Allow sprockets4 in gemspec, but installer injects sprockets3 requirement to local app #345
Conversation
jrochkind
force-pushed
the
allow_sprockets_4_in_gemspec
branch
from
38a6249 to
d11d400
Compare
|
Huh, when I tried to do the final idea, injecting a sprockets 3.x dependency into Gemfile... I don't understand why it passes on rails 5.1 and 5.2 in ruby 2.4, but fails on rails 5.1 and 5.2 in ruby 2.5 and 2.6. I can't figure out why the ruby version would make a difference here, and it's also failing in a really weird way involving complaining about duplicate entries of a whole bunch of gems in Gemfile, and then in inability to satisfy dependencies. But why would ruby version make a difference there? My own inability to figure out how to run test suite locally is really a challenge in debugging this, I feel like i'm flying blind. Is anyone able to run this test suite locally? |
While restricting to sprockets 3 in Gemfile, since our CI does not currently work with sprockets 4
Now our installer -- which only works with sprockets 3 at present -- will still work. But the local app is free to change/erase this and upgrade to sprockets 4 itself. With the sprockets 3 requirement in our .gemspec, the local app was not
jrochkind
force-pushed
the
allow_sprockets_4_in_gemspec
branch
10 times, most recently
from
ee2b298 to
7c91920
Compare
This makes CI work, it is unclear why. It was not necessary to succesfully run tests on codebase locally. It is irrelevant to apps actually using browse_everything as a gem, doesn't change the situation for them at all.
jrochkind
force-pushed
the
allow_sprockets_4_in_gemspec
branch
from
5040f61 to
e6c8412
Compare
|
OK! This is now an attempt at the final proposal above -- having the browse_everything install generator inject a sprockets 3.x requirement in the local app Gemfile, instead of having in the browse_everything gemspec as a requirement that can't be changed. Does this make sense? I am not sure. Better would be to make things work with sprockets 4, but that seems quite challenging. This is a way to a) get CI to pass I finally got tests to pass locally on my workstation, and I can get tests to pass LOCALLY at 25461ea -- it is baffling to me why they do not pass in circle-ci at that commit. One guess is that it has something to do with the caching the samvera circle-ci "pod" is doing, but that may have been a false lead, I was never able to get anywhere with it. e6c841 is only necessary for CI, to make CI pass. It has no effect on an actual application using browse-everything as a gem. Not totally trusting the testing, I did manually set up a new Rails 5.2 app, and start following the b-e installation instructions. It did seem to work fine (including successfully downgrading to sprockets 3). Although I didn't get all the way finished with a working b-e demo, I was having trouble figuring out how to do that even on master; I did get a running app with CSS and JS delivered, by following instructions. So I dunno... does this make sense, as a stopgap until #311, which seems like it could be a while? |
jrochkind
changed the title
jrochkind
changed the title
|
This is really excellent work @jrochkind , thank you very much for this, as well as the other pull requests. I apologize for unavailable to address and review these problems. Much later this afternoon I should have the opportunity to review this more carefully and provide my opinion in comments. |
|
No problem, we're all having weird schedules these days, @jrgriffiniii . Thanks for updating me as to your expected schedule to have a chance to look at this. I'm not totally sure it's a good idea.... I just can't figure out any other solution to allow apps to use sprockets 4 (which works with b-e, if you set it up; I am doing it), in the absence of being able to get #311 done, and getting #311 done seems very challenging and is beyond me. |
| @@ -28,7 +28,7 @@ Gem::Specification.new do |spec| | |||
| spec.add_dependency 'rails', '>= 4.2', '< 6.0' | |||
| spec.add_dependency 'ruby-box' | |||
| spec.add_dependency 'signet', '~> 0.8' | |||
| spec.add_dependency 'sprockets', '~> 3.7' | |||
| spec.add_dependency 'sprockets', '>= 3.7', "< 5" | |||
There was a problem hiding this comment.
actually i'm not sure if we should remove this dependency entirely. It was not there at all until 5685a4a. Thoughts?
| # Can't explain why these restrictions are necessary for circle-ci to pass, they | ||
| # should not be, and do not seem required to have tests pass locally. | ||
| gem 'puma', "~> 3.11" | ||
| gem 'sprockets', "~> 3.7" |
There was a problem hiding this comment.
