carat 1.9.9.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +16 -0
- data/.rspec +3 -0
- data/.travis.yml +24 -0
- data/CHANGELOG.md +2006 -0
- data/CODE_OF_CONDUCT.md +40 -0
- data/CONTRIBUTING.md +23 -0
- data/DEVELOPMENT.md +119 -0
- data/ISSUES.md +96 -0
- data/LICENSE.md +23 -0
- data/README.md +32 -0
- data/Rakefile +308 -0
- data/bin/carat +21 -0
- data/bin/carat_ruby +56 -0
- data/carat.gemspec +32 -0
- data/lib/carat.rb +446 -0
- data/lib/carat/anonymizable_uri.rb +32 -0
- data/lib/carat/capistrano.rb +16 -0
- data/lib/carat/cli.rb +407 -0
- data/lib/carat/cli/binstubs.rb +38 -0
- data/lib/carat/cli/cache.rb +35 -0
- data/lib/carat/cli/check.rb +35 -0
- data/lib/carat/cli/clean.rb +26 -0
- data/lib/carat/cli/common.rb +56 -0
- data/lib/carat/cli/config.rb +84 -0
- data/lib/carat/cli/console.rb +38 -0
- data/lib/carat/cli/exec.rb +44 -0
- data/lib/carat/cli/gem.rb +195 -0
- data/lib/carat/cli/init.rb +33 -0
- data/lib/carat/cli/inject.rb +33 -0
- data/lib/carat/cli/install.rb +156 -0
- data/lib/carat/cli/open.rb +23 -0
- data/lib/carat/cli/outdated.rb +80 -0
- data/lib/carat/cli/package.rb +45 -0
- data/lib/carat/cli/platform.rb +43 -0
- data/lib/carat/cli/show.rb +74 -0
- data/lib/carat/cli/update.rb +73 -0
- data/lib/carat/cli/viz.rb +27 -0
- data/lib/carat/constants.rb +5 -0
- data/lib/carat/current_ruby.rb +183 -0
- data/lib/carat/definition.rb +628 -0
- data/lib/carat/dep_proxy.rb +43 -0
- data/lib/carat/dependency.rb +110 -0
- data/lib/carat/deployment.rb +59 -0
- data/lib/carat/deprecate.rb +15 -0
- data/lib/carat/dsl.rb +331 -0
- data/lib/carat/endpoint_specification.rb +76 -0
- data/lib/carat/env.rb +75 -0
- data/lib/carat/environment.rb +42 -0
- data/lib/carat/fetcher.rb +423 -0
- data/lib/carat/friendly_errors.rb +85 -0
- data/lib/carat/gem_helper.rb +180 -0
- data/lib/carat/gem_helpers.rb +26 -0
- data/lib/carat/gem_installer.rb +9 -0
- data/lib/carat/gem_path_manipulation.rb +8 -0
- data/lib/carat/gem_tasks.rb +2 -0
- data/lib/carat/graph.rb +169 -0
- data/lib/carat/index.rb +197 -0
- data/lib/carat/injector.rb +64 -0
- data/lib/carat/installer.rb +339 -0
- data/lib/carat/lazy_specification.rb +83 -0
- data/lib/carat/lockfile_parser.rb +167 -0
- data/lib/carat/match_platform.rb +13 -0
- data/lib/carat/psyched_yaml.rb +26 -0
- data/lib/carat/remote_specification.rb +57 -0
- data/lib/carat/resolver.rb +334 -0
- data/lib/carat/retry.rb +60 -0
- data/lib/carat/ruby_dsl.rb +11 -0
- data/lib/carat/ruby_version.rb +117 -0
- data/lib/carat/rubygems_ext.rb +170 -0
- data/lib/carat/rubygems_integration.rb +619 -0
- data/lib/carat/runtime.rb +289 -0
- data/lib/carat/settings.rb +208 -0
- data/lib/carat/setup.rb +24 -0
- data/lib/carat/shared_helpers.rb +149 -0
- data/lib/carat/similarity_detector.rb +63 -0
- data/lib/carat/source.rb +46 -0
- data/lib/carat/source/git.rb +294 -0
- data/lib/carat/source/git/git_proxy.rb +162 -0
- data/lib/carat/source/path.rb +226 -0
- data/lib/carat/source/path/installer.rb +43 -0
- data/lib/carat/source/rubygems.rb +381 -0
- data/lib/carat/source_list.rb +101 -0
- data/lib/carat/spec_set.rb +154 -0
- data/lib/carat/ssl_certs/.document +1 -0
- data/lib/carat/ssl_certs/AddTrustExternalCARoot-2048.pem +25 -0
- data/lib/carat/ssl_certs/AddTrustExternalCARoot.pem +32 -0
- data/lib/carat/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem +14 -0
- data/lib/carat/ssl_certs/DigiCertHighAssuranceEVRootCA.pem +23 -0
- data/lib/carat/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem +28 -0
- data/lib/carat/ssl_certs/GeoTrustGlobalCA.pem +20 -0
- data/lib/carat/ssl_certs/certificate_manager.rb +66 -0
- data/lib/carat/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem +21 -0
- data/lib/carat/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem +23 -0
- data/lib/carat/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem +25 -0
- data/lib/carat/templates/Executable +16 -0
- data/lib/carat/templates/Executable.standalone +12 -0
- data/lib/carat/templates/Gemfile +4 -0
- data/lib/carat/templates/newgem/.travis.yml.tt +3 -0
- data/lib/carat/templates/newgem/CODE_OF_CONDUCT.md.tt +13 -0
- data/lib/carat/templates/newgem/Gemfile.tt +4 -0
- data/lib/carat/templates/newgem/LICENSE.txt.tt +21 -0
- data/lib/carat/templates/newgem/README.md.tt +39 -0
- data/lib/carat/templates/newgem/Rakefile.tt +25 -0
- data/lib/carat/templates/newgem/bin/console.tt +14 -0
- data/lib/carat/templates/newgem/bin/setup.tt +7 -0
- data/lib/carat/templates/newgem/exe/newgem.tt +3 -0
- data/lib/carat/templates/newgem/ext/newgem/extconf.rb.tt +3 -0
- data/lib/carat/templates/newgem/ext/newgem/newgem.c.tt +9 -0
