Hiroshi SHIBATA, profile picture
Uploaded byHiroshi SHIBATA
PDF, PPTX323 views

How resolve Gem dependencies in your code?

This document contains the slides for a presentation on resolving gem dependencies in Ruby code. It discusses RubyGems and Bundler, which are package managers for Ruby that handle dependency resolution. Key terms are defined, like gem, gemspec, Gemfile, and various components involved in dependency resolution like the resolver, resolver engine, and different engines used by RubyGems and Bundler. Performance issues with RubyGems are also addressed, and how Bundler helps address them.

Embed presentation

Download as PDF, PPTX
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How resolve Gem dependencies in your code? Hiroshi SHIBATA @hsbt 2023/09/21 Euruko 2023
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Hiroshi SHIBATA https://hsbt.org @hsbt Ruby core team RubyGems/Bundler team Technical fellow at ANDPAD Self introduction
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Introduction of ANDPAD
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ I'm from Japan where is Ruby birth place
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ RubyKaigi 2023 RubyKaigi 2023 is Ruby conference in Japan
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ RubyKaigi 2024 RubyKaigi 2024 will be coming Okinawa island in Japan at May, 2024.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Dependency Resolution with RubyGems/Bundler?
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What are RubyGems and Bundler?
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's package manager? ā€¢ User interface ā€¢ Provide commands like install/update/search package ā€¢ Dependency Resolution ā€¢ Resolve dependencies of package and provide list of name and version of package ā€¢ Version locking (NEW!) ā€¢ Provide environment to lock specified versions of package
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Whatā€™s rubygems? RubyGems is a package manager of the Ruby language. ā€¢ rubygems/rubygems.org: ā€¢ The Ruby community's gem host. ā€¢ rubygems.org is maintain by infrastructure team of rubygems. It is different team from rubygems cli team. ā€¢ rubygems/rubygems: ā€¢ Command line tool for rubygems.org ā€¢ Now, rubygems maintained rubygems team. I'm member of this team.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Terminology ā€¢ Gem ā€¢ A package/library for the Ruby programming language ā€¢ Gem::Specification ā€¢ Class for defining metadata including name, version, platform, etc. ā€¢ gemspec ā€¢ File describing the Gem::Specification in RubyGems/Bundler ā€¢ This file is written by you for releasing gem ā€¢ This file is created at gem install time by RubyGems
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Whatā€™s Bundler? # frozen_string_literal: true source "https://rubygems.org" gemspec gem "rake", ">= 11.1ā€ ā€¢ Bundler is also package manager of Ruby language ā€¢ Bundler focused version locking feature ā€¢ Bundler extends a lot of RubyGems resources like gemspec. ā€¢ Bundler works with Gemfile like:
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Inside of Ruby libraries and gem dependencies.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ gemspec in your code ā€¢ You can see gemspec with `Gem.loaded_specs` like this: ā€¢ `Gem::Speci fi cation#dependencies` is important parts of your application. >> Gem.loaded_specs["rack"] => Gem::Speci fi cation.new do |s| s.name = "rack" s.version = Gem::Version.new("2.2.8") s.installed_by_version = Gem::Version.new("3.4.10") s.authors = ["Leah Neukirchen"] s.date = Time.utc(2023, 7, 31) s.dependencies = [Gem::Dependency.new("minitest", Gem::Requirement.new(["~> 5.0"]), :development), Gem::Dependency.new("minitest-sprint", Gem::Requirement.new([">= 0"]), :development), Gem::Dependency.new("minitest-global_expectations", Gem::Requirement.new([">= 0"]), :development), Gem::Dependency.new("rake", Gem::Requirement.new([">= 0"]), :development)] s.description = "Rack provides a minimal, modular and adaptable interface for developingnweb applications in Ruby. By wrapping HTTP requests and responses innthe simplest way possible, it uni fi es and distills the API for webnservers, web frameworks, and software in between (the so- callednmiddleware) into a single method call.n" (...snip...) end
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Default gems ā€¢ The Ruby core team released "Default gems" to the rubygems.org. ā€¢ You can install standard libraries of Ruby via RubyGems. ā€¢ Default gems are openssl, psych, json, etcā€¦ You can see all of default gems at https://stdgems.org/ ā€¢ Rubygems have a detection method for default gems. >> require 'rss' => true >> Gem.loaded_specs["rss"].default_gem? => false >> require 'openssl' => true >> Gem.loaded_specs["openssl"].default_gem? => true
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Bundled gems ā€¢ We bundled *.gem and unpacked fi les to tarball package for Bundled gems with `gems/bundled_gems` in ruby/ruby repository like this: ā€¢ `make install` installed Bundled gem your box.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Performance issues with RubyGems ā€¢ RubyGems extends `require`, `gem` and `warn`. ā€¢ Because Ruby startup time is slow with RubyGems. ā€¢ Bundler resolve this slow down. def require(path) # :doc: return gem_original_require(path) unless Gem.discover_gems_on_require begin RUBYGEMS_ACTIVATION_MONITOR.enter path = path.to_path if path.respond_to? :to_path if spec = Gem. fi nd_unresolved_default_spec(path) # Ensure -I beats a default gem resolved_path = begin rp = nil (snip)
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Performance issues ā€¢ Bundler also extends RubyGems classes/methods. It's enabled when we used Bundler. ā€¢ `Gem::Specification#extension_dir` needs to handle git resource of Gemfile like this: # for gem ā€œrailsā€, git: ā€œhttps://github.com/rails/rails" alias_method :rg_extension_dir, :extension_dir def extension_dir # following instance variable is already used in original method # and that is the reason to prefix it with bundler_ and add rubocop exception @bundler_extension_dir ||= if source.respond_to?(:extension_dir_name) unique_extension_dir = [source.extension_dir_name, File.basename(full_gem_path)].uniq.join("-") File.expand_path(File.join(extensions_dir, unique_extension_dir)) else rg_extension_dir end end
