fix: prevent use_standalone() from downgrading version constraints#2255
Open
eitsupi wants to merge 1 commit into
Open
fix: prevent use_standalone() from downgrading version constraints#2255eitsupi wants to merge 1 commit into
use_standalone() from downgrading version constraints#2255eitsupi wants to merge 1 commit into
Conversation
5867eac to
a270aaf
Compare
Add a `downgrade` argument to `use_dependency()` and `use_package()`. When `downgrade = FALSE`, a `min_version` lower than the currently recorded version is ignored rather than being written to DESCRIPTION. Previously, `use_standalone()` could inadvertently lower a package's version constraint when the standalone file's `imports:` field specified a lower minimum version than what the package already required. For example, a standalone file declaring `imports: rlang (>= 1.0.0)` would overwrite an existing `rlang (>= 1.1.0)` constraint in DESCRIPTION. `use_standalone()` now passes `downgrade = FALSE` when handling its `imports:` dependencies, preventing this regression.
a270aaf to
77c8ee9
Compare
use_standalone() from downgrading version constraints
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
use_standalone()could inadvertently lower a package's version constraint inDESCRIPTION. When the standalone file'simports:field specifies a lower minimum version than what the package already requires,use_dependency()overwrites the existing (higher) constraint.For example, if
DESCRIPTIONalready containsrlang (>= 1.1.0)and a standalone file declaresimports: rlang (>= 1.0.0), callinguse_standalone()would silently downgrade the constraint to>= 1.0.0.This happens because
use_dependency()always writes the new version when the version differs and the dependency type is unchanged — regardless of whether the new version is higher or lower than the existing one.Fix
Add a
downgradeargument touse_dependency()anduse_package():downgrade = TRUE(default) preserves the existing behaviour, allowing the version to be lowered.downgrade = FALSEsilently ignores amin_versionthat is lower than the currently recorded version, emitting an informational message instead.use_standalone()now passesdowngrade = FALSEwhen recording itsimports:dependencies.Changes
use_dependency(): newdowngradeargument (withcheck_bool()validation)use_package(): newdowngradeargument, threaded through touse_dependency()use_standalone(): passesdowngrade = FALSEtouse_package()downgrade = FALSEbehaviour