- data/lib/carat/templates/newgem/ext/newgem/newgem.h.tt +6 -0
- data/lib/carat/templates/newgem/gitignore.tt +16 -0
- data/lib/carat/templates/newgem/lib/newgem.rb.tt +12 -0
- data/lib/carat/templates/newgem/lib/newgem/version.rb.tt +7 -0
- data/lib/carat/templates/newgem/newgem.gemspec.tt +43 -0
- data/lib/carat/templates/newgem/rspec.tt +2 -0
- data/lib/carat/templates/newgem/spec/newgem_spec.rb.tt +11 -0
- data/lib/carat/templates/newgem/spec/spec_helper.rb.tt +2 -0
- data/lib/carat/templates/newgem/test/minitest_helper.rb.tt +4 -0
- data/lib/carat/templates/newgem/test/test_newgem.rb.tt +11 -0
- data/lib/carat/ui.rb +7 -0
- data/lib/carat/ui/rg_proxy.rb +21 -0
- data/lib/carat/ui/shell.rb +103 -0
- data/lib/carat/ui/silent.rb +44 -0
- data/lib/carat/vendor/molinillo/lib/molinillo.rb +5 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/dependency_graph.rb +266 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/errors.rb +69 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/gem_metadata.rb +3 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/modules/specification_provider.rb +90 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/modules/ui.rb +63 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/resolution.rb +415 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/resolver.rb +43 -0
- data/lib/carat/vendor/molinillo/lib/molinillo/state.rb +43 -0
- data/lib/carat/vendor/net/http/faster.rb +26 -0
- data/lib/carat/vendor/net/http/persistent.rb +1230 -0
- data/lib/carat/vendor/net/http/persistent/ssl_reuse.rb +128 -0
- data/lib/carat/vendor/thor/lib/thor.rb +484 -0
- data/lib/carat/vendor/thor/lib/thor/actions.rb +319 -0
- data/lib/carat/vendor/thor/lib/thor/actions/create_file.rb +103 -0
- data/lib/carat/vendor/thor/lib/thor/actions/create_link.rb +59 -0
- data/lib/carat/vendor/thor/lib/thor/actions/directory.rb +118 -0
- data/lib/carat/vendor/thor/lib/thor/actions/empty_directory.rb +135 -0
- data/lib/carat/vendor/thor/lib/thor/actions/file_manipulation.rb +316 -0
- data/lib/carat/vendor/thor/lib/thor/actions/inject_into_file.rb +107 -0
- data/lib/carat/vendor/thor/lib/thor/base.rb +656 -0
- data/lib/carat/vendor/thor/lib/thor/command.rb +133 -0
- data/lib/carat/vendor/thor/lib/thor/core_ext/hash_with_indifferent_access.rb +77 -0
- data/lib/carat/vendor/thor/lib/thor/core_ext/io_binary_read.rb +10 -0
- data/lib/carat/vendor/thor/lib/thor/core_ext/ordered_hash.rb +98 -0
- data/lib/carat/vendor/thor/lib/thor/error.rb +32 -0
- data/lib/carat/vendor/thor/lib/thor/group.rb +281 -0
- data/lib/carat/vendor/thor/lib/thor/invocation.rb +178 -0
- data/lib/carat/vendor/thor/lib/thor/line_editor.rb +17 -0
- data/lib/carat/vendor/thor/lib/thor/line_editor/basic.rb +35 -0
- data/lib/carat/vendor/thor/lib/thor/line_editor/readline.rb +88 -0
- data/lib/carat/vendor/thor/lib/thor/parser.rb +4 -0
- data/lib/carat/vendor/thor/lib/thor/parser/argument.rb +73 -0
- data/lib/carat/vendor/thor/lib/thor/parser/arguments.rb +175 -0
- data/lib/carat/vendor/thor/lib/thor/parser/option.rb +125 -0
- data/lib/carat/vendor/thor/lib/thor/parser/options.rb +218 -0
- data/lib/carat/vendor/thor/lib/thor/rake_compat.rb +71 -0
- data/lib/carat/vendor/thor/lib/thor/runner.rb +322 -0
- data/lib/carat/vendor/thor/lib/thor/shell.rb +81 -0
- data/lib/carat/vendor/thor/lib/thor/shell/basic.rb +421 -0
- data/lib/carat/vendor/thor/lib/thor/shell/color.rb +149 -0
- data/lib/carat/vendor/thor/lib/thor/shell/html.rb +126 -0
- data/lib/carat/vendor/thor/lib/thor/util.rb +267 -0
- data/lib/carat/vendor/thor/lib/thor/version.rb +3 -0
- data/lib/carat/vendored_fileutils.rb +9 -0
- data/lib/carat/vendored_molinillo.rb +2 -0
- data/lib/carat/vendored_persistent.rb +11 -0
- data/lib/carat/vendored_thor.rb +3 -0
- data/lib/carat/version.rb +6 -0
- data/lib/carat/vlad.rb +11 -0
- data/lib/carat/worker.rb +73 -0
- data/man/carat-config.ronn +178 -0
- data/man/carat-exec.ronn +136 -0
- data/man/carat-install.ronn +383 -0
- data/man/carat-package.ronn +66 -0
- data/man/carat-platform.ronn +42 -0
- data/man/carat-update.ronn +188 -0
- data/man/carat.ronn +98 -0
- data/man/gemfile.5.ronn +473 -0
- data/man/index.txt +7 -0
- metadata +321 -0
@@ -0,0 +1,11 @@
|
|
1
|
+
# We forcibly require OpenSSL, because net/http/persistent will only autoload
|
2
|
+
# it. On some Rubies, autoload fails but explicit require succeeds.
|
3
|
+
begin
|
4
|
+
require 'openssl'
|
5
|
+
rescue LoadError
|
6
|
+
# some Ruby builds don't have OpenSSL
|
7
|
+
end
|
8
|
+
|
9
|
+
vendor = File.expand_path('../vendor', __FILE__)
|
10
|
+
$:.unshift(vendor) unless $:.include?(vendor)
|
11
|
+
require 'net/http/persistent'
