Skip to content

Commit

Permalink
Push new gem version with security fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@andyatkinson
andyatkinson committed Mar 8, 2014
1 parent d7c24f3 commit 181627b
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions delayed_job_web.gemspec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

Gem::Specification.new do |s|
s.name = "delayed_job_web"
s.version = "1.2.5"
s.version = "1.2.6"

s.authors = ["Erick Schmitt"]
s.date = "2014-01-29"

This comment has been minimized.

Sign in to view

Copy link
@toolmantim

toolmantim Mar 8, 2014

Contributor

Don't forget to update this when you cut a new gem:

image

This comment has been minimized.

Sign in to view

Copy link
@andyatkinson

andyatkinson Mar 9, 2014

Author Collaborator

Were you referring to something other than pushing the new gem to rubygems? 1.2.6 was pushed to rubygems. If you get the chance to try it out in your app and provide feedback that would be great.

This comment has been minimized.

Sign in to view

Copy link
@toolmantim

toolmantim Mar 10, 2014

Contributor

Ah, I was just referring to the date in the gemspec file (in the above, line 8). Rubygems lists the last 3 versions all being released on January 29. In #58 I removed the date altogether, which will just use Date.today when it cuts the gem.

As for testing, I haven't pushed 1.2.6 to our prod yet, but we do have all these fixes running in prod via a temp branch of mine https://github.com/toolmantim/delayed_job_web/tree/security-fixes and it's working AOK (Rails 3). Will be updating to 1.2.6 shortly.

This comment has been minimized.

Sign in to view

Copy link
@toolmantim

toolmantim Mar 11, 2014

Contributor

Confirmed, 1.2.6 is running AOK in prod alongside latest Rails 3

This comment has been minimized.

Sign in to view

Copy link
@andyatkinson

andyatkinson Mar 11, 2014

Author Collaborator

Great. I pushed up 1.2.7 just to verify the date value was updated, which it was, thanks for pointing that out.

This comment has been minimized.

Sign in to view

Copy link
@toolmantim

toolmantim Mar 11, 2014

Contributor

💥 👍

One more thing: if you use that rake task it will tag the repo, as well as push it up to Rubygems. I've noticed https://github.com/ejschmitt/delayed_job_web/releases is looking a bit bare. Is that because there's no tags, or just the tags haven't been pushed up to Github?

This comment has been minimized.

Sign in to view

Copy link
@andyatkinson

andyatkinson Mar 11, 2014

Author Collaborator

In this case since there are already tagged released, it makes sense to maintain them. I'll make sure to update that, thanks for pointing it out. On my own gems I don't tend to think about tags, and just rely on gem version numbers. I'm generally curious what other value git tags have though. It looks like one thing is taking advantage of a nice releases presentation page github generates.

This comment has been minimized.

Sign in to view

Copy link
@toolmantim

toolmantim Mar 11, 2014

Contributor

A few reasons why I think they're good:

  • They're free (with the rake release rake task I added in that last PR)
  • It's standard practice (built-into the rake task)
  • You can git diff between releases (for people wanting to know "what's changed" when they update)
  • Github releases page provides a download option for people just wanting to download the code
Expand Down Expand Up @@ -53,4 +53,3 @@ Gem::Specification.new do |s|
s.add_development_dependency(%q<shoulda>, [">= 0"])
s.add_development_dependency(%q<rack-test>, [">= 0"])
end

0 comments on commit 181627b

Please sign in to comment.