Remove lockfile #351

vprigent · 2024-11-10T00:52:01Z

https://yehudakatz.com/2010/12/16/clarifying-the-roles-of-the-gemspec-and-gemfile/
The intent here is to avoid the multiple dev dependencies from raising security issues for consumers of the gem.

https://yehudakatz.com/2010/12/16/clarifying-the-roles-of-the-gemspec-and-gemfile/ The intent here is to avoid the multiple dev dependencies from raising security issues for consumers of the gem

Morozzzko

Thanks for taking this on!

vprigent · 2024-11-10T02:23:11Z

@Morozzzko
I've also reduced the list of files we end up loading when doing gem install data_migrate. The default was "anything committed" but really gem installs shouldn't require test/specs, config files for third party tools, CI config and all
https://github.com/heartcombo/devise/blob/main/devise.gemspec#L26

Remove lockfile

64b9d5e

https://yehudakatz.com/2010/12/16/clarifying-the-roles-of-the-gemspec-and-gemfile/ The intent here is to avoid the multiple dev dependencies from raising security issues for consumers of the gem

vprigent requested review from ilyakatz and Morozzzko November 10, 2024 00:52

Morozzzko approved these changes Nov 10, 2024

View reviewed changes

Extend work by limiting files required for bundling gem

48bb4b2

vprigent requested a review from Morozzzko November 10, 2024 02:23

Add missing changelog entries

b17ee07

vprigent merged commit 110ab57 into ilyakatz:main Nov 10, 2024
15 checks passed

vprigent deleted the chore-remove-gemlock branch November 10, 2024 06:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove lockfile #351

Remove lockfile #351

vprigent commented Nov 10, 2024

Morozzzko left a comment

vprigent commented Nov 10, 2024

Remove lockfile #351

Remove lockfile #351

Conversation

vprigent commented Nov 10, 2024

Morozzzko left a comment

Choose a reason for hiding this comment

vprigent commented Nov 10, 2024