Read more

Gemspecs must not list the same gem as both runtime and development dependency

Henning Koch
November 02, 2015Software engineer at makandra GmbH

When you're developing a gem, never list the same dependency as both runtime and development dependency in your .gemspec.

Illustration online protection

Rails Long Term Support

Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)

  • Prevents you from data breaches and liability risks
  • Upgrade at your own pace
  • Works with modern Rubies
Read more Show archive.org snapshot

So don't do this:

spec.add_dependency 'activesupport'
spec.add_development_dependency 'activesupport', '~> 2.3'

If you do this, your gemspec will not validate and modern versions of Bundler will silently ignore it. This leads to errors like:

Could not find your-gem-0.1.2 in any of the sources

What to do instead

If you want to freeze a different version of a dependency for your tests, prefer putting it into the Gemfile in your gem project directory.

In the example above, have a .gemspec like this:

spec.add_dependency 'activesupport'

Then, in your Gemfile, add the dependency for tests:

gem 'activesupport', '~> 2.3'
gemspec
Posted by Henning Koch to makandra dev (2015-11-02 11:18)