Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

initial spike generating some checksums for Gemfile.lock

  • Loading branch information...
commit 7dd7e49f0d831c804b1db9aa3a0459f43387efa7 1 parent 4f2ea14
@hone hone authored
View
13 lib/bundler/definition.rb
@@ -281,6 +281,16 @@ def to_lock
def checksum(file)
contents = ""
+ handled = []
+ dependencies.map {|d|
+ d.all_deps(d) }.flatten.
+ sort_by { |d| d.to_s }.
+ each do |dep|
+ next if handled.include?(dep.name)
+ contents << dep.to_checksum
+ contents << "\n"
+ handled << dep.name
+ end
File.open(file, 'wb'){|f| f.puts(contents) }
rescue Errno::EACCES
@@ -290,6 +300,9 @@ def checksum(file)
"#{File.expand_path(file)}"
end
+ def to_checksum
+ end
+
def ensure_equivalent_gemfile_and_lockfile(explicit_flag = false)
changes = false
View
4 lib/bundler/dependency.rb
@@ -79,6 +79,10 @@ def to_lock
out << "\n"
end
+ def to_checksum
+ out = super
+ end
+
private
def on_18?
View
6 lib/bundler/rubygems_ext.rb
@@ -92,6 +92,7 @@ def dependencies_to_gemfile(dependencies, group = nil)
end
class Dependency
+ require 'digest/sha2'
attr_accessor :source, :groups
alias eql? ==
@@ -115,6 +116,11 @@ def to_lock
out
end
+ def to_checksum
+ spec = to_spec
+ "#{spec.full_name}:#{Digest::SHA256.hexdigest(File.read(spec.cache_file))}"
+ end
+
def all_deps(dep = self)
deps = dep.to_spec.dependencies.select {|d| d.type == :runtime }
View
22 spec/install/gems/simple_case_spec.rb
@@ -340,14 +340,32 @@
end
context "Gemfile.lock.asc" do
+ require 'digest/sha2'
+
it "creates a Gemfile.lock.asc" do
- install_gemfile(<<-G)
+ gemfile(<<-G)
source "file://#{gem_repo1}"
- gem 'foo'
+ gem 'thin'
G
+ bundle "install --path vendor/bundle"
+
+ ruby_version = Bundler::SystemRubyVersion.new
+ ruby_abi = RbConfig::CONFIG['ruby_version']
+ cache_dir = "vendor/bundle/#{ruby_version.engine}/#{ruby_abi}/cache"
+ hashes = {}
+ ['thin-1.0', 'rack-1.0.0'].each do |gem|
+ hashes[gem] = Digest::SHA256.hexdigest(File.read(bundled_app("#{cache_dir}/#{gem}.gem")))
+ end
+
expect(bundled_app("Gemfile.lock.asc")).to exist
+
+ contents = File.read(bundled_app("Gemfile.lock.asc")).split("\n")
+ contents.each do |line|
+ gem, checksum = line.split(":")
+ expect(hashes[gem]).to eq(checksum)
+ end
end
context "on empty Gemfile" do
Please sign in to comment.
Something went wrong with that request. Please try again.