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Architecture of RubyGems/Bundler Update Install Commands Bundler.definition Extended classes of RubyGems Resolver Resolver Engine PubGrub Update Commands Install Resolver Resolver Engine Molinillo Gem::Specification Request::Set Etc... RubyGems Bundler
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Terminology ā€¢ Resolution ā€¢ Ensuring that the dependency constraint are satisfied the combinatorial constraints of multiple libraries. ā€¢ Resolver Engine ā€¢ Performs dependency resolution with library name and version combinations and provides a list of libraries if resolved. RubyGems uses Mollinilo, Bundler uses PubGrub ā€¢ Resolver ā€¢ Provides the Resolver Engine with the necessary data abstraction and library dependency resolution ā€¢ Provides list of libraries including their names and versions to be installed.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Basic case of Gemfile and bundle exec
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Basic case of Gemfile and Bundler ā€¢ How Bundler lock gem versions? ā€¢ I'll introduce how resolve these paths with examples. # Gem fi le # frozen_string_literal: true source "https://rubygems.org" gem "rss" # Gem fi le.lock GEM remote: https://rubygems.org/ specs: rexml (3.2.5) rss (0.2.9) rexml PLATFORMS arm64-darwin-23 DEPENDENCIES rss BUNDLED WITH 2.5.0.dev
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Bundler.setup def setup(*groups) @definition.ensure_equivalent_gemfile_and_lockfile if Bundler.frozen_bundle? # Has to happen first clean_load_path specs = @definition.specs_for(groups) SharedHelpers.set_bundle_environment Bundler.rubygems.replace_entrypoints(specs) # Activate the specs load_paths = specs.map do |spec| check_for_activated_spec!(spec) Bundler.rubygems.mark_loaded(spec) spec.load_paths.reject {|path| $LOAD_PATH.include?(path) } end.reverse.flatten Bundler.rubygems.add_to_load_path(load_paths) setup_manpath lock(:preserve_unknown_sections => true) self end ā€¢ `Bundler.setup` and `Bundler.require` is most important parts of Bundler ā€¢ These methods defined at `runtime.rb`. ā€¢ `bundle exec` call `Bundler.setup` and `Kernel.exec`.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Reset your environment with Bundler @definition.ensure_equivalent_gemfile_and_lockfile if Bundler.frozen_bundle? # Has to happen first clean_load_path ā€¢ At first, Bundler update your lockfile and install new versions if it's needed. After that, Reject gem paths that are not `require` yet. def clean_load_path loaded_gem_paths = Bundler.rubygems.loaded_gem_paths $LOAD_PATH.reject! do |p| resolved_path = resolve_path(p) next if $LOADED_FEATURES.any? {|lf| lf.start_with?(resolved_path) } loaded_gem_paths.delete(p) end $LOAD_PATH.uniq! end
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ ā€¢ `Bundler.definition` and `Bundler::Resolver` is core parts for this. ā€¢ Bundler.definition create instance of `Bundler::Resolver` and call resolution methods inside `specs_for`. ā€¢ `specs` is instance of Bundler::SpecSet. ā€¢ Bundler inject `bundler` as dependency into Gemfile. How select dependencies by Bundler.definition specs = @definition.specs_for(groups) SharedHelpers.set_bundle_environment Bundler.rubygems.replace_entrypoints(specs) >> specs.map(&:name) => ["bundler", "rexml", "rss"]
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Basic scenario of Bundler resolution ā€¢ `Bundler.rubygems.replace_entrypoints` inject gemspecs of default gems into dependencies of Gemfile. specs = Declared in Gemfile: rails, nokogiri, sidekiq, etc... default_spec = Default gems: csv, psych, json, etc... + Bundler.rubygems.default_stubs.each do |stub| default_spec = stub.to_spec default_spec_name = default_spec.name next if specs_by_name.key?(default_spec_name) specs << default_spec specs_by_name[default_spec_name] = default_spec end
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Update your LOAD_PATH with scratch ~/.rbenv/versions/master/lib/ruby/gems/3.3.0+0/gems/rss-0.2.9/lib ~/.rbenv/versions/master/lib/ruby/gems/3.3.0+0/gems/rexml-3.2.5/lib ~/.rbenv/versions/master/lib/ruby/gems/3.3.0+0/gems/bundler-2.5.0.dev/lib # Activate the specs load_paths = specs.map do |spec| check_for_activated_spec!(spec) Bundler.rubygems.mark_loaded(spec) spec.load_paths.reject {|path| $LOAD_PATH.include?(path) } end.reverse.flatten Bundler.rubygems.add_to_load_path(load_paths) setup_manpath lock(:preserve_unknown_sections => true) self ā€¢ These logic is easy to understand. We generate paths generated by resolved gemspec. `Gem::Specification#load_paths` returns load paths from gemspec. ā€¢ `load_paths` returns like this:
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How resolve library dependency by Bundler?
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How works PubGrub and Bundler
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's PubGrub? ā€¢ PubGrub is next generation resolution engine developed by Natalie Weizenbaum a.k.a @nex3. ā€¢ PubGrub is for Dart language. But we have Ruby implementation that is `pub_grub`. ā€¢ If resolution conflict occurs with PubGrub, PubGrub give up immediately to resolving loop. This makes faster resolution with complex Gemfile. https://nex3.medium.com/pubgrub-2fb6470504f
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Easy scenario of PubGrub source = PubGrub::StaticPackageSource.new do |s| s.add 'foo', '2.0.0', deps: { 'bar' => '1.0.0' } s.add 'foo', '1.0.0' s.add 'bar', '1.0.0', deps: { 'foo' => '1.0.0' } s.root deps: { 'bar' => '>= 1.0.0' } end solver = PubGrub::VersionSolver.new(source: source) result = solver.solve p result #=> {#<PubGrub::Package :root>=>0, "bar"=>#<Gem::Version "1.0.0">, "foo"=>#<Gem::Version "1.0.0">} ā€¢ This is basic scenario of dependency resolution. ā€¢ We can see Resolution with PubGrub::VersionSolver and package source definition provided by PubGrub.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Easy scenario of PubGrub I want bar-1.0.0 or higher bar-1.0.0 foo-1.0.0 foo-2.0.0 ā€¢ We want to use `bar >= 1.0.0`. bar-1.0.0 wants foo-1.0.0. ā€¢ We can get resolution result that is `bar-1.0.0` and `foo-1.0.0`.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Conflict scenario of PubGrub source = PubGrub::StaticPackageSource.new do |s| s.add 'foo', '2.0.0', deps: { 'bar' => '1.0.0' } s.add 'foo', '1.0.0' s.add 'bar', '1.0.0', deps: { 'foo' => '1.0.0' } s.root deps: { 'foo' => '>= 2.0.0' } end solver = PubGrub::VersionSolver.new(source: source) result = solver.solve p result #=> pub_grub/version_solver.rb:233:in `resolve_conflict': Could not find compatible versions (PubGrub::SolveFailure) ā€¢ This is conflict scenario of dependency resolution. ā€¢ If PubGrub couldn't resolve their versions, it raises `SolveFailure`.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Easy scenario of PubGrub I want foo-2.0.0 or higher bar-1.0.0 foo-1.0.0 foo-2.0.0 ā€¢ We want to use `foo >= 2.0.0`. ā€¢ But foo-2.0.0 wants bar-1.0.0, and bar-1.0.0 wants foo-1.0.0. This is not foo-2.0.0
