-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dropbox_api dependency restricts faraday versions #361
Comments
jrochkind
added a commit
to sciencehistory/scihist_digicoll
that referenced
this issue
Nov 18, 2020
The latest release of browse-everything finally allows us to upgrade to it, and still use Rails 6.0 and sprockets 4. This also finally allows us to upgrade to thor 1.x, faraday 1.0.0, and google_drive 3.x Note we are still stuck on faraday 1.0.0 unable to upgrade to 1.0.1 becuase of too restrictive dropbox_api dependency. samvera/browse-everything#361
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The dropbox_api gem oddly limits to faraday
<= 1.0
, meaning 1.0.0 is allowed but 1.0.1 (or 1.1.0) are not. (Both 1.0.1 and 1.1.0 are existing faraday releases).Jesus/dropbox_api#71
This means an app that uses browse-everything is prevented from using a faraday version past 1.0.0. Meaning losing out on bugfixes or performance improvements in (eg) 1.0.1, and also potential for conflict if some other dependency wants eg faraday 1.1.x.
Options:
Somehow help/get dropbox_api to fix this.
Move to a different dependency than dropbox_api. We are using dropbox_api which has most recent release December 2019, 136 github stars and
1,049,324
total downloads on rubygems. There is also [dropbox_api](https://github.com/zendesk/dropbox-api] which has a more recent release (April 2020), more stars on github (356), but fewer total downloads. on rubygems. They both only have pre-1.0 releases. It's honestly not clear if either of them is especially well maintained.Make dropbox_api an "optional" dependency. There isn't an "optional" dependency feature in rubygems, this would mean making it not a formal dependency, but using runtime logic to load it if present, insist on certain versions if desired (although sincce dropbox_api is still pre-release 1.0 without semver, there probably aren't desirable version restrictions), and complain if you try to use dropbox features without it. While an informal pattern, this is for example what Rails does with database adapters, such as
pg
-- no need to make every app using Rails have a dependency on every possible database adapter Rails could work with. This seems analagous.dropbox_api
to their Gemfiles manually. This is unfortunate, becuase otherwise I would consider this a fine solution. But I suspect people won't want to release a 2.0 with only this change, although there is no technical reason not to.Do nothing, just accept that apps with a dependency on b-e (including indirect dependencies) won't be able to use browse-everthing past 1.0.0, won't be able to update to 1.0.1.
The text was updated successfully, but these errors were encountered: