Validate checksum via `bundle-checksum lint`
What does this MR do and why?
This MR enhances the command bundler-checksum lint
to also verify gem's checksum which is useful when upgrading gems.
Resolves #419326 (closed).
How to set up and validate locally
# Change checksum of `unf` in `Gemfile.checksum`
$ bundle exec bundler-checksum lint
ERROR: Invalid checksum for gem `unf` (0.1.4 ruby)
Expected: 4999517a531f2a955750f8831941891f6158498ec9b6cb1c81ce89388e63022X
Actual: 4999517a531f2a955750f8831941891f6158498ec9b6cb1c81ce89388e63022e
Please run `bundle exec bundler-checksum init` to add correct checksums.
# Remove platform-specific entry for `unf` from `Gemfile.checksum`
$ bundle exec bundler-checksum lint
ERROR: Missing checksum for gem `unf` (0.1.4 ruby)
Please run `bundle exec bundler-checksum init` to add correct checksums.
# Downgrade default gem `ipaddr` to `1.2.1` in `Gemfile` and run `bundle`
$ bundle exec bundler-checksum lint
ERROR: Missing checksum for gem `ipaddr` (1.2.1 ruby)
Please run `bundle exec bundler-checksum init` to add correct checksums.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Peter Leitzen