dependency_services: use revisions as versions for git deps. (#3383)

Author: sigurdm

lib/src/command/dependency_services.dart

@@ -23,6 +23,7 @@ import '../package_name.dart';
 import '../pubspec.dart';
 import '../pubspec_utils.dart';
 import '../solver.dart';
+import '../source/git.dart';
 import '../system_cache.dart';
 import '../utils.dart';
 
@@ -74,11 +75,11 @@ class DependencyServicesReportCommand extends PubCommand {
     Future<List<Object>> _computeUpgradeSet(
       Pubspec rootPubspec,
       PackageId? package, {
-      required UpgradeType upgradeType,
+      required _UpgradeType upgradeType,
     }) async {
       if (package == null) return [];
       final lockFile = entrypoint.lockFile;
-      final pubspec = upgradeType == UpgradeType.multiBreaking
+      final pubspec = upgradeType == _UpgradeType.multiBreaking
           ? stripVersionUpperBounds(rootPubspec)
           : Pubspec(
               rootPubspec.name,
@@ -87,7 +88,7 @@ class DependencyServicesReportCommand extends PubCommand {
               sdkConstraints: rootPubspec.sdkConstraints,
             );
 
-      final dependencySet = dependencySetOfPackage(pubspec, package);
+      final dependencySet = _dependencySetOfPackage(pubspec, package);
       if (dependencySet != null) {
         // Force the version to be the new version.
         dependencySet[package.name] =
@@ -110,38 +111,43 @@ class DependencyServicesReportCommand extends PubCommand {
         ...resolution.packages.where((r) {
           if (r.name == rootPubspec.name) return false;
           final originalVersion = currentPackages[r.name];
-          return originalVersion == null ||
-              r.version != originalVersion.version;
+          return originalVersion == null || r != originalVersion;
         }).map((p) {
-          final depset = dependencySetOfPackage(rootPubspec, p);
+          final depset = _dependencySetOfPackage(rootPubspec, p);
           final originalConstraint = depset?[p.name]?.constraint;
+          final currentPackage = currentPackages[p.name];
           return {
             'name': p.name,
-            'version': p.version.toString(),
+            'version': p.versionOrHash(),
             'kind': _kindString(pubspec, p.name),
+            'source': _source(p, containingDir: directory),
             'constraintBumped': originalConstraint == null
                 ? null
-                : upgradeType == UpgradeType.compatible
+                : upgradeType == _UpgradeType.compatible
                     ? originalConstraint.toString()
                     : VersionConstraint.compatibleWith(p.version).toString(),
             'constraintWidened': originalConstraint == null
                 ? null
-                : upgradeType == UpgradeType.compatible
+                : upgradeType == _UpgradeType.compatible
                     ? originalConstraint.toString()
                     : _widenConstraint(originalConstraint, p.version)
                         .toString(),
             'constraintBumpedIfNeeded': originalConstraint == null
                 ? null
-                : upgradeType == UpgradeType.compatible
+                : upgradeType == _UpgradeType.compatible
                     ? originalConstraint.toString()
                     : originalConstraint.allows(p.version)
                         ? originalConstraint.toString()
                         : VersionConstraint.compatibleWith(p.version)
                             .toString(),
-            'previousVersion': currentPackages[p.name]?.version.toString(),
+            'previousVersion': currentPackage?.versionOrHash(),
             'previousConstraint': originalConstraint?.toString(),
+            'previousSource': currentPackage == null
+                ? null
+                : _source(currentPackage, containingDir: directory),
           };
         }),
+        // Find packages that were removed by the resolution
         for (final oldPackageName in lockFile.packages.keys)
           if (!resolution.packages
               .any((newPackage) => newPackage.name == oldPackageName))
@@ -154,8 +160,10 @@ class DependencyServicesReportCommand extends PubCommand {
               'constraintWidened': null,
               'constraintBumpedIfNeeded': null,
               'previousVersion':
-                  currentPackages[oldPackageName]?.version.toString(),
+                  currentPackages[oldPackageName]?.versionOrHash(),
               'previousConstraint': null,
+              'previous': _source(currentPackages[oldPackageName]!,
+                  containingDir: directory)
             },
       ];
     }
@@ -173,7 +181,7 @@ class DependencyServicesReportCommand extends PubCommand {
         devDependencies: compatiblePubspec.devDependencies.values,
       );
       final dependencySet =
-          dependencySetOfPackage(singleBreakingPubspec, package);
+          _dependencySetOfPackage(singleBreakingPubspec, package);
       final kind = _kindString(compatiblePubspec, package.name);
       PackageId? singleBreakingVersion;
       if (dependencySet != null) {
@@ -187,25 +195,24 @@ class DependencyServicesReportCommand extends PubCommand {
       }
       dependencies.add({
         'name': package.name,
-        'version': package.version.toString(),
+        'version': package.versionOrHash(),
         'kind': kind,
+        'source': _source(package, containingDir: directory),
         'latest':
             (await cache.getLatest(package.toRef(), version: package.version))
-                ?.version
-                .toString(),
+                ?.versionOrHash(),
         'constraint':
             _constraintOf(compatiblePubspec, package.name)?.toString(),
-        if (compatibleVersion != null)
-          'compatible': await _computeUpgradeSet(
-              compatiblePubspec, compatibleVersion,
-              upgradeType: UpgradeType.compatible),
+        'compatible': await _computeUpgradeSet(
+            compatiblePubspec, compatibleVersion,
+            upgradeType: _UpgradeType.compatible),
         'singleBreaking': kind != 'transitive' && singleBreakingVersion == null
             ? []
             : await _computeUpgradeSet(compatiblePubspec, singleBreakingVersion,
-                upgradeType: UpgradeType.singleBreaking),
+                upgradeType: _UpgradeType.singleBreaking),
         'multiBreaking': kind != 'transitive' && multiBreakingVersion != null
             ? await _computeUpgradeSet(compatiblePubspec, multiBreakingVersion,
-                upgradeType: UpgradeType.multiBreaking)
+                upgradeType: _UpgradeType.multiBreaking)
             : [],
       });
     }
@@ -227,6 +234,14 @@ String _kindString(Pubspec pubspec, String packageName) {
           : 'transitive';
 }
 
