Closed yakirgb closed 4 years ago
Failed on:
Bundler could not find compatible versions for gem "bundler":
In Gemfile:
bundler (~> 1.7)
Current Bundler version:
bundler (2.1.2)
I agree, pinning to an exact version will break things when the upstream gem yanks old versions again.
Love to see this get merged and on rubygems.org.. I'm dead in the water on this dependency failure.
has anybody checked if the new version are good? ive checked a bit and it seems very fishy, might be a trojan
has anybody checked if the new version are good? ive checked a bit and it seems very fishy, might be a trojan
@xblitz Would you care to elaborate? I just took a look through the bulk of the checks that are part of this project and don't see anything particularly fishy other than that it is doing what it's designed to do, which is go through process/thread details.
well yes a a successful trojan would not alter the working conditions or else, it nobody would use the new version. but my suspicions are related to the fact that a new version has been uploaded on rubygems.org , while the github of the project has not been updated: https://github.com/rubyworks/english and the old version have been yanked (to force people to use the new version) .
Another interesting note, is that English is part of the ruby stdlib (since ruby 2).
But this is the actual english gem https://github.com/ruby/English
And it has been updated.
well yes a a successful trojan would not alter the working conditions or else, it nobody would use the new version. but my suspicions are related to the fact that a new version has been uploaded on rubygems.org , while the github of the project has not been updated: https://github.com/rubyworks/english and the old version have been yanked (to force people to use the new version) .
to be clear, you're referring to the English gem and not this project. I took your initial post, lacking that context, to be about the released version of this gem :)
well yes a a successful trojan would not alter the working conditions or else, it nobody would use the new version. but my suspicions are related to the fact that a new version has been uploaded on rubygems.org , while the github of the project has not been updated: https://github.com/rubyworks/english and the old version have been yanked (to force people to use the new version) .
to be clear, you're referring to the English gem and not this project. I took your initial post, lacking that context, to be about the released version of this gem :)
Ah yes sorry about that confusion, I was indeed speaking of the English
ruby gem that we can see on rubygems.org https://rubygems.org/gems/english/ and the said source of that gem in this page links to https://github.com/rubyworks/english but indeed it now (since 0.7.0) seems to be from this repo as @mrosePTC mentionned https://github.com/ruby/English .. but it doesnt seem to be afork weirdly enough. So i still think it's kinda fishy but might be totally safe
The dependency of English-0.6.3 is completely wrong usage. 0.7.0 is finally fine.
See https://github.com/ruby/English/issues/1#issuecomment-613127885
Fix https://github.com/sensu-plugins/sensu-plugins-process-checks/issues/112 english 0.6.3 removed, upgrade to 0.7.0 solving the issue.
Pull Request Checklist
Is this in reference to an existing issue? Yes
General
[ ] Update Changelog following the conventions laid out here
[ ] Update README with any necessary configuration snippets
[ ] Binstubs are created if needed
[ ] RuboCop passes
[ ] Existing tests pass
Purpose
Fix #112
Known Compatibility Issues