-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bundle check
issue causes ruby-lsp Gemfile dependencies to attach to wrong gem source in Gemfile.lock
#2710
Comments
Thanks for the report. I was also surprised to discover that |
Looks like they aren't able to reproduce so I'm going to have to try to write an appropriate bundler spec. |
Is there anything we can do from our side or is this a Bundler bug? The Ruby LSP invokes |
|
Given the fact that I am able to reproduce the rubygems issue I linked in the OP using the exact same suspect bundler versions (issue originally introduced in 2.2.26), without using ruby-lsp, it is definitely a bundler bug. I also tried using the
But it still modifies Gemfile.lock. |
I managed to sloppily put together a failing spec for bundler. rubygems/rubygems#5339 (comment) |
A bundler maintainer identified the issue and opened a PR: rubygems/rubygems#8148 |
Since the PR was merged, I'll close this issue. Thanks for reporting it! |
Sorry for skipping the bug templates here, but this is not a problem specific to an editor, I can replicate this just by starting the LSP by hand in the appropriate project directory.
The LSP runs correctly but I cannot perform a ruby-lsp bundle update (
BUNDLE_GEMFILE=.ruby-lsp/Gemfile bundle update ruby-lsp
) because the contents of the generated.ruby-lsp/Gemfile.lock
are not valid, as dependencies ofruby-lsp
are being assigned to a gemserver which does not contain those gems.My reproduction for the bundler issue is here:
rubygems/rubygems#5339 (comment)
The bottom line is that
bundle check
, in whatever specific scenario ruby-lsp is using it (or at least as it occurs on my machine) is resulting in a change to Gemfile.lock which moves the transitive dependencies of ruby-lsp into the wrong rubygems source, rendering the Gemfile.lock invalid (from a dependency resolution perspective) and not able to update.This issue impacts Bundler versions 2.2.26 to (currently, the latest) 2.5.21.
I think it's worth opening an issue here (even if it's closed immediately) as it's pretty hard to tell where the issue is coming from. I was investigating ruby-lsp source for a while before I went up to the bundler level to see if the issue was there.
The text was updated successfully, but these errors were encountered: