From b9eb2460e5a4fc39aaeebfab36b480324d42396b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Eustace?= Date: Fri, 2 Apr 2021 15:32:35 +0200 Subject: [PATCH] Fix locked VCS dependencies always being updated --- poetry/installation/executor.py | 7 ++- poetry/installation/installer.py | 11 ++--- poetry/installation/pip_installer.py | 7 ++- tests/installation/test_installer.py | 64 ++++++++++++++++++++++++++++ 4 files changed, 80 insertions(+), 9 deletions(-) diff --git a/poetry/installation/executor.py b/poetry/installation/executor.py index e8898b86103..59c0ab51020 100644 --- a/poetry/installation/executor.py +++ b/poetry/installation/executor.py @@ -567,7 +567,12 @@ def _install_git(self, operation): git = Git() git.clone(package.source_url, src_dir) - git.checkout(package.source_reference, src_dir) + + reference = package.source_resolved_reference + if not reference: + reference = package.source_reference + + git.checkout(reference, src_dir) # Now we just need to install from the source directory package._source_url = str(src_dir) diff --git a/poetry/installation/installer.py b/poetry/installation/installer.py index 2164d39f4b1..8cef65d529b 100644 --- a/poetry/installation/installer.py +++ b/poetry/installation/installer.py @@ -289,12 +289,6 @@ def _do_install(self, local_repo): pool.add_repository(repo) - # We whitelist all packages to be sure - # that the latest ones are picked up - whitelist = [] - for pkg in locked_repository.packages: - whitelist.append(pkg.name) - solver = Solver( root, pool, @@ -303,9 +297,12 @@ def _do_install(self, local_repo): NullIO(), remove_untracked=self._remove_untracked, ) + # Everything is resolved at this point, so we no longer need + # to load deferred dependencies (i.e. VCS, URL and path dependencies) + solver.provider.load_deferred(False) with solver.use_environment(self._env): - ops = solver.solve(use_latest=whitelist) + ops = solver.solve(use_latest=self._whitelist) # We need to filter operations so that packages # not compatible with the current system, diff --git a/poetry/installation/pip_installer.py b/poetry/installation/pip_installer.py index b8fb97314be..652f9f4536d 100644 --- a/poetry/installation/pip_installer.py +++ b/poetry/installation/pip_installer.py @@ -250,7 +250,12 @@ def install_git(self, package): git = Git() git.clone(package.source_url, src_dir) - git.checkout(package.source_reference, src_dir) + + reference = package.source_resolved_reference + if not reference: + reference = package.source_reference + + git.checkout(reference, src_dir) # Now we just need to install from the source directory pkg = Package(package.name, package.version) diff --git a/tests/installation/test_installer.py b/tests/installation/test_installer.py index 106efde6e9c..77fb58da08b 100644 --- a/tests/installation/test_installer.py +++ b/tests/installation/test_installer.py @@ -8,6 +8,7 @@ from clikit.io import NullIO from poetry.core.packages import ProjectPackage +from poetry.core.packages.package import Package from poetry.core.toml.file import TOMLFile from poetry.factory import Factory from poetry.installation import Installer as BaseInstaller @@ -1860,3 +1861,66 @@ def test_installer_can_handle_old_lock_files( # colorama will be added assert 8 == installer.executor.installations_count + + +def test_installer_should_use_the_locked_version_of_git_dependencies( + installer, locker, package, repo +): + locker.locked(True) + locker.mock_lock_data( + { + "package": [ + { + "name": "demo", + "version": "0.1.1", + "category": "main", + "optional": False, + "platform": "*", + "python-versions": "*", + "checksum": [], + "dependencies": {"pendulum": ">=1.4.4"}, + "source": { + "type": "git", + "url": "https://github.com/demo/demo.git", + "reference": "master", + "resolved_reference": "123456", + }, + }, + { + "name": "pendulum", + "version": "1.4.4", + "category": "main", + "optional": False, + "platform": "*", + "python-versions": "*", + "checksum": [], + "dependencies": {}, + }, + ], + "metadata": { + "python-versions": "*", + "platform": "*", + "content-hash": "123456789", + "hashes": {"demo": [], "pendulum": []}, + }, + } + ) + + package.add_dependency( + Factory.create_dependency( + "demo", {"git": "https://github.com/demo/demo.git", "branch": "master"} + ) + ) + + repo.add_package(get_package("pendulum", "1.4.4")) + + installer.run() + + assert installer.executor.installations[-1] == Package( + "demo", + "0.1.1", + source_type="git", + source_url="https://github.com/demo/demo.git", + source_reference="master", + source_resolved_reference="123456", + )