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ A bit of complex scenario of PubGrub source = PubGrub::StaticPackageSource.new do |s| s.add 'foo', '3.0.0', deps: { 'bar' => '> 1.0.0' } s.add 'foo', '2.0.0', deps: { 'bar' => '1.0.0' } s.add 'foo', '1.0.0' s.add 'bar', '1.0.0', deps: { 'foo' => '1.0.0' } s.add 'bar', '2.0.0' s.add 'buzz', '1.0.0', deps: { 'foo' => '> 1.0.0' } s.root deps: { 'buzz' => '1.0.0' } end solver = PubGrub::VersionSolver.new(source: source) result = solver.solve p result #=> {#<PubGrub::Package :root>=>0, "buzz"=>#<Gem::Version "1.0.0">, "foo"=>#<Gem::Version "3.0.0">, "bar"=>#<Gem::Version "2.0.0">} ā€¢ This is additional scenario for PubGrub. We have three versions of foo, two versions of bar, and buzz.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ A bit of complex scenario of PubGrub I want buzz-1.0.0 buzz-1.0.0 foo-1.0.0 foo-2.0.0 foo-3.0.0 bar-1.0.0 bar-2.0.0 This is not foo > 1.0.0 for buzz We want to use buzz-1.0.0, buzz-1.0.0 wants foo > 1.0.0. PubGrub resolve it with foo-2.0.0 or foo-3.0.0, But foo-2.0.0 conflicts with bar-1.0.0.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ A bit of complex scenario of PubGrub I want buzz-1.0.0 buzz-1.0.0 foo-1.0.0 foo-2.0.0 foo-3.0.0 bar-1.0.0 bar-2.0.0 We finally get buzz-1.0.0, foo-3.0.0 and bar-2.0.0 as resolution result.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What happened with `bundle update rails`
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Infinitely case of `bundle update` $ bundle update Fetching gem metadata from https://rubygems.org/............ Resolving dependencies................................................................................................................................. ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ......................................................................^C
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Why rails loops infinite with bundle update? Bundler could not fi nd compatible versions for gem "activesupport": In Gem fi le: inherited_resources (= 1.6.0) was resolved to 1.6.0, which depends on has_scope (~> 0.6.0.rc) was resolved to 0.6.0, which depends on activesupport (>= 3.2, < 5) rails (= 4.2.0) was resolved to 4.2.0, which depends on activesupport (= 4.2.0) Bundler could not fi nd compatible versions for gem "railties": In Gem fi le: inherited_resources (= 1.6.0) was resolved to 1.6.0, which depends on railties (>= 3.2, < 5) rails (= 4.2.0) was resolved to 4.2.0, which depends on railties (= 4.2.0) inherited_resources (= 1.6.0) was resolved to 1.6.0, which depends on responders was resolved to 1.1.2, which depends on railties (>= 3.2, < 4.2) This behavior is derivation of the following events frequently after running `bundle update` at Bundler 2.3 or before.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's happend called with setup_solver in Bundler? ā€¢ `bundle update` will create instance of `Resolver` for resolution. ā€¢ Resolver invoke `setup_solver` and `solve_versions`. `setup_solver` prepared all versions of gemspec(called all_specs) and dependency tree and logger for `solve_versions` >> @all_specs.keys => ["rails", "importmap-rails", "Rubyu0000", "RubyGemsu0000"] >> @all_specs["rails"].map{|s| [s.name, s.version.to_s]} => [["rails", "0.8.0"], ["rails", "0.8.5"], ... ["rails", "7.0.7.2"], ["rails", "7.0.8"]] source "https://rubygems.org" gem "rails" gem "importmap-rails"
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How use PubGrub in Bundler? def solve_versions(root:, logger:) solver = PubGrub::VersionSolver.new(:source => self, :root => root, :logger => logger) result = solver.solve result.map {|package, version| version.to_specs(package) }. fl atten.uniq ā€¢ But real case happens resolution conflicts when a dependent gem under rails, such as `railties`, is version-locked by referencing another gem. ā€¢ `PubGrub::SolveFailure` exception occurs and this gem is sent to the retry list. ā€¢ Bundler will resolve dependencies defined at Gemfile and all_specs of gem by PubGrub like sample case.
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Real case of PubGrub resolution I want rails-7.0.8 and importmap- rails-1.2.1 rails-0.8.0 activerecord-... rails-7.0.8 惻 惻 惻 importmap-rails-0.1.0 惻 惻 惻 importmap-rails-1.2.1 activemailer-... activesupport-... actionview-... railties-... actionpack-... mini_mime-... mail-... minitest-... tzinfo-... thor-... rake-...
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Bundler handles conflict result of PubGrub ā€¢ For example, importmap-rails depends on `railtie`. `importmap-rails` was sent into retry list. ā€¢ `railtie` and `activesupport` are used often as they are rails plugins, so they are almost always included rescue PubGrub::SolveFailure => e incompatibility = e.incompatibility names_to_unlock, names_to_allow_prereleases_for, extended_explanation = fi nd_names_to_relax(incompatibility) names_to_relax = names_to_unlock + names_to_allow_prereleases_for if names_to_relax.any? (snip) root, logger = setup_solver Bundler.ui.debug "Retrying resolution...", true retry end
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Bundler will propagate conflict result into next resolution OK, I skip importmap- rails-1.2.1 and its dependencies. rails-0.8.0 activerecord-... rails-7.0.8 惻 惻 惻 importmap-rails-0.1.0 惻 惻 惻 importmap-rails-1.2.1 activemailer-... activesupport-... actionview-... railties-... actionpack-... mini_mime-... mail-... minitest-... tzinfo-... thor-... rake-...
