27 cards
Posted almost 7 years ago. Visible to the public.

Installing Rails 2.3 LTS with Bundler

This document describes how to swap out the official Rails 2.3 gems with Rails 2.3 LTS Archive . If you have installed Rails LTS before and want to update to a newer version, please see our update instructions Archive .

Prerequisites

  1. Make sure your project satisfies the system requirement for Rails LTS. This involves upgrading to Rails 2.3.18.

  2. The instructions below assume you are using Bundler Archive to manage your gem dependencies.
    If your project isn't using Bundler, you can either upgrade to Bundler Archive (recommended) or
    install Rails 2.3 LTS without Bundler.

  3. Make sure that you have a current version of Rubygems and Bundler, otherwise you might run into random errors with dependency resolution.

If you use Ruby 1.8.7, we recommend using

  • rubygems version 1.8.30
  • bundler version 1.17.3

On newer Rubies, you can use more modern versions of Rubygems and Bundler.

To update, run

Copy
gem update --system 1.8.30 gem install bundler -v '1.17.3'

If you get an error "No gem names are allowed with the --system option" trying to update Rubygems, you can instead do this:

Copy
gem uninstall rubygems-update # (uninstall all versions) gem install rubygems-update -v 1.8.30 update_rubygems gem install bundler -v '1.17.3'

Installation

  1. Open the Bundler configuration file (Gemfile) in your project's root directory and find this line:

    Copy
    gem 'rails'

    As a customer of a paid plan (Startup, Standard, Enterprise), replace that line with the following code:

    Copy
    source 'https://username:password@gems.railslts.com' do gem 'rails', '~>2.3.18' gem 'actionmailer', :require => false gem 'actionpack', :require => false gem 'activerecord', :require => false gem 'activeresource', :require => false gem 'activesupport', :require => false gem 'railties', :require => false gem 'railslts-version', :require => false end

    Replace username and password with your personal credentials that you received after subscribing to Rails LTS.
    Make sure a colon (:) separates username and password. If you don't want these credentials in your Gemfile, you can also set them in an environment variable BUNDLE_GEMS__RAILSLTS__COM=username:password.

    As a subscriber to the free Community edition, use the following code instead:

    Copy
    git 'https://github.com/makandra/rails.git', :branch => '2-3-lts' do gem 'rails', '~>2.3.18' gem 'actionmailer', :require => false gem 'actionpack', :require => false gem 'activerecord', :require => false gem 'activeresource', :require => false gem 'activesupport', :require => false gem 'railties', :require => false gem 'railslts-version', :require => false end

    You will not need a username or password for the Community edition.

    Note that our repositories are available via SSL (https) only, http://... will not work.

  2. Open config/environment.rb within your project directory and delete the following line:

    Copy
    RAILS_GEM_VERSION = '2.3.xx' unless defined? RAILS_GEM_VERSION
  3. Run Bundler to complete the installation:

    Copy
    bundle update rails

    If the clone process aborts with an error like "The requested URL returned error: 403" or "Cannot get remote repository information" your Git version is probably too old Archive . In such case you should upgrade your Git to version 1.7+ or you can install Rails LTS without Bundler.

  4. Decide whether to enable optional security enhancements shipped with Rails LTS.

    In order to keep maximum compatibility to the official Ruby on Rails releases, Rails LTS disables all additional security features by default. We do however recommend the :hardened configuration, which includes improvements we believe to be reasonable defaults for increased security in most applications.

  5. Confirm that you are running the latest version of Rails 2.3 LTS.

  6. Follow your normal release process (run tests, push, deploy to staging, do smoke testing, deploy to production).

Congratulations! You successfully deployed your application using Rails LTS. If you have chosen to subscribe to the Rails LTS Notification List when signing up, you will be notified whenever a new patch for Rails LTS becomes available.

Note on rack

Rails 2.3 depends on Rack version 1.4.x (which itself is not currently part of Rails LTS). It has some minor security issues on its own. We have a public fork on Github Archive that fixes these issues.

Note on rake

Rails 2.3 depends on Rake. Versions of rake < 12.3.3 have a security issue, and you cannot use rake 12 with Ruby 1.8.7. If you cannot upgrade to rake 12, we have a public fork on Github Archive that fixes the issue.

Note on mysql

If you have trouble using the mysql gem, you should try upgrading to mysql2 which is mostly a drop-in replacement. We suggest you use our fork on mysql2 which fixes some compilation issues on newer linux distros, by adding this to your Gemfile:

Copy
gem 'mysql2', git: 'https://github.com/makandra/mysql2', branch: '0.2.x-lts'

Also, in your database.yml, change the adapter to mysql2.

Breaking changes

By default, Rails LTS does not allow for strings to be used in polymorphic path helpers, e.g. url_for(['edit', @user]) is not allowed. Symbols are fine. You can opt out of this change

Does your version of Ruby on Rails still receive security updates?
Rails LTS provides security patches for unsupported versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2).

Owner of this card:

Avatar
Henning Koch
Last edit:
about 1 month ago
by Tobias Kraze
About this deck:
We are makandra and do test-driven, agile Ruby on Rails software development.
License for source code
This website uses short-lived cookies to improve usability.
Accept or learn more