+Map<String, Object?> _source(PackageId id, {required String containingDir}) {
+  return {
+    'type': id.source.name,
+    'description':
+        id.description.serializeForLockfile(containingDir: containingDir),
+  };
+}
+
 /// Try to solve [pubspec] return [PackageId]s in the resolution or `null` if no
 /// resolution was found.
 Future<List<PackageId>?> _tryResolve(Pubspec pubspec, SystemCache cache) async {
@@ -269,16 +284,28 @@ class DependencyServicesListCommand extends PubCommand {
     for (final package in currentPackages) {
       dependencies.add({
         'name': package.name,
-        'version': package.version.toString(),
+        'version': package.versionOrHash(),
         'kind': _kindString(pubspec, package.name),
         'constraint': _constraintOf(pubspec, package.name).toString(),
+        'source': _source(package, containingDir: directory),
       });
     }
     log.message(JsonEncoder.withIndent('  ').convert(result));
   }
 }
 
-enum UpgradeType {
+extension on PackageId {
+  String versionOrHash() {
+    final description = this.description;
+    if (description is GitResolvedDescription) {
+      return description.resolvedRef;
+    } else {
+      return version.toString();
+    }
+  }
+}
+
+enum _UpgradeType {
   /// Only upgrade pubspec.lock.
   compatible,
 
@@ -315,7 +342,7 @@ class DependencyServicesApplyCommand extends PubCommand {
       toApply.add(
         _PackageVersion(
           change['name'],
-          change['version'] != null ? Version.parse(change['version']) : null,
+          change['version'],
           change['constraint'] != null
               ? VersionConstraint.parse(change['constraint'])
               : null,
@@ -334,13 +361,24 @@ class DependencyServicesApplyCommand extends PubCommand {
       final targetPackage = p.name;
       final targetVersion = p.version;
       final targetConstraint = p.constraint;
+      final targetRevision = p.gitRevision;
 