|
data/lib/carat/vlad.rb
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
# Vlad task for Carat.
|
2
|
+
#
|
3
|
+
# Just add "require 'carat/vlad'" in your Vlad deploy.rb, and
|
4
|
+
# include the vlad:carat:install task in your vlad:deploy task.
|
5
|
+
require 'carat/deployment'
|
6
|
+
|
7
|
+
include Rake::DSL if defined? Rake::DSL
|
8
|
+
|
9
|
+
namespace :vlad do
|
10
|
+
Carat::Deployment.define_task(Rake::RemoteTask, :remote_task, :roles => :app)
|
11
|
+
end
|
data/lib/carat/worker.rb
ADDED
@@ -0,0 +1,73 @@
|
|
1
|
+
require 'thread'
|
2
|
+
|
3
|
+
module Carat
|
4
|
+
class Worker
|
5
|
+
POISON = Object.new
|
6
|
+
|
7
|
+
class WrappedException < StandardError
|
8
|
+
attr_reader :exception
|
9
|
+
def initialize(exn)
|
10
|
+
@exception = exn
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
# Creates a worker pool of specified size
|
15
|
+
#
|
16
|
+
# @param size [Integer] Size of pool
|
17
|
+
# @param func [Proc] job to run in inside the worker pool
|
18
|
+
def initialize(size, func)
|
19
|
+
@request_queue = Queue.new
|
20
|
+
@response_queue = Queue.new
|
21
|
+
@func = func
|
22
|
+
@threads = size.times.map { |i| Thread.start { process_queue(i) } }
|
23
|
+
trap("INT") { abort_threads }
|
24
|
+
end
|
25
|
+
|
26
|
+
# Enqueue a request to be executed in the worker pool
|
27
|
+
#
|
28
|
+
# @param obj [String] mostly it is name of spec that should be downloaded
|
29
|
+
def enq(obj)
|
30
|
+
@request_queue.enq obj
|
31
|
+
end
|
32
|
+
|
33
|
+
# Retrieves results of job function being executed in worker pool
|
34
|
+
def deq
|
35
|
+
result = @response_queue.deq
|
36
|
+
raise result.exception if result.is_a?(WrappedException)
|
37
|
+
result
|
38
|
+
end
|
39
|
+
|
40
|
+
def stop
|
41
|
+
stop_threads
|
42
|
+
end
|
43
|
+
|
44
|
+
private
|
45
|
+
|
46
|
+
def process_queue(i)
|
47
|
+
loop do
|
48
|
+
obj = @request_queue.deq
|
49
|
+
break if obj.equal? POISON
|
50
|
+
@response_queue.enq apply_func(obj, i)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def apply_func(obj, i)
|
55
|
+
@func.call(obj, i)
|
56
|
+
rescue Exception => e
|
57
|
+
WrappedException.new(e)
|
58
|
+
end
|
59
|
+
|
60
|
+
# Stop the worker threads by sending a poison object down the request queue
|
61
|
+
# so as worker threads after retrieving it, shut themselves down
|
62
|
+
def stop_threads
|
63
|
+
@threads.each { @request_queue.enq POISON }
|
64
|
+
@threads.each { |thread| thread.join }
|
65
|
+
end
|
66
|
+
|
67
|
+
def abort_threads
|
68
|
+
@threads.each {|i| i.exit }
|
69
|
+
exit 1
|
70
|
+
end
|
71
|
+
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,178 @@
|
|
1
|
+
carat-config(1) -- Set carat configuration options
|
2
|
+
=====================================================
|
3
|
+
|
4
|
+
## SYNOPSIS
|
5
|
+
|
6
|
+
`carat config` [<name> [<value>]]
|
7
|
+
|
8
|
+
## DESCRIPTION
|
9
|
+
|
10
|
+
This command allows you to interact with carat's configuration system.
|
11
|
+
Carat retrieves its configuration from the local application (`app/.carat/config`),
|
12
|
+
environment variables, and the user's home directory (`~/.carat/config`),
|
13
|
+
in that order of priority.
|
14
|
+
|
15
|
+
Executing `carat config` with no parameters will print a list of all
|
16
|
+
carat configuration for the current carat, and where that configuration
|
17
|
+
was set.
|
18
|
+
|
19
|
+
Executing `carat config <name>` will print the value of that configuration
|
20
|
+
setting, and where it was set.
|
21
|
+
|
22
|
+
Executing `carat config <name> <value>` will set that configuration to the
|
23
|
+
value specified for all carats executed as the current user. The configuration
|
24
|
+
will be stored in `~/.carat/config`. If <name> already is set, <name> will be
|
25
|
+
overridden and user will be warned.
|
26
|
+
|
27
|
+
Executing `carat config --global <name> <value>` works the same as above.
|
28
|
+
|
29
|
+
Executing `carat config --local <name> <value>` will set that configuration to
|
30
|
+
the local application. The configuration will be stored in `app/.carat/config`.
|
31
|
+
|
32
|
+
Executing `carat config --delete <name>` will delete the configuration in both
|
33
|
+
local and global sources. Not compatible with --global or --local flag.
|
34
|
+
|
35
|
+
Executing carat with the `BUNDLE_IGNORE_CONFIG` environment variable set will
|
36
|
+
cause it to ignore all configuration.
|
37
|
+
|
38
|
+
## BUILD OPTIONS
|
39
|
+
|
40
|
+
You can use `carat config` to give carat the flags to pass to the gem
|
41
|
+
installer every time carat tries to install a particular gem.
|
42
|
+
|
43
|
+
A very common example, the `mysql` gem, requires Snow Leopard users to
|
44
|
+
pass configuration flags to `gem install` to specify where to find the
|
45
|
+
`mysql_config` executable.
|
46
|
+
|
47
|
+
gem install mysql -- --with-mysql-config=/usr/local/mysql/bin/mysql_config
|
48
|
+
|
49
|
+
Since the specific location of that executable can change from machine
|
50
|
+
to machine, you can specify these flags on a per-machine basis.
|
51
|
+
|
52
|
+
carat config build.mysql --with-mysql-config=/usr/local/mysql/bin/mysql_config
|
53
|
+
|
54
|
+
After running this command, every time carat needs to install the
|
55
|
+
`mysql` gem, it will pass along the flags you specified.
|
56
|
+
|
57
|
+
## CONFIGURATION KEYS
|
58
|
+
|
59
|
+
Configuration keys in carat have two forms: the canonical form and the
|
60
|
+
environment variable form.
|
61
|
+
|
62
|
+
For instance, passing the `--without` flag to [carat install(1)][carat-install]
|
63
|
+
prevents Carat from installing certain groups specified in the Gemfile(5). Carat
|
64
|
+
persists this value in `app/.carat/config` so that calls to `Carat.setup`
|
65
|
+
do not try to find gems from the `Gemfile` that you didn't install. Additionally,
|
66
|
+
subsequent calls to [carat install(1)][carat-install] remember this setting and skip those
|
67
|
+
groups.
|
68
|
+
|
69
|
+
The canonical form of this configuration is `"without"`. To convert the canonical
|
70
|
+
form to the environment variable form, capitalize it, and prepend `BUNDLE_`. The
|
71
|
+
environment variable form of `"without"` is `BUNDLE_WITHOUT`.
|
72
|
+
|
73
|
+
Any periods in the configuration keys must be replaced with two underscores when
|
74
|
+
setting it via environment variables. The configuration key `local.rack` becomes
|
75
|
+
the environment variable `BUNDLE_LOCAL__RACK`.
|
76
|
+
|
77
|
+
## LIST OF AVAILABLE KEYS
|
78
|
+
|
79
|
+
The following is a list of all configuration keys and their purpose. You can
|
80
|
+
learn more about their operation in [carat install(1)][carat-install].
|
81
|
+
|
82
|
+
* `path` (`BUNDLE_PATH`):
|
83
|
+
The location on disk to install gems. Defaults to `$GEM_HOME` in development
|
84
|
+
and `vendor/carat` when `--deployment` is used
|
85
|
+
* `frozen` (`BUNDLE_FROZEN`):
|
86
|
+
Disallow changes to the `Gemfile`. Defaults to `true` when `--deployment`
|
87
|
+
is used.
