Comments (9)
I see that it's out of date in both places. Can you confirm that?
https://gemnasium.com/Salzig
https://gemnasium.com/Salzig/evulgo
from gemnasium-parser.
if green means "out of date", then yes.
from gemnasium-parser.
Sorry, I meant that I see that the "evulgo" project is out of date (red) on the dashboard as well as the project page. Also, I see that the "inherited_resources" gem/dependency is up to date (green) on both the dashboard and the project page. Everything looks right to me with those. I've cleared the maybe-incorrectly-cached status values on your projects so please let me know if everything looks right now.
from gemnasium-parser.
The Day i posted this "bug". /Salzig shows inherited_resources as outdated, and /Salzig/evulgo as everything is fine.
btw, both should show "red". Cause the Gemfile.lock locks inherited_resources at 1.3.0.
from gemnasium-parser.
Okay great. As for the red vs. green status, the status is based on your specified requirement, not the actually installed version.
from gemnasium-parser.
Gemfile.lock describes not the actually installed version. It describes the actually used version.
…
This is important: the Gemfile.lock makes your application a single package of both your own code and the third-party code it ran the last time you know for sure that everything worked.
…
http://gembundler.com/rationale.html
from gemnasium-parser.
I think we're saying the same thing. The Gemfile.lock describes both the required version/range as well as the currently used version at the time of generation. Not all Bundler-friendly projects commit the Gemfile.lock (many gems) so we made a design decision to pay attention to the gem dependency requirement rather than the specifically used version, for consistency.
This also has the bonus effect that when developers make the intentional decision to keep their dependencies (again, mostly for gems) as open as possible, there's less upkeep and their Gemnasium statuses won't go red every time a new version is released.
Gemnasium is meant to notify you when there's potential for upgrade outside of what you're currently requiring. Developers should run bundle update
to refresh their dependencies within their requirements as a matter of routine.
from gemnasium-parser.
ok. Sorry, that was an misconception on my part.
from gemnasium-parser.
No problem at all. Glad we got it cleared up!
from gemnasium-parser.
Related Issues (20)
- Unexpected results for andreasronge/neo4j HOT 3
- Unexpected results for tarcieri/celluloid-io HOT 1
- Unexpected results for Vanuan/redmine_backlogs_rails3 HOT 2
- Unexpected results for wildfireapp/zuora HOT 3
- Unexpected results for AlexParamonov/ap-project HOT 1
- Unexpected results for tristandunn/writing HOT 2
- Unexpected results for gitkeeper/valet HOT 1
- Unexpected results for an impulseflyer repo HOT 2
- Unexpected results for ivdmeer/sample_app HOT 3
- Unexpected results for moonglum/brazil HOT 3
- Unexpected results for javierav/emogem HOT 1
- Unexpected results for schmich/tome HOT 3
- Unexpected results for kytrinyx/etsy HOT 2
- Included spec fail? HOT 1
- Add support for :github option syntax
- Fail to recognize gemspec instruction in Gemfile HOT 1
- Dependency on Bundler not stated
- Use Bundler::LockfileParser
- Unexpected results for sunspot/sunspot HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gemnasium-parser.