Skip to content

Fallback git/path sources to default source #9301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hsbt merged 3 commits into from
Feb 4, 2026
Merged

Fallback git/path sources to default source #9301

hsbt merged 3 commits into from
Feb 4, 2026
+75 −1

Conversation

@hsbt
Copy link
Member

@hsbt hsbt commented Feb 3, 2026
edited
Loading

What was the end-user or developer problem that led to this PR?

We've added a feature that uses git source to resolve bundler dependencies, including activerecord, on which Rails depends, in git monorepo such as rails/rails.

However, since rails dependencies, such as rack, are not in the rails monorepo, it is appropriate to use the default source, rubygems.org, for such gems.

Fixes #9258

What is your fix for the problem, implemented in this PR?

The if statement on line 1080 now uses parent_dep.source only if the source indicated by parent_dep has target gemspec.

Make sure the following tasks are checked

@hsbt hsbt marked this pull request as ready for review February 4, 2026 01:51
Copilot AI review requested due to automatic review settings February 4, 2026 01:51
Copilot AI reviewed Feb 4, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes issue #9258 where Bundler 4.0.4 incorrectly attempts to resolve transitive dependencies from path/git sources instead of falling back to the default RubyGems source when those dependencies don't exist in the path/git source.

Changes:

  • Adds logic to verify that a spec actually exists in a path/git source before using that source for dependency resolution
  • Includes a test case demonstrating the fix for path sources
  • Adds a version constraint to diff-lcs dependency in test setup

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File Description
bundler/lib/bundler/definition.rb Adds check to verify spec exists in path/git source before using it for transitive dependencies
bundler/spec/install/gemfile/sources_spec.rb Adds test case for path gem with transitive dependency that should fall back to default source
bundler/spec/spec_helper.rb Adds version constraint to diff-lcs dependency (appears unrelated to main fix)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copy link
Contributor

Copilot AI commented Feb 4, 2026

@hsbt I've opened a new pull request, #9303, to work on those changes. Once the pull request is ready, I'll request review from you.

Copilot AI mentioned this pull request Feb 4, 2026
Merged
4 tasks
@hsbt hsbt force-pushed the fallback-git-path-sources branch from d73e4a9 to 00c8bb7 Compare February 4, 2026 03:33
@hsbt hsbt merged commit 5b7c8af into master Feb 4, 2026
93 checks passed
@hsbt hsbt deleted the fallback-git-path-sources branch February 4, 2026 06:01
@hsbt hsbt mentioned this pull request Feb 4, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

bundler: bug fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bundler 4.0.4 leaks incorrect source into gems

2 participants

@hsbt