|
88
|
+
* `without` (`BUNDLE_WITHOUT`):
|
89
|
+
A `:`-separated list of groups whose gems carat should not install
|
90
|
+
* `bin` (`BUNDLE_BIN`):
|
91
|
+
Install executables from gems in the carat to the specified directory.
|
92
|
+
Defaults to `false`.
|
93
|
+
* `gemfile` (`BUNDLE_GEMFILE`):
|
94
|
+
The name of the file that carat should use as the `Gemfile`. This location
|
95
|
+
of this file also sets the root of the project, which is used to resolve
|
96
|
+
relative paths in the `Gemfile`, among other things. By default, carat
|
97
|
+
will search up from the current working directory until it finds a
|
98
|
+
`Gemfile`.
|
99
|
+
* `ssl_ca_cert` (`BUNDLE_SSL_CA_CERT`):
|
100
|
+
Path to a designated CA certificate file or folder containing multiple
|
101
|
+
certificates for trusted CAs in PEM format.
|
102
|
+
* `ssl_client_cert` (`BUNDLE_SSL_CLIENT_CERT`):
|
103
|
+
Path to a designated file containing a X.509 client certificate
|
104
|
+
and key in PEM format.
|
105
|
+
* `cache_path` (`BUNDLE_CACHE_PATH`): The directory that carat will place
|
106
|
+
cached gems in when running <code>carat package</code>, and that carat
|
107
|
+
will look in when installing gems.
|
108
|
+
* `disable_multisource` (`BUNDLE_DISABLE_MULTISOURCE`): When set, Gemfiles
|
109
|
+
containing multiple sources will produce errors instead of warnings. Use
|
110
|
+
`carat config --delete disable_multisource` to unset.
|
111
|
+
|
112
|
+
In general, you should set these settings per-application by using the applicable
|
113
|
+
flag to the [carat install(1)][carat-install] or [carat package(1)][carat-package] command.
|
114
|
+
|
115
|
+
You can set them globally either via environment variables or `carat config`,
|
116
|
+
whichever is preferable for your setup. If you use both, environment variables
|
117
|
+
will take preference over global settings.
|
118
|
+
|
119
|
+
## LOCAL GIT REPOS
|
120
|
+
|
121
|
+
Carat also allows you to work against a git repository locally
|
122
|
+
instead of using the remote version. This can be achieved by setting
|
123
|
+
up a local override:
|
124
|
+
|
125
|
+
carat config local.GEM_NAME /path/to/local/git/repository
|
126
|
+
|
127
|
+
For example, in order to use a local Rack repository, a developer could call:
|
128
|
+
|
129
|
+
carat config local.rack ~/Work/git/rack
|
130
|
+
|
131
|
+
Now instead of checking out the remote git repository, the local
|
132
|
+
override will be used. Similar to a path source, every time the local
|
133
|
+
git repository change, changes will be automatically picked up by
|
134
|
+
Carat. This means a commit in the local git repo will update the
|
135
|
+
revision in the `Gemfile.lock` to the local git repo revision. This
|
136
|
+
requires the same attention as git submodules. Before pushing to
|
137
|
+
the remote, you need to ensure the local override was pushed, otherwise
|
138
|
+
you may point to a commit that only exists in your local machine.
|
139
|
+
|
140
|
+
Carat does many checks to ensure a developer won't work with
|
141
|
+
invalid references. Particularly, we force a developer to specify
|
142
|
+
a branch in the `Gemfile` in order to use this feature. If the branch
|
143
|
+
specified in the `Gemfile` and the current branch in the local git
|
144
|
+
repository do not match, Carat will abort. This ensures that
|
145
|
+
a developer is always working against the correct branches, and prevents
|
146
|
+
accidental locking to a different branch.
|
147
|
+
|
148
|
+
Finally, Carat also ensures that the current revision in the
|
149
|
+
`Gemfile.lock` exists in the local git repository. By doing this, Carat
|
150
|
+
forces you to fetch the latest changes in the remotes.
|
151
|
+
|
152
|
+
## MIRRORS OF GEM SOURCES
|
153
|
+
|
154
|
+
Carat supports overriding gem sources with mirrors. This allows you to
|
155
|
+
configure rubygems.org as the gem source in your Gemfile while still using your
|
156
|
+
mirror to fetch gems.
|
157
|
+
|
158
|
+
carat config mirror.SOURCE_URL MIRROR_URL
|
159
|
+
|
160
|
+
For example, to use a mirror of rubygems.org hosted at
|
161
|
+
|
162
|
+
carat config mirror.http://rubygems.org http://rubygems-mirror.org
|
163
|
+
|
164
|
+
## CREDENTIALS FOR GEM SOURCES
|
165
|
+
|
166
|
+
Carat allows you to configure credentials for any gem source, which allows
|
167
|
+
you to avoid putting secrets into your Gemfile.
|
168
|
+
|
169
|
+
carat config SOURCE_HOSTNAME USERNAME:PASSWORD
|
170
|
+
|
171
|
+
For example, to save the credentials of user `claudette` for the gem source at
|
172
|
+
`gems.longerous.com`, you would run:
|
173
|
+
|
174
|
+
carat config gems.longerous.com claudette:s00pers3krit
|
175
|
+
|
176
|
+
Or you can set the credentials as an environment variable like this:
|
177
|
+
|
178
|
+
export BUNDLE_GEMS__LONGEROUS__COM="claudette:s00pers3krit"
|
data/man/carat-exec.ronn
ADDED
@@ -0,0 +1,136 @@
|
|
1
|
+
carat-exec(1) -- Execute a command in the context of the bundle
|
2
|
+
================================================================
|
3
|
+
|
4
|
+
## SYNOPSIS
|
5
|
+
|
6
|
+
`carat exec` [--keep-file-descriptors] <command>
|
7
|
+
|
8
|
+
## DESCRIPTION
|
9
|
+
|
10
|
+
This command executes the command, making all gems specified in the
|
11
|
+
`Gemfile(5)` available to `require` in Ruby programs.
|
12
|
+
|
13
|
+
Essentially, if you would normally have run something like
|
14
|
+
`rspec spec/my_spec.rb`, and you want to use the gems specified
|
15
|
+
in the `Gemfile(5)` and installed via [carat install(1)][carat-install], you
|
16
|
+
should run `carat exec rspec spec/my_spec.rb`.
|
17
|
+
|
18
|
+
Note that `carat exec` does not require that an executable is
|
19
|
+
available on your shell's `$PATH`.
