900 |
commit | 0476ce0370c1ee56de690d43c15d5e8d7893dedd (patch) | |
tree | 72590a5a0211c53d431cfab4e3b008dbcc3df6e8 /spec/bundler/install/gemfile | |
parent | 7efc7afcae6720e1af7ab49986d789b6f9d6fe0a (diff) |
Merge RubyGems-3.2.14 and Bundler-2.2.14
Diffstat (limited to 'spec/bundler/install/gemfile')
-rw-r--r-- | spec/bundler/install/gemfile/sources_spec.rb | 506 |
1 files changed, 389 insertions, 117 deletions
diff --git a/spec/bundler/install/gemfile/sources_spec.rb b/spec/bundler/install/gemfile/sources_spec.rb index 7916b83977..0f95bfac8f 100644 --- a/spec/bundler/install/gemfile/sources_spec.rb +++ b/spec/bundler/install/gemfile/sources_spec.rb @@ -141,156 +141,159 @@ RSpec.describe "bundle install with gems on multiple sources" do end end - context "when a pinned gem has an indirect dependency" do + context "when a pinned gem has an indirect dependency in the pinned source" do before do build_repo gem_repo3 do build_gem "depends_on_rack", "1.0.1" do |s| s.add_dependency "rack" end end - end - context "when the indirect dependency is in the pinned source" do - before do - # we need a working rack gem in repo3 - update_repo gem_repo3 do - build_gem "rack", "1.0.0" - end - - gemfile <<-G - source "#{file_uri_for(gem_repo2)}" - source "#{file_uri_for(gem_repo3)}" do - gem "depends_on_rack" - end - G + # we need a working rack gem in repo3 + update_repo gem_repo3 do + build_gem "rack", "1.0.0" end - context "and not in any other sources" do - before do - build_repo(gem_repo2) {} + gemfile <<-G + source "#{file_uri_for(gem_repo2)}" + source "#{file_uri_for(gem_repo3)}" do + gem "depends_on_rack" end + G + end - it "installs from the same source without any warning" do - bundle :install - expect(err).not_to include("Warning") - expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0", :source => "remote3") - end + context "and not in any other sources" do + before do + build_repo(gem_repo2) {} end - context "and in another source" do - before do - # need this to be broken to check for correct source ordering - build_repo gem_repo2 do - build_gem "rack", "1.0.0" do |s| - s.write "lib/rack.rb", "RACK = 'FAIL'" - end + it "installs from the same source without any warning" do + bundle :install + expect(err).not_to include("Warning") + expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0", :source => "remote3") + end + end + + context "and in another source" do + before do + # need this to be broken to check for correct source ordering + build_repo gem_repo2 do + build_gem "rack", "1.0.0" do |s| + s.write "lib/rack.rb", "RACK = 'FAIL'" end end + end - it "installs from the same source without any warning" do - bundle :install + it "installs from the same source without any warning" do + bundle :install - expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") - expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0", :source => "remote3") + expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") + expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0", :source => "remote3") - # In https://github.com/bundler/bundler/issues/3585 this failed - # when there is already a lock file, and the gems are missing, so try again - system_gems [] - bundle :install + # In https://github.com/bundler/bundler/issues/3585 this failed + # when there is already a lock file, and the gems are missing, so try again + system_gems [] + bundle :install - expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") - expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0", :source => "remote3") - end + expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") + expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0", :source => "remote3") end end + end - context "when the indirect dependency is in a different source" do - before do - # In these tests, we need a working rack gem in repo2 and not repo3 - build_repo gem_repo2 do - build_gem "rack", "1.0.0" + context "when a pinned gem has an indirect dependency in a different source" do + before do + # In these tests, we need a working rack gem in repo2 and not repo3 + + build_repo gem_repo3 do + build_gem "depends_on_rack", "1.0.1" do |s| + s.add_dependency "rack" end end - context "and not in any other sources" do - before do - install_gemfile <<-G - source "#{file_uri_for(gem_repo2)}" - source "#{file_uri_for(gem_repo3)}" do - gem "depends_on_rack" - end - G - end + build_repo gem_repo2 do + build_gem "rack", "1.0.0" + end + end - it "installs from the other source without any warning" do - expect(err).not_to