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Result of resolution with rails and importmap-rails yay, I got the full list of gems with rails-7.0.8 and importmap- rails-1.2.1 activerecord-... rails-7.0.8 importmap-rails-1.2.1 activemailer-... actionview-... GEM remote: https://rubygems.org/ specs: actioncable (7.0.8) actionpack (= 7.0.8) activesupport (= 7.0.8) nio4r (~> 2.0) websocket-driver (>= 0.6.1) actionmailbox (7.0.8) actionpack (= 7.0.8) activejob (= 7.0.8) activerecord (= 7.0.8) activestorage (= 7.0.8) activesupport (= 7.0.8) mail (>= 2.7.1) net-imap net-pop net-smtp actionmailer (7.0.8) actionpack (= 7.0.8) actionview (= 7.0.8) activejob (= 7.0.8) activesupport (= 7.0.8) mail (~> 2.5, >= 2.5.4) 惻 惻 惻
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Proposals for the future
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Resolve duplicates and redundant of code and commands
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Migration RubyGems and Bundler in the future Update Install Commands Bundler.definition Extended classes of RubyGems Resolver Resolver Engine PubGrub Update Commands Install Gem::Specification Request::Set Etc...
Copyright Ā© 2020 Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Conclusion ā€¢ I talked about... ā€¢ Knowledge RubyGems, Bundler and Package Manager. ā€¢ How works Bundler modify LOAD_PATH of Ruby ā€¢ How works PubGrub and Bundler < Ruby is a programmer's best friend

More Related Content

PDF
How resolve Gem dependencies in your code?
byHiroshi SHIBATA
Ā 
PDF
Long journey of Ruby standard library at RubyConf AU 2024
byHiroshi SHIBATA
Ā 
PDF
Long journey of Ruby Standard library at RubyKaigi 2024
byHiroshi SHIBATA
Ā 
PDF
Deep dive into Ruby's require - RubyConf Taiwan 2023
byHiroshi SHIBATA
Ā 
PDF
RubyGems 3 & 4
byHiroshi SHIBATA
Ā 
PDF
The Future of library dependency management of Ruby
byHiroshi SHIBATA
Ā 
PDF
The Future of Dependency Management for Ruby
byHiroshi SHIBATA
Ā 
PDF
HOW TO BUILD GEMS #shibuyarb
bySATOSHI TAGOMORI
Ā 
How resolve Gem dependencies in your code?
byHiroshi SHIBATA
Ā 
Long journey of Ruby standard library at RubyConf AU 2024
byHiroshi SHIBATA
Ā 
Long journey of Ruby Standard library at RubyKaigi 2024
byHiroshi SHIBATA
Ā 
Deep dive into Ruby's require - RubyConf Taiwan 2023
byHiroshi SHIBATA
Ā 
RubyGems 3 & 4
byHiroshi SHIBATA
Ā 
The Future of library dependency management of Ruby
byHiroshi SHIBATA
Ā 
The Future of Dependency Management for Ruby
byHiroshi SHIBATA
Ā 
HOW TO BUILD GEMS #shibuyarb
bySATOSHI TAGOMORI
Ā 

Similar to How resolve Gem dependencies in your code?

PDF
Gems on Ruby
byHiroshi SHIBATA
Ā 
PDF
What's new in RubyGems3
byHiroshi SHIBATA
Ā 
PDF
Gems on Ruby
byHiroshi SHIBATA
Ā 
PDF
RubyGems 3 & 4
byHiroshi SHIBATA
Ā 
PDF
The Future of library dependency manageement of Ruby
byHiroshi SHIBATA
Ā 
PDF
Bundler is the Best
bydead_arm
Ā 
PDF
Dependency Resolution with Standard Libraries
byHiroshi SHIBATA
Ā 
PPTX
Chennai.rb feb 2016
byVijay Raghavan Aravamudhan
Ā 
PPTX
Bundler
by'Dayo Greats
Ā 
PDF
Extracting ruby gem
byYura Tolstik
Ā 
DOCX
Install Guide
bySantosh Kiran Beyagudem
Ā 
PDF
How to make a Ruby Gem - Austin on Rails, January 2014
byClare Glinka
Ā 
PDF
Gemification for Ruby 2.5/3.0
byHiroshi SHIBATA
Ā 
PDF
The Future of Bundled Bundler
byHiroshi SHIBATA
Ā 
PDF
Roadmap for RubyGems 4 and Bundler 3
byHiroshi SHIBATA
Ā 
PDF
Gemification for Ruby 2.5/3.0
byHiroshi SHIBATA
Ā 
PDF
Introduction of Cybersecurity with Ruby at RedDotRubyConf 2024
byHiroshi SHIBATA
Ā 
KEY
Your fist RubyMotion Application
bytoamitkumar
Ā 
KEY
Ruby gemsćƒ‘ćƒƒć‚±ćƒ¼ć‚øć®ä½œć‚Šę–¹
byYamamoto Kazuhisa
Ā 
PDF
How DSL works on Ruby
byHiroshi SHIBATA
Ā 
Gems on Ruby
byHiroshi SHIBATA
Ā 
What's new in RubyGems3
byHiroshi SHIBATA
Ā 
Gems on Ruby
byHiroshi SHIBATA
Ā 
RubyGems 3 & 4
byHiroshi SHIBATA
Ā 
The Future of library dependency manageement of Ruby
byHiroshi SHIBATA
Ā 
Bundler is the Best
bydead_arm
Ā 
Dependency Resolution with Standard Libraries
byHiroshi SHIBATA
Ā 
Chennai.rb feb 2016
byVijay Raghavan Aravamudhan
Ā 
Bundler
by'Dayo Greats
Ā 
Extracting ruby gem
byYura Tolstik
Ā 
Install Guide
bySantosh Kiran Beyagudem
Ā 
How to make a Ruby Gem - Austin on Rails, January 2014
byClare Glinka
Ā 
Gemification for Ruby 2.5/3.0
byHiroshi SHIBATA
Ā 
The Future of Bundled Bundler
byHiroshi SHIBATA
Ā 
Roadmap for RubyGems 4 and Bundler 3
byHiroshi SHIBATA
Ā 
Gemification for Ruby 2.5/3.0
byHiroshi SHIBATA
Ā 
Introduction of Cybersecurity with Ruby at RedDotRubyConf 2024
byHiroshi SHIBATA
Ā 
Your fist RubyMotion Application
bytoamitkumar
Ā 
Ruby gemsćƒ‘ćƒƒć‚±ćƒ¼ć‚øć®ä½œć‚Šę–¹
byYamamoto Kazuhisa
Ā 
How DSL works on Ruby
byHiroshi SHIBATA
Ā 

More from Hiroshi SHIBATA

PDF
Working as an OSS Developer at Ruby Association Activity Report 2025
byHiroshi SHIBATA
Ā 
PDF
Introduction of Cybersecurity with OSS at Code Europe 2024
byHiroshi SHIBATA
Ā 
PDF
Ruby ć‚³ćƒŸćƒƒć‚æćƒ¼ćØę­©ć‚€ Ruby 悒ē”Ø恄恟惗惭惀ć‚Æ惈開ē™ŗ
byHiroshi SHIBATA
Ā 
PDF
Why ANDPAD commit Ruby and RubyKaigi?
