Handle ambiguous dependencies and update shard.lock on if source of dependency changes change #419
Conversation
src/molinillo_solver.cr
Outdated
| @@ -61,6 +62,8 @@ module Shards | |||
| next unless dep.matches?(version) | |||
| end | |||
|
|
|||
| next if dep.resolver != lock.resolver | |||
There was a problem hiding this comment.
This would resolve to the latest version, for example in the case of a url change. Think about moving from GitLab to GitHub, or renaming the repository. Should we try to keep the locked version and force an update in case it's not available?
There was a problem hiding this comment.
I see, you mean that
- if the shard.yml has no version restriction,
- there is a lock pointing to the non latest version
- the shard.yml is changed to point to another fork (and still has no version restriction)
The result is that the lock is totally discarded and the dependency will bump.
I see a change of source as a change of dependency entirerly, so I wouldn't try to keep the lock.
I also have more in mind changing the source form git to path for local overrides, there the lock is also expected to be discarded.
There was a problem hiding this comment.
But that's a problem, because there is no way to avoid that behaviour. If the locked version is honoured, there is always the option to run an update to unlock it.
For example, if you're testing something and want to use a local version of the dependency momentarily, you don't want the whole subtree of dependencies to upgrade.
I think the solution would be as simple as using a new dependency as the lock node, built using the resolver coming from the spec dependency, combined with the locked version, and probably raise a warning or something to notify the change being made.
There was a problem hiding this comment.
If there is a change in the shard.yml that makes the lock not a candidate, the lock for that dependency is ignored.
I aimed for the same behaviour if the source change. The version might have differed completely between forks.
But maybe we can keep the locks of the subtree.... that would be more conservative.
There was a problem hiding this comment.
On other hand, the forks can use different dependencies. Keeping locked only the ones that will still be required, to allow the others to go away, will require resolving which version in the forked source will be used.
I'm more inclined to keep the current behavior in the PR. Unlocking all dependencies and treating the change of source as a complete change of the indicated dependency.
|
I implemented a more conservative update. One case that I am not sure is: metadata = {dependencies: {awesome: {git: git_url(:forked_awesome), branch: "feature/super"}}}
lock = {awesome: "0.1.0", d: "0.1.0"}
with_shard(metadata, lock) do
assert_locked "awesome", "0.1.0", source: {git: git_url(:awesome)}
output = run "shards install --no-color"
endThe Is that the right thing to do? |
|
So the spec I mentioned can be added later when that TODO is implemented. Yay! |
Ensure resolver cache does not bother when parsing shard.lock and .shards.info files in integration specs Include key, name and source in the resolver cache
Emit warning on source change Reject lock file on install --production if source changed
bcardiff
force-pushed
the
fix/update-lock-on-source-change
branch
from
25e143c
to
a2eeb55
Compare
|
Rebased on master to solve conflicts |
…ependency changes change (crystal-lang#419) * Update lock file if source change (but not version) Ensure resolver cache does not bother when parsing shard.lock and .shards.info files in integration specs Include key, name and source in the resolver cache * Refactor source normalization * Ensure it fails on ambiguous sources * Fix spec that where using git: git_path instead of git_url * Skip adding lock if resolver of lock and dependency changes * Mimic proper fork in specs * Preserve locked version on changed source Emit warning on source change Reject lock file on install --production if source changed * Add spec for updating to forked branch * Code clean-up
…ependency changes change (crystal-lang#419) * Update lock file if source change (but not version) Ensure resolver cache does not bother when parsing shard.lock and .shards.info files in integration specs Include key, name and source in the resolver cache * Refactor source normalization * Ensure it fails on ambiguous sources * Fix spec that where using git: git_path instead of git_url * Skip adding lock if resolver of lock and dependency changes * Mimic proper fork in specs * Preserve locked version on changed source Emit warning on source change Reject lock file on install --production if source changed * Add spec for updating to forked branch * Code clean-up
Changing the source from git to path in the shard.yml, in the precense of a shard.lock file didn't trigger an update of the lockfile. The
outdated_lockfile?logic didn't consider all the information that will be used to generate that file (resolver key and source were missing).Now lock constraints are not added if the resolver from the shard.yml and from the shard.lock differ.
It will now handle better ambiguous sources for the same name. Before this PR one was used because the cache was accessed by name only. Now it depends on name, key and (normalized) source.
The resolver cache needed to be reset in some helper methods on integration specs to avoid misleading results. Well, now that the cache key depends not only in the name that change is not really needed, but I think is better to isolate that. The cache was designed for the solver and that is not used in the integration specs.