Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove lockfile #351

Merged
merged 3 commits into from
Nov 10, 2024
Merged

Remove lockfile #351

merged 3 commits into from
Nov 10, 2024

Conversation

vprigent
Copy link
Collaborator

https://yehudakatz.com/2010/12/16/clarifying-the-roles-of-the-gemspec-and-gemfile/
The intent here is to avoid the multiple dev dependencies from raising security issues for consumers of the gem.

https://yehudakatz.com/2010/12/16/clarifying-the-roles-of-the-gemspec-and-gemfile/
The intent here is to avoid the multiple dev dependencies from raising 
security issues for consumers of the gem
Copy link
Collaborator

@Morozzzko Morozzzko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for taking this on!

@vprigent
Copy link
Collaborator Author

@Morozzzko
I've also reduced the list of files we end up loading when doing gem install data_migrate. The default was "anything committed" but really gem installs shouldn't require test/specs, config files for third party tools, CI config and all
https://github.com/heartcombo/devise/blob/main/devise.gemspec#L26

@vprigent vprigent requested a review from Morozzzko November 10, 2024 02:23
@vprigent vprigent merged commit 110ab57 into ilyakatz:main Nov 10, 2024
15 checks passed
@vprigent vprigent deleted the chore-remove-gemlock branch November 10, 2024 06:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants