Limitless - RubyUnconf Hamburg 2019

Limitless RubyUnconf Hamburg 2019

Terence Lee @hone02

Austin, TX

Sorry, this is a different kind of talk.

Dark Days of Dependency Management in Rails 2.3 # config/environment.rb
Rails::Initializer.run do |config| # depend on latest version of paperclip config.gem "paperclip" config.gem "rspec", :version => "1.2.4" config.gem "cucumber", :version => "0.9.8" end

Install Gems into System $ rake gems:install

Just Gem Install $ gem install cucumber

Just Gem Install $ gem install cucumber --version 0.9.8

Unpack gems into vendor/ $ rake gems:unpack

Unpack a specific gem $ rake gems:unpack GEM=cucumber

This took a whole day

Gem Activation Errors

Dep Management on the Heroku Bamboo Stack # .gems hpricot
--version '>= 0.2' --source code.whytheluckystiff.net dm-core --version 0.9.10

Dep Management on the Heroku Bamboo Stack -----> Installing gem
hpricot >= 0.2 from http://code.whytheluckystiff.net Building native extensions. This could take a while... Successfully installed hpricot-0.6 1 gem installed -----> Installing gem dm-core 0.9.10 from http://gems.rubyforge.org Successfully installed addressable-2.0.2 Successfully installed extlib-0.9.10 Successfully installed data_objects-0.9.11 Successfully installed dm-core-0.9.10 4 gems installed

rails 2.3.6 May 23, 2010

actionpack, rack 1.0.1 -> rack 1.1.0

Gem Activation Error Missing the Rails gem. Please `gem install
-v= 2.3.5`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.

Issues with runtime Gem Resolution gem "activemerchant", "1.4.2" # results
in activating activemerchant, as well as # activesupport 3.0.pre, since it is >= 2.3.2 gem "rails", "2.3.4" # results in: # can't activate activesupport (= 2.3.4, runtime) # for ["rails-2.3.4"], already activated # activesupport-3.0.pre for ["activemerchant-1.4.2"]

merb All you need… nil you don’t

merb 2 == rails 3

Bundler 0.8: Gemfile

Bundler 0.9: Gemfile.lock

Terrible DX $ bundle lock

Terrible DX $ bundle lock $ bundle install

Terrible DX $ bundle lock $ bundle install $ bundle
unlock

Bundler 1.0.0 August 29, 2010

Terrible DX $ bundle lock $ bundle install $ bundle
unlock

Rocky Road

Why do we need a lockfile? After developing your application
for a while, check in the application together with the Gemfile and Gemfile.lock snapshot. Now, your repository has a record of the exact versions of all of the gems that you used the last time you know for sure that the application worked... This is important: the Gemfile.lock makes your application a single package of both your own code and the third-party code it ran the last time you know for sure that everything worked. Specifying exact versions of the third-party code you depend on in your Gemfile would not provide the same guarantee, because gems usually declare a range of versions for their dependencies.

Alternatives • isolate • rvm gemsets

bundle exec

bundler is slow

Bundler 1.17 merged into Ruby 2.6

That's my story...

and it's your story

What did we learn?

Heroes

Heroes Leaders

Lockfiles

Can't Predict the Outcome • Elixir -> mix.lock • Rust
-> cargo.lock • Node.js -> package-lock.json, yarn.lock • PHP -> composure.lock • Go -> go.sum, Gopkg.lock • Python -> poetry.lock, Pipfile.lock

So many more stories like these • Bundler • SASS
• Rails • 12factor • Testing + BDD • Static Site Generators (Jekyll) • Code Covenant • RailsBridge • RailsGirls • CodeSchools/Bootcamps • DevOps: Chef, Puppet, $ git push heroku master

Ruby is a Community of Innovators

Don't Accept the Status Quo

Don't Let Anyone Tell You What's Possible

Make People Believe

Inspire the Next Generation

Challenge the Limits

Limitless - RubyUnconf Hamburg 2019

Limitless - RubyUnconf Hamburg 2019

More Decks by hone

Other Decks in Research

Featured

Transcript