search

waiting-for-dev / warden-jwt_auth

JWT token authentication with warden
MIT License
113 stars 56 forks source link

Wrong dependencies in gemspec? #27

Closed viamin closed 4 years ago

viamin commented 4 years ago

I'm running into https://github.com/waiting-for-dev/devise-jwt/issues/172, which recommends upgrading to 0.4.2, but the gemspec dependency prevents updating.

Latest warden-jwt_auth (0.4.2) uses the latest dry-configurable (which I think contains the fix for https://github.com/waiting-for-dev/warden-jwt_auth/issues/22)

The warden-jwt_auth v0.4.2 gemspec has this dependency: spec.add_dependency 'dry-configurable', '~> 0.9', '< 0.11'

In 0.4.1, the gemspec has this: spec.add_dependency 'dry-configurable', '~> 0.11', '>= 0.11.3'

My current Gemfile.lock has these versions (and I'm hitting #172):

    devise (4.7.1)
    devise-jwt (0.6.0)
    dry-configurable (0.11.5)
    warden-jwt_auth (0.4.1)

My working config (before upgrading and with locked versions of dry-configurable and warden-jwt_auth) is this:

    devise (4.7.1)
    devise-jwt (0.6.0)
    dry-configurable (0.9.0)
    warden-jwt_auth (0.4.0)
waiting-for-dev commented 4 years ago

Latest warden-jwt_auth does not use latest dry-configurable version. It locks dry-configurable to be less than 0.11 as this version is not compatible for now. I've been trying to fix it but without luck for now. As currently I don't have too much time I released that version as a quickfix until the root issue can be fixed. Does it make sense?

viamin commented 4 years ago

Makes sense, sorry about the noise. Closing.

waiting-for-dev commented 4 years ago

No worries