|
20
|
+
|
21
|
+
## OPTIONS
|
22
|
+
|
23
|
+
* `--keep-file-descriptors`:
|
24
|
+
Exec in Ruby 2.0 began discarding non-standard file descriptors. When this
|
25
|
+
flag is passed, exec will revert to the 1.9 behaviour of passing all file
|
26
|
+
descriptors to the new process.
|
27
|
+
|
28
|
+
## BUNDLE INSTALL --BINSTUBS
|
29
|
+
|
30
|
+
If you use the `--binstubs` flag in [carat install(1)][carat-install], Carat will
|
31
|
+
automatically create a directory (which defaults to `app_root/bin`)
|
32
|
+
containing all of the executables available from gems in the carat.
|
33
|
+
|
34
|
+
After using `--binstubs`, `bin/rspec spec/my_spec.rb` is identical
|
35
|
+
to `carat exec rspec spec/my_spec.rb`.
|
36
|
+
|
37
|
+
## ENVIRONMENT MODIFICATIONS
|
38
|
+
|
39
|
+
`carat exec` makes a number of changes to the shell environment,
|
40
|
+
then executes the command you specify in full.
|
41
|
+
|
42
|
+
* make sure that it's still possible to shell out to `carat`
|
43
|
+
from inside a command invoked by `carat exec` (using
|
44
|
+
`$BUNDLE_BIN_PATH`)
|
45
|
+
* put the directory containing executables (like `rails`, `rspec`,
|
46
|
+
`rackup`) for your bundle on `$PATH`
|
47
|
+
* make sure that if carat is invoked in the subshell, it uses
|
48
|
+
the same `Gemfile` (by setting `BUNDLE_GEMFILE`)
|
49
|
+
* add `-rcarat/setup` to `$RUBYOPT`, which makes sure that
|
50
|
+
Ruby programs invoked in the subshell can see the gems in
|
51
|
+
the bundle
|
52
|
+
|
53
|
+
It also modifies Rubygems:
|
54
|
+
|
55
|
+
* disallow loading additional gems not in the bundle
|
56
|
+
* modify the `gem` method to be a no-op if a gem matching
|
57
|
+
the requirements is in the bundle, and to raise a
|
58
|
+
`Gem::LoadError` if it's not
|
59
|
+
* Define `Gem.refresh` to be a no-op, since the source
|
60
|
+
index is always frozen when using carat, and to
|
61
|
+
prevent gems from the system leaking into the environment
|
62
|
+
* Override `Gem.bin_path` to use the gems in the bundle,
|
63
|
+
making system executables work
|
64
|
+
* Add all gems in the bundle into Gem.loaded_specs
|
65
|
+
|
66
|
+
### Shelling out
|
67
|
+
|
68
|
+
Any Ruby code that opens a subshell (like `system`, backticks, or `%x{}`) will
|
69
|
+
automatically use the current Carat environment. If you need to shell out to
|
70
|
+
a Ruby command that is not part of your current bundle, use the
|
71
|
+
`with_clean_env` method with a block. Any subshells created inside the block
|
72
|
+
will be given the environment present before Carat was activated. For
|
73
|
+
example, Homebrew commands run Ruby, but don't work inside a bundle:
|
74
|
+
|
75
|
+
Carat.with_clean_env do
|
76
|
+
`brew install wget`
|
77
|
+
end
|
78
|
+
|
79
|
+
Using `with_clean_env` is also necessary if you are shelling out to a different
|
80
|
+
bundle. Any Carat commands run in a subshell will inherit the current
|
81
|
+
Gemfile, so commands that need to run in the context of a different bundle also
|
82
|
+
need to use `with_clean_env`.
|
83
|
+
|
84
|
+
Carat.with_clean_env do
|
85
|
+
Dir.chdir "/other/carat/project" do
|
86
|
+
`carat exec ./script`
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
Carat provides convenience helpers that wrap `system` and `exec`, and they
|
91
|
+
can be used like this:
|
92
|
+
|
93
|
+
Carat.clean_system('brew install wget')
|
94
|
+
Carat.clean_exec('brew install wget')
|
95
|
+
|
96
|
+
|
97
|
+
## RUBYGEMS PLUGINS
|
98
|
+
|
99
|
+
At present, the Rubygems plugin system requires all files
|
100
|
+
named `rubygems_plugin.rb` on the load path of _any_ installed
|
101
|
+
gem when any Ruby code requires `rubygems.rb`. This includes
|
102
|
+
executables installed into the system, like `rails`, `rackup`,
|
103
|
+
and `rspec`.
|
104
|
+
|
105
|
+
Since Rubygems plugins can contain arbitrary Ruby code, they
|
106
|
+
commonly end up activating themselves or their dependencies.
|
107
|
+
|
108
|
+
For instance, the `gemcutter 0.5` gem depended on `json_pure`.
|
109
|
+
If you had that version of gemcutter installed (even if
|
110
|
+
you _also_ had a newer version without this problem), Rubygems
|
111
|
+
would activate `gemcutter 0.5` and `json_pure <latest>`.
|
112
|
+
|
113
|
+
If your Gemfile(5) also contained `json_pure` (or a gem
|
114
|
+
with a dependency on `json_pure`), the latest version on
|
115
|
+
your system might conflict with the version in your
|
116
|
+
Gemfile(5), or the snapshot version in your `Gemfile.lock`.
|
117
|
+
|
118
|
+
If this happens, carat will say:
|
119
|
+
|
120
|
+
You have already activated json_pure 1.4.6 but your Gemfile
|
121
|
+
requires json_pure 1.4.3. Consider using carat exec.
|
122
|
+
|
123
|
+
In this situation, you almost certainly want to remove the
|
124
|
+
underlying gem with the problematic gem plugin. In general,
|
125
|
+
the authors of these plugins (in this case, the `gemcutter`
|
126
|
+
gem) have released newer versions that are more careful in
|
127
|
+
their plugins.
|
128
|
+
|
129
|
+
You can find a list of all the gems containing gem plugins
|
130
|
+
by running
|
131
|
+
|
132
|
+
ruby -rubygems -e "puts Gem.find_files('rubygems_plugin.rb')"
|
133
|
+
|
134
|
+
At the very least, you should remove all but the newest
|
135
|
+
version of each gem plugin, and also remove all gem plugins
|
136
|
+
that you aren't using (`gem uninstall gem_name`).
|
@@ -0,0 +1,383 @@
|
|
1
|
+
carat-install(1) -- Install the dependencies specified in your Gemfile
|
2
|
+
=======================================================================
|
3
|
+
|
4
|
+
## SYNOPSIS
|
5
|
+
|
6
|
+
`carat install` [--binstubs[=DIRECTORY]]
|
7
|
+
[--clean]
|
8
|
+
[--full-index]
|
9
|
+
[--gemfile=GEMFILE]
|
10
|
+
[--jobs=NUMBER]
|
11
|
+
[--local]
|
12
|
+
[--deployment]
|
13
|
+
[--no-cache]
|
14
|
+
[--no-prune]
|
15
|
+
[--path PATH]
|
16
|
+
[--system]
|
17
|
+
[--quiet]
|
18
|
+
[--retry=NUMBER]
|
19
|
+
[--shebang]
|
20
|
+
[--standalone[=GROUP[ GROUP...]]]
