Why is Bundler version lookup selecting pre-release version here?

1
votes

We have a gem which as development dependencies relies on sass-rails (specifically in version 5.0.4) which in turn depends on railties >4.0.0 and <5.0.

Now we don't check our Gemfile.lock into the repo to keep it as flexible as possible (it's our 'universal' gem after all), and during the travis build, installing sass-rails resolves its dependency railties to version 5.0.0.beta1, which I'd say intuitively isn't <5.0 and now causes problems when running the tests on ruby < 2.2.2 (due to rack).

Now, am I misunderstanding something or is this a bug, that bundler installs 5.0.0.beta1 for <5.0?

1
ruby-on-railsrubybundlersass-rails
Why exactly don't you check in Gemfile.lock? AFAIK it's a bad practice - Mike Szyndel
We don't check it in, since it's a gem anyway and the Gemfile.lock is of no consequence to the version lookup when using the gem in another project. By not checking it in, we are making sure, travis always uses the most recent version of every gem in the gemspec. - CMW
Ok, sorry. I missed it's a gem in the first read. Then it makes sense, since you can also specify versions in gemspec if needed. - Mike Szyndel
What kind of flexibility does not checking in your Gemfile.lock give you? A gem's Gemfile and Gemfile.lock only describe development dependencies. People who use your gem will only be restrained by the runtime dependencies in your gemspec. - Raffael
@Raffael actually, the gemspec describes the development dependencies, too. With railties locked within Gemfile.lock our CI tests would have run and only subsequently caused other projects to fail that included this gem and would therefore include the latest version of railties as a dependency (since they don't follow Gemfile.lock). So, not putting in a Gemfile.lock makes it easy to catch these things during CI. - CMW

1 Answers

0
votes

This is not a bug but expected behaviour. Prerelease versions are expected to be released before the actual release, hence they are considered smaller.

See http://ruby-doc.org/stdlib-2.0.0/libdoc/rubygems/rdoc/Gem/Version.html for more detail.

You can add a runtime dependency to railties '~> 4.0' to your gemspec to solve this problem.