Skip to content

Commit

Permalink
No unwanted update of packages from legacy source (#6336)
Browse files Browse the repository at this point in the history
If a dependency doesn't specify a source type, then a locked package
from any source can satisfy it
  • Loading branch information
dimbleby authored Sep 2, 2022
1 parent 6668e22 commit f667d48
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 1 deletion.
5 changes: 4 additions & 1 deletion src/poetry/puzzle/provider.py
Original file line number Diff line number Diff line change
Expand Up @@ -843,7 +843,10 @@ def get_locked(self, dependency: Dependency) -> DependencyPackage | None:
# Thus, we can't use is_same_package_as() here because it compares
# the complete_name (including features).
dependency.name == package.name
and dependency.is_same_source_as(package)
and (
dependency.source_type is None
or dependency.is_same_source_as(package)
)
and dependency.constraint.allows(package.version)
):
return DependencyPackage(dependency, package)
Expand Down
23 changes: 23 additions & 0 deletions tests/mixology/version_solver/test_with_lock.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

from cleo.io.null_io import NullIO
from packaging.utils import canonicalize_name
from poetry.core.packages.package import Package

from poetry.factory import Factory
from tests.helpers import get_package
Expand Down Expand Up @@ -214,3 +215,25 @@ def test_with_yanked_package_in_lock(
provider,
result={"foo": "1"},
)


def test_no_update_is_respected_for_legacy_repository(
root: ProjectPackage, repo: Repository, pool: Pool
):
root.add_dependency(Factory.create_dependency("foo", "^1.0"))

foo_100 = Package(
"foo", "1.0.0", source_type="legacy", source_url="http://example.com"
)
foo_101 = Package(
"foo", "1.0.1", source_type="legacy", source_url="http://example.com"
)
repo.add_package(foo_100)
repo.add_package(foo_101)

provider = Provider(root, pool, NullIO(), locked=[foo_100])
check_solver_result(
root,
provider,
result={"foo": "1.0.0"},
)

0 comments on commit f667d48

Please sign in to comment.