blob: 1e75bb1c60443ab8095dafa8fce3678166bb326d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
## Post-1.2.0 (bundled-dep feature followups)
- [ ] **v1.2.1 (bug): reconcile change-detection must be version-aware, not raw-URL-equality.** `reconcile_bundle_deps` currently flags a dep as "changed" whenever the manifest URL string differs from the hint URL string, even when the upstream VERSION/pin is identical. On the real neovim 0.12.4 hint this fired on all 13 deps: the manifest serves bare-tag archive URLs (e.g. `.../archive/refs/tags/v0.26.7.tar.gz`) while the hint uses the SBo-fetched shape (`.../archive/v0.26.7/tree-sitter-0.26.7.tar.gz`) — same content, same version, different path. Answering `Y` would needlessly rewrite every URL to the manifest shape (which the SlackBuild may not expect), re-download 12 tarballs, and produce a huge spurious diff with zero real version change. Fix: detect "changed" by comparing the matched dep's upstream version/sha (parsed from the manifest URL + its `NAME_SHA256` line) against the hint's current version/pin, NOT by URL-string inequality. Only rewrite a line when the pin actually moved. Add a regression test whose manifest URL shape differs from the hint at the same version and assert NO change is reported.
- [ ] related to the above: the change-report labels (`_dep_label`/basename) render badly for bare-tag manifest URLs — showed `v0.26.7.tar.gz` / `fbb36bb...tar.gz` (dropped the name prefix) because manifest basenames carry no name stem. Once change-detection is version-aware, report `name old-ver -> new-ver` from the parsed identity+version rather than URL basenames.
- [ ] add a `--special` flag to add a package to the bundled list, asking for a link to it's upstream deps list file
- [ ] consider splitting `mkhint` into multiple files for easier maintenance
- [ ] add a noDL column to `--list` similar to what we do with DelReq
- [ ] suppress `prompt_continuation_urls` for manifest-listed packages (Phase 2 already corrects those lines; avoids the double-touch during the primary bump)
- [ ] `--check --dry-run`: report what would change across all listed packages without prompting or writing (audit before acting)
- [ ] cache the manifest per run: `reconcile_bundle_deps` currently fetches it twice (report + apply); fetch once and reuse
- [ ] verify md5 against the manifest `SHA256`: cross-check the downloaded file's sha256 against the manifest entry before writing MD5SUM (integrity check)
- [ ] config validation command (e.g. `--check-config`): sanity-check nvchecker.toml sections, bundle-manifests URLs, phantom-deps file, and that configured paths exist
- [ ] batch `--check` summary report at the end: counts of updated / bundled-deps bumped / skipped, instead of only per-package interleaved output
|