include("Warning") - expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") - end + context "and not in any other sources" do + before do + install_gemfile <<-G + source "#{file_uri_for(gem_repo2)}" + source "#{file_uri_for(gem_repo3)}" do + gem "depends_on_rack" + end + G end - context "and in yet another source" do - before do - gemfile <<-G - source "#{file_uri_for(gem_repo1)}" - source "#{file_uri_for(gem_repo2)}" - source "#{file_uri_for(gem_repo3)}" do - gem "depends_on_rack" - end - G - end + it "installs from the other source without any warning" do + expect(err).not_to include("Warning") + expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") + end + end - it "installs from the other source and warns about ambiguous gems", :bundler => "< 3" do - bundle :install - expect(err).to include("Warning: the gem 'rack' was found in multiple sources.") - expect(err).to include("Installed from: #{file_uri_for(gem_repo2)}") - expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") - end + context "and in yet another source" do + before do + gemfile <<-G + source "#{file_uri_for(gem_repo1)}" + source "#{file_uri_for(gem_repo2)}" + source "#{file_uri_for(gem_repo3)}" do + gem "depends_on_rack" + end + G + end - it "fails", :bundler => "3" do - bundle :install, :raise_on_error => false - expect(err).to include("Each source after the first must include a block") - expect(exitstatus).to eq(4) - end + it "installs from the other source and warns about ambiguous gems", :bundler => "< 3" do + bundle :install + expect(err).to include("Warning: the gem 'rack' was found in multiple sources.") + expect(err).to include("Installed from: #{file_uri_for(gem_repo2)}") + expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") end - context "and only the dependency is pinned" do - before do - # need this to be broken to check for correct source ordering - build_repo gem_repo2 do - build_gem "rack", "1.0.0" do |s| - s.write "lib/rack.rb", "RACK = 'FAIL'" - end + it "fails", :bundler => "3" do + bundle :install, :raise_on_error => false + expect(err).to include("Each source after the first must include a block") + expect(exitstatus).to eq(4) + end + end + + context "and only the dependency is pinned" do + before do + # need this to be broken to check for correct source ordering + build_repo gem_repo2 do + build_gem "rack", "1.0.0" do |s| + s.write "lib/rack.rb", "RACK = 'FAIL'" end + end - gemfile <<-G - source "#{file_uri_for(gem_repo3)}" # contains depends_on_rack - source "#{file_uri_for(gem_repo2)}" # contains broken rack + gemfile <<-G + source "#{file_uri_for(gem_repo3)}" # contains depends_on_rack + source "#{file_uri_for(gem_repo2)}" # contains broken rack - gem "depends_on_rack" # installed from gem_repo3 - gem "rack", :source => "#{file_uri_for(gem_repo1)}" - G - end + gem "depends_on_rack" # installed from gem_repo3 + gem "rack", :source => "#{file_uri_for(gem_repo1)}" + G + end - it "installs the dependency from the pinned source without warning", :bundler => "< 3" do - bundle :install + it "installs the dependency from the pinned source without warning", :bundler => "< 3" do + bundle :install - expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") - expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") + expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") + expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") - # In https://github.com/rubygems/bundler/issues/3585 this failed - # when there is already a lock file, and the gems are missing, so try again - system_gems [] - bundle :install + # In https://github.com/rubygems/bundler/issues/3585 this failed + # when there is already a lock file, and the gems are missing, so try again + system_gems [] + bundle :install - expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") - expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") - end + expect(err).not_to include("Warning: the gem 'rack' was found in multiple sources.") + expect(the_bundle).to include_gems("depends_on_rack 1.0.1", "rack 1.0.0") + end - it "fails", :bundler => "3" do - bundle :install, :raise_on_error => false - expect(err).to include("Each source after the first must include a block") - expect(exitstatus).to eq(4) - end + it "fails", :bundler => "3" do + bundle :install, :raise_on_error => false + expect(err).to include("Each source after the first must include a block") + expect(exitstatus).to eq(4) end end end @@ -511,9 +514,149 @@ RSpec.describe "bundle install with gems on multiple sources" do L end - it "upgrades gems when running bundle update, without printing any warnings or errors" do + it "does not install newer versions or generate lockfile changes when running bundle install, and warns", :bundler => "< 3" do + initial_lockfile = lockfile + + bundle :install + + expect(err).