Not sure if these should be in Gemfile instead of Gemfile.extra. If Gemfile.extra is present, it seems an appropriate place for these... but I also don't understand why it's present, and am worried it will mess up the circleci samvera orb which has rules for cache keys based on checksums of the Gemfile but not necessarily Gemfile.extra.
I would be inclined to get rid of this Gemfile.extra entirely and just put all of these in the Gemfile. But I may not have the context of why Gemfile.extra was being used (and apparently recommended by engine_cart?) in the first place... which also means I may not be making the right decision about when to put things there.
|
Oops, i see "much later this afternoon" was Friday last week! What are your current thoughts @jrgriffiniii ? I guess I should just not wait for it, ok! It would be awesome if we could get maybe someone else to advise on it; this is really weird and complicated stuff; the parts involving sprockets I actually understand pretty well, but the parts involving engine_cart and circleci I do not. |
|
@jrgriffiniii hi, checking in some weeks (and a pandemic) later. I am considering forking browse-everything and using a forked version. Right now my app is locked using thor 0.20.3 when 1.0.1 is out; and faraday 0.17.3 when 1.0.1 is out; and I have no way to upgrade to a browse-everything that doesn't have those restrictions without downgrading my sprockets, which I don't want to do. I need a solution of some kind. I'm also not sure this is the right solution. It was just my attempt to find some solution when #310 is stalled out, and too much for me. |
|
I'm going to try and get #317 merged and the build passing for Rails 6.y.z releases before I address rebasing and merging this. |
Run 'bundle update' to update all dependencies to latest allowed by restrictions in Gemfile or our indirect dependency's own .gemspec files. That no longer includes latest blacklight as a result of #804 By having up to date dependencies, we make sure we have any available bugfixes, performance improvements, and security patches, and just generally avoid technical debt making sure we are up to date with latest code from our dependencies. `bundle outdated` is a command you can run to show you any gems you use (directly or indirectly) that have a newer version available. Before this PR: ``` $ bundle outdated Fetching https://github.com/sciencehistory/kithe.git Fetching gem metadata from https://rubygems.org/........ Fetching gem metadata from https://rubygems.org/. Resolving dependencies................ Outdated gems included in the bundle: * activerecord-import (newest 1.0.5, installed 1.0.4) * autoprefixer-rails (newest 9.8.4, installed 9.7.6) * aws-partitions (newest 1.336.0, installed 1.298.0) * aws-sdk-core (newest 3.102.1, installed 3.94.0) in groups "default" * aws-sdk-ec2 (newest 1.171.0, installed 1.153.0) in groups "default" * aws-sdk-kms (newest 1.35.0, installed 1.30.0) * aws-sdk-s3 (newest 1.72.0, installed 1.61.2) * aws-sigv4 (newest 1.2.1, installed 1.1.2) * blacklight (newest 7.9.0, installed 7.7.0, requested ~> 7.7.0) in groups "default" * bootstrap (newest 4.5.0, installed 4.4.1, requested ~> 4.3) in groups "default" * browse-everything (newest 1.0.2, installed 1.0.1, requested ~> 1.0) in groups "default" * byebug (newest 11.1.3, installed 11.1.2) * capistrano (newest 3.14.1, installed 3.13.0, requested ~> 3.8) in groups "development" * capistrano-rails (newest 1.5.0, installed 1.4.0, requested ~> 1.2) in groups "development" * capybara (newest 3.33.0, installed 3.32.1) in groups "test" * childprocess (newest 4.0.0, installed 3.0.0) * coderay (newest 1.1.3, installed 1.1.2) * database_cleaner (newest 1.8.5, installed 1.8.4, requested ~> 1.7) in groups "test" * declarative (newest 0.0.20, installed 0.0.10) * devise (newest 4.7.2, installed 4.7.1, requested ~> 4.5) in groups "default" * diff-lcs (newest 1.4.3, installed 1.3) * factory_bot (newest 6.0.2, installed 5.1.2) * factory_bot_rails (newest 6.0.0, installed 5.1.1) in groups "test" * faraday (newest 1.0.1, installed 0.17.3) * faraday_middleware (newest 1.0.0, installed 0.14.0) * ffi (newest 1.13.1, installed 1.12.2) * geocoder (newest 1.6.3, installed 1.6.2) * google-api-client (newest 0.41.1, installed 0.32.1) * google_drive (newest 3.0.5, installed 2.1.3) * googleauth (newest 0.13.0, installed 0.6.6) * honeybadger (newest 4.7.0, installed 4.6.0, requested ~> 4.0) in groups "default" * listen (newest 3.2.1, installed 3.1.5, requested >= 3.0.5, < 3.2) in groups "development" * lockbox (newest 0.4.5, installed 0.3.6) in groups "default" * mini_portile2 (newest 2.5.0, installed 2.4.0) * net-scp (newest 3.0.0, installed 1.2.1) * net-ssh (newest 6.1.0, installed 6.0.0) * pdf-core (newest 0.8.1, installed 0.7.0) * qa (newest 5.4.0, installed 5.3.1, requested ~> 5.2) in groups "default" * rb-fsevent (newest 0.10.4, installed 0.10.3) * rdf (newest 3.1.3, installed 3.1.1) * redis (newest 4.2.1, installed 4.1.3) * regexp_parser (newest 1.7.1, installed 1.7.0) * responders (newest 3.0.1, installed 3.0.0) * roda (newest 3.33.0, installed 3.31.0) * rspec-core (newest 3.9.2, installed 3.9.1) * rspec-expectations (newest 3.9.2, installed 3.9.1) * rspec-rails (newest 4.0.1, installed 4.0.0, requested ~> 4.0) in groups "test" * rspec-support (newest 3.9.3, installed 3.9.2) * sassc (newest 2.4.0, installed 2.3.0) * sitemap_generator (newest 6.1.2, installed 6.1.0, requested ~> 6.0) in groups "default" * slop (newest 4.8.1, installed 3.6.0) * thor (newest 1.0.1, installed 0.20.3) * typhoeus (newest 1.4.0, installed 1.3.1) * tzinfo (newest 2.0.2, installed 1.2.7) * web-console (newest 4.0.3, installed 4.0.1) in groups "development" * webdrivers (newest 4.4.1, installed 4.3.0) in groups "test" * webpacker (newest 5.1.1, installed 5.0.1, requested ~> 5.0) in groups "default" * zeitwerk (newest 2.3.1, installed 2.3.0) ``` After this PR: ``` $ bundle outdated Fetching https://github.com/sciencehistory/kithe.git Fetching gem metadata from https://rubygems.org/........ Fetching gem metadata from https://rubygems.org/. Resolving dependencies................ Outdated gems included in the bundle: * blacklight (newest 7.9.0, installed 7.7.0, requested ~> 7.7.0) in groups "default" * browse-everything (newest 1.0.2, installed 1.0.1, requested ~> 1.0) in groups "default" * childprocess (newest 4.0.0, installed 3.0.0) * faraday (newest 1.0.1, installed 0.17.3) * faraday_middleware (newest 1.0.0, installed 0.14.0) * google-api-client (newest 0.41.1, installed 0.32.1) * google_drive (newest 3.0.5, installed 2.1.3) * googleauth (newest 0.13.0, installed 0.6.6) * listen (newest 3.2.1, installed 3.1.5, requested >= 3.0.5, < 3.2) in groups "development" * mini_portile2 (newest 2.5.0, installed 2.4.0) * pdf-core (newest 0.8.1, installed 0.7.0) * slop (newest 4.8.1, installed 3.6.0) * thor (newest 1.0.1, installed 0.20.3) * tzinfo (newest 2.0.2, installed 1.2.7) ``` Much shorter! Not 100%, but MOST of these remaining outdated gems are locked by browse_everything. We have been trying to submit to browse_everything to allow updates, but are currenlty blocked on upgrading to a newer version of browse_everything with some relaxed restrictions, by samvera/browse-everything#345 We may end up forking browse_everything to have a version that allows us to update these outdated dependencies.
