Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure ruby runtime does not contain duplicated gems #16817

Open
donoghuc opened this issue Dec 18, 2024 · 0 comments
Open

Ensure ruby runtime does not contain duplicated gems #16817

donoghuc opened this issue Dec 18, 2024 · 0 comments

Comments

@donoghuc
Copy link
Member

Logstash artifacts contain both a jruby interpreter as well as a gem environment including dependencies and plugin gems. The gem environment is managed via bundler. Jruby ships with a collection of "default" gems https://github.com/jruby/jruby/blob/master/lib/pom.rb just like MRI ruby. When a gemspec contains an explicit dependency on a default gem, bundler will try to fetch the latest version from rubygems. In the case where there is a newer version than the default shipped with jruby an ambiguous gem loading warning will be surfaced.

Examples:

The interim solution for resolving these issues has been to explicitly pin gems to the version shipped in jruby #16755

This solution requires manual intervention and is prone to missing required updates. We should build a better solution for resolving conflicts between gems managed with bundler and those shipped with jruby.

Desired outcomes

  • At minimum we should automate at least checking for conflicts periodically.
  • Come up with a solution for managing this, if it is just pinning explicitly come up with a way to automate that workflow

Another thing to consider may be something like:

# Force bundler to prefer gems from rubygems.org over default gems
source "file://#{JRUBY_DIR}/lib/ruby/gems/shared" do
  gem 'date', '3.3.3'
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant