Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[dependency] relax multipart_post dependency version requirement #20870

Merged
merged 1 commit into from Apr 18, 2023
Merged

[dependency] relax multipart_post dependency version requirement #20870

merged 1 commit into from Apr 18, 2023

Conversation

edouard
Copy link
Contributor

@edouard edouard commented Nov 17, 2022
edited

Checklist

  • I've run bundle exec rspec from the root directory to see all new and existing tests pass
  • I've followed the fastlane code style and run bundle exec rubocop -a to ensure the code style is valid
  • I see several green ci/circleci builds in the "All checks have passed" section of my PR (connect CircleCI to GitHub if not)
  • I've read the Contribution Guidelines
  • I've updated the documentation if necessary.

Motivation and Context

The gem multipart_post is currently set to ~> 2.0.0 on fastlane. Since 2.0.0 is the only version released on the 2.0 series, it effectively locks multipart_post to 2.0.0 which is a version that was released in 2013. When users bundle fastlane with other dependencies (for instance with the web_translate_it gem which requires a newer version of multipart_post), running bundle fails. See webtranslateit/webtranslateit#212 and webtranslateit/webtranslateit#220

We’ve mitigated the issue on our end by relaxing our dependency to multipart_post to let users use older versions, but this almost 10 years old dependency should be updated on your side as well.

Description

I've relaxed the dependency on multipart_post in the gemspec file. I've checked where multipart_post is used on the code and I haven’t noted any changes required in the code.

Testing Steps

@google-cla
Copy link

google-cla bot commented Nov 17, 2022

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

@edouard edouard mentioned this pull request Nov 17, 2022
Closed
@edouard
Copy link
Contributor Author

edouard commented Dec 21, 2022

Is there any way to restart the CI check on AppVeyvor? It failed for some reason but cannot restart it.

@edouard edouard mentioned this pull request Apr 18, 2023
Merged
rogerluan
rogerluan approved these changes Apr 18, 2023
View reviewed changes
Copy link
Member

@rogerluan rogerluan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have no objections here as long as it passes CI 😊 Thanks for fixing this, @edouard !

fastlane.gemspec
@@ -78,7 +78,7 @@ Gem::Specification.new do |spec|
spec.add_dependency('plist', '>= 3.1.0', '< 4.0.0') # Needed for set_build_number_repository and get_info_plist_value actions
spec.add_dependency('CFPropertyList', '>= 2.3', '< 4.0.0') # Needed to be able to read binary plist format
spec.add_dependency('addressable', '>= 2.8', '< 3.0.0') # Support for URI templates
spec.add_dependency('multipart-post', '~> 2.0.0') # Needed for uploading builds to appetize
spec.add_dependency('multipart-post', '>= 2.0.0', '< 3.0.0') # Needed for uploading builds to appetize
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Initially, I thought ~> 2.0.0 and >= 2.0.0, < 3.0.0 were equivalent, but I see the difference now. I suppose we could change ~> 2.0.0 to ~> 2, which is simpler, but that would go against the code style pattern being used nearly-throughout this file so I think this is better :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I followed the style I saw in the rest of that .gemspec file.

@rogerluan
Copy link
Member

@edouard could you rebase this branch, to trigger CI again, please? 🙏

@edouard edouard force-pushed the relax-multipart_post-dependency branch from 5b6233f to e5b6540 Compare April 18, 2023 12:37
@edouard edouard force-pushed the relax-multipart_post-dependency branch from e5b6540 to 8fdfdf2 Compare April 18, 2023 12:43
@edouard
Copy link
Contributor Author

edouard commented Apr 18, 2023

@edouard could you rebase this branch, to trigger CI again, please? 🙏

Done! Thank you for reviewing it!

@rogerluan rogerluan changed the title Relax multipart_post dependency [dependency] relax multipart_post dependency version requirement Apr 18, 2023
@rogerluan rogerluan merged commit 08e5093 into fastlane:master Apr 18, 2023
8 checks passed
@joshdholtz joshdholtz mentioned this pull request May 17, 2023
Merged
markhomoki added a commit to markhomoki/fastlane that referenced this pull request Jul 5, 2023
@markhomoki
Merge tag 'fastlane/2.213.0' into fix/prevent-dir-download-from-s3
1ba7bb4 
Improvements

* [core][match] remove obsolete and expired WWDR G1 certificate (fastlane#21271) via Frederik Seiffert (@triplef)
* [action][ensure_git_status_clean] new ignore_files option for explicitly ignoring files (fastlane#21283) via Josh Holtz (@joshdholtz)
* [scan] run simulator destination with arch=x86_64 for Xcode 14.3 and up if on Intel (fastlane#21284) via Josh Holtz (@joshdholtz)
* [match] adding support for self-managed GitLab instances (fastlane#21274) via Darby Frey (@darbyfrey)
* [pilot] fix increase limit for build query (fastlane#21212) via Eric Lindvall (@eric)
* [dependency] relax `multipart_post` dependency version requirement (fastlane#20870) via Edouard Brière (@edouard)

https://github.com/fastlane/fastlane/releases/tag/2.213.0
smalbs added a commit to potatotrain/fastlane that referenced this pull request Nov 16, 2023
@smalbs
Merge commit '0ede7e768d97d7e22e576d72ab8de96272c479a5'
506a3b2 
* commit '0ede7e768d97d7e22e576d72ab8de96272c479a5':
  Version bump to 2.213.0 (fastlane#21286)
  [core] Remove obsolete and expired WWDR G1 certificate (fastlane#21271)
  [action][ensure_git_status_clean] new ignore_files option for explicitly ignoring files (fastlane#21283)
  [scan] run simulator destination with arch=x86_64 for Xcode 14.3 and up if on Intel (fastlane#21284)
  [match] Adding support for self-managed GitLab instances (fastlane#21274)
  [pilot] Fix increase limit for build query (fastlane#21212)
  [dependency] relax `multipart_post` dependency version requirement (fastlane#20870)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rogerluan rogerluan rogerluan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@edouard @rogerluan