ruby-changes:71815
From: David <ko1@a...>
Date: Fri, 13 May 2022 15:24:11 +0900 (JST)
Subject: [ruby-changes:71815] 4c9ddaac0d (master): [rubygems/rubygems] Fix `Gemfile.lock` versions leaking to `bundler/inline` install output
https://git.ruby-lang.org/ruby.git/commit/?id=4c9ddaac0d From 4c9ddaac0df317e18665f6d07387191d457cc093 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Rodr=C3=ADguez?= <deivid.rodriguez@r...> Date: Wed, 11 May 2022 14:17:54 +0200 Subject: [rubygems/rubygems] Fix `Gemfile.lock` versions leaking to `bundler/inline` install output The lockfile is completely ignored in inline mode, yet the previous output would suggest it wasn't. https://github.com/rubygems/rubygems/commit/763125a745 --- lib/bundler/installer.rb | 2 +- lib/bundler/installer/gem_installer.rb | 15 ++++++++- lib/bundler/plugin/installer/git.rb | 4 --- lib/bundler/plugin/installer/rubygems.rb | 4 --- lib/bundler/source.rb | 7 ++-- lib/bundler/source/git.rb | 2 +- lib/bundler/source/path.rb | 2 +- lib/bundler/source/rubygems.rb | 15 +++++---- .../bundler/installer/gem_installer_spec.rb | 15 ++++++--- spec/bundler/bundler/source_spec.rb | 38 ++++------------------ spec/bundler/runtime/inline_spec.rb | 34 +++++++++++++++++++ 11 files changed, 80 insertions(+), 58 deletions(-) diff --git a/lib/bundler/installer.rb b/lib/bundler/installer.rb index ca9df4a21e..915a04c0dc 100644 --- a/lib/bundler/installer.rb +++ b/lib/bundler/installer.rb @@ -13,7 +13,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/installer.rb#L13 Installer.ambiguous_gems = [] end - attr_reader :post_install_messages + attr_reader :post_install_messages, :definition # Begins the installation process for Bundler. # For more information see the #run method on this class. diff --git a/lib/bundler/installer/gem_installer.rb b/lib/bundler/installer/gem_installer.rb index 13a1356f56..9a013eea4d 100644 --- a/lib/bundler/installer/gem_installer.rb +++ b/lib/bundler/installer/gem_installer.rb @@ -51,7 +51,20 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/installer/gem_installer.rb#L51 end def install - spec.source.install(spec, :force => force, :ensure_builtin_gems_cached => standalone, :build_args => Array(spec_settings)) + spec.source.install( + spec, + :force => force, + :ensure_builtin_gems_cached => standalone, + :build_args => Array(spec_settings), + :previous_spec => previous_spec, + ) + end + + def previous_spec + locked_gems = installer.definition.locked_gems + return unless locked_gems + + locked_gems.specs.find {|s| s.name == spec.name } end def out_of_space_message diff --git a/lib/bundler/plugin/installer/git.rb b/lib/bundler/plugin/installer/git.rb index fbb6c5e40e..deec5e99b3 100644 --- a/lib/bundler/plugin/installer/git.rb +++ b/lib/bundler/plugin/installer/git.rb @@ -20,10 +20,6 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/plugin/installer/git.rb#L20 end end - def version_message(spec) - "#{spec.name} #{spec.version}" - end - def root Plugin.root end diff --git a/lib/bundler/plugin/installer/rubygems.rb b/lib/bundler/plugin/installer/rubygems.rb index e144c14b24..7277234d9a 100644 --- a/lib/bundler/plugin/installer/rubygems.rb +++ b/lib/bundler/plugin/installer/rubygems.rb @@ -4,10 +4,6 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/plugin/installer/rubygems.rb#L4 module Plugin class Installer class Rubygems < Bundler::Source::Rubygems - def version_message(spec) - "#{spec.name} #{spec.version}" - end - private def requires_sudo? diff --git a/lib/bundler/source.rb b/lib/bundler/source.rb index 2a2b332cff..69804a2e63 100644 --- a/lib/bundler/source.rb +++ b/lib/bundler/source.rb @@ -15,13 +15,12 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source.rb#L15 specs.unmet_dependency_names end - def version_message(spec) + def version_message(spec, locked_spec = nil) message = "#{spec.name} #{spec.version}" message += " (#{spec.platform})" if spec.platform != Gem::Platform::RUBY && !spec.platform.nil? - if Bundler.locked_gems - locked_spec = Bundler.locked_gems.specs.find {|s| s.name == spec.name } - locked_spec_version = locked_spec.version if locked_spec + if locked_spec + locked_spec_version = locked_spec.version if locked_spec_version && spec.version != locked_spec_version message += Bundler.ui.add_color(" (was #{locked_spec_version})", version_color(spec.version, locked_spec_version)) end diff --git a/lib/bundler/source/git.rb b/lib/bundler/source/git.rb index a41a2f23e9..f174120706 100644 --- a/lib/bundler/source/git.rb +++ b/lib/bundler/source/git.rb @@ -181,7 +181,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/git.rb#L181 def install(spec, options = {}) force = options[:force] - print_using_message "Using #{version_message(spec)} from #{self}" + print_using_message "Using #{version_message(spec, options[:previous_spec])} from #{self}" if (requires_checkout? && !