byHiroshi SHIBATA
Ā 
PDF
RailsGirls ć‹ć‚‰å§‹ć‚ć‚‹ ć‚Øćƒ³ć‚øćƒ‹ć‚¢ćƒŖćƒ³ć‚°ćÆć˜ć‚ć®äø€ę­©
byHiroshi SHIBATA
Ā 
PDF
How to develop the Standard Libraries of Ruby?
byHiroshi SHIBATA
Ā 
PDF
The details of CI/CD environment for Ruby
byHiroshi SHIBATA
Ā 
PDF
Ruby Security the Hard Way
byHiroshi SHIBATA
Ā 
PDF
OSS Security the hard way
byHiroshi SHIBATA
Ā 
PDF
Productive Organization with Ruby
byHiroshi SHIBATA
Ā 
PDF
How to distribute Ruby to the world
byHiroshi SHIBATA
Ā 
PDF
How to distribute Ruby to the world
byHiroshi SHIBATA
Ā 
Working as an OSS Developer at Ruby Association Activity Report 2025
byHiroshi SHIBATA
Ā 
Introduction of Cybersecurity with OSS at Code Europe 2024
byHiroshi SHIBATA
Ā 
Ruby ć‚³ćƒŸćƒƒć‚æćƒ¼ćØę­©ć‚€ Ruby 悒ē”Ø恄恟惗惭惀ć‚Æ惈開ē™ŗ
byHiroshi SHIBATA
Ā 
Why ANDPAD commit Ruby and RubyKaigi?
byHiroshi SHIBATA
Ā 
RailsGirls ć‹ć‚‰å§‹ć‚ć‚‹ ć‚Øćƒ³ć‚øćƒ‹ć‚¢ćƒŖćƒ³ć‚°ćÆć˜ć‚ć®äø€ę­©
byHiroshi SHIBATA
Ā 
How to develop the Standard Libraries of Ruby?
byHiroshi SHIBATA
Ā 
The details of CI/CD environment for Ruby
byHiroshi SHIBATA
Ā 
Ruby Security the Hard Way
byHiroshi SHIBATA
Ā 
OSS Security the hard way
byHiroshi SHIBATA
Ā 
Productive Organization with Ruby
byHiroshi SHIBATA
Ā 
How to distribute Ruby to the world
byHiroshi SHIBATA
Ā 
How to distribute Ruby to the world
byHiroshi SHIBATA
Ā 

Recently uploaded

PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
Ā 
PPTX
Critique Prompting: The Secret to High-Quality AI Outputs
bySemantic SEO BD
Ā 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
Ā 
PDF
Logical Optimal Actions ā€“ Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
Ā 
PDF
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
Ā 
PDF
How to Install XRDP on CentOS 10 .pdf
byGreen Webpage
Ā 
PDF
TravelTech Paris 2025 | The EU Digital Identity Wallet and itā€™s impact on Tra...
byapidays
Ā 
PDF
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
Ā 
PDF
The new book ā€œMarketing in the Metaverseā€ spotlights Scott M. Graffiusā€™ research
byScott M. Graffius
Ā 
PDF
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
Ā 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
Ā 
PDF
Towards a Vibrant AI Hardware Accelerator Ecosystem, invited talk at the 4th ...
byMichiaki Tatsubori
Ā 
PDF
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
Ā 
PDF
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
Ā 
PDF
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
Ā 
PDF
Founder & Tech Lead | Web Development & Digital Growth Consultant | Helping B...
byShyamal Das
Ā 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
Ā 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
Ā 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
Ā 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
Ā 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
Ā 
Critique Prompting: The Secret to High-Quality AI Outputs
bySemantic SEO BD
Ā 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
Ā 
Logical Optimal Actions ā€“ Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
Ā 
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
Ā 
How to Install XRDP on CentOS 10 .pdf
byGreen Webpage
Ā 
TravelTech Paris 2025 | The EU Digital Identity Wallet and itā€™s impact on Tra...
byapidays
Ā 
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
Ā 
The new book ā€œMarketing in the Metaverseā€ spotlights Scott M. Graffiusā€™ research
byScott M. Graffius
Ā 
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
Ā 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
Ā 
Towards a Vibrant AI Hardware Accelerator Ecosystem, invited talk at the 4th ...
byMichiaki Tatsubori
Ā 
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
Ā 
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
Ā 
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
Ā 
Founder & Tech Lead | Web Development & Digital Growth Consultant | Helping B...
byShyamal Das
Ā 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
Ā 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
Ā 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
Ā 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
Ā 

How resolve Gem dependencies in your code?

  • 1.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How resolve Gem dependencies in your code? Hiroshi SHIBATA @hsbt 2023/09/21 Euruko 2023
  • 2.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Hiroshi SHIBATA https://hsbt.org @hsbt Ruby core team RubyGems/Bundler team Technical fellow at ANDPAD Self introduction
  • 3.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Introduction of ANDPAD
  • 4.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ I'm from Japan where is Ruby birth place
  • 5.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ RubyKaigi 2023 RubyKaigi 2023 is Ruby conference in Japan
  • 6.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ RubyKaigi 2024 RubyKaigi 2024 will be coming Okinawa island in Japan at May, 2024.
  • 7.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Dependency Resolution with RubyGems/Bundler?
  • 8.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What are RubyGems and Bundler?
