New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
set bundler requirement to be < 3 #203
Conversation
@postmodern ping? :) |
Went with |
@postmodern Can you publish a 0.6.1 versioned gem with this change incorporated? That would ensure that build pipelines, etc. pick up a gem that can work with bundler 2.0 |
Travis builds are failing because bundler 2.0 requires at least Ruby 2.3.0 and Travis is running tests with 2.1.8 and 2.24. Lines 3 to 4 in fade761
Now might be a good time to add tests for 2.4, 2.5, and 2.6 in addition to dropping Rubies older than 2.3. |
It would be really cool to have a 0.6.1 release published :) |
Merged and now waiting on Travis. Definitely plan on releasing 0.6.1 before 0.7.0 (which still needs more specs). |
Hmm, after changing some gem versions in the example bundles, which changed which advisory gets printed, the regular expression in https://travis-ci.org/rubysec/bundler-audit/jobs/475578889 |
@eric-pigeon fixed the regexp issue! I will be traveling tomorrow and the next day, so probably expect 0.6.1 to be released Thursday. |
Bundler 2.0.1 works with Rails, but [the released version of bundler-audit hardcodes a dependency on 1.x]. [Downgrade Bundler on Travis] until [the new bundler-audit] is out. [the released version of bundler-audit hardcodes a dependency on 1.x]: rubysec/bundler-audit#202 [Downgrade Bundler on Travis]: https://docs.travis-ci.com/user/languages/ruby/#bundler-20 [the new bundler-audit]: rubysec/bundler-audit#203
@postmodern I don't want to sound pressing, but is there anything preventing the 0.6.1 release to happen? |
I've been offline due to a really bad head cold. I prepped a release, just have to double check it, and push it up. |
0.6.1 has finally been released! |
Thank you! |
Bundler 2.0.1 works with Rails, but [the released version of bundler-audit hardcodes a dependency on 1.x]. [Downgrade Bundler on Travis] until [the new bundler-audit] is out. [the released version of bundler-audit hardcodes a dependency on 1.x]: rubysec/bundler-audit#202 [Downgrade Bundler on Travis]: https://docs.travis-ci.com/user/languages/ruby/#bundler-20 [the new bundler-audit]: rubysec/bundler-audit#203
Bundler 2.0.1 works with Rails, but [the released version of bundler-audit hardcodes a dependency on 1.x]. [Downgrade Bundler on Travis] until [the new bundler-audit] is out. [the released version of bundler-audit hardcodes a dependency on 1.x]: rubysec/bundler-audit#202 [Downgrade Bundler on Travis]: https://docs.travis-ci.com/user/languages/ruby/#bundler-20 [the new bundler-audit]: rubysec/bundler-audit#203
Hi! I'm the current release manager for Bundler, i'm going around the ruby ecosystem and seeing if there is anything i can do to help everyone prepare for the upcoming Bundler 2 release.
I noticed that the
bundler-audit
gem is locked to version 1.X at the moment. We can safely change this requirement to be< 3
, Bundler 2 has no breaking changes that will effect this gem.Thanks!