[rubygems/rubygems] Don't run any git commands when sorting and comparing git sources

Previously, when sorting and comparing git Gemfile vs lockfile sources during `bundler/setup` to figure out whether we need to re-resolve or not, we would try to find the default branch if nothing more specific was specified in the Gemfile. If the git cache has been deleted thought, that would fail. The error would still be swallowed (and the branch would simply not be displayed), but trying to clone would still generate the side effect of creating the parent folder for the clone. That could affect non-writable systems that don't expect `bundler/setup` to write to the filesystem at all. To fix this, override `Bundler::Source::Git#identifier` to use exclusively static information, so it does not even try to clone the repo nor generate any side effects. https://github.com/rubygems/rubygems/commit/582eb2ef39
2023-07-11 20:33:33 +02:00 · 2023-07-11 20:33:33 +02:00 · c1fb25f6fc
commit c1fb25f6fc
parent 8cf5297ba5
2 changed files with 26 additions and 13 deletions
--- a/lib/bundler/source/git.rb
+++ b/lib/bundler/source/git.rb
@ -69,19 +69,7 @@ module Bundler

      def to_s
        begin
-          at = if local?
-            path
-          elsif user_ref = options["ref"]
-            if /\A[a-z0-9]{4,}\z/i.match?(ref)
-              shortref_for_display(user_ref)
-            else
-              user_ref
-            end
-          elsif ref
-            ref
-          else
-            current_branch
-          end
+          at = humanized_ref || current_branch

          rev = "at #{at}@#{shortref_for_display(revision)}"
        rescue GitError
@ -91,6 +79,10 @@ module Bundler
        uri_with_specifiers([rev, glob_for_display])
      end

+      def identifier
+        uri_with_specifiers([humanized_ref, cached_revision, glob_for_display])
+      end
+
      def uri_with_specifiers(specifiers)
        specifiers.compact!

@ -256,6 +248,20 @@ module Bundler

      private

+      def humanized_ref
+        if local?
+          path
+        elsif user_ref = options["ref"]
+          if /\A[a-z0-9]{4,}\z/i.match?(ref)
+            shortref_for_display(user_ref)
+          else
+            user_ref
+          end
+        elsif ref
+          ref
+        end
+      end
+
      def serialize_gemspecs_in(destination)
        destination = destination.expand_path(Bundler.root) if destination.relative?
        Dir["#{destination}/#{@glob}"].each do |spec_path|
--- a/spec/bundler/install/gemfile/git_spec.rb
+++ b/spec/bundler/install/gemfile/git_spec.rb
@ -30,6 +30,13 @@ RSpec.describe "bundle install with git sources" do
      expect(Dir["#{default_bundle_path}/cache/bundler/git/foo-1.0-*"]).to have_attributes :size => 1
    end

+    it "does not write to cache on bundler/setup" do
+      cache_path = default_bundle_path.join("cache")
+      FileUtils.rm_rf(cache_path)
+      ruby "require 'bundler/setup'"
+      expect(cache_path).not_to exist
+    end
+
    it "caches the git repo globally and properly uses the cached repo on the next invocation" do
      simulate_new_machine
      bundle "config set global_gem_cache true"