Skip to content

Commit

Permalink
Downgrade bundler to 2.3.16
Browse files Browse the repository at this point in the history 
The latest versions of bundler has an issue where incomplete lockfiles that are
locked to "ruby" but not including exclusively gems NOT platform specific.

This causes an issue with existing lockfiles, generating a missing gem
error.

This is explained in more detail in: rubygems/rubygems#5807

Since this is currently preventing Dependabot updates for our users,
especially around sorbet dependencies, and since we have no good way to
signal these failures to them with an explanation on how to resolve it,
I think it's best that we downgrade bundler to a version that does not
include this, until rubygems/rubygems#5807 is
merged and we can bump to the latest version again.
  • Loading branch information
@jurre
jurre committed Aug 4, 2022
1 parent 29e6757 commit 8c913b5
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ ARG RUBYGEMS_SYSTEM_VERSION=3.2.20
ENV DEBIAN_DISABLE_RUBYGEMS_INTEGRATION=true

ARG BUNDLER_V1_VERSION=1.17.3
ARG BUNDLER_V2_VERSION=2.3.18
ARG BUNDLER_V2_VERSION=2.3.16
ENV BUNDLE_SILENCE_ROOT_WARNING=1
# Allow gem installs as the dependabot user
ENV BUNDLE_PATH=".bundle" \
Expand Down

0 comments on commit 8c913b5

Please sign in to comment.