Strange bundle update issue: disappearing net-pop (0.1.2) dependency
I have a strange bundle update issue with the dependency of net-pop.
I manually updated all gems via bundle update GEM. Everything works so far. My CI builds and tests jobs are green.
But:
When I now run bundle update, my Gemfile.lock will be changed and the dependency ‘net-protocol’ of ‘net-pop’ gets deleted. Nothing else get changed.
Of course, my CI build job will fail with the error message:
47.64 Downloading net-pop-0.1.2 revealed dependencies not in the API or the lockfile
47.64 (net-protocol (>= 0)).
47.64 Running `bundle update net-pop` should fix the problem.
Running bundle update net-pop does not help.
The gemspec file of net-pop is correct https://github.com/ruby/net-pop/blob/master/net-pop.gemspec#L31
Currently, the only solution is to manually modify the Gemfile.lock and to re-add the missing line.
I do not understand what’s going on.
Versions:
- ruby: 3.3.3
- rails 7.0.8.4
- bundler 2.5.11
- rvm 1.29.12-next
- OS Ubuntu 20.04
edit
not so 'minimal' Gemfile
# frozen_string_literal: true
source 'https://rubygems.org'
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '~> 7.0.4'
# used server -> use it for all environments
gem 'bcrypt-ruby'
gem 'jbuilder'
# Gems used only for assets and not required
# in production environments by default.
gem 'net-imap', require: false
gem 'net-pop', require: false
gem 'net-smtp', require: false
gem 'sprockets', '~> 4.0'
gem 'sprockets-rails'
gem 'rexml'
gem 'webrick', '~> 1.7'
gem 'csv'
gem 'mutex_m'
gem 'mail'
gem 'parallel'
bundle install produces:
GEM
remote: https://rubygems.org/
specs:
actioncable (7.0.8.4)
actionpack (= 7.0.8.4)
activesupport (= 7.0.8.4)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (7.0.8.4)
actionpack (= 7.0.8.4)
activejob (= 7.0.8.4)
activerecord (= 7.0.8.4)
activestorage (= 7.0.8.4)
activesupport (= 7.0.8.4)
mail (>= 2.7.1)
net-imap
net-pop
net-smtp
actionmailer (7.0.8.4)
actionpack (= 7.0.8.4)
actionview (= 7.0.8.4)
activejob (= 7.0.8.4)
activesupport (= 7.0.8.4)
mail (~> 2.5, >= 2.5.4)
net-imap
net-pop
net-smtp
rails-dom-testing (~> 2.0)
actionpack (7.0.8.4)
actionview (= 7.0.8.4)
activesupport (= 7.0.8.4)
rack (~> 2.0, >= 2.2.4)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (7.0.8.4)
actionpack (= 7.0.8.4)
activerecord (= 7.0.8.4)
activestorage (= 7.0.8.4)
activesupport (= 7.0.8.4)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
actionview (7.0.8.4)
activesupport (= 7.0.8.4)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (7.0.8.4)
activesupport (= 7.0.8.4)
globalid (>= 0.3.6)
activemodel (7.0.8.4)
activesupport (= 7.0.8.4)
activerecord (7.0.8.4)
activemodel (= 7.0.8.4)
activesupport (= 7.0.8.4)
activestorage (7.0.8.4)
actionpack (= 7.0.8.4)
activejob (= 7.0.8.4)
activerecord (= 7.0.8.4)
activesupport (= 7.0.8.4)
marcel (~> 1.0)
mini_mime (>= 1.1.0)
activesupport (7.0.8.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
bcrypt (3.1.20)
bcrypt-ruby (3.1.5)
bcrypt (>= 3.1.3)
builder (3.3.0)
concurrent-ruby (1.3.3)
crass (1.0.6)
csv (3.3.0)
date (3.3.4)
erubi (1.12.0)
globalid (1.2.1)
activesupport (>= 6.1)
i18n (1.14.5)
concurrent-ruby (~> 1.0)
jbuilder (2.12.0)
actionview (>= 5.0.0)