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure.") + + expect(the_bundle).to include_gems("activesupport 6.0.3.4") + expect(the_bundle).not_to include_gems("activesupport 6.1.2.1") + expect(the_bundle).to include_gems("tzinfo 1.2.9") + expect(the_bundle).not_to include_gems("tzinfo 2.0.4") + expect(the_bundle).to include_gems("concurrent-ruby 1.1.8") + expect(the_bundle).not_to include_gems("concurrent-ruby 1.1.9") + + expect(lockfile).to eq(initial_lockfile) + end + + it "fails when running bundle install", :bundler => "3" do + initial_lockfile = lockfile + + bundle :install, :raise_on_error => false + + expect(err).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure.") + + expect(lockfile).to eq(initial_lockfile) + end + + it "splits sections and upgrades gems when running bundle update, and doesn't warn" do bundle "update --all" expect(err).to be_empty + + expect(the_bundle).not_to include_gems("activesupport 6.0.3.4") + expect(the_bundle).to include_gems("activesupport 6.1.2.1") + expect(the_bundle).not_to include_gems("tzinfo 1.2.9") + expect(the_bundle).to include_gems("tzinfo 2.0.4") + expect(the_bundle).not_to include_gems("concurrent-ruby 1.1.8") + expect(the_bundle).to include_gems("concurrent-ruby 1.1.9") + + expect(lockfile).to eq <<~L + GEM + remote: #{file_uri_for(gem_repo2)}/ + specs: + activesupport (6.1.2.1) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + zeitwerk (~> 2.3) + concurrent-ruby (1.1.9) + connection_pool (2.2.3) + i18n (1.8.9) + concurrent-ruby (~> 1.0) + minitest (5.14.3) + rack (2.2.3) + redis (4.2.5) + sidekiq (6.1.3) + connection_pool (>= 2.2.2) + rack (~> 2.0) + redis (>= 4.2.0) + tzinfo (2.0.4) + concurrent-ruby (~> 1.0) + zeitwerk (2.4.2) + + GEM + remote: #{file_uri_for(gem_repo3)}/ + specs: + sidekiq-pro (5.2.1) + connection_pool (>= 2.2.3) + sidekiq (>= 6.1.0) + + PLATFORMS + #{specific_local_platform} + + DEPENDENCIES + activesupport + sidekiq-pro! + + BUNDLED WITH + #{Bundler::VERSION} + L + end + + it "it keeps the currrent lockfile format and upgrades the requested gem when running bundle update with an argument, and warns", :bundler => "< 3" do + bundle "update concurrent-ruby" + expect(err).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure.") + + expect(the_bundle).to include_gems("activesupport 6.0.3.4") + expect(the_bundle).not_to include_gems("activesupport 6.1.2.1") + expect(the_bundle).to include_gems("tzinfo 1.2.9") + expect(the_bundle).not_to include_gems("tzinfo 2.0.4") + expect(the_bundle).to include_gems("concurrent-ruby 1.1.9") + expect(the_bundle).not_to include_gems("concurrent-ruby 1.1.8") + + expect(lockfile).to eq <<~L + GEM + remote: #{file_uri_for(gem_repo2)}/ + remote: #{file_uri_for(gem_repo3)}/ + specs: + activesupport (6.0.3.4) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 0.7, < 2) + minitest (~> 5.1) + tzinfo (~> 1.1) + zeitwerk (~> 2.2, >= 2.2.2) + concurrent-ruby (1.1.9) + connection_pool (2.2.3) + i18n (1.8.9) + concurrent-ruby (~> 1.0) + minitest (5.14.3) + rack (2.2.3) + redis (4.2.5) + sidekiq (6.1.3) + connection_pool (>= 2.2.2) + rack (~> 2.0) + redis (>= 4.2.0) + sidekiq-pro (5.2.1) + connection_pool (>= 2.2.3) + sidekiq (>= 6.1.0) + thread_safe (0.3.6) + tzinfo (1.2.9) + thread_safe (~> 0.1) + zeitwerk (2.4.2) + + PLATFORMS + #{specific_local_platform} + + DEPENDENCIES + activesupport + sidekiq-pro! + + BUNDLED WITH + #{Bundler::VERSION} + L + end + + it "fails when running bundle update with an argument", :bundler => "3" do + initial_lockfile = lockfile + + bundle "update concurrent-ruby", :raise_on_error => false + + expect(err).