Skip to content

Fix regression when running bundle update <foo> would sometimes downgrade a top level dependency #8491

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
deivid-rodriguez merged 3 commits into from
Feb 17, 2025
Merged

Fix regression when running bundle update <foo> would sometimes downgrade a top level dependency #8491

deivid-rodriguez merged 3 commits into from
Feb 17, 2025

Conversation

@deivid-rodriguez
Copy link
Contributor

@deivid-rodriguez deivid-rodriguez commented Feb 13, 2025
edited
Loading

What was the end-user or developer problem that led to this PR?

Sometimes, running bundle update <foo> would downgrade a top level dependency. Regression was introduced by d0f7899.

What is your fix for the problem, implemented in this PR?

The fix is to avoid calling converge_specs when adding lower bound extra requirements to prevent downgrades. Using this method was causing the extra requirements to sometimes not be added.

Fixes #8474.

This PR builds on top of #8489, so that PR should be merged first.

Make sure the following tasks are checked

@deivid-rodriguez deivid-rodriguez force-pushed the deivid-rodriguez/fix-unintended-downgrades branch from 11a185a to 4786c2b Compare February 14, 2025 11:04
@deivid-rodriguez deivid-rodriguez mentioned this pull request Feb 14, 2025
Closed
@deivid-rodriguez
Don't try to skip requirements to prevent downgrades
85b6b40 
These don't really hurt, so I'm not sure why I introduced it.
@deivid-rodriguez
Add additional assertions to spec
9a00bf8 
To make it consistent with the spec above it.
@deivid-rodriguez
Fix Bundler incorrectly downgrading direct dependencies
5154506 
There's no reason to call `converge_specs` when adding additional
lower bound requirements to prevent downgrades, and it actually causes
the extra requirements to be missed sometimes.

Loop over the originally locked specs directly, adding the additional
precaution of not adding the requirement if the Gemfile dependency has
changed and it no longer matches the locked spec.
@deivid-rodriguez deivid-rodriguez force-pushed the deivid-rodriguez/fix-unintended-downgrades branch from 4786c2b to 5154506 Compare February 17, 2025 13:30
@deivid-rodriguez deivid-rodriguez marked this pull request as ready for review February 17, 2025 13:31
@deivid-rodriguez deivid-rodriguez merged commit 8fe5bae into master Feb 17, 2025
91 checks passed
@deivid-rodriguez deivid-rodriguez deleted the deivid-rodriguez/fix-unintended-downgrades branch February 17, 2025 15:12
deivid-rodriguez added a commit that referenced this pull request Feb 17, 2025
@deivid-rodriguez
Merge pull request #8491 from rubygems/deivid-rodriguez/fix-unintende…
a657aff 
…d-downgrades

Fix regression when running `bundle update <foo>` would sometimes downgrade a top level dependency

(cherry picked from commit 8fe5bae)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bundler: bug fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Potential downgrade regression with Bundler >= 2.6.0

2 participants

@deivid-rodriguez