[rubygems/rubygems] Note about why we don't fix lockfile dependencies backed by installed specs

https://github.com/rubygems/rubygems/commit/6fa94b5d72
2024-11-05 19:08:07 +01:00 · 2024-11-05 19:08:07 +01:00 · c79d236493
commit c79d236493
parent 40a2e8e9cf
1 changed files with 4 additions and 0 deletions
--- a/lib/bundler/lazy_specification.rb
+++ b/lib/bundler/lazy_specification.rb
@ -137,6 +137,10 @@ module Bundler
      if search.nil? && fallback_to_non_installable
        search = candidates.last
      elsif search && search.full_name == full_name
+        # We don't validate locally installed dependencies but accept what's in
+        # the lockfile instead for performance, since loading locally installed
+        # dependencies would mean evaluating all gemspecs, which would affect
+        # `bundler/setup` performance
        if search.is_a?(StubSpecification)
          search.dependencies = dependencies
        elsif !source.is_a?(Source::Path) && search.runtime_dependencies.sort != dependencies.sort