-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependencies not locked correctly #104
Comments
Set the latest version as the minimum (because that's the one that was used when developing and testing twingly-url), but allow for usage of later non-major versions, to be able to update the version of these gems in projects using twingly-url, without requiring a new twingly-url release. http://guides.rubygems.org/patterns/ Didn't touch idn-ruby because there's currently only one version, 0.1.0, released: https://rubygems.org/gems/idn-ruby/versions
No... it didn't. I think we wanted any addressable 2.x and any public_suffix 2.x, but minimum addressable 2.4.0 and minimum public_suffix 2.0.2. We didn't expect addressable 2.5.0 to break anything. |
It broke behaviour for certain input. As we couple our tests to certain versions of addressable (and public_suffix), I think it makes sense to lock twingly-url to specific versions. |
Re-open because what I added: s.add_dependency "addressable", "~> 2.4", "<= 2.4.0"
s.add_dependency "public_suffix", "~> 2.0", "<= 2.0.2" ...doesn't make sense :) (there will likely never be any addressable 2.4.x version, and public_suffix can be locked directly) |
I think locking to specific version sounds like the least amount of headache in the future, otherwise we can go with your suggestion with fixing stuff in #102. |
I don't have to do that. That can come later. |
In hindsight, this made it quite troublesome for bundler to be able to update the gem to a newer version as we previously allowed later versions of the dependencies. It's a dance in all dependant projects now. |
@walro can we make a new release of twingly-url that makes it easier for dependant projects? |
Not really sure how, could possibly help a bit if we lock down to patch versions, like: s.add_dependency "addressable", "~> 2.5.0"
s.add_dependency "public_suffix", "~> 2.0.0" |
b61f962 got it all wrong. Discovered as Addressable 2.5.0 was released yesterday (all Travis build failed).
The text was updated successfully, but these errors were encountered: