-
-
Notifications
You must be signed in to change notification settings - Fork 229
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update thor version #237
Update thor version #237
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't need to increase the minimal version.
@AlexWayfer makes sense, updated |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, thanks. CI fails from master
, as I see.
@AlexWayfer It looks like Travis is failing because of the bundler issues with bundler 2.1.0. Once Travis updates their images to use bundler 2.1.1 (or a |
@rwojnarowski @AlexWayfer Can whichever of you has access please rerun the Travis build? They should have fixed the transient bundler issue by now. So I expect the build will run clean. I'd love to see this merged and a new version of bundler-audit released - this issue is impacting our build pipeline, and we may have to pull bundler-audit out if it doesn't get resolved soon. |
I can't, I'm not a collaborator or maintainer.
You can try to remake your commit ( |
@rwojnarowski Do you have time to do it or can/should I do it (forking your PR and resubmitting?) @postmodern Can I do something? |
@denispasin i've rerun Travis. Still failing |
I think I've fixed the unit tests in #242. also for what it's worth, there's a line towards the end of the readme that calls out the thor dependency which should probably be updated in this PR (https://github.com/rubysec/bundler-audit/blob/master/README.md#requirements). |
Waiting for Travis to re-run due to other merges. In the future we should probably just bump the thor dep to |
Thank you. We're waiting for a new release with it. 🙌 |
@AlexWayfer currently stuck on writing new specs for Database in the 0.7.0 branch. I decided to gut the vendored DB, and just auto-download it at first run. I suppose I could release a 0.6.x patch release, but I've rather knock out these other issues with 0.7 (support for output formats and old vendored db confusing new users). |
OK. You can make a PR and ask for help, I worked with similar things in Anyway, thank you for your work. You don't owe something to us, there are just our waiting wishes. |
If you have time, a fixed 0.6.x patch release would be great, because it looks like the next rails release (6.1) https://github.com/rails/rails/blob/master/railties/railties.gemspec#L43 is going to require an updated thor |
@AlexWayfer see the 0.7.0 branch. I managed to fix the CLI specs, but the integrations specs are still failing. I'm tempted to delete the integration specs, since they look like duplicates of the CLI specs but execute the @trammel if I can't get 0.7.0 released soon, I'll take a look at releasing 0.6.x based on the current state of master. |
(locally reproducable) Also I'm getting another error:
While I'm not familiar with |
I've created #252, all tests are passing (locally, lets see CI results). UPD: Oh, there is no CI… OK, you can check it yourself. |
Use bundler-audit 0.7.0, currently in pre-release. It has an up-to-date Thor dependency, which fixes an incompatibility with Bundler 2. Here is a trail of bug reports and fixes against the repo: * <rubysec/bundler-audit#239> * <rubysec/bundler-audit#237> * <rubysec/bundler-audit#252>
Use bundler-audit 0.7.0, currently in pre-release. It has an up-to-date Thor dependency, which fixes an incompatibility with Bundler 2. Here is a trail of bug reports and fixes against the repo: * <rubysec/bundler-audit#239> * <rubysec/bundler-audit#237> * <rubysec/bundler-audit#252>
Use bundler-audit 0.7.0, currently in pre-release. It has an up-to-date Thor dependency, which fixes an incompatibility with Bundler 2. Here is a trail of bug reports and fixes against the repo: * <rubysec/bundler-audit#239> * <rubysec/bundler-audit#237> * <rubysec/bundler-audit#252>
Use bundler-audit 0.7.0, currently in pre-release. It has an up-to-date Thor dependency, which fixes an incompatibility with Bundler 2. Here is a trail of bug reports and fixes against the repo: * <rubysec/bundler-audit#239> * <rubysec/bundler-audit#237> * <rubysec/bundler-audit#252>
Eventually what is the status? could you issue a 0.6.x release with just the thor update? |
Attempting to write up the ChangeLog for 0.6.2, but I see a few additional smaller features got into master (GHSA ID support and CVSSv3). Not sure if I should just release 0.6.2, bump to 0.7.0 and bump 0.7.0 to 0.8.0, or what? |
Bump them all. It's a minor version number, but includes more fixes than expected. |
Bumped. Will do a second pass tomorrow and ensure |
bundler-audit 0.7.0 has finally been released! Any new features should now go into the 0.8.0 branch (formally known as 0.7.0). |
Thank you very much @postmodern. However when I try running |
Use bundler-audit 0.7.0, currently in pre-release. It has an up-to-date Thor dependency, which fixes an incompatibility with Bundler 2. Here is a trail of bug reports and fixes against the repo: * <rubysec/bundler-audit#239> * <rubysec/bundler-audit#237> * <rubysec/bundler-audit#252>
Thor changelog:
https://github.com/erikhuda/thor/blob/master/CHANGELOG.md