search

mdsol / dice_bag

DiceBag is a library of rake tasks for configuring web apps in the style of The Twelve-Factor App.
MIT License
19 stars 4 forks source link

depend on brakeman #2

Closed jcarres-mdsol closed 12 years ago

jcarres-mdsol commented 12 years ago

I think is good to be opinionated about the tools we assume all our projects have. Specially if those are security tools.

I'd love to add Shamus as a dependency also but that requires to have it in a gemcutter server. No code changes so I did not update the version.

The gem is generated correctly

asmith-mdsol commented 12 years ago

@jcarres-mdsol I like your thinking however... My vision for Dice Bag is that we use this for configuration in production deployments (through Medistrano or whatever). Therefore projects would install the dice_bag gem in production and therefore this change would make them install brakeman in production too. So, either we make all the tool dependencies the job of the consuming project or we break out the CI tasks and dependencies into another gem. Calling @mszenher and @chad-medi for there thoughts; perhaps we should discuss offline.

jcarres-mdsol commented 12 years ago

oh, ok. I thought it would be only be used for test and development. You can close this PR if you like, nothing to see here :P

asmith-mdsol commented 12 years ago

@jcarres-mdsol Can you open an issue to describe the problem that this brings up and that we might need to split this gem, then close this pull request.

mszenher commented 12 years ago

Yes, let's discuss offline after a scrum.

On Fri, Oct 12, 2012 at 5:44 AM, Andrew Smith notifications@github.comwrote:

@jcarres-mdsol https://github.com/jcarres-mdsol I like your thinking however... My vision for Dice Bag is that we use this for configuration in production deployments (through Medistrano or whatever). Therefore projects would install the dice_bag gem in production and therefore this change would make them install brakeman in production too. So, either we make all the tool dependencies the job of the consuming project or we break out the CI tasks and dependencies into another gem. Calling @mszenherhttps://github.com/mszenherand @chad-medi https://github.com/chad-medi for there thoughts; perhaps we should discuss offline.

— Reply to this email directly or view it on GitHubhttps://github.com/mdsol/dice_bag/pull/2#issuecomment-9371340.

asmith-mdsol commented 12 years ago

I've opened issue #7 to cover this.