|
Yeah, I just noticed that the gemspec prevents rails 6.0 too. I am using browse_everything 1.0.1 with Rails 6 with no problem. It works fine. And the gemspec in 1.0.1 allows Rails 6. It is likely that 1.0.2 and master work fine with Rails 6 too; but the restriction was added because the test setup did not work with Rails 6, I guess? I may end up just having to make a personal fork of browse-everything that allows Rails 6 and sprockets 4. The code already works fine with them, my personal fork would do nothing but relax the gemspec. I could return to using an actual official release if browse-everything is ever updated to allow Rails 6 and Sprockets 4 again -- although if it also requires me to switch Javascript to use webpacker instead of sprockets, that would be an added challenge requiring more work for me to update. Again, I am using browse-everything 1.0.1 with Rails 6, Sprockets 4, and sprockets not webpacker to include b-e js, and it is in fact working just fine. The only reason I want to update browse-everything is because 1.0.1 is forcing me to stay on very old verisons of thor, faraday, etc. But I can't update beyond 1.0.1 because then it won't let me use Rails 6 and Sprockets 4. Even though the code works fine for me, the gemspec won't allow it. I've been fighting with this for a while, unless you think you will have a solution soon that allows me to use Rails 6 and Sprockets 4 without other backwards breaking changes, I'll probably just go ahead and make a personal fork. If you plan to have other backwards breaking chagnes (like requiring me to switch from sprockets to webpacker), I'll probably go ahead and make the personal fork for sure. |
|
superceded by #358 |
While restricting to sprockets 3 in Gemfile, since our CI does not currently work with sprockets 4.
One attempt at addressing #310
OK, so this is passing. Interesting. I'm going to try to write up the situation again, as currently. It's pretty confusing, in part because the sprockets 4 rollout in Rails ended up so confusing, being spread over a couple years. This is all pretty confusing.
run rails something, you have to change some things in your Gemfile to use sprockets 4. You can do so however.rails new something.javascript_include_tagto the sprockets JS package in your layout... but the b-e installer doesn't do any of these things.rails new someapp, it will start out using sprockets 4... then when you run the b-e installer, it will downgrade to sprockets 3.So what a mess!
Ideal solution?
Ideally, browse_everything should work with sprockets 4, including it's automatic installer working with sprockets 4. Making the installer do that is kind of complicated. Especially if it's going to be trying to reconfigure sprockets 4 to compile Javascript, create necessary config files, add a sprockets-powered
javascript_include_tag, etc. Complicated, and opening up the attack surface for bugs a lot.It perhaps also needs to work with sprockets 3, for apps that still have sprockets 3. Which is even more complicated.
Making things more complicated at least for me is that I find dealing with
engine_cartvery challenging, have never really wrapped my head around that. And I don't understand circle_ci either, haven't used it much and find it difficult. And I personally can't get b-e tests to run locally either.@jrgriffiniii made an attempt in #311 , but it's been languishing for nearly 6 months, becuase, well, it's hard. I don't feel capable of solving the problem either at the moment, it's super messy.
Can we do a less ideal for-now solution that at least doesn't forbid an app using b-e from using sprockets 4?
Really stupid solution: don't require a sprockets version in gemspec, do require it in Gemfile
The first version of this PR removes the sprocketes requirement from the gemspec, returning the stuation to what it was in browse_everything 1.0.1.
Now the installer won't work on any app using sprockets 4. And since latest
rails newapps use sprockets 4, CI also won't work.Then we add the sprockets 3.x dependency to our local
Gemfile. The Gemfile is used for CI -- so CI passes again. But the Gemfile has no effect on an actual app using the b-e gem at all.So the b-e installer still doesn't work on any app that is using sprockets 4, the b-e installation instructions won't work for a lot of people.
This is probably not good enough.
Better, generate a sprockets 3.x requirement into app?
OK what if we enhance this. Take the sprockets requirement out of the gemspec.
But make the sprockets installer add a
sprockets, "~> 3.7"requirement to the local app's Gemfile.This will still have some of the downsides of the current b-e 1.0.2 situation -- if your app started out using sprockets 4, installing b-e will insist on downgrading to sprockets 3 (and fail if it can't because of a conflict). This is not ideal. But it's what is already happening.
The difference is because the restriction is generated into the Gemfile, the local developers have the option to edit their own apps files (Gemfiles, sprockets configuration, etc), to upgrade to sprockets 4.
So may app could keep using sprockets 4 and upgrade to b-e 1.0.2 and subsequent.
This is really still not ideal, it's a big mess... but seems to be preferable to any other option, unless we can finish #311 maybe, which I personally do not feel confident I can, and it's been sitting there for six months.
I am going to look into trying to do this.