Psych minimum version with Solidus-3.4 should be v4.0.1

Question

Psych minimum version with Solidus-3.4 should be v4.0.1

Closed this issue 10 months ago · 0 comments

I am upgrading a store from Solidus v3.0.8 to v3.4.0 and facing an issue with the version of Psych gem.
According to solidus-core 3.4.0, psych (>= 3.1.0, < 5.0) should work but it'd be psych (>= 4.0.1, < 5.0)

This PR(#4950) uses the YAML.safe_dump method which has been added to the psych gem in v4.0.1.
Hence solidus_core's gemspec should be changed to psych (>= 4.0.1, < 5.0)

So that stores can know this while doing bundle install/update with solidus-3.4

Solidus Version:
3.4.0

To Reproduce
Can try to run Solidus-3.4.0 with psych <4.0.1

Current behavior
Currently dependencies will resolve if stores are at psych < 4.0.1 and try to run solidus 3.4.0

Expected behavior
It should not

Screenshots
With solidus-3.4.0, psych-3.1.0