|
21
|
+
[--trust-policy=POLICY]
|
22
|
+
[--without=GROUP[ GROUP...]]
|
23
|
+
|
24
|
+
## DESCRIPTION
|
25
|
+
|
26
|
+
Install the gems specified in your Gemfile(5). If this is the first
|
27
|
+
time you run carat install (and a `Gemfile.lock` does not exist),
|
28
|
+
Carat will fetch all remote sources, resolve dependencies and
|
29
|
+
install all needed gems.
|
30
|
+
|
31
|
+
If a `Gemfile.lock` does exist, and you have not updated your Gemfile(5),
|
32
|
+
Carat will fetch all remote sources, but use the dependencies
|
33
|
+
specified in the `Gemfile.lock` instead of resolving dependencies.
|
34
|
+
|
35
|
+
If a `Gemfile.lock` does exist, and you have updated your Gemfile(5),
|
36
|
+
Carat will use the dependencies in the `Gemfile.lock` for all gems
|
37
|
+
that you did not update, but will re-resolve the dependencies of
|
38
|
+
gems that you did update. You can find more information about this
|
39
|
+
update process below under [CONSERVATIVE UPDATING][].
|
40
|
+
|
41
|
+
## OPTIONS
|
42
|
+
|
43
|
+
* `--binstubs[=<directory>]`:
|
44
|
+
Creates a directory (defaults to `~/bin`) and place any executables from the
|
45
|
+
gem there. These executables run in Carat's context. If used, you might add
|
46
|
+
this directory to your environment's `PATH` variable. For instance, if the
|
47
|
+
`rails` gem comes with a `rails` executable, this flag will create a
|
48
|
+
`bin/rails` executable that ensures that all referred dependencies will be
|
49
|
+
resolved using the caratd gems.
|
50
|
+
|
51
|
+
* `--clean`:
|
52
|
+
On finishing the installation Carat is going to remove any gems not present
|
53
|
+
in the current Gemfile(5). Don't worry, gems currently in use will not be
|
54
|
+
removed.
|
55
|
+
|
56
|
+
* `--full-index`:
|
57
|
+
Carat will not call Rubygems' API endpoint (default) but download and cache
|
58
|
+
a (currently big) index file of all gems. Performance can be improved for
|
59
|
+
large carats that seldomly change by enabling this option.
|
60
|
+
|
61
|
+
* `--gemfile=<gemfile>`:
|
62
|
+
The location of the Gemfile(5) which Carat should use. This defaults
|
63
|
+
to a Gemfile(5) in the current working directory. In general, Carat
|
64
|
+
will assume that the location of the Gemfile(5) is also the project's
|
65
|
+
root and will try to find `Gemfile.lock` and `vendor/cache` relative
|
66
|
+
to this location.
|
67
|
+
|
68
|
+
* `--jobs=[<number>]`:
|
69
|
+
Install gems by starting <number> of workers parallely.
|
70
|
+
|
71
|
+
* `--local`:
|
72
|
+
Do not attempt to connect to `rubygems.org`. Instead, Carat will use the
|
73
|
+
gems already present in Rubygems' cache or in `vendor/cache`. Note that if a
|
74
|
+
appropriate platform-specific gem exists on `rubygems.org` it will not be
|
75
|
+
found.
|
76
|
+
|
77
|
+
* `--deployment`:
|
78
|
+
In [deployment mode][DEPLOYMENT MODE], Carat will 'roll-out' the carat for
|
79
|
+
`production` use. Please check carefully if you want to have this option
|
80
|
+
enabled in `development` or `test` environments.
|
81
|
+
|
82
|
+
* `--system`:
|
83
|
+
Installs the gems specified in the carat to the system's Rubygems location.
|
84
|
+
This overrides any previous [remembered][REMEMBERED OPTIONS] use of `--path`.
|
85
|
+
|
86
|
+
* `--no-cache`:
|
87
|
+
Do not update the cache in `vendor/cache` with the newly caratd gems. This
|
88
|
+
does not remove any gems in the cache but keeps the newly caratd gems from
|
89
|
+
being cached during the install.
|
90
|
+
|
91
|
+
* `--no-prune`:
|
92
|
+
Don't remove stale gems from the cache when the installation finishes.
|
93
|
+
|
94
|
+
* `--path=<path>`:
|
95
|
+
The location to install the specified gems to. This defaults to Rubygems'
|
96
|
+
setting. Carat shares this location with Rubygems, `gem install ...` will
|
97
|
+
have gem installed there, too. Therefore, gems installed without a
|
98
|
+
`--path ...` setting will show up by calling `gem list`. Accodingly, gems
|
99
|
+
installed to other locations will not get listed. This setting is a
|
100
|
+
[remembered option][REMEMBERED OPTIONS].
|
101
|
+
|
102
|
+
* `--quiet`:
|
103
|
+
Do not print progress information to the standard output. Instead, Carat
|
104
|
+
will exit using a status code (`$?`).
|
105
|
+
|
106
|
+
* `--retry=[<number>]`:
|
107
|
+
Retry failed network or git requests for <number> times.
|
108
|
+
|
109
|
+
* `--shebang=<ruby-executable>`:
|
110
|
+
Uses the specified ruby executable (usually `ruby`) to execute the scripts
|
111
|
+
created with `--binstubs`. In addition, if you use `--binstubs` together with
|
112
|
+
`--shebang jruby` these executables will be changed to execute `jruby`
|
113
|
+
instead.
|
114
|
+
|
115
|
+
* `--standalone[=<list>]`:
|
116
|
+
Makes a carat that can work without depending on Rubygems or Carat at
|
117
|
+
runtime. A space separated list of groups to install has to be specified.
|
118
|
+
Carat creates a directory named `carat` and installs the carat there. It
|
119
|
+
also generates a `carat/carat/setup.rb` file to replace Carat's own setup
|
120
|
+
in the manner required.
|
121
|
+
|
122
|
+
* `--trust-policy=[<policy>]`:
|
123
|
+
Apply the Rubygems security policy <policy>, where policy is one of
|
124
|
+
`HighSecurity`, `MediumSecurity`, `LowSecurity`, `AlmostNoSecurity`, or
|
125
|
+
`NoSecurity`. For more details, please see the Rubygems signing documentation
|
126
|
+
linked below in [SEE ALSO][].
|
127
|
+
|
128
|
+
* `--without=<list>`:
|
129
|
+
A space-separated list of groups referencing gems to skip during installation.
