RubyGems - bundler - Versions diffs - 1.7.14 → 1.7.15 - Mend

bundler 1.7.14 → 1.7.15

Potentially problematic release.

This version of bundler might be problematic. Click here for more details.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/lib/bundler/definition.rb +6 -5
data/lib/bundler/source/path/installer.rb +2 -0
data/lib/bundler/version.rb +1 -1
data/spec/install/gems/sources_spec.rb +34 -0
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 746df673800f5d41fe2d1291b907039aba505909
-  data.tar.gz: 85c28b901946ef92a7ffbf9ead8fad33974d563f
+  metadata.gz: 87c0e0f8a86277370e75de2355fc489fcafc1cc5
+  data.tar.gz: db0d05676f078159a3387ea000fe20ef755603b7
 SHA512:
-  metadata.gz: f72f1fd05fb6525b87302286252357f7f48cab2f59d30a65fb85ad366ea869f752937077165a78e7bdd1b9461cd9bc7323d9bff45f1fe78f014dd5d4b6675e72
-  data.tar.gz: e3e476266759921138364b64d9f7b2e096b5d87ea8329c15c166c1192c96ee34450dd78817847c9dd19e649f92ac6ffe3af894cdd3004aefd3e00929e1336b64
+  metadata.gz: 918b79b442b84c1ea8b128dc3ac1016d31402e17fe5e083c5cc923f4adea219abc1b8eb3485fcba2bef465f68ff0cf19d89fa1a2a213e437ec8583743a161e2a
+  data.tar.gz: 74ca32121adf3f19442d2815deec3186dca5ecc434ca9337df4445a0107b59e8c8516f768f50551554b4011b81a0d057eb9fc1566b9693611d8816cd0ab52683

data/CHANGELOG.md CHANGED

@@ -1,3 +1,9 @@
+## 1.7.15 (2015-04-29)
+Bugfixes:
+  - Respect Gemfile sources when installing a gem present in two sources (#3585, @tmoore)
 ## 1.7.14 (2015-03-30)
 Bugfixes:

data/lib/bundler/definition.rb CHANGED

@@ -184,11 +184,10 @@ module Bundler
     # @return [SpecSet] resolved dependencies
     def resolve
       @resolve ||= begin
+        last_resolve = converge_locked_specs
         if Bundler.settings[:frozen] || (!@unlocking && nothing_changed?)
-          @locked_specs
+          last_resolve
         else
-          last_resolve = converge_locked_specs
           # Run a resolve against the locally available gems
           last_resolve.merge Resolver.resolve(expanded_dependencies, index, source_requirements, last_resolve)
         end
@@ -518,7 +517,9 @@ module Bundler
       converged = []
       @locked_specs.each do |s|
-        s.source = sources.get(s.source)
+        # Replace the locked dependency's source with the equivalent source from the Gemfile
+        dep = @dependencies.find { |dep| s.satisfies?(dep) }
+        s.source = (dep && dep.source) || sources.get(s.source)
         # Don't add a spec to the list if its source is expired. For example,
         # if you change a Git gem to Rubygems.
@@ -566,7 +567,7 @@ module Bundler
     end
     def satisfies_locked_spec?(dep)
-      @locked_specs.any? { |s| s.satisfies?(dep) && (!dep.source || s.source == dep.source) }
+      @locked_specs.any? { |s| s.satisfies?(dep) && (!dep.source || s.source.include?(dep.source)) }
     end
     def expanded_dependencies

data/lib/bundler/source/path/installer.rb CHANGED

@@ -3,6 +3,8 @@ module Bundler
     class Path
       class Installer < Bundler::GemInstaller
+        attr_reader :spec
         def initialize(spec, options = {})
           @spec              = spec
           @tmp_bin_dir       = "#{Bundler.tmp(spec.full_name)}/bin"

data/lib/bundler/version.rb CHANGED

@@ -2,5 +2,5 @@ module Bundler
   # We're doing this because we might write tests that deal
   # with other versions of bundler and we are unsure how to
   # handle this better.
-  VERSION = "1.7.14" unless defined?(::Bundler::VERSION)
+  VERSION = "1.7.15" unless defined?(::Bundler::VERSION)
 end

data/spec/install/gems/sources_spec.rb CHANGED

@@ -219,6 +219,40 @@ describe "bundle install with gems on multiple sources" do
             should_be_installed("depends_on_rack 1.0.1", "rack 1.0.0")
           end
         end
+        context "and only the dependency is pinned" do
+          before do
+            # need this to be broken to check for correct source ordering
+            build_repo gem_repo2 do
+              build_gem "rack", "1.0.0" do |s|
+                s.write "lib/rack.rb", "RACK = 'FAIL'"
+              end
+            end
+            gemfile <<-G
+              source "file://#{gem_repo3}" # contains depends_on_rack
+              source "file://#{gem_repo2}" # contains broken rack
+              gem "depends_on_rack" # installed from gem_repo3
+              gem "rack", :source => "file://#{gem_repo1}"
+            G
+          end
+          it "installs the dependency from the pinned source without warning" do
+            bundle :install
+            expect(out).not_to include("Warning: the gem 'rack' was found in multiple sources.")
+            should_be_installed("depends_on_rack 1.0.1", "rack 1.0.0")
+            # In https://github.com/bundler/bundler/issues/3585 this failed
+            # when there is already a lock file, and the gems are missing, so try again
+            system_gems []
+            bundle :install
+            expect(out).not_to include("Warning: the gem 'rack' was found in multiple sources.")
+            should_be_installed("depends_on_rack 1.0.1", "rack 1.0.0")
+          end
+        end
       end
     end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: bundler
 version: !ruby/object:Gem::Version
-  version: 1.7.14
+  version: 1.7.15
 platform: ruby
 authors:
 - André Arko
@@ -11,7 +11,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-03-30 00:00:00.000000000 Z
+date: 2015-04-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mustache