bundler-multilock 1.3.1 → 1.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a0cfa166a89e37eb6e7716c6be3f974d2c928c18c03fd2b45451f8bf1a005d6
-  data.tar.gz: 7b9a270fa65c7d076db82aa4f3db317a74b8e888235902799661982be326dccb
+  metadata.gz: ba0cab59258e277e546634302417061f583bccb384c48d2573ac5565c23d436b
+  data.tar.gz: f0571eef5788f3299324cc39c8ca6bdeb742d7296b2a564d5511e5118e72e94c
 SHA512:
-  metadata.gz: 1d68d41b6415bb46eff5b33d159985afdd0d65ea5492f4b753edad491116144d1f467a9e3441c9c3fa141a01db37fe1450158436113f27dc848c799396537ab1
-  data.tar.gz: e024f799b4f52a2cce3be0025b1e0cc0165a0bedd4ce9adf157b292fe3cb6590739654ac8c2bdebf01d362f1bc0e97e62662b00b6d7e1c3be4d97621a506ee7a
+  metadata.gz: 92aa36d22778ef5073846af9eae61c1046be24ca103edd3b6ad4efc2ad2d99e0463e6b0750c74dc24174a16414aae64356465c957a1e85f4c214c4e42c49b3ad
+  data.tar.gz: 4b420871866b9be6de5e33671e63ad9741ddb17909a9899c8ed86ebe2c8b011e3e89366c99dc8c044323697636edbd9a048f8173572f5218100f3024300ff662

data/lib/bundler/multilock/cache.rb

@@ -57,11 +57,27 @@ module Bundler
       end
 
       def specs(lockfile_name)
-        @specs[lockfile_name] ||= parser(lockfile_name).specs.to_h do |spec|
-          [[spec.name, spec.platform], spec]
+        @specs[lockfile_name] ||= begin
+          specs = {}
+          parser(lockfile_name).specs.each do |spec|
+            (specs[spec.name] ||= {})[spec.platform] = spec
+          end
+          specs
         end
       end
 
+      # sometimes a gem changes platforms with a new version, such as from aarch64-linux
+      # to aarch64-linux-gnu. we need to still sync it
+      def find_matching_spec(specs, spec)
+        specs = self.specs(specs) unless specs.is_a?(Hash)
+        platform_specs = specs[spec.name]
+        return unless platform_specs
+
+        parent_spec = platform_specs[spec.platform]
+        parent_spec ||= platform_specs.find { |platform, _| platform =~ spec.platform }&.last
+        parent_spec || platform_specs.find { |platform, _| platform == "ruby" }&.last
+      end
+
       # @param lockfile_name [Pathname]
       # @return [Hash<String, Set<String>>] hash of gem name to set of gem names that depend on it
       def reverse_dependencies(lockfile_name)

data/lib/bundler/multilock/check.rb

@@ -88,7 +88,7 @@ module Bundler
 
       # this checks for mismatches between the parent lockfile and the given lockfile,
       # and for pinned dependencies in lockfiles requiring them
-      def deep_check(lockfile_definition)
+      def deep_check(lockfile_definition, conflicts: nil)
         lockfile_name = lockfile_definition[:lockfile]
         @cache.deep_check(lockfile_name) do
           success = true
@@ -120,7 +120,7 @@ module Bundler
 
           # check for conflicting requirements (and build list of pins, in the same loop)
           parser.specs.each do |spec|
-            parent_spec = @cache.specs(parent_lockfile_name)[[spec.name, spec.platform]]
+            parent_spec = @cache.find_matching_spec(parent_lockfile_name, spec)
 
             if lockfile_definition[:enforce_pinned_additional_dependencies]
               # look through what this spec depends on, and keep track of all pinned requirements
@@ -156,6 +156,7 @@ module Bundler
                              "does not match the parent lockfile's version " \
                              "(@#{parent_spec.version}#{parent_spec.git_version}); " \
                              "this may be due to a conflicting requirement, which would require manual resolution.")
+            conflicts&.add(spec.name)
             success = false
           end
 

data/lib/bundler/multilock/ext/cli.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Bundler
+  module Multilock
+    module Ext
+      module CLI
+        module ClassMethods
+          def instance
+            return @instance if instance_variable_defined?(:@instance)
+
+            # this is a little icky, but there's no other way to determine which command was run
+            @instance = ObjectSpace.each_object(::Bundler::CLI).first
+          end
+        end
+
+        ::Bundler::CLI.extend(ClassMethods)
+      end
+    end
+  end
+end

data/lib/bundler/multilock/lockfile_generator.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "delegate"
+
 require "bundler/lockfile_generator"
 
 module Bundler

data/lib/bundler/multilock/version.rb

@@ -2,6 +2,6 @@
 
 module Bundler
   module Multilock
-    VERSION = "1.3.1"
+    VERSION = "1.3.3"
   end
 end

data/lib/bundler/multilock.rb

@@ -82,17 +82,13 @@ module Bundler
           enforce_pinned_additional_dependencies: enforce_pinned_additional_dependencies
         })
 
