Inverse logic on "Reject packages with the same name and version"
Summary
The toggle for 'Reject packages with the same name and version' has inverted logic for both Maven and Generic package registries. When set to 'true' then duplicate packages are permitted which appears to be inline with the code duplicatesAllowed
.
Steps to reproduce
-
Enable 'Reject packages with the same name and version' under group
Settings
>Packages & Registries
>Duplicate Packages
>Settings for Generic packages
-
Script:
PAT=glpat-xxxxx
[[ -s file.txt ]] || echo "This is a file" > file.txt
curl --header "PRIVATE-TOKEN: $PAT" \
--upload-file ./file.txt \
"https://gitlab.com/api/v4/projects/37376344/packages/generic/my_package/0.0.1/file.txt"
# Replace glpat-xxxxx with your Personal Access Token
- Run the script twice and observe the output:
➜ bash Package_Duplicate_Test.sh
{"message":"201 Created"}%
➜ bash Package_Duplicate_Test.sh
{"message":"201 Created"}%
-
Disable 'Reject packages with the same name and version' under group
Settings
>Packages & Registries
>Duplicate Packages
>Settings for Generic packages
-
Run the script once more:
➜ Packages bash Package_Duplicate_Test.sh
{"message":"400 Bad request - Duplicate package is not allowed"}%
Example Project
https://gitlab.com/groups/gitlab-gold/chriss/-/settings/packages_and_registries
What is the current bug behavior?
- When the 'Reject packages with the same name and version' is enabled then duplicate packages are NOT rejected.
- When the 'Reject packages with the same name and version' is disabled then duplicate packages ARE rejected.
What is the expected correct behavior?
- When the 'Reject packages with the same name and version' is enabled then duplicate packages ARE rejected.
- When the 'Reject packages with the same name and version' is disabled then duplicate packages are NOT rejected.
Relevant logs and/or screenshots
Output of checks
GraphQL query:
{
group(fullPath: "gitlab-gold/chriss") {
id
packageSettings {
mavenDuplicatesAllowed
genericDuplicatesAllowed
}
}
}
Result:
{
"data": {
"group": {
"id": "gid://gitlab/Group/53292801",
"packageSettings": {
"mavenDuplicatesAllowed": true,
"genericDuplicatesAllowed": false,
}
}
}
}
Results of GitLab environment info
N/A
Results of GitLab application Check
N/A
Possible fixes
Option 1 - Correct the DUPLICATES_TOGGLE_LABEL
text
The label could be updated to reflect the action, e.g. Allow packages with the same name and version
Option 2 - Code change
The code logic could be inverted to accurately reflect the current description of the DUPLICATES_TOGGLE_LABEL
. Something I'd be happy to do as a code contribution.