search

livingsocial / bundler-patch

Update your gems conservatively to deal with vulnerable gems or just get more current.
MIT License
65 stars 3 forks source link

Research the --source hack #11

Closed chrismo closed 8 years ago

chrismo commented 8 years ago

https://github.com/bundler/bundler/issues/2016, https://github.com/bundler/bundler/issues/3759

Doesn't appear to work 1.10.x, but does work in 1.9.x.

chrismo commented 8 years ago

With a very simple case to dig in on (addressable and rack, rack having no dependencies), I'm able to get it to work with 1.9.10 through all 1.10.x and 1.11.x versions. (work => just update rack) https://github.com/bundler/bundler/issues/3759 has many details, as well as https://github.com/bundler/bundler/pull/3763 which 'fixes' and re-introduces the secret behavior for backward compatibility.

chrismo commented 8 years ago

After capturing enough details, decided to put it all in a repo: https://github.com/chrismo/bundler-source-hack