Fallback git/path sources to default source#9301
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes issue #9258 where Bundler 4.0.4 incorrectly attempts to resolve transitive dependencies from path/git sources instead of falling back to the default RubyGems source when those dependencies don't exist in the path/git source.
Changes:
- Adds logic to verify that a spec actually exists in a path/git source before using that source for dependency resolution
- Includes a test case demonstrating the fix for path sources
- Adds a version constraint to diff-lcs dependency in test setup
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| bundler/lib/bundler/definition.rb | Adds check to verify spec exists in path/git source before using it for transitive dependencies |
| bundler/spec/install/gemfile/sources_spec.rb | Adds test case for path gem with transitive dependency that should fall back to default source |
| bundler/spec/spec_helper.rb | Adds version constraint to diff-lcs dependency (appears unrelated to main fix) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Contributor
4 tasks
… it as replacement
Co-authored-by: hsbt <12301+hsbt@users.noreply.github.com>
hsbt
force-pushed
the
fallback-git-path-sources
branch
from
d73e4a9 to
00c8bb7
Compare
hsbt
added a commit
that referenced
this pull request
Feb 5, 2026
Fallback git/path sources to default source (cherry picked from commit 5b7c8af)
yahonda
added a commit
to yahonda/rails
that referenced
this pull request
Feb 5, 2026
This commit bumps the bundler version 4.0.6 that includes ruby/rubygems#9301 to make `bundle update <gem>` works. - Bundler 4.0.4 ``` $ ruby -v ruby 4.0.1 (2026-01-13 revision e04267a14b) +PRISM [x86_64-linux] $ gem -v 4.0.5 $ bundler -v 4.0.4 $ bundle update dalli Fetching gem metadata from https://rubygems.org/......... Resolving dependencies... Could not find compatible versions Because every version of releaser depends on rake ~> 13.0 and rake ~> 13.0 could not be found in source at `tools/releaser`, releaser cannot be used. So, because Gemfile depends on releaser >= 0, version solving has failed. $ ``` - Bundler 4.0.6 ```ruby $ gem update --system $ bundle update --bundler Fetching gem metadata from https://rubygems.org/. Updating bundler to 4.0.6. Fetching gem metadata from https://rubygems.org/. Fetching gem metadata from https://rubygems.org/......... Resolving dependencies... Bundle updated! 1 installed gem you directly depend on is looking for funding. Run `bundle fund` for details $ bundle update dalli Fetching gem metadata from https://rubygems.org/......... Resolving dependencies... Resolving dependencies... Using dalli 4.3.0 (was 4.0.0) Bundle updated! 1 installed gem you directly depend on is looking for funding. Run `bundle fund` for details ```
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What was the end-user or developer problem that led to this PR?
We've added a feature that uses git source to resolve bundler dependencies, including activerecord, on which Rails depends, in git monorepo such as
rails/rails.However, since
railsdependencies, such asrack, are not in the rails monorepo, it is appropriate to use the default source, rubygems.org, for such gems.Fixes #9258
What is your fix for the problem, implemented in this PR?
The if statement on line 1080 now uses
parent_dep.sourceonly if the source indicated byparent_dephas target gemspec.Make sure the following tasks are checked