  • 9.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's package manager? ā€¢ User interface ā€¢ Provide commands like install/update/search package ā€¢ Dependency Resolution ā€¢ Resolve dependencies of package and provide list of name and version of package ā€¢ Version locking (NEW!) ā€¢ Provide environment to lock specified versions of package
  • 10.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Whatā€™s rubygems? RubyGems is a package manager of the Ruby language. ā€¢ rubygems/rubygems.org: ā€¢ The Ruby community's gem host. ā€¢ rubygems.org is maintain by infrastructure team of rubygems. It is different team from rubygems cli team. ā€¢ rubygems/rubygems: ā€¢ Command line tool for rubygems.org ā€¢ Now, rubygems maintained rubygems team. I'm member of this team.
  • 11.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Terminology ā€¢ Gem ā€¢ A package/library for the Ruby programming language ā€¢ Gem::Specification ā€¢ Class for defining metadata including name, version, platform, etc. ā€¢ gemspec ā€¢ File describing the Gem::Specification in RubyGems/Bundler ā€¢ This file is written by you for releasing gem ā€¢ This file is created at gem install time by RubyGems
  • 12.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Whatā€™s Bundler? # frozen_string_literal: true source "https://rubygems.org" gemspec gem "rake", ">= 11.1ā€ ā€¢ Bundler is also package manager of Ruby language ā€¢ Bundler focused version locking feature ā€¢ Bundler extends a lot of RubyGems resources like gemspec. ā€¢ Bundler works with Gemfile like:
  • 13.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Inside of Ruby libraries and gem dependencies.
  • 14.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ gemspec in your code ā€¢ You can see gemspec with `Gem.loaded_specs` like this: ā€¢ `Gem::Speci fi cation#dependencies` is important parts of your application. >> Gem.loaded_specs["rack"] => Gem::Speci fi cation.new do |s| s.name = "rack" s.version = Gem::Version.new("2.2.8") s.installed_by_version = Gem::Version.new("3.4.10") s.authors = ["Leah Neukirchen"] s.date = Time.utc(2023, 7, 31) s.dependencies = [Gem::Dependency.new("minitest", Gem::Requirement.new(["~> 5.0"]), :development), Gem::Dependency.new("minitest-sprint", Gem::Requirement.new([">= 0"]), :development), Gem::Dependency.new("minitest-global_expectations", Gem::Requirement.new([">= 0"]), :development), Gem::Dependency.new("rake", Gem::Requirement.new([">= 0"]), :development)] s.description = "Rack provides a minimal, modular and adaptable interface for developingnweb applications in Ruby. By wrapping HTTP requests and responses innthe simplest way possible, it uni fi es and distills the API for webnservers, web frameworks, and software in between (the so- callednmiddleware) into a single method call.n" (...snip...) end
  • 15.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Default gems ā€¢ The Ruby core team released "Default gems" to the rubygems.org. ā€¢ You can install standard libraries of Ruby via RubyGems. ā€¢ Default gems are openssl, psych, json, etcā€¦ You can see all of default gems at https://stdgems.org/ ā€¢ Rubygems have a detection method for default gems. >> require 'rss' => true >> Gem.loaded_specs["rss"].default_gem? => false >> require 'openssl' => true >> Gem.loaded_specs["openssl"].default_gem? => true
  • 16.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Bundled gems ā€¢ We bundled *.gem and unpacked fi les to tarball package for Bundled gems with `gems/bundled_gems` in ruby/ruby repository like this: ā€¢ `make install` installed Bundled gem your box.
  • 17.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Performance issues with RubyGems ā€¢ RubyGems extends `require`, `gem` and `warn`. ā€¢ Because Ruby startup time is slow with RubyGems. ā€¢ Bundler resolve this slow down. def require(path) # :doc: return gem_original_require(path) unless Gem.discover_gems_on_require begin RUBYGEMS_ACTIVATION_MONITOR.enter path = path.to_path if path.respond_to? :to_path if spec = Gem. fi nd_unresolved_default_spec(path) # Ensure -I beats a default gem resolved_path = begin rp = nil (snip)
  • 18.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Performance issues ā€¢ Bundler also extends RubyGems classes/methods. It's enabled when we used Bundler. ā€¢ `Gem::Specification#extension_dir` needs to handle git resource of Gemfile like this: # for gem ā€œrailsā€, git: ā€œhttps://github.com/rails/rails" alias_method :rg_extension_dir, :extension_dir def extension_dir # following instance variable is already used in original method # and that is the reason to prefix it with bundler_ and add rubocop exception @bundler_extension_dir ||= if source.respond_to?(:extension_dir_name) unique_extension_dir = [source.extension_dir_name, File.basename(full_gem_path)].uniq.join("-") File.expand_path(File.join(extensions_dir, unique_extension_dir)) else rg_extension_dir end end
  • 19.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Architecture of RubyGems/Bundler Update Install Commands Bundler.definition Extended classes of RubyGems Resolver Resolver Engine PubGrub Update Commands Install Resolver Resolver Engine Molinillo Gem::Specification Request::Set Etc... RubyGems Bundler
  • 20.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Terminology ā€¢ Resolution ā€¢ Ensuring that the dependency constraint are satisfied the combinatorial constraints of multiple libraries. ā€¢ Resolver Engine ā€¢ Performs dependency resolution with library name and version combinations and provides a list of libraries if resolved. RubyGems uses Mollinilo, Bundler uses PubGrub ā€¢ Resolver ā€¢ Provides the Resolver Engine with the necessary data abstraction and library dependency resolution ā€¢ Provides list of libraries including their names and versions to be installed.
  • 21.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Basic case of Gemfile and bundle exec
  • 22.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Basic case of Gemfile and Bundler ā€¢ How Bundler lock gem versions? ā€¢ I'll introduce how resolve these paths with examples. # Gem fi le # frozen_string_literal: true source "https://rubygems.org" gem "rss" # Gem fi le.lock GEM remote: https://rubygems.org/ specs: rexml (3.2.5) rss (0.2.9) rexml PLATFORMS arm64-darwin-23 DEPENDENCIES rss BUNDLED WITH 2.5.0.dev
  • 23.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's Bundler.setup def setup(*groups) @definition.ensure_equivalent_gemfile_and_lockfile if Bundler.frozen_bundle? # Has to happen first clean_load_path specs = @definition.specs_for(groups) SharedHelpers.set_bundle_environment Bundler.rubygems.replace_entrypoints(specs) # Activate the specs load_paths = specs.map do |spec| check_for_activated_spec!(spec) Bundler.rubygems.mark_loaded(spec) spec.load_paths.reject {|path| $LOAD_PATH.include?(path) } end.reverse.flatten Bundler.rubygems.add_to_load_path(load_paths) setup_manpath lock(:preserve_unknown_sections => true) self end ā€¢ `Bundler.setup` and `Bundler.require` is most important parts of Bundler ā€¢ These methods defined at `runtime.rb`. ā€¢ `bundle exec` call `Bundler.setup` and `Kernel.exec`.
  • 24.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Reset your environment with Bundler @definition.ensure_equivalent_gemfile_and_lockfile if Bundler.frozen_bundle? # Has to happen first clean_load_path ā€¢ At first, Bundler update your lockfile and install new versions if it's needed. After that, Reject gem paths that are not `require` yet. def clean_load_path loaded_gem_paths = Bundler.rubygems.loaded_gem_paths $LOAD_PATH.reject! do |p| resolved_path = resolve_path(p) next if $LOADED_FEATURES.any? {|lf| lf.start_with?(resolved_path) } loaded_gem_paths.delete(p) end $LOAD_PATH.uniq! end
  • 25.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ ā€¢ `Bundler.definition` and `Bundler::Resolver` is core parts for this. ā€¢ Bundler.definition create instance of `Bundler::Resolver` and call resolution methods inside `specs_for`. ā€¢ `specs` is instance of Bundler::SpecSet. ā€¢ Bundler inject `bundler` as dependency into Gemfile. How select dependencies by Bundler.definition specs = @definition.specs_for(groups) SharedHelpers.set_bundle_environment Bundler.rubygems.replace_entrypoints(specs) >> specs.map(&:name) => ["bundler", "rexml", "rss"]
  • 26.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Basic scenario of Bundler resolution ā€¢ `Bundler.rubygems.replace_entrypoints` inject gemspecs of default gems into dependencies of Gemfile. specs = Declared in Gemfile: rails, nokogiri, sidekiq, etc... default_spec = Default gems: csv, psych, json, etc... + Bundler.rubygems.default_stubs.each do |stub| default_spec = stub.to_spec default_spec_name = default_spec.name next if specs_by_name.key?(default_spec_name) specs << default_spec specs_by_name[default_spec_name] = default_spec end
  • 27.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Update your LOAD_PATH with scratch ~/.rbenv/versions/master/lib/ruby/gems/3.3.0+0/gems/rss-0.2.9/lib ~/.rbenv/versions/master/lib/ruby/gems/3.3.0+0/gems/rexml-3.2.5/lib ~/.rbenv/versions/master/lib/ruby/gems/3.3.0+0/gems/bundler-2.5.0.dev/lib # Activate the specs load_paths = specs.map do |spec| check_for_activated_spec!(spec) Bundler.rubygems.mark_loaded(spec) spec.load_paths.reject {|path| $LOAD_PATH.include?(path) } end.reverse.flatten Bundler.rubygems.add_to_load_path(load_paths) setup_manpath lock(:preserve_unknown_sections => true) self ā€¢ These logic is easy to understand. We generate paths generated by resolved gemspec. `Gem::Specification#load_paths` returns load paths from gemspec. ā€¢ `load_paths` returns like this:
  • 28.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How resolve library dependency by Bundler?
  • 29.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How works PubGrub and Bundler
  • 30.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's PubGrub? ā€¢ PubGrub is next generation resolution engine developed by Natalie Weizenbaum a.k.a @nex3. ā€¢ PubGrub is for Dart language. But we have Ruby implementation that is `pub_grub`. ā€¢ If resolution conflict occurs with PubGrub, PubGrub give up immediately to resolving loop. This makes faster resolution with complex Gemfile. https://nex3.medium.com/pubgrub-2fb6470504f
  • 31.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Easy scenario of PubGrub source = PubGrub::StaticPackageSource.new do |s| s.add 'foo', '2.0.0', deps: { 'bar' => '1.0.0' } s.add 'foo', '1.0.0' s.add 'bar', '1.0.0', deps: { 'foo' => '1.0.0' } s.root deps: { 'bar' => '>= 1.0.0' } end solver = PubGrub::VersionSolver.new(source: source) result = solver.solve p result #=> {#<PubGrub::Package :root>=>0, "bar"=>#<Gem::Version "1.0.0">, "foo"=>#<Gem::Version "1.0.0">} ā€¢ This is basic scenario of dependency resolution. ā€¢ We can see Resolution with PubGrub::VersionSolver and package source definition provided by PubGrub.
  • 32.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Easy scenario of PubGrub I want bar-1.0.0 or higher bar-1.0.0 foo-1.0.0 foo-2.0.0 ā€¢ We want to use `bar >= 1.0.0`. bar-1.0.0 wants foo-1.0.0. ā€¢ We can get resolution result that is `bar-1.0.0` and `foo-1.0.0`.
  • 33.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Conflict scenario of PubGrub source = PubGrub::StaticPackageSource.new do |s| s.add 'foo', '2.0.0', deps: { 'bar' => '1.0.0' } s.add 'foo', '1.0.0' s.add 'bar', '1.0.0', deps: { 'foo' => '1.0.0' } s.root deps: { 'foo' => '>= 2.0.0' } end solver = PubGrub::VersionSolver.new(source: source) result = solver.solve p result #=> pub_grub/version_solver.rb:233:in `resolve_conflict': Could not find compatible versions (PubGrub::SolveFailure) ā€¢ This is conflict scenario of dependency resolution. ā€¢ If PubGrub couldn't resolve their versions, it raises `SolveFailure`.
  • 34.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Easy scenario of PubGrub I want foo-2.0.0 or higher bar-1.0.0 foo-1.0.0 foo-2.0.0 ā€¢ We want to use `foo >= 2.0.0`. ā€¢ But foo-2.0.0 wants bar-1.0.0, and bar-1.0.0 wants foo-1.0.0. This is not foo-2.0.0
  • 35.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ A bit of complex scenario of PubGrub source = PubGrub::StaticPackageSource.new do |s| s.add 'foo', '3.0.0', deps: { 'bar' => '> 1.0.0' } s.add 'foo', '2.0.0', deps: { 'bar' => '1.0.0' } s.add 'foo', '1.0.0' s.add 'bar', '1.0.0', deps: { 'foo' => '1.0.0' } s.add 'bar', '2.0.0' s.add 'buzz', '1.0.0', deps: { 'foo' => '> 1.0.0' } s.root deps: { 'buzz' => '1.0.0' } end solver = PubGrub::VersionSolver.new(source: source) result = solver.solve p result #=> {#<PubGrub::Package :root>=>0, "buzz"=>#<Gem::Version "1.0.0">, "foo"=>#<Gem::Version "3.0.0">, "bar"=>#<Gem::Version "2.0.0">} ā€¢ This is additional scenario for PubGrub. We have three versions of foo, two versions of bar, and buzz.