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure.") + + expect(lockfile).to eq(initial_lockfile) end end end @@ -551,7 +694,7 @@ RSpec.describe "bundle install with gems on multiple sources" do end end - context "when a pinned gem has an indirect dependency with more than one level of indirection in the default source ", :bundler => "< 3" do + context "when a pinned gem has an indirect dependency with more than one level of indirection in the default source " do before do build_repo gem_repo3 do build_gem "handsoap", "0.2.5.5" do |s| @@ -578,12 +721,38 @@ RSpec.describe "bundle install with gems on multiple sources" do G end - it "installs from the proper sources without any warnings or errors" do + it "installs from the default source without any warnings or errors and generates a proper lockfile" do + expected_lockfile = <<~L + GEM + remote: #{file_uri_for(gem_repo2)}/ + specs: + nokogiri (1.11.1) + racca (~> 1.4) + racca (1.5.2) + + GEM + remote: #{file_uri_for(gem_repo3)}/ + specs: + handsoap (0.2.5.5) + nokogiri (>= 1.2.3) + + PLATFORMS + #{specific_local_platform} + + DEPENDENCIES + handsoap! + nokogiri + + BUNDLED WITH + #{Bundler::VERSION} + L + bundle "install --verbose" expect(err).not_to include("Warning") expect(the_bundle).to include_gems("handsoap 0.2.5.5", "nokogiri 1.11.1", "racca 1.5.2") expect(the_bundle).to include_gems("handsoap 0.2.5.5", :source => "remote3") expect(the_bundle).to include_gems("nokogiri 1.11.1", "racca 1.5.2", :source => "remote2") + expect(lockfile).to eq(expected_lockfile) # Even if the gems are already installed FileUtils.rm bundled_app_lock @@ -592,6 +761,7 @@ RSpec.describe "bundle install with gems on multiple sources" do expect(the_bundle).to include_gems("handsoap 0.2.5.5", "nokogiri 1.11.1", "racca 1.5.2") expect(the_bundle).to include_gems("handsoap 0.2.5.5", :source => "remote3") expect(the_bundle).to include_gems("nokogiri 1.11.1", "racca 1.5.2", :source => "remote2") + expect(lockfile).to eq(expected_lockfile) end end @@ -619,6 +789,9 @@ RSpec.describe "bundle install with gems on multiple sources" do lockfile <<-L GEM remote: #{file_uri_for(gem_repo1)} + specs: + + GEM remote: #{file_uri_for(gem_repo3)} specs: rack (0.9.1) @@ -644,6 +817,84 @@ RSpec.describe "bundle install with gems on multiple sources" do end end + context "with a lockfile with aggregated rubygems sources" do + let(:aggregate_gem_section_lockfile) do + <<~L + GEM + remote: #{file_uri_for(gem_repo1)}/ + remote: #{file_uri_for(gem_repo3)}/ + specs: + rack (0.9.1) + + PLATFORMS + #{specific_local_platform} + + DEPENDENCIES + rack! + + BUNDLED WITH + #{Bundler::VERSION} + L + end + + let(:split_gem_section_lockfile) do + <<~L + GEM + remote: #{file_uri_for(gem_repo1)}/ + specs: + + GEM + remote: #{file_uri_for(gem_repo3)}/ + specs: + rack (0.9.1) + + PLATFORMS + #{specific_local_platform} + + DEPENDENCIES + rack! + + BUNDLED WITH + #{Bundler::VERSION} + L + end + + before do + build_repo gem_repo3 do + build_gem "rack", "0.9.1" + end + + gemfile <<-G + source "#{file_uri_for(gem_repo1)}" + source "#{file_uri_for(gem_repo3)}" do + gem 'rack' + end + G + + lockfile aggregate_gem_section_lockfile + end + + it "installs the existing lockfile but prints a warning", :bundler => "< 3" do + bundle "config set --local deployment true" + + bundle "install" + + expect(lockfile).to eq(aggregate_gem_section_lockfile) + expect(err).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure.") + expect(the_bundle).to include_gems("rack 0.9.1", :source => "remote3") + end + + it "refuses to install the existing lockfile and prints an error", :bundler => "3" do + bundle "config set --local deployment true" + + bundle "install", :raise_on_error =>false + + expect(lockfile).to eq(aggregate_gem_section_lockfile) + expect(err).to include("Your lockfile contains a single rubygems source section with multiple remotes, which is insecure.") + expect(out).to be_empty + end + end + context "with a path gem in the same Gemfile" do before do build_lib "foo" @@ -825,13 +1076,34 @@ RSpec.describe "bundle install with gems on multiple sources" do G end - it "keeps the old version", :bundler => "< 3" do - expect(the_bundle).to include_gems("rack 1.0.0") + it "installs the higher version in the new repo" do + expect(the_bundle).to include_gems("rack 1.2") + end + end + + it "doesn't update version when a gem uses a source block but a higher version from another source is already installed locally" do + build_repo2 do + build_gem "example", "0.1.0" end - it "installs the higher version in the new repo", :bundler => "3" do - expect(the_bundle).to include_gems("rack 1.2") + build_repo4 do + build_gem "example", "1.0.2" end + + install_gemfile <<-G + source "#{file_uri_for(gem_repo4)}" + + gem "example", :source => "#{file_uri_for(gem_repo2)}" + G + + bundle "info example" + expect(out).to include("example (0.1.0)") + + system_gems "example-1.0.2", :path => default_bundle_path, :gem_repo => gem_repo4 + + bundle "update example --verbose" + expect(out).not_to include("Using example 1.0.2") + expect(out).to include("Using example 0.1.0") end context "when a gem is available from multiple ambiguous sources", :bundler => "3" do |