-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent gem activation in standalone mode #6925
Prevent gem activation in standalone mode #6925
Conversation
Question: Why do you use |
We mostly don't. It looks like GitHub started running some things with Hopefully this PR makes sense anyway, since even without |
This looks great, but I just noticed there's a merge conflict now. Could you rebase this @composerinteralia 🙏? |
3edea74
to
e344888
Compare
As discussed in rubygems#6273 (comment) The `gem` method behaves awkwardly in standalone mode. Assuming bundler isn't loaded at all, a call to gem might activate a gem that is not part of the bundle (because it's the gem method defined in lib/rubygems/core_ext/kernel_gem.rb and not lib/bundler/rubygems_integration.rb). And when running with `--disable-gems`, the gem method won't be defined at all so we'll get a NoMethodError. Calls to `gem` can appear in dependencies outside an application's control. To work around this at GitHub we defined our own `Kernel#gem` that no-ops. I agree with rubygems#6273 (comment) > people using standalone mode don't want to activate gems like Kernel.gem This commit redefines `Kernel#gem` in the standalone script to no-op.
e344888
to
bea17b5
Compare
Done! |
Thank you @composerinteralia! |
…m-activation Prevent gem activation in standalone mode (cherry picked from commit bf1a8cb)
…m-activation Prevent gem activation in standalone mode (cherry picked from commit bf1a8cb)
…m-activation Prevent gem activation in standalone mode (cherry picked from commit bf1a8cb)
…m-activation Prevent gem activation in standalone mode (cherry picked from commit bf1a8cb)
What was the end-user or developer problem that led to this PR?
As discussed in #6273 (comment)
The
gem
method behaves awkwardly in standalone mode. Assuming bundler isn't loaded at all, a call to gem might activate a gem that is not part of the bundle (because it's the gem method defined in lib/rubygems/core_ext/kernel_gem.rb and notlib/bundler/rubygems_integration.rb). And when running with
--disable-gems
, the gem method won't be defined at all so we'll get a NoMethodError.Calls to
gem
can appear in dependencies outside an application's control. To work around this at GitHub we defined our ownKernel#gem
that no-ops.I agree with #6273 (comment)
What is your fix for the problem, implemented in this PR?
This commit redefines
Kernel#gem
in the standalone script to no-op.Make sure the following tasks are checked