Upgrade to 1.2.8 is causing a regression problem together with devise and gitlab-de
mfechner opened this issue · 2 comments
Dear all,
I do maintain the port for gitlab-ce on FreeBSD.
The package rubygem-warden was now upgraded from version 1.2.7 to 1.2.8.
With this upgrade I see now breakage of the gitlab-ce port which is caused by a gem dependency problem.
I'm not sure what is the best to solve this, maybe you have an idea how to tackle this.
The following error message is displayed:
Resolving dependencies......
Bundler could not find compatible versions for gem "activesupport":
In Gemfile:
rails-deprecated_sanitizer (~> 1.0.3) was resolved to 1.0.3, which depends
on
activesupport (>= 4.2.0.alpha)
lograge (~> 0.5) was resolved to 0.10.0, which depends on
activesupport (>= 4)
rails (= 4.2.10) was resolved to 4.2.10, which depends on
activesupport (= 4.2.10)
grape-path-helpers (~> 1.0) was resolved to 1.0.5, which depends on
activesupport (< 5.1, >= 4)
seed-fu (~> 2.3.7) was resolved to 2.3.7, which depends on
activesupport (>= 3.1)
html-pipeline (~> 2.8) was resolved to 2.9.1, which depends on
activesupport (>= 2)
grape_logging (~> 1.7) was resolved to 1.8.0, which depends on
grape was resolved to 1.1.0, which depends on
activesupport
carrierwave (= 1.2.3) was resolved to 1.2.3, which depends on
activesupport (>= 4.0.0)
devise-two-factor (~> 3.0.0) was resolved to 3.0.3, which depends on
activesupport (< 5.3)
flipper-active_support_cache_store (~> 0.13.0) was resolved to 0.13.0, which
depends on
activesupport (< 6, >= 3.2)
validates_hostname (~> 1.0.6) was resolved to 1.0.8, which depends on
activesupport (>= 3.0)
kaminari (~> 1.0) was resolved to 1.1.1, which depends on
activesupport (>= 4.1.0)
rack-oauth2 (~> 1.2.1) was resolved to 1.2.3, which depends on
activesupport (>= 2.3)
grape-entity (~> 0.7.1) was resolved to 0.7.1, which depends on
activesupport (>= 4.0)
rails (= 4.2.10) was resolved to 4.2.10, which depends on
activejob (= 4.2.10) was resolved to 4.2.10, which depends on
globalid (>= 0.3.0) was resolved to 0.4.1, which depends on
activesupport (>= 4.2.0)
redis-rails (~> 5.0.2) was resolved to 5.0.2, which depends on
redis-activesupport (< 6, >= 5.0) was resolved to 5.0.7, which depends on
activesupport (< 6, >= 3)
rails (= 4.2.10) was resolved to 4.2.10, which depends on
actionview (= 4.2.10) was resolved to 4.2.10, which depends on
rails-dom-testing (>= 1.0.5, ~> 1.0) was resolved to 1.0.9, which
depends on
activesupport (< 5.0, >= 4.2.0)
Bundler could not find compatible versions for gem "fog-core":
In Gemfile:
fog-core (~> 1.44)
asset_sync (~> 2.4) was resolved to 2.5.0, which depends on
fog-core
fog-aliyun (~> 0.2.0) was resolved to 0.2.2, which depends on
fog-core (~> 1.27)
fog-aws (~> 2.0.1) was resolved to 2.0.1, which depends on
fog-core (~> 1.38)
fog-local (~> 0.3) was resolved to 0.6.0, which depends on
fog-core (< 3.0, >= 1.27)
fog-openstack (~> 0.1) was resolved to 0.2.4, which depends on
fog-core (~> 1.45.0)
fog-rackspace (~> 0.1.1) was resolved to 0.1.6, which depends on
fog-core (>= 1.35)
Bundler could not find compatible versions for gem "rack":
In Gemfile:
lograge (~> 0.5) was resolved to 0.10.0, which depends on
actionpack (>= 4) was resolved to 4.2.10, which depends on
rack (~> 1.6)
devise-two-factor (~> 3.0.0) was resolved to 3.0.3, which depends on
devise (~> 4.0) was resolved to 4.5.0, which depends on
warden (~> 1.2.3) was resolved to 1.2.8, which depends on
rack (>= 2.0.6)
*** Error code 6
Stop.
The problem is also recorded here:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233354
What you are running into is an updated rack dependency on ~> 2.x version. Warden supports 1.x as well, but the recent security vulnerability found in rack made it impossible to specify “at least 1.6+ OR at least 2.0.6+” at the same time. The result was to just specify 2.0.6+.
I would suggest sticking to the previous release if you are unable to update rack to 2.x