Packaging guidelines - Bundler

Vít Ondruch vondruch at redhat.com
Wed Jan 4 14:24:31 UTC 2012 

Dne 4.1.2012 15:10, Mo Morsi napsal(a):
> On 01/04/2012 08:56 AM, Vít Ondruch wrote:
>> Dne 4.1.2012 14:43, Mo Morsi napsal(a):
>>> On 01/03/2012 01:18 PM, Vít Ondruch wrote:
>>>> Dne 3.1.2012 18:40, Michael Stahnke napsal(a):
>>>>>
>>>>>
>>>>> On Tue, Jan 3, 2012 at 7:21 AM, Vít Ondruch <vondruch at redhat.com 
>>>>> <mailto:vondruch at redhat.com>> wrote:
>>>>>
>>>>>     Hi everybody,
>>>>>
>>>>>     I am wondering if we should mention Bundler in Ruby's
>>>>>     packaging guidelines and what should be recommendations? Or
>>>>>     should we leave it in gray area of guidelines?
>>>>>
>>>
>>> The root issue isn't using bundler per-se, rather the gem 
>>> dependencies listed in the rpm spec, gem spec, and bundler's Gemfile 
>>> may become out of sync.
>>>
>>> So long as the guidelines has something to address this I think 
>>> we'll be fine. Something along the lines of it is up to the package 
>>> maintainer to ensure all the gem dependency subsystems (rpm, gem, 
>>> and bundler) are kept in sync.
>>
>> I am afraid of scenario such as:
>>
>> * Having RPM packaged Rails application
>> * Having Gemfile.lock present
>> * Update of Rack to 1.4 version.
>>
>> Now how you will ensure after such update that you did not broke the 
>> application? Even though you can find what packages depends on Rack 
>> and you check their .gemspec, how you will find the applications with 
>> Gemfile.lock? How you will find packages where Gemfile states 'rack', 
>> '1.3'?
>
> If the rpm spec, gemspec, and gemfile are required to be kept in sync, 
> this isn't an issue.
>
> The maintainer of the rails application would need to represent all 
> their dependencies in the rpm spec and the Gemfile lock. Afterall they 
> best know what the various versions of their application require in 
> terms of the various versions of underlying dependencies, and can 
> update their package accordingly (to make it is as restrictive or as 
> flexible as desired).
>
> In this case, trying to update Rack would break things at both the rpm 
> level, the gem level, and the bundler level. Thus first and foremost 
> the system wouldn't permit it if doing the update via rpm, and if 
> doing it via gem / bundler, it wouldn't matter as the rpm version 
> would still be present.
>

If you update rack, you should ensure that you did not broken the 
activesupport (possibly fixing its .gemspec and may be some failures). 
If activesupport still works, everything what depends on it should also 
work in theory. However, several levels up is sitting Gemfile which 
needs to be adjusted to new rack. How you would know that? You can't and 
this is what I am afraid of.

Vit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/ruby-sig/attachments/20120104/3e18a6b3/attachment.html>

More information about the ruby-sig mailing list