@copied) || force Bundler.ui.debug " * Checking out revision: #{ref}" diff --git a/lib/bundler/source/path.rb b/lib/bundler/source/path.rb index 01f89b204d..672ecfd13b 100644 --- a/lib/bundler/source/path.rb +++ b/lib/bundler/source/path.rb @@ -82,7 +82,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/path.rb#L82 end def install(spec, options = {}) - using_message = "Using #{version_message(spec)} from #{self}" + using_message = "Using #{version_message(spec, options[:previous_spec])} from #{self}" using_message += " and installing its executables" unless spec.executables.empty? print_using_message using_message generate_bin(spec, :disable_extensions => true) diff --git a/lib/bundler/source/rubygems.rb b/lib/bundler/source/rubygems.rb index ddfd9e908a..b37bfbccb9 100644 --- a/lib/bundler/source/rubygems.rb +++ b/lib/bundler/source/rubygems.rb @@ -162,7 +162,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/rubygems.rb#L162 uris.uniq! Installer.ambiguous_gems << [spec.name, *uris] if uris.length > 1 - path = fetch_gem(spec) + path = fetch_gem(spec, options[:previous_spec]) begin s = Bundler.rubygems.spec_from_gem(path, Bundler.settings["trust-policy"]) spec.__swap__(s) @@ -173,7 +173,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/rubygems.rb#L173 end unless Bundler.settings[:no_install] - message = "Installing #{version_message(spec)}" + message = "Installing #{version_message(spec, options[:previous_spec])}" message += " with native extensions" if spec.extensions.any? Bundler.ui.confirm message @@ -458,7 +458,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/rubygems.rb#L458 end end - def fetch_gem(spec) + def fetch_gem(spec, previous_spec = nil) return false unless spec.remote spec.fetch_platform @@ -476,7 +476,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/rubygems.rb#L476 SharedHelpers.filesystem_access(download_cache_path) do |p| FileUtils.mkdir_p(p) end - download_gem(spec, download_cache_path) + download_gem(spec, download_cache_path, previous_spec) if requires_sudo? SharedHelpers.filesystem_access(cache_path) do |p| @@ -521,9 +521,12 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/source/rubygems.rb#L521 # @param [String] download_cache_path # the local directory the .gem will end up in. # - def download_gem(spec, download_cache_path) + # @param [Specification] previous_spec + # the spec previously locked + # + def download_gem(spec, download_cache_path, previous_spec = nil) uri = spec.remote.uri - Bundler.ui.confirm("Fetching #{version_message(spec)}") + Bundler.ui.confirm("Fetching #{version_message(spec, previous_spec)}") Bundler.rubygems.download_gem(spec, uri, download_cache_path) end diff --git a/spec/bundler/bundler/installer/gem_installer_spec.rb b/spec/bundler/bundler/installer/gem_installer_spec.rb index 8f8d1c6d15..14a6a19a86 100644 --- a/spec/bundler/bundler/installer/gem_installer_spec.rb +++ b/spec/bundler/bundler/installer/gem_installer_spec.rb @@ -3,7 +3,8 @@ https://github.com/ruby/ruby/blob/trunk/spec/bundler/bundler/installer/gem_installer_spec.rb#L3 require "bundler/installer/gem_installer" RSpec.describe Bundler::GemInstaller do - let(:installer) { instance_double("Installer") } + let(:definition) { instance_double("Definition", :locked_gems => nil) } + let(:installer) { instance_double("Installer", :definition => definition) } let(:spec_source) { instance_double("SpecSource") } let(:spec) { instance_double("Specification", :name => "dummy", :version => "0.0.1", :loaded_from => "dummy", :source => spec_source) } @@ -11,7 +12,7 @@ RSpec.describe Bundler::GemInstaller do https://github.com/ruby/ruby/blob/trunk/spec/bundler/bundler/installer/gem_installer_spec.rb#L12 context "spec_settings is nil" do it "invokes install method with empty build_args" do - allow(spec_source).to receive(:install).with(spec, :force => false, :ensure_builtin_gems_cached => false, :build_args => []) + allow(spec_source).to receive(:install).with(spec, :force => false, :ensure_builtin_gems_cached => false, :build_args => [], :previous_spec => nil) subject.install_from_spec end e (... truncated) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/