       if (targetConstraint != null) {
         final section = pubspec.dependencies[targetPackage] != null
             ? 'dependencies'
             : 'dev_dependencies';
-        pubspecEditor
-            .update([section, targetPackage], targetConstraint.toString());
+        final packageConfig =
+            pubspecEditor.parseAt([section, targetPackage]).value;
+        if (packageConfig == null || packageConfig is String) {
+          pubspecEditor
+              .update([section, targetPackage], targetConstraint.toString());
+        } else if (packageConfig is Map) {
+          pubspecEditor.update(
+              [section, targetPackage, 'version'], targetConstraint.toString());
+        } else {
+          fail(
+              'The dependency $targetPackage does not have a map or string as a description');
+        }
       } else if (targetVersion != null) {
         final constraint = _constraintOf(pubspec, targetPackage);
         if (constraint != null && !constraint.allows(targetVersion)) {
@@ -351,18 +389,43 @@ class DependencyServicesApplyCommand extends PubCommand {
               VersionConstraint.compatibleWith(targetVersion).toString());
         }
       }
-      if (targetVersion != null &&
-          lockFileEditor != null &&
-          lockFileYaml['packages'].containsKey(targetPackage)) {
-        lockFileEditor.update(
-            ['packages', targetPackage, 'version'], targetVersion.toString());
-      }
-      if (targetVersion == null &&
-          lockFileEditor != null &&
-          !lockFileYaml['packages'].containsKey(targetPackage)) {
-        dataError(
-          'Trying to remove non-existing transitive dependency $targetPackage.',
-        );
+      if (lockFileEditor != null) {
+        if (targetVersion != null &&
+            lockFileYaml['packages'].containsKey(targetPackage)) {
+          lockFileEditor.update(
+              ['packages', targetPackage, 'version'], targetVersion.toString());
+        } else if (targetRevision != null &&
+            lockFileYaml['packages'].containsKey(targetPackage)) {
+          final ref = entrypoint.lockFile.packages[targetPackage]!.toRef();
+          final currentDescription = ref.description as GitDescription;
+          final updatedRef = PackageRef(
+              targetPackage,
+              GitDescription(
+                  url: currentDescription.url,
+                  path: currentDescription.path,
+                  ref: targetRevision,
+                  containingDir: directory));
+          final versions = await cache.getVersions(updatedRef);
+          if (versions.isEmpty) {
+            dataError(
+                'Found no versions of $targetPackage with git revision `$targetRevision`.');
+          }
+          // GitSource can only return a single version.
+          assert(versions.length == 1);
+
+          lockFileEditor.update(['packages', targetPackage, 'version'],
+              versions.single.version.toString());
+          lockFileEditor.update(
+            ['packages', targetPackage, 'description', 'resolved-ref'],
+            targetRevision,
+          );
+        } else if (targetVersion == null &&
+            targetRevision == null &&
+            !lockFileYaml['packages'].containsKey(targetPackage)) {
+          dataError(
+            'Trying to remove non-existing transitive dependency $targetPackage.',
+          );
+        }
       }
     }
 
@@ -407,11 +470,31 @@ class DependencyServicesApplyCommand extends PubCommand {
 class _PackageVersion {
   String name;
   Version? version;
+  String? gitRevision;
   VersionConstraint? constraint;
-  _PackageVersion(this.name, this.version, this.constraint);
+  _PackageVersion(this.name, String? versionOrHash, this.constraint)
+      : version =
+            versionOrHash == null ? null : _tryParseVersion(versionOrHash),
+        gitRevision =
+            versionOrHash == null ? null : _tryParseHash(versionOrHash);
+}
+
+Version? _tryParseVersion(String v) {
+  try {
+    return Version.parse(v);
+  } on FormatException {
+    return null;
+  }
+}
+
+String? _tryParseHash(String v) {
+  if (RegExp(r'^[a-fA-F0-9]+$').hasMatch(v)) {
+    return v;
+  }
+  return null;
 }
 
-Map<String, PackageRange>? dependencySetOfPackage(
+Map<String, PackageRange>? _dependencySetOfPackage(
     Pubspec pubspec, PackageId package) {
   return pubspec.dependencies.containsKey(package.name)
       ? pubspec.dependencies
@@ -427,7 +510,7 @@ VersionConstraint _widenConstraint(
     final min = original.min;
     final max = original.max;
     if (max != null && newVersion >= max) {
-      return compatibleWithIfPossible(
+      return _compatibleWithIfPossible(
         VersionRange(
           min: min,
           includeMin: original.includeMin,
@@ -436,7 +519,7 @@ VersionConstraint _widenConstraint(
       );
     }
     if (min != null && newVersion <= min) {
-      return compatibleWithIfPossible(
+      return _compatibleWithIfPossible(
         VersionRange(
             min: newVersion,
             includeMin: true,
@@ -451,7 +534,7 @@ VersionConstraint _widenConstraint(
       original, 'original', 'Must be a Version range or empty');
 }
 
-VersionConstraint compatibleWithIfPossible(VersionRange versionRange) {
+VersionConstraint _compatibleWithIfPossible(VersionRange versionRange) {
   final min = versionRange.min;
   if (min != null && min.nextBreaking.firstPreRelease == versionRange.max) {
     return VersionConstraint.compatibleWith(min);

lib/src/pubspec_utils.dart

@@ -117,9 +117,7 @@ Pubspec stripVersionUpperBounds(Pubspec original,
       final packageRange = constrained[name]!;
       var unconstrainedRange = packageRange;
 
-      /// We only need to remove the upper bound if it is a hosted package.
-      if (packageRange.description is HostedDescription &&
-          (stripOnly!.isEmpty || stripOnly.contains(packageRange.name))) {
+      if (stripOnly!.isEmpty || stripOnly.contains(packageRange.name)) {
         unconstrainedRange = PackageRange(
           packageRange.toRef(),
           stripUpperBound(packageRange.constraint),

lib/src/source/git.dart

@@ -718,6 +718,13 @@ class GitDescription extends Description {
         other.path == path;
   }
 
+  GitDescription withRef(String newRef) => GitDescription._(
+        url: url,
+        relative: relative,
+        ref: newRef,
+        path: path,
+      );
+
   @override
   int get hashCode => Object.hash(url, ref, path);