|
130
|
+
This is a [remembered option][REMEMBERED OPTIONS].
|
131
|
+
|
132
|
+
|
133
|
+
## DEPLOYMENT MODE
|
134
|
+
|
135
|
+
Carat's defaults are optimized for development. To switch to
|
136
|
+
defaults optimized for deployment, use the `--deployment` flag.
|
137
|
+
Do not activate deployment mode on development machines, as it
|
138
|
+
will cause an error when the Gemfile(5) is modified.
|
139
|
+
|
140
|
+
1. A `Gemfile.lock` is required.
|
141
|
+
|
142
|
+
To ensure that the same versions of the gems you developed with
|
143
|
+
and tested with are also used in deployments, a `Gemfile.lock`
|
144
|
+
is required.
|
145
|
+
|
146
|
+
This is mainly to ensure that you remember to check your
|
147
|
+
`Gemfile.lock` into version control.
|
148
|
+
|
149
|
+
2. The `Gemfile.lock` must be up to date
|
150
|
+
|
151
|
+
In development, you can modify your Gemfile(5) and re-run
|
152
|
+
`carat install` to [conservatively update][CONSERVATIVE UPDATING]
|
153
|
+
your `Gemfile.lock` snapshot.
|
154
|
+
|
155
|
+
In deployment, your `Gemfile.lock` should be up-to-date with
|
156
|
+
changes made in your Gemfile(5).
|
157
|
+
|
158
|
+
3. Gems are installed to `vendor/carat` not your default system location
|
159
|
+
|
160
|
+
In development, it's convenient to share the gems used in your
|
161
|
+
application with other applications and other scripts run on
|
162
|
+
the system.
|
163
|
+
|
164
|
+
In deployment, isolation is a more important default. In addition,
|
165
|
+
the user deploying the application may not have permission to install
|
166
|
+
gems to the system, or the web server may not have permission to
|
167
|
+
read them.
|
168
|
+
|
169
|
+
As a result, `carat install --deployment` installs gems to
|
170
|
+
the `vendor/carat` directory in the application. This may be
|
171
|
+
overridden using the `--path` option.
|
172
|
+
|
173
|
+
## SUDO USAGE
|
174
|
+
|
175
|
+
By default, Carat installs gems to the same location as `gem install`.
|
176
|
+
|
177
|
+
In some cases, that location may not be writable by your Unix user. In
|
178
|
+
that case, Carat will stage everything in a temporary directory,
|
179
|
+
then ask you for your `sudo` password in order to copy the gems into
|
180
|
+
their system location.
|
181
|
+
|
182
|
+
From your perspective, this is identical to installing them gems
|
183
|
+
directly into the system.
|
184
|
+
|
185
|
+
You should never use `sudo carat install`. This is because several
|
186
|
+
other steps in `carat install` must be performed as the current user:
|
187
|
+
|
188
|
+
* Updating your `Gemfile.lock`
|
189
|
+
* Updating your `vendor/cache`, if necessary
|
190
|
+
* Checking out private git repositories using your user's SSH keys
|
191
|
+
|
192
|
+
Of these three, the first two could theoretically be performed by
|
193
|
+
`chown`ing the resulting files to `$SUDO_USER`. The third, however,
|
194
|
+
can only be performed by actually invoking the `git` command as
|
195
|
+
the current user. Therefore, git gems are downloaded and installed
|
196
|
+
into `~/.carat` rather than $GEM_HOME or $BUNDLE_PATH.
|
197
|
+
|
198
|
+
As a result, you should run `carat install` as the current user,
|
199
|
+
and Carat will ask for your password if it is needed to put the
|
200
|
+
gems into their final location.
|
201
|
+
|
202
|
+
## INSTALLING GROUPS
|
203
|
+
|
204
|
+
By default, `carat install` will install all gems in all groups
|
205
|
+
in your Gemfile(5), except those declared for a different platform.
|
206
|
+
|
207
|
+
However, you can explicitly tell Carat to skip installing
|
208
|
+
certain groups with the `--without` option. This option takes
|
209
|
+
a space-separated list of groups.
|
210
|
+
|
211
|
+
While the `--without` option will skip _installing_ the gems in the
|
212
|
+
specified groups, it will still _download_ those gems and use them to
|
213
|
+
resolve the dependencies of every gem in your Gemfile(5).
|
214
|
+
|
215
|
+
This is so that installing a different set of groups on another
|
216
|
+
machine (such as a production server) will not change the
|
217
|
+
gems and versions that you have already developed and tested against.
|
218
|
+
|
219
|
+
`Carat offers a rock-solid guarantee that the third-party
|
220
|
+
code you are running in development and testing is also the
|
221
|
+
third-party code you are running in production. You can choose
|
222
|
+
to exclude some of that code in different environments, but you
|
223
|
+
will never be caught flat-footed by different versions of
|
224
|
+
third-party code being used in different environments.`
|
225
|
+
|
226
|
+
For a simple illustration, consider the following Gemfile(5):
|
227
|
+
|
228
|
+
source 'https://rubygems.org'
|
229
|
+
|
230
|
+
gem 'sinatra'
|
231
|
+
|
232
|
+
group :production do
|
233
|
+
gem 'rack-perftools-profiler'
|
234
|
+
end
|
235
|
+
|
236
|
+
In this case, `sinatra` depends on any version of Rack (`>= 1.0`), while
|
237
|
+
`rack-perftools-profiler` depends on 1.x (`~> 1.0`).
|
238
|
+
|
239
|
+
When you run `carat install --without production` in development, we
|
240
|
+
look at the dependencies of `rack-perftools-profiler` as well. That way,
|
241
|
+
you do not spend all your time developing against Rack 2.0, using new
|
242
|
+
APIs unavailable in Rack 1.x, only to have Carat switch to Rack 1.2
|
243
|
+
when the `production` group _is_ used.
|
244
|
+
|
245
|
+
This should not cause any problems in practice, because we do not
|
246
|
+
attempt to `install` the gems in the excluded groups, and only evaluate
|
247
|
+
as part of the dependency resolution process.
|
248
|
+
|
249
|
+
This also means that you cannot include different versions of the same
|
250
|
+
gem in different groups, because doing so would result in different
|
251
|
+
sets of dependencies used in development and production. Because of
|
252
|
+
the vagaries of the dependency resolution process, this usually
|
253
|
+
affects more than just the gems you list in your Gemfile(5), and can
|
254
|
+
(surprisingly) radically change the gems you are using.
|
255
|
+
|
256
|
+
## REMEMBERED OPTIONS
|
257
|
+
|
258
|
+
Some options (marked above in the [OPTIONS][] section) are remembered
|
259
|
+
between calls to `carat install`, and by the Carat runtime.
