You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We've tried to activate or update your repository on Depfu and found something odd:
Your repo contains both a *.gemspec file and a Gemfile.lock.
Depfu can't really handle that right now, unfortunately, and it's also not best practice:
If your repo contains a *.gemspec that usually means it is meant to be used as a Gem, or put differently, a library. Locking dependencies on a library (via Gemfile.lock) doesn't really make sense, especially since the Gemfile.lock can't and won't be honored when building and installing the gem.
Instead, you should declare your dependencies as specifically as needed (but as loose as possible) in the *.gemspec and add the Gemfile.lock to your .gitignore.
By checking in the Gemfile.lock, you will not only break Depfu (which we might fix at some point, maybe), but you will also keep your CI from testing against real life sets of dependencies.
This is an automated issue by Depfu. You're getting it because someone configured Depfu to automatically update dependencies on this project.
The text was updated successfully, but these errors were encountered:
Hello,
We've tried to activate or update your repository on Depfu and found something odd:
Your repo contains both a
*.gemspecfile and aGemfile.lock.Depfu can't really handle that right now, unfortunately, and it's also not best practice:
If your repo contains a
*.gemspecthat usually means it is meant to be used as a Gem, or put differently, a library. Locking dependencies on a library (viaGemfile.lock) doesn't really make sense, especially since theGemfile.lockcan't and won't be honored when building and installing the gem.Instead, you should declare your dependencies as specifically as needed (but as loose as possible) in the
*.gemspecand add theGemfile.lockto your.gitignore.By checking in the
Gemfile.lock, you will not only break Depfu (which we might fix at some point, maybe), but you will also keep your CI from testing against real life sets of dependencies.This is an automated issue by Depfu. You're getting it because someone configured Depfu to automatically update dependencies on this project.
The text was updated successfully, but these errors were encountered: