search

RamblingCookieMonster / PSDepend

PowerShell Dependency Handler
MIT License
285 stars 76 forks source link

dependency override is not handled correctly when DependencyType is set to PSGalleryModule in PSDependOptions #131

Open WiredSharp opened 3 years ago

WiredSharp commented 3 years ago

Considering the following dependencies:

$dependencies = @{
    PSDependOptions = @{
        Target = '.\Tmp'
        AddToPath = $True
        DependencyType = 'PSGalleryModule'
        Parameters = @{
            Repository = 'LOPublic'
        }
    }

    PsDepend = @{
        Version = 'latest'
        Parameters = @{}
    }
}

If you call Get-Dependency -InputObject $dependencies

Parsed dependency is:

(...)
Name            : PsDepend
Version         : {Version, Parameters}
PSDependOptions : {AddToPath, DependencyType, Parameters, Target}
Raw             :

As you can see, the whole hashtable is used as version field value. Indeed the Parse-Dependency function in Get-Dependency.ps1 considers that when DependencyType is set to 'PSGalleryModule' in PSDependOptions, the dependency value is a string. A solution is to always take into account the type of the $Dependencyhash variable.

GreatTeacherBasshead commented 3 years ago

The problem is quite simple. Get-Dependency.ps1, line:283:

            elseif( $DependencyHash -is [string] -and
                $Dependency -notmatch '/' -and
                -not $DependencyType -or
                $DependencyType -eq 'PSGalleryModule')

This condition evaluates to $true even when $DependencyHash is hashtable and $DependencyType is PSGalleryModule, because of not using parenthesis in complex conditions. The fix is quite simple also:

            elseif( $DependencyHash -is [string] -and
                $Dependency -notmatch '/' -and
                (-not $DependencyType -or $DependencyType -eq 'PSGalleryModule'))

There are multiple places having this bug for different dependency types in the file.

Actually I wanted to use this Package... I have not found any good alternatives to PSDepend. And I would like to submit a PR with the fix... But, it seems, the project is dead. The latest Package update on PSGallery was more than 1 year ago. And I'm not sure that new fixes will be available on PSGallery soon. That's really sad.

TechDufus commented 3 years ago

The problem is quite simple. Get-Dependency.ps1, line:283:

            elseif( $DependencyHash -is [string] -and
                $Dependency -notmatch '/' -and
                -not $DependencyType -or
                $DependencyType -eq 'PSGalleryModule')

This condition evaluates to $true even when $DependencyHash is hashtable and $DependencyType is PSGalleryModule, because of not using parenthesis in complex conditions. The fix is quite simple also:

            elseif( $DependencyHash -is [string] -and
                $Dependency -notmatch '/' -and
                (-not $DependencyType -or $DependencyType -eq 'PSGalleryModule'))

There are multiple places having this bug for different dependency types in the file.

Actually I wanted to use this Package... I have not found any good alternatives to PSDepend. And I would like to submit a PR with the fix... But, it seems, the project is dead. The latest Package update on PSGallery was more than 1 year ago. And I'm not sure that new fixes will be available on PSGallery soon. That's really sad.

Any thoughts on someone Publishing a new PSDepend module from a fork that is maintained? o.O