|
260
|
+
|
261
|
+
For instance, if you run `carat install --without test`, a subsequent
|
262
|
+
call to `carat install` that does not include a `--without` flag will
|
263
|
+
remember your previous choice.
|
264
|
+
|
265
|
+
In addition, a call to `Carat.setup` will not attempt to make the
|
266
|
+
gems in those groups available on the Ruby load path, as they were
|
267
|
+
not installed.
|
268
|
+
|
269
|
+
The settings that are remembered are:
|
270
|
+
|
271
|
+
* `--deployment`:
|
272
|
+
At runtime, this remembered setting will also result in Carat
|
273
|
+
raising an exception if the `Gemfile.lock` is out of date.
|
274
|
+
|
275
|
+
* `--path`:
|
276
|
+
Subsequent calls to `carat install` will install gems to the
|
277
|
+
directory originally passed to `--path`. The Carat runtime
|
278
|
+
will look for gems in that location. You can revert this
|
279
|
+
option by running `carat install --system`.
|
280
|
+
|
281
|
+
* `--binstubs`:
|
282
|
+
Carat will update the executables every subsequent call to
|
283
|
+
`carat install`.
|
284
|
+
|
285
|
+
* `--without`:
|
286
|
+
As described above, Carat will skip the gems specified by
|
287
|
+
`--without` in subsequent calls to `carat install`. The
|
288
|
+
Carat runtime will also not try to make the gems in the
|
289
|
+
skipped groups available.
|
290
|
+
|
291
|
+
## THE GEMFILE.LOCK
|
292
|
+
|
293
|
+
When you run `carat install`, Carat will persist the full names
|
294
|
+
and versions of all gems that you used (including dependencies of
|
295
|
+
the gems specified in the Gemfile(5)) into a file called `Gemfile.lock`.
|
296
|
+
|
297
|
+
Carat uses this file in all subsequent calls to `carat install`,
|
298
|
+
which guarantees that you always use the same exact code, even
|
299
|
+
as your application moves across machines.
|
300
|
+
|
301
|
+
Because of the way dependency resolution works, even a
|
302
|
+
seemingly small change (for instance, an update to a point-release
|
303
|
+
of a dependency of a gem in your Gemfile(5)) can result in radically
|
304
|
+
different gems being needed to satisfy all dependencies.
|
305
|
+
|
306
|
+
As a result, you `SHOULD` check your `Gemfile.lock` into version
|
307
|
+
control. If you do not, every machine that checks out your
|
308
|
+
repository (including your production server) will resolve all
|
309
|
+
dependencies again, which will result in different versions of
|
310
|
+
third-party code being used if `any` of the gems in the Gemfile(5)
|
311
|
+
or any of their dependencies have been updated.
|
312
|
+
|
313
|
+
## CONSERVATIVE UPDATING
|
314
|
+
|
315
|
+
When you make a change to the Gemfile(5) and then run `carat install`,
|
316
|
+
Carat will update only the gems that you modified.
|
317
|
+
|
318
|
+
In other words, if a gem that you `did not modify` worked before
|
319
|
+
you called `carat install`, it will continue to use the exact
|
320
|
+
same versions of all dependencies as it used before the update.
|
321
|
+
|
322
|
+
Let's take a look at an example. Here's your original Gemfile(5):
|
323
|
+
|
324
|
+
source 'https://rubygems.org'
|
325
|
+
|
326
|
+
gem 'actionpack', '2.3.8'
|
327
|
+
gem 'activemerchant'
|
328
|
+
|
329
|
+
In this case, both `actionpack` and `activemerchant` depend on
|
330
|
+
`activesupport`. The `actionpack` gem depends on `activesupport 2.3.8`
|
331
|
+
and `rack ~> 1.1.0`, while the `activemerchant` gem depends on
|
332
|
+
`activesupport >= 2.3.2`, `braintree >= 2.0.0`, and `builder >= 2.0.0`.
|
333
|
+
|
334
|
+
When the dependencies are first resolved, Carat will select
|
335
|
+
`activesupport 2.3.8`, which satisfies the requirements of both
|
336
|
+
gems in your Gemfile(5).
|
337
|
+
|
338
|
+
Next, you modify your Gemfile(5) to:
|
339
|
+
|
340
|
+
source 'https://rubygems.org'
|
341
|
+
|
342
|
+
gem 'actionpack', '3.0.0.rc'
|
343
|
+
gem 'activemerchant'
|
344
|
+
|
345
|
+
The `actionpack 3.0.0.rc` gem has a number of new dependencies,
|
346
|
+
and updates the `activesupport` dependency to `= 3.0.0.rc` and
|
347
|
+
the `rack` dependency to `~> 1.2.1`.
|
348
|
+
|
349
|
+
When you run `carat install`, Carat notices that you changed
|
350
|
+
the `actionpack` gem, but not the `activemerchant` gem. It
|
351
|
+
evaluates the gems currently being used to satisfy its requirements:
|
352
|
+
|
353
|
+
* `activesupport 2.3.8`:
|
354
|
+
also used to satisfy a dependency in `activemerchant`,
|
355
|
+
which is not being updated
|
356
|
+
* `rack ~> 1.1.0`:
|
357
|
+
not currently being used to satisfy another dependency
|
358
|
+
|
359
|
+
Because you did not explicitly ask to update `activemerchant`,
|
360
|
+
you would not expect it to suddenly stop working after updating
|
361
|
+
`actionpack`. However, satisfying the new `activesupport 3.0.0.rc`
|
362
|
+
dependency of actionpack requires updating one of its dependencies.
|
363
|
+
|
364
|
+
Even though `activemerchant` declares a very loose dependency
|
365
|
+
that theoretically matches `activesupport 3.0.0.rc`, Carat treats
|
366
|
+
gems in your Gemfile(5) that have not changed as an atomic unit
|
367
|
+
together with their dependencies. In this case, the `activemerchant`
|
368
|
+
dependency is treated as `activemerchant 1.7.1 + activesupport 2.3.8`,
|
369
|
+
so `carat install` will report that it cannot update `actionpack`.
|
370
|
+
|
371
|
+
To explicitly update `actionpack`, including its dependencies
|
372
|
+
which other gems in the Gemfile(5) still depend on, run
|
373
|
+
`carat update actionpack` (see `carat update(1)`).
|
374
|
+
|
375
|
+
`Summary`: In general, after making a change to the Gemfile(5) , you
|
376
|
+
should first try to run `carat install`, which will guarantee that no
|
377
|
+
other gems in the Gemfile(5) are impacted by the change. If that
|
378
|
+
does not work, run [carat update(1)][carat-update].
|
379
|
+
|
380
|
+
## SEE ALSO
|
381
|
+
|
382
|
+
* Gem install docs: http://guides.rubygems.org/rubygems-basics/#installing-gems
|
383
|
+
* Rubygems signing docs: http://guides.rubygems.org/security/
|