Rely on gem versions from Rubygems API to get outdated gems

[bencolon]

Hi Jon,

We can't rely on Bundler.definition to check outdated gems because of Bundler frozen setting (Bundler.settings[:frozen]). This setting is set to true if you make a bundle install with --deployment option. This is what Heroku does and also some Capistrano recipes.

If this setting is true, the Gemfile is "lock" and this line

Bundler.definition(true).send(:resolve_remotely!)

will return an empty array. So no outdated games if I try to daily run Gemsurance from the Heroku scheduler :(

I updated the retrieve method to rely on Gems.versions command. It works like a charm but unfortunately, there is no git_version field here so we can't check anymore if a gem is outdated by git_version. Personally, I dont' really understand what this git_version is and in all my tests with Bundler this field is always set to nil.

Thoughts ?

[bencolon]

Hi Jon, I'm closing this PR because it doesn't work for private gems or gems not hosted on Rubygems.org. I'll make a new PR soon about that ...