1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
|
# frozen_string_literal: true
RSpec.context "when installing a bundle that includes yanked gems" do
it "throws an error when the original gem version is yanked" do
build_repo4 do
build_gem "foo", "9.0.0"
end
lockfile <<-L
GEM
remote: https://gem.repo4
specs:
foo (10.0.0)
PLATFORMS
#{lockfile_platforms}
DEPENDENCIES
foo (= 10.0.0)
L
install_gemfile <<-G, raise_on_error: false
source "https://gem.repo4"
gem "foo", "10.0.0"
G
expect(err).to include("Your bundle is locked to foo (10.0.0)")
end
context "when a platform specific yanked version is included in the lockfile, and a generic variant is available remotely" do
let(:original_lockfile) do
<<~L
GEM
remote: https://gem.repo4/
specs:
actiontext (6.1.6)
nokogiri (>= 1.8)
foo (1.0.0)
nokogiri (1.13.8-#{Bundler.local_platform})
PLATFORMS
#{lockfile_platforms}
DEPENDENCIES
actiontext (= 6.1.6)
foo (= 1.0.0)
BUNDLED WITH
#{Bundler::VERSION}
L
end
before do
skip "Materialization on Windows is not yet strict, so the example does not detect the gem has been yanked" if Gem.win_platform?
build_repo4 do
build_gem "foo", "1.0.0"
build_gem "foo", "1.0.1"
build_gem "actiontext", "6.1.7" do |s|
s.add_dependency "nokogiri", ">= 1.8"
end
build_gem "actiontext", "6.1.6" do |s|
s.add_dependency "nokogiri", ">= 1.8"
end
build_gem "actiontext", "6.1.7" do |s|
s.add_dependency "nokogiri", ">= 1.8"
end
build_gem "nokogiri", "1.13.8"
end
gemfile <<~G
source "https://gem.repo4"
gem "foo", "1.0.0"
gem "actiontext", "6.1.6"
G
lockfile original_lockfile
end
context "and a re-resolve is necessary" do
before do
gemfile gemfile.sub('"foo", "1.0.0"', '"foo", "1.0.1"')
end
it "reresolves, and replaces the yanked gem with the generic version, printing a warning, when the old index is used" do
bundle "install", artifice: "endpoint", verbose: true
expect(out).to include("Installing nokogiri 1.13.8").and include("Installing foo 1.0.1")
expect(lockfile).to eq(original_lockfile.sub("nokogiri (1.13.8-#{Bundler.local_platform})", "nokogiri (1.13.8)").gsub("1.0.0", "1.0.1"))
expect(err).to include("Some locked specs have possibly been yanked (nokogiri-1.13.8-#{Bundler.local_platform}). Ignoring them...")
end
it "reresolves, and replaces the yanked gem with the generic version, printing a warning, when the compact index API is used" do
bundle "install", artifice: "compact_index", verbose: true
expect(out).to include("Installing nokogiri 1.13.8").and include("Installing foo 1.0.1")
expect(lockfile).to eq(original_lockfile.sub("nokogiri (1.13.8-#{Bundler.local_platform})", "nokogiri (1.13.8)").gsub("1.0.0", "1.0.1"))
expect(err).to include("Some locked specs have possibly been yanked (nokogiri-1.13.8-#{Bundler.local_platform}). Ignoring them...")
end
end
it "reports the yanked gem properly when the old index is used" do
bundle "install", artifice: "endpoint", raise_on_error: false
expect(err).to include("Your bundle is locked to nokogiri (1.13.8-#{Bundler.local_platform})")
end
it "reports the yanked gem properly when the compact index API is used" do
bundle "install", artifice: "compact_index", raise_on_error: false
expect(err).to include("Your bundle is locked to nokogiri (1.13.8-#{Bundler.local_platform})")
end
end
it "throws the original error when only the Gemfile specifies a gem version that doesn't exist" do
build_repo4 do
build_gem "foo", "9.0.0"
end
bundle "config set force_ruby_platform true"
install_gemfile <<-G, raise_on_error: false
source "https://gem.repo4"
gem "foo", "10.0.0"
G
expect(err).not_to include("Your bundle is locked to foo (10.0.0)")
expect(err).to include("Could not find gem 'foo (= 10.0.0)' in")
end
end
RSpec.context "when resolving a bundle that includes yanked gems, but unlocking an unrelated gem" do
before(:each) do
build_repo4 do
build_gem "foo", "10.0.0"
build_gem "bar", "1.0.0"
build_gem "bar", "2.0.0"
end
lockfile <<-L
GEM
remote: https://gem.repo4
specs:
foo (9.0.0)
bar (1.0.0)
PLATFORMS
#{lockfile_platforms}
DEPENDENCIES
foo
bar
BUNDLED WITH
#{Bundler::VERSION}
L
gemfile <<-G
source "https://gem.repo4"
gem "foo"
gem "bar"
G
end
it "does not update the yanked gem" do
bundle "lock --update bar"
expect(lockfile).to eq <<~L
GEM
remote: https://gem.repo4/
specs:
bar (2.0.0)
foo (9.0.0)
PLATFORMS
#{lockfile_platforms}
DEPENDENCIES
bar
foo
BUNDLED WITH
#{Bundler::VERSION}
L
end
end
RSpec.context "when using gem before installing" do
it "does not suggest the author has yanked the gem" do
gemfile <<-G
source "https://gem.repo1"
gem "myrack", "0.9.1"
G
lockfile <<-L
GEM
remote: https://gem.repo1
specs:
myrack (0.9.1)
PLATFORMS
#{lockfile_platforms}
DEPENDENCIES
myrack (= 0.9.1)
L
bundle :list, raise_on_error: false
expect(err).to include("Could not find myrack-0.9.1 in locally installed gems")
expect(err).to_not include("Your bundle is locked to myrack (0.9.1) from")
expect(err).to_not include("If you haven't changed sources, that means the author of myrack (0.9.1) has removed it.")
expect(err).to_not include("You'll need to update your bundle to a different version of myrack (0.9.1) that hasn't been removed in order to install.")
# Check error message is still correct when multiple platforms are locked
lockfile lockfile.gsub(/PLATFORMS\n #{lockfile_platforms}/m, "PLATFORMS\n #{lockfile_platforms("ruby")}")
bundle :list, raise_on_error: false
expect(err).to include("Could not find myrack-0.9.1 in locally installed gems")
end
it "does not suggest the author has yanked the gem when using more than one gem, but shows all gems that couldn't be found in the source" do
gemfile <<-G
source "https://gem.repo1"
gem "myrack", "0.9.1"
gem "myrack_middleware", "1.0"
G
lockfile <<-L
GEM
remote: https://gem.repo1
specs:
myrack (0.9.1)
myrack_middleware (1.0)
PLATFORMS
#{lockfile_platforms}
DEPENDENCIES
myrack (= 0.9.1)
myrack_middleware (1.0)
L
bundle :list, raise_on_error: false
expect(err).to include("Could not find myrack-0.9.1, myrack_middleware-1.0 in locally installed gems")
expect(err).to include("Install missing gems with `bundle install`.")
expect(err).to_not include("Your bundle is locked to myrack (0.9.1) from")
expect(err).to_not include("If you haven't changed sources, that means the author of myrack (0.9.1) has removed it.")
expect(err).to_not include("You'll need to update your bundle to a different version of myrack (0.9.1) that hasn't been removed in order to install.")
end
end
|
