outdated: option to check only direct/explicit dependencies? #5366
Comments
|
I think I should also share the workaround that we use right now, it's based on the fact that So, instead of the flag, we can launch first check like this: The second check ("for all dependencies strictly") is done via regular |
|
Seconding this feature request. I always run through |
|
Would definitely love to see this feature as well; we are, similarly, running |
|
If you mean, ignore version constraints specified in my My current workaround is to manually make temporary clone of repository, remove version constraints from |
|
@grv87 in a way. I mean limit the check to only your direct dependencies, completely ignoring their own dependencies. As an example, if you have a gems This way you can combine it with already existing flags to customize the checks to suit your particular need. For example, if you want to NOT ignore the version contstraints specified in
Also, check out the workaround script I've posted, I think you can customize it for your needs and thus avoid making a copy of repo each time you need that. |
|
@ivan-kolmychek, when you say
what do you mean? Should Bundler still respect their dependencies, just exclude them from output? Suppose that:
Should Bundler report that gem B is outdated? I believe, no. Another case is when gem A 1.0 depends on gem C 1.0, and gem B 2.0 depends on C 2.0. I'm mostly under Windows, so no Shell scripts. |
I think it really depends on your use-case. Even if
Recently we've hit almost exactly the situation you've described - one of the gems we use depended on old version of Which means that we needed to evaluate what our options are (including submitting PR to update the version constraints, forking the gem, replacing What's the most optimal course of action in similar situation can depend on variety of factors, like what gems are those But important part is, the notification from check gives you the chance to do that.
If you want it to actually respect dependencies, I think that some kind of an additional flag can also be used, like the
That's actually fine, you can still use shell scripts under the Windows in a variety of ways:
(I personally used Cygwin on a few occasions when I was limited to Windows machine by circumstances and it worked pretty well for me.) Or you can even write the analog in PowerShell and share it here, it's probably not hard. |
|
@ivan-kolmychek, ok. So we have two different use cases and require two different solutions. I know about Git bash and Cygwin and gnuwin32 and so on. Probably I'm lazy enough to go this way for this specific task :) Let's stop this discussion as off-topic. |
|
I also would be interested in this. I'm sure there's a use case somewhere, but I'm struggling to see what's the benefit of I can see @segiddins marked this as a feature request back in January. Forgive my ignorance, but I couldn't find an answer in the contribution guide: is there a process after that, or is it simply a case of "it's done when it's done"? |
|
@Simbul that generally means "seems like a cool idea, we'd be happy to merge a PR adding it" |
|
I would also love to see this feature added and took the liberty to prepare a PR! |
Add option to filter gem-dependencies from output of 'bundle outdated' Resolves #5366 by adding a new option '--filter-dependencies' to `bundle outdated`. When present, `outdated` will only check the `gemfile_specs` and skip the `dependency_specs`.
|
For what is worth, as a sort of workaround, I currently use |
pkgsr change * Remove @Prefix@ from ALTERNATIVES file. ## 1.17.2 (2018-12-11) - Add compatability for bundler merge with Ruby 2.6 ## 1.17.1 (2018-10-25) - Convert `Pathname`s to `String`s before sorting them, fixing #6760 and #6758 ([#6761](rubygems/bundler#6761), @alexggordon) ## 1.17.0 (2018-10-25) No new changes. ## 1.17.0.pre.2 (2018-10-13) Features: - Configure Bundler home, cache, config and plugin directories with `BUNDLE_USER_HOME`, `BUNDLE_USER_CACHE`, `BUNDLE_USER_CONFIG` and `BUNDLE_USER_PLUGIN` env vars ([#4333](rubygems/bundler#4333), @gwerbin) - Add `--all` option to `bundle binstubs` that will generate an executable file for all gems with commands in the bundle - Add `bundle remove` command to remove gems from the Gemfile via the CLI - Improve checking file permissions and asking for `sudo` in Bundler when it doesn't need to - Add error message to `bundle add` to check adding duplicate gems to the Gemfile - When asking for `sudo`, Bundler will show a list of folders/files that require elevated permissions