Skip to content

Commit d9ccf28

Browse files
hsbtclaude
andcommitted
Validate only explicitly requested gems against the lockfile
explicit_gems aliased the same array that the --group handling mutates with concat, so group-derived gems leaked into the lockfile presence check and bundle update --group failed on gems newly added to the group. Copy the array before it gets mutated. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
1 parent 781b37b commit d9ccf28

2 files changed

Lines changed: 18 additions & 1 deletion

File tree

bundler/lib/bundler/cli/update.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ def run
4242
raise GemfileLockNotFound, "This Bundle hasn't been installed yet. " \
4343
"Run `bundle install` to update and install the bundled gems."
4444
end
45-
explicit_gems = gems
45+
explicit_gems = gems.dup
4646

4747
if groups.any?
4848
deps = Bundler.definition.dependencies.select {|d| (d.groups & groups).any? }

spec/commands/update_spec.rb

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -744,6 +744,23 @@
744744
expect(the_bundle).not_to include_gems "myrack 1.2"
745745
end
746746

747+
it "doesn't fail when a gem was added to the group but is not in the lockfile yet" do
748+
install_gemfile <<-G
749+
source "https://gem.repo2"
750+
gem "activesupport", :group => :development
751+
G
752+
753+
gemfile <<-G
754+
source "https://gem.repo2"
755+
gem "activesupport", :group => :development
756+
gem "myrack", :group => :development
757+
G
758+
759+
bundle "update --group development"
760+
761+
expect(the_bundle).to include_gems "myrack 1.0.0"
762+
end
763+
747764
context "when conservatively updating a group with non-group sub-deps" do
748765
it "should update only specified group gems" do
749766
install_gemfile <<-G

0 commit comments

Comments
 (0)