activesupport (>= 5.0.0)
loofah (2.22.0)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
mail (2.8.1)
mini_mime (>= 0.1.1)
net-imap
net-pop
net-smtp
marcel (1.0.4)
method_source (1.1.0)
mini_mime (1.1.5)
mini_portile2 (2.8.7)
minitest (5.23.1)
mutex_m (0.2.0)
net-imap (0.4.12)
date
net-protocol
net-pop (0.1.2)
net-protocol
net-protocol (0.2.2)
timeout
net-smtp (0.5.0)
net-protocol
nio4r (2.7.3)
nokogiri (1.16.5)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
parallel (1.25.1)
racc (1.8.0)
rack (2.2.9)
rack-test (2.1.0)
rack (>= 1.3)
rails (7.0.8.4)
actioncable (= 7.0.8.4)
actionmailbox (= 7.0.8.4)
actionmailer (= 7.0.8.4)
actionpack (= 7.0.8.4)
actiontext (= 7.0.8.4)
actionview (= 7.0.8.4)
activejob (= 7.0.8.4)
activemodel (= 7.0.8.4)
activerecord (= 7.0.8.4)
activestorage (= 7.0.8.4)
activesupport (= 7.0.8.4)
bundler (>= 1.15.0)
railties (= 7.0.8.4)
rails-dom-testing (2.2.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.0)
loofah (~> 2.21)
nokogiri (~> 1.14)
railties (7.0.8.4)
actionpack (= 7.0.8.4)
activesupport (= 7.0.8.4)
method_source
rake (>= 12.2)
thor (~> 1.0)
zeitwerk (~> 2.5)
rake (13.2.1)
rexml (3.3.0)
strscan
sprockets (4.2.1)
concurrent-ruby (~> 1.0)
rack (>= 2.2.4, < 4)
sprockets-rails (3.5.1)
actionpack (>= 6.1)
activesupport (>= 6.1)
sprockets (>= 3.0.0)
strscan (3.1.0)
thor (1.3.1)
timeout (0.4.1)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
webrick (1.8.1)
websocket-driver (0.7.6)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
zeitwerk (2.6.15)
PLATFORMS
ruby
DEPENDENCIES
bcrypt-ruby
csv
jbuilder
mail
mutex_m
net-imap
net-pop
net-smtp
parallel
rails (~> 7.0.4)
rexml
sprockets (~> 4.0)
sprockets-rails
webrick (~> 1.7)
BUNDLED WITH
2.5.11
and bundle update afterwards deletes the net-protocol line.
Solution
The issue is reproducible with ruby v3.3.3 only:
# Gemfile
source "https://rubygems.org"
gem "net-pop", require: false
I traced it all the way up to ruby installation. net-pop is a bundled gem it gets installed with ruby, this process generates a gemspec file:
# ~/.rbenv/versions/3.3.3/lib/ruby/gems/3.3.0/specifications/net-pop-0.1.2.gemspec
# -*- encoding: utf-8 -*-
# stub: net-pop 0.1.2 ruby lib
Gem::Specification.new do |s|
s.name = "net-pop".freeze
s.version = "0.1.2".freeze
s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
s.metadata = { "homepage_uri" => "https://github.com/ruby/net-pop", "source_code_uri" => "https://github.com/ruby/net-pop" } if s.respond_to? :metadata=
s.require_paths = ["lib".freeze]
s.authors = ["Yukihiro Matsumoto".freeze]
s.bindir = "exe".freeze
s.date = "2024-06-12"
s.description = "Ruby client library for POP3.".freeze
s.email = ["matz@ruby-lang.org".freeze]
s.homepage = "https://github.com/ruby/net-pop".freeze
s.licenses = ["Ruby".freeze, "BSD-2-Clause".freeze]
s.rubygems_version = "3.3.5".freeze
s.summary = "Ruby client library for POP3.".freeze
s.installed_by_version = "3.5.11".freeze if s.respond_to? :installed_by_version
end
There are two lines missing, including the dependency:
s.specification_version = 4
s.add_runtime_dependency(%q<net-protocol>.freeze, [">= 0".freeze])
When you run bundle, that file is used to lookup all the information for a gem and generate a Gemfile.lock.
