-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bundler] Support multiple lockfiles - for example dual-booting #3266
Comments
@davidwessman great feedback, we actually want this for a project at github but having a hard time prioritising it atm. We've set up a sample workflow that works around the new read-only GITHUB_TOKEN on dependabot PRs here: https://github.com/dependabot/dependabot-actions-workflow/tree/main/.github/workflows |
Yeah, this would be an awesome feature. Our current setup in activeadmin works but it's way too verbose, since we get one separate PR for each It'd be nice if we could move back to using a "common gemfile" through |
Might also be worth considering Shopify's dual boot tool and their naming convention of |
…r params In support of dependabot#3266
…r params In support of dependabot#3266
…r params In support of dependabot#3266
…r params In support of dependabot#3266
👋 This issue has been marked as stale because it has been open for 2 years with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the |
Background
Some applications have multiple gemfiles and lockfiles, it would be great if Dependabot could support updating them more seamlessly. I have seen two separate discussions in issues here on Dependabot:
Support multiple gemfiles #375 Discussing having one Gemfile for testing a gem against each supported Rails version.
./gemfiles/rails_52/Gemfile
,./gemfiles/rails_52/Gemfile.lock
.Support multiple lock files for Bundler #2106 Discusses multiple Gemfiles for dual-booting a Rails application, see more information from fastruby.io or Shopify's bootboot.
Gemfile
, oneGemfile.next
which is just a symlink to the main one, then two separate lockfilesGemfile.lock
andGemfile.next.lock
(For bootboot the files are calledGemfile_next
andGemfile_next.lock
).My solution to the second situation have been running a special Github Action Workflow everytime there is a PR with changes to
Gemfile.lock
and just runBUNDLE_GEMFILE=Gemfile.next bundle update --minor --conservative
and commit the change. But this no longer works for PRs triggered by Dependabot since the read-only update on the 1st of March, blog post.Example
A
Gemfile
with a symlinked file calledGemfile.next
.Gemfile and Gemfile.next
Gemfile.lock
Gemfile.next.lock
Update cases
shared
: Update to the maximum version working for both lockfilesbusiness
: UpdateGemfile
orGemfile.next
separately, can be separate PRs.Required changes
Gemfile.next + Gemfile.next.lock
orGemfile_next + Gemfile_next.lock
I would be interesting in helping out with a PR, but I think I need some guidance to make it work - I started out with #3262 but decided to close it and start this issue instead.
The text was updated successfully, but these errors were encountered: