Chr*_*nig 11 ruby rubygems bundler gemspecs
在我自己的宝石中,我Gemfile看起来基本上是这样的:
source 'https://my.gemserver.com'
source 'https://rubygems.org'
gemspec
我.gemspec将所有依赖项列为add_dependency和add_development_dependency.
截至Bundler 1.8,我收到警告:
Warning: this Gemfile contains multiple primary sources. Using `source` more than
once without a block is a security risk, and may result in installing unexpected gems.
To resolve this warning, use a block to indicate which gems should come from the
secondary source. To upgrade this warning to an error,
run `bundle config disable_multisource true`.
有没有办法解决此警告(没有通过捆绑配置静音)?我在Rubygems规范中找不到任何关于源选项的内容.
不,您需要将警告静音或将源块添加到您Gemfile想要来自私人服务器的特定宝石.没有必要复制那些来自rubygems.org(或者你可以反过来做,如果你依赖更多的私人宝石而不是公共宝石,而你的私人宝石本身不依赖于公共宝石).
问题是该gemspec格式不支持为每个gem指定源,因此如果不将它们复制到其中Gemfile,则无法指定来自每个源的gem.
有点伤心,但一个人必须把它移到Gemfile :-(
的Gemfile:
source 'https://my.gemserver.com' do
your_gem1
your_gem2
#...
end
source 'https://rubygems.org'
gemspec
但是,如果你的某些宝石应该包括在内:development或:test组中,可以使用以下内容
的Gemfile:
your_gem1, :source => 'https://my.gemserver.com'
#...
group :development do
your_gem2, :source => 'https://my.gemserver.com'
#...
end
source 'https://rubygems.org'
gemspec