to write to. The following new features are available but are not enabled by default. These are intended to be tested by users for the upcoming release of Bundler 2. - Improve deprecation warning message for `bundle show` command - Improve deprecation warning message for the `--force` option in `bundle install` ## 1.17.0.pre.1 (2018-09-24) Features: - Check folder/file permissions of the Bundle home directory in the `bundle doctor` command ([#5786](rubygems/bundler#5786), @ajwann) - Remove compiled gem extensions when running `bundle clean` ([#5596](rubygems/bundler#5596), @akhramov) - Add `--paths` option to `bundle list` command ([#6172](rubygems/bundler#6172), @colby-swandale) - Add base error class to gems generated from `bundle gem` ([#6260](rubygems/bundler#6260), @christhekeele) - Correctly re-install gem extensions with a git source when running `bundle pristine` ([#6294](rubygems/bundler#6294), @wagenet) - Add config option to disable platform warnings ([#6124](rubygems/bundler#6124), @agrim123) - Add `--skip-install` option to `bundle add` command to add gems to the Gemfile without installation ([#6511](rubygems/bundler#6511), @agrim123) - Add `--only-explicit` option to `bundle outdated` to list only outdated gems in the Gemfile ([#5366](rubygems/bundler#5366), @peret) - Support adding multiple gems to the Gemfile with `bundle add` ([#6543](rubygems/bundler#6543), @agrim123) - Make registered plugin events easier to manage in the Plugin API (@jules2689) - Add new gem install hooks to the Plugin API (@jules2689) - Add `--optimistic` and `--strict` options to `bundle add` ([#6553](https://github.com/bundler/bundler/issues/6553), @agrim123) - Add `--without-group` and `--only-group` options to `bundle list` ([#6564](rubygems/bundler#6564), @agrim123) - Add `--gemfile` option to the `bundle exec` command ([#5924](rubygems/bundler#5924), @ankitkataria) The following new features are available but are not enabled by default. These are intended to be tested by users for the upcoming release of Bundler 2. - Make `install --path` relative to the current working directory ([#2048](rubygems/bundler#2048), @igorbozato) - Auto-configure job count ([#5808](rubygems/bundler#5808), @segiddins) - Use the Gem Version Promoter for major gem updates ([#5993](rubygems/bundler#5993), @segiddins) - Add config option to add the Ruby scope to `bundle config path` when configured globally (@segiddins) ## 1.16.6 (2018-10-05) Changes: - Add an error message when adding a gem with `bundle add` that's already in the bundle ([#6341](rubygems/bundler#6341), @agrim123) - Add Homepage, Source Code and Chanagelog URI metadata fields to the `bundle gem` gemspec template (@walf443) Bugfixes: - Fix issue where updating a gem resulted in the gem's version being downgraded when `BUNDLE_ONLY_UPDATE_TO_NEWER_VERSIONS` was set ([#6529](rubygems/bundler#6529), @theflow) - Fix some rescue calls that don't specifiy error type (@utilum) - Fix an issue when the Lockfile would contain platform-specific gems that it didn't need ([#6491](rubygems/bundler#6491), @segiddins) - Improve handlding of adding new gems with only a single group to the Gemfile in `bundle add` (@agrim123) - Refactor check for OpenSSL in `bundle env` (@voxik) - Remove an unnecessary assignment in Metadata (@voxik) Documentation: - Update docs to reflect revised guidance to check in Gemfile.lock into version control for gems ([#5879](https://github.com/bundler/bundler/issues/5879), @arbonap) - Add documentation for the `--all` flag in `bundle update` (@agrim123) - Update README to use `bundle add` in usage examples (@hdf1986)
We're running
bundle outdatedautomatically against our code base to find and report any outdated dependency, let's say, as a part of the CI build.To notice that there is a new version that's falling out of our version constraints specified, we also use
--no-strict(it's unnecessary right now, ofc, but may be necessary later).Some pretty useful gems, like
pryor evenactioncable, are depending on not-the-latest-version of some gems. For instance, at the time of the posting, runningbundle outdatedwithpry 0.10.5andactioncable 5.0.1in project produces:It would be nice to have a flag (like with
--strict/--no-strict) to check only top-level/direct/explicit dependencies. This way the bundle check we use can be set up in two separate checks: 0) for direct dependencies, not strictly and 1) for all dependencies, strictly.Is there anyone else also interested in this feature?
The text was updated successfully, but these errors were encountered: