Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

forc can create an invalid package dependency graph if the [dependencies] table of a path dependency manifest has been modified #1903

Closed
mitchmindtree opened this issue Jun 8, 2022 · 0 comments · Fixed by #2234
Closed

forc can create an invalid package dependency graph if the [dependencies] table of a path dependency manifest has been modified #1903

mitchmindtree opened this issue Jun 8, 2022 · 0 comments · Fixed by #2234
Labels
bug Something isn't working dependencies forc P: critical Should be looked at before anything else

Comments

@mitchmindtree
Copy link
Contributor

Caught by @nfurfaro and @otrho.

Problem

Right now we only check the immediate dependencies specified in the current project's manifest when validating the graph loaded from the lock file. This means if the [dependencies] table of one of the current project's path dependencies is modified, we don't correctly catch or account for this change when loading the graph from the lock file.

Solution

When loading the graph from the Forc.lock file, we should not only validate it against the top-level project manifest, but also against the manifest of each of the path dependencies as it's possible that any of them have been modified since the Forc.lock file was created.

Note that this is not important for git dependencies where we know they haven't changed due to the hash.

Temporary Workaround

Delete the Forc.lock and re-run forc build or forc update to allow forc to rebuild the graph from scratch.
@mitchmindtree mitchmindtree added bug Something isn't working forc dependencies P: critical Should be looked at before anything else labels Jun 8, 2022
@mitchmindtree mitchmindtree changed the title forc can create an invalid package dependency graph if a dependency is added to a path dependency forc can create an invalid package dependency graph if the [dependencies] table of a path dependency manifest has been modified Jun 8, 2022
otrho added a commit that referenced this issue Jun 8, 2022
@otrho
Update the library lock files to workaround #1903.
ef3be8b 
Also fix a typo in b256_ops.sw.
@adlerjohn adlerjohn moved this to Todo in Fuel Network Jun 8, 2022
@mitchmindtree mitchmindtree mentioned this issue Jul 6, 2022
Merged
Repository owner moved this from Todo to Done in Fuel Network Jul 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working dependencies forc P: critical Should be looked at before anything else
Projects
Fuel Network
Archived in project
Milestone
No milestone
1 participant
@mitchmindtree