Workarounds
Remove that gemspec file and run bundle update or gem install again:
rm ~/.rbenv/versions/3.3.3/lib/ruby/gems/3.3.0/specifications/net-pop-0.1.2.gemspec
bundle update
or from irb:
File.delete(Gem::Specification.find_by_name("net-pop").spec_file)
Gem.install("net-pop")
or uninstall it first:
gem uninstall net-pop
gem install net-pop
or @Schneems' solution that also works on Heroku:
# Gemfile
gem "net-pop", github: "ruby/net-pop"
which will recreate gemspec file correctly:
# ~/.rbenv/versions/3.3.3/lib/ruby/gems/3.3.0/specifications/net-pop-0.1.2.gemspec
# -*- encoding: utf-8 -*-
# stub: net-pop 0.1.2 ruby lib
Gem::Specification.new do |s|
s.name = "net-pop".freeze
s.version = "0.1.2".freeze
s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
s.metadata = { "homepage_uri" => "https://github.com/ruby/net-pop", "source_code_uri" => "https://github.com/ruby/net-pop" } if s.respond_to? :metadata=
s.require_paths = ["lib".freeze]
s.authors = ["Yukihiro Matsumoto".freeze]
s.bindir = "exe".freeze
s.date = "2022-09-28"
s.description = "Ruby client library for POP3.".freeze
s.email = ["matz@ruby-lang.org".freeze]
s.homepage = "https://github.com/ruby/net-pop".freeze
s.licenses = ["Ruby".freeze, "BSD-2-Clause".freeze]
s.rubygems_version = "3.4.0.dev".freeze
s.summary = "Ruby client library for POP3.".freeze
s.installed_by_version = "3.5.11".freeze if s.respond_to? :installed_by_version
s.specification_version = 4
s.add_runtime_dependency(%q<net-protocol>.freeze, [">= 0".freeze])
end
Looks like gemspec files are part of the ruby releases, so it's just broken out of the box:
https://www.ruby-lang.org/en/downloads/releases/
/ruby-3.3.3/.bundle/specifications/net-pop-0.1.2.gemspec
- RubyMine not showing the project folders with tree structure, it shows the tree structure for the excluded files
- Devise giving admin privileges to destroy
- Best way of transforming values in array of hashes (performance)
- Unit testing paperclip uploads with Rspec (Rails)
- Devise: sign in with two possible encrypted passwords
- Rails—get a random record from db?
- Is there an opposite method of "in?" in Rails?
- BraintreeError: Cannot contact the gateway at this time (during system/integration specs only)
- RoR Graphql Types::BaseObject NameError
- uninitialized constant Rspec
- Error when trying to install app with mysql2 gem
- overriding devise after_sign_up_path_for not working
- Rails route path helpers from inside namespaced controller
- How to set default locale for a controller
- What is the rails way to update a price field before update in a model object generating a total?
- How can I skip before_validations in Rails?
- Reading docs in irb
- ruby on rails link_to delete method not working
- Lost cursor error from MongoDB aggregate statement. Why? Rails 5.2, Mongoid 6.4
- JS file is blocked due to bad MIME in production
- Strange Cookie Overflow error in Ruby on Rails application
- Rails how do I check for existance of a class when not instantiated yet?
- Ruby on Rails Each do method
- How to add raw_filter method to ruby on rails 7?
- How to update STRIPE CHECKOUT SESSION attributes RAILS
- How do I get a list of required fields in a model in Rails?
- In "acts-as-taggable-on", how to get all the tags used in all the instances of a Model?
- Overriding load_and_authorize_resource of super class
- How to print a string in erb file including line breaks
- The Cookie header is not sent with the Fetch GET request to Cloudfront. Why?