-        if (defined?(CLI::Check) ||
-            defined?(CLI::Install) ||
-            defined?(CLI::Lock) ||
-            defined?(CLI::Update)) &&
-           !defined?(CLI::Cache) && !env_lockfile
+        # If they're using BUNDLE_LOCKFILE, then they really do want to
+        # use a particular lockfile, and it overrides whatever they
+        # dynamically set in their gemfile
+        if !env_lockfile && defined?(CLI) &&
+           %i[check install lock update].include?(CLI.instance&.current_command_chain&.first)
           # always use Gemfile.lock for `bundle check`, `bundle install`,
-          # `bundle lock`, and `bundle update`. `bundle cache` delegates to
-          # `bundle install`, but we want that to run as normal.
-          # If they're using BUNDLE_LOCKFILE, then they really do want to
-          # use a particular lockfile, and it overrides whatever they
-          # dynamically set in their gemfile
+          # `bundle lock`, and `bundle update`.
           active = lockfile == Bundler.default_lockfile(force_original: true)
         end
 
@@ -179,10 +175,11 @@ module Bundler
 
             # already up to date?
             up_to_date = false
+            conflicts = Set.new
             Bundler.settings.temporary(frozen: true) do
               Bundler.ui.silence do
                 up_to_date = checker.base_check(lockfile_definition, check_missing_deps: true) &&
-                             checker.deep_check(lockfile_definition)
+                             checker.deep_check(lockfile_definition, conflicts: conflicts)
               end
             end
             if up_to_date
@@ -206,7 +203,6 @@ module Bundler
               Bundler.ui.info("Syncing to #{relative_lockfile}...") if attempts == 1
               synced_any = true
 
-              specs = lockfile_name.exist? ? cache.specs(lockfile_name) : {}
               parent_lockfile_name = lockfile_definition[:parent]
               parent_root = parent_lockfile_name.dirname
               parent_specs = cache.specs(parent_lockfile_name)
@@ -222,7 +218,7 @@ module Bundler
                 end
 
               # add a source for the current gem
-              gem_spec = parent_specs[[File.basename(Bundler.root), "ruby"]]
+              gem_spec = parent_specs.dig(File.basename(Bundler.root), "ruby")
 
               if gem_spec
                 adjusted_parent_lockfile_contents += <<~TEXT
@@ -252,39 +248,30 @@ module Bundler
                   next :self if parent_spec.nil?
                   next spec_precedences[spec.name] if spec_precedences.key?(spec.name)
 
-                  precedence = :self if cache.conflicting_requirements?(lockfile_name,
-                                                                        parent_lockfile_name,
-                                                                        spec,
-                                                                        parent_spec)
-
-                  # look through all reverse dependencies; if any of them say it
-                  # has to come from self, due to conflicts, then this gem has
-                  # to come from self as well
-                  [cache.reverse_dependencies(lockfile_name),
-                   cache.reverse_dependencies(parent_lockfile_name)].each do |reverse_dependencies|
-                    break if precedence == :self
-
-                    reverse_dependencies[spec.name].each do |dep_name|
-                      precedence = check_precedence.call(specs[dep_name], parent_specs[dep_name])
-                      break if precedence == :self
-                    end
-                  end
+                  precedence = if !(cache.reverse_dependencies(lockfile_name)[spec.name] & conflicts).empty?
+                                 :parent
+                               elsif cache.conflicting_requirements?(lockfile_name,
+                                                                     parent_lockfile_name,
+                                                                     spec,
+                                                                     parent_spec)
+                                 :self
+                               end
 
                   spec_precedences[spec.name] = precedence || :parent
                 end
 
+                lockfile.sources.map! do |source|
+                  parent_lockfile.sources.find { |s| s == source } || source
+                end
                 # replace any duplicate specs with what's in the parent lockfile
                 lockfile.specs.map! do |spec|
-                  parent_spec = parent_specs[[spec.name, spec.platform]]
+                  parent_spec = cache.find_matching_spec(parent_specs, spec)
                   next spec unless parent_spec
-
                   next spec if check_precedence.call(spec, parent_spec) == :self
 
                   dependency_changes ||= spec != parent_spec
 
-                  new_spec = parent_spec.dup
-                  new_spec.source = spec.source
-                  new_spec
+                  parent_spec
                 end
 
                 lockfile.platforms.replace(parent_lockfile.platforms).uniq!
@@ -497,6 +484,13 @@ module Bundler
         # from someone else
         if current_lockfile.exist? && install
           Bundler.settings.temporary(frozen: true) do
+            # it keeps the same sources as the builder, which now shares with
+            # `definition` above; give it its own copy to avoid stomping on it
+            builder.instance_variable_set(
+              :@sources,
+              builder.instance_variable_get(:@sources).dup
+            )
+
             current_definition = builder.to_definition(current_lockfile, {})
             # if something has changed, we skip this step; it's unlocking anyway
             next unless current_definition.no_resolve_needed?
@@ -518,6 +512,14 @@ module Bundler
           previous_ui_level = Bundler.ui.level
           Bundler.ui.level = "warn"
           begin
+            # force a remote resolution if intermediate gems are missing
+            if definition.instance_variable_get(:@locked_spec_with_missing_deps) ||
+               definition.instance_variable_get(:@locked_spec_with_invalid_deps) ||
+               definition.instance_variable_get(:@missing_lockfile_dep) ||
+               definition.instance_variable_get(:@invalid_lockfile_dep)
+              raise SolveFailure
+            end
+
             # this is a horrible hack, to fix what I consider to be a Bundler bug.
             # basically, if you have multiple platform specific gems in your
             # lockfile, and that gem gets unlocked, Bundler will only search
@@ -577,25 +579,29 @@ end
 Bundler::LazySpecification.include(Bundler::MatchMetadata) if defined?(Bundler::MatchMetadata)
 Bundler::Multilock.inject_preamble unless Bundler::Multilock.loaded?
 
-# this is terrible, but we can't prepend into these modules because we only load
-# _inside_ of the CLI commands already running
-if defined?(Bundler::CLI::Check)
-  require_relative "multilock/check"
-  at_exit do
-    next unless $!.nil?
-    next if $!.is_a?(SystemExit) && !$!.success?
+if defined?(Bundler::CLI)
+  require_relative "multilock/ext/cli"
+
+  # this is terrible, but we can't prepend into these modules because we only load
+  # _inside_ of the CLI commands already running
+  if Bundler::CLI.instance&.current_command_chain&.first == :check
+    require_relative "multilock/check"
+    at_exit do
+      next unless $!.nil?
+      next if $!.is_a?(SystemExit) && !$!.success?
 
-    next if Bundler::Multilock::Check.run
+      next if Bundler::Multilock::Check.run
 
-    Bundler.ui.warn("You can attempt to fix by running `bundle install`")
-    exit 1
+      Bundler.ui.warn("You can attempt to fix by running `bundle install`")
+      exit 1
+    end
   end
-end
-if defined?(Bundler::CLI::Lock)
-  at_exit do
-    next unless $!.nil?
-    next if $!.is_a?(SystemExit) && !$!.success?
+  if Bundler::CLI.instance&.current_command_chain&.first == :lock
+    at_exit do
+      next unless $!.nil?
+      next if $!.is_a?(SystemExit) && !$!.success?
 
-    Bundler::Multilock.after_install_all(install: false)
+      Bundler::Multilock.after_install_all(install: false)
+    end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bundler-multilock
 version: !ruby/object:Gem::Version
-  version: 1.3.1
+  version: 1.3.3
 platform: ruby
 authors:
 - Instructure
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-04-25 00:00:00.000000000 Z
+date: 2024-06-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -82,6 +82,7 @@ files:
 - lib/bundler/multilock/cache.rb
 - lib/bundler/multilock/check.rb
 - lib/bundler/multilock/ext/bundler.rb
+- lib/bundler/multilock/ext/cli.rb
 - lib/bundler/multilock/ext/definition.rb
 - lib/bundler/multilock/ext/dsl.rb
 - lib/bundler/multilock/ext/plugin.rb
@@ -113,7 +114,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.9
+rubygems_version: 3.5.14
 signing_key: 
 specification_version: 4
 summary: Support Multiple Lockfiles