/brakeman

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stale dependencies #659

Closed
baburdick opened this Issue May 29, 2015 · 2 comments

Comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@baburdick @presidentbeef
@baburdick

baburdick commented May 29, 2015

When running bundle update on an app that uses brakeman I get the following messages, unless I remove brakeman from my Gemfile:

Bundler could not find compatible versions for gem "ruby_parser":
  In Gemfile:
    brakeman (>= 0) ruby depends on
      ruby_parser (= 2.3.1) ruby

    metric_fu (>= 0) ruby depends on
      roodi (~> 3.1) ruby depends on
        ruby_parser (3.7.0)

Bundler could not find compatible versions for gem "haml":
  In Gemfile:
    brakeman (>= 0) ruby depends on
      haml (~> 3.0.12) ruby

    my_dependent_app (>= 0) ruby depends on
      haml (>= 4.0.6)
@presidentbeef

This comment has been minimized.

Show comment
Hide comment
@presidentbeef

presidentbeef May 30, 2015

Owner

Looks like Bundler is being weird, as usual.

First of all, the current version of Brakeman depends on the 3.6.x versions of ruby_parser and can use any version of haml from 3.0 to the latest. ruby_parser 3.7.0 just came out yesterday. roodi doesn't need the latest ruby_parser, especially since the last release of roodi was in January.

In other words, these dependencies could be resolved to every library's satisfaction, but Bundler can't figure it out. Perhaps the Gemfile in the app needs to be adjusted? Or you could try bundle update --source brakeman first?
Owner

presidentbeef commented May 30, 2015

Looks like Bundler is being weird, as usual.

First of all, the current version of Brakeman depends on the 3.6.x versions of ruby_parser and can use any version of haml from 3.0 to the latest. ruby_parser 3.7.0 just came out yesterday. roodi doesn't need the latest ruby_parser, especially since the last release of roodi was in January.

In other words, these dependencies could be resolved to every library's satisfaction, but Bundler can't figure it out. Perhaps the Gemfile in the app needs to be adjusted? Or you could try bundle update --source brakeman first?
@presidentbeef

This comment has been minimized.

Show comment
Hide comment
@presidentbeef

presidentbeef Jun 11, 2015

Owner

Closing because this is a Bundler problem.
Owner

presidentbeef commented Jun 11, 2015

Closing because this is a Bundler problem.

@presidentbeef presidentbeef closed this Jun 11, 2015

Repository owner locked and limited conversation to collaborators Feb 16, 2016

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.