  • 36.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ A bit of complex scenario of PubGrub I want buzz-1.0.0 buzz-1.0.0 foo-1.0.0 foo-2.0.0 foo-3.0.0 bar-1.0.0 bar-2.0.0 This is not foo > 1.0.0 for buzz We want to use buzz-1.0.0, buzz-1.0.0 wants foo > 1.0.0. PubGrub resolve it with foo-2.0.0 or foo-3.0.0, But foo-2.0.0 conflicts with bar-1.0.0.
  • 37.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ A bit of complex scenario of PubGrub I want buzz-1.0.0 buzz-1.0.0 foo-1.0.0 foo-2.0.0 foo-3.0.0 bar-1.0.0 bar-2.0.0 We finally get buzz-1.0.0, foo-3.0.0 and bar-2.0.0 as resolution result.
  • 38.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What happened with `bundle update rails`
  • 39.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Infinitely case of `bundle update` $ bundle update Fetching gem metadata from https://rubygems.org/............ Resolving dependencies................................................................................................................................. ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ....................................................................................................................................................... ......................................................................^C
  • 40.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Why rails loops infinite with bundle update? Bundler could not fi nd compatible versions for gem "activesupport": In Gem fi le: inherited_resources (= 1.6.0) was resolved to 1.6.0, which depends on has_scope (~> 0.6.0.rc) was resolved to 0.6.0, which depends on activesupport (>= 3.2, < 5) rails (= 4.2.0) was resolved to 4.2.0, which depends on activesupport (= 4.2.0) Bundler could not fi nd compatible versions for gem "railties": In Gem fi le: inherited_resources (= 1.6.0) was resolved to 1.6.0, which depends on railties (>= 3.2, < 5) rails (= 4.2.0) was resolved to 4.2.0, which depends on railties (= 4.2.0) inherited_resources (= 1.6.0) was resolved to 1.6.0, which depends on responders was resolved to 1.1.2, which depends on railties (>= 3.2, < 4.2) This behavior is derivation of the following events frequently after running `bundle update` at Bundler 2.3 or before.
  • 41.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ What's happend called with setup_solver in Bundler? ā€¢ `bundle update` will create instance of `Resolver` for resolution. ā€¢ Resolver invoke `setup_solver` and `solve_versions`. `setup_solver` prepared all versions of gemspec(called all_specs) and dependency tree and logger for `solve_versions` >> @all_specs.keys => ["rails", "importmap-rails", "Rubyu0000", "RubyGemsu0000"] >> @all_specs["rails"].map{|s| [s.name, s.version.to_s]} => [["rails", "0.8.0"], ["rails", "0.8.5"], ... ["rails", "7.0.7.2"], ["rails", "7.0.8"]] source "https://rubygems.org" gem "rails" gem "importmap-rails"
  • 42.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ How use PubGrub in Bundler? def solve_versions(root:, logger:) solver = PubGrub::VersionSolver.new(:source => self, :root => root, :logger => logger) result = solver.solve result.map {|package, version| version.to_specs(package) }. fl atten.uniq ā€¢ But real case happens resolution conflicts when a dependent gem under rails, such as `railties`, is version-locked by referencing another gem. ā€¢ `PubGrub::SolveFailure` exception occurs and this gem is sent to the retry list. ā€¢ Bundler will resolve dependencies defined at Gemfile and all_specs of gem by PubGrub like sample case.
  • 43.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Real case of PubGrub resolution I want rails-7.0.8 and importmap- rails-1.2.1 rails-0.8.0 activerecord-... rails-7.0.8 惻 惻 惻 importmap-rails-0.1.0 惻 惻 惻 importmap-rails-1.2.1 activemailer-... activesupport-... actionview-... railties-... actionpack-... mini_mime-... mail-... minitest-... tzinfo-... thor-... rake-...
  • 44.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Bundler handles conflict result of PubGrub ā€¢ For example, importmap-rails depends on `railtie`. `importmap-rails` was sent into retry list. ā€¢ `railtie` and `activesupport` are used often as they are rails plugins, so they are almost always included rescue PubGrub::SolveFailure => e incompatibility = e.incompatibility names_to_unlock, names_to_allow_prereleases_for, extended_explanation = fi nd_names_to_relax(incompatibility) names_to_relax = names_to_unlock + names_to_allow_prereleases_for if names_to_relax.any? (snip) root, logger = setup_solver Bundler.ui.debug "Retrying resolution...", true retry end
  • 45.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Bundler will propagate conflict result into next resolution OK, I skip importmap- rails-1.2.1 and its dependencies. rails-0.8.0 activerecord-... rails-7.0.8 惻 惻 惻 importmap-rails-0.1.0 惻 惻 惻 importmap-rails-1.2.1 activemailer-... activesupport-... actionview-... railties-... actionpack-... mini_mime-... mail-... minitest-... tzinfo-... thor-... rake-...
  • 46.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Result of resolution with rails and importmap-rails yay, I got the full list of gems with rails-7.0.8 and importmap- rails-1.2.1 activerecord-... rails-7.0.8 importmap-rails-1.2.1 activemailer-... actionview-... GEM remote: https://rubygems.org/ specs: actioncable (7.0.8) actionpack (= 7.0.8) activesupport (= 7.0.8) nio4r (~> 2.0) websocket-driver (>= 0.6.1) actionmailbox (7.0.8) actionpack (= 7.0.8) activejob (= 7.0.8) activerecord (= 7.0.8) activestorage (= 7.0.8) activesupport (= 7.0.8) mail (>= 2.7.1) net-imap net-pop net-smtp actionmailer (7.0.8) actionpack (= 7.0.8) actionview (= 7.0.8) activejob (= 7.0.8) activesupport (= 7.0.8) mail (~> 2.5, >= 2.5.4) 惻 惻 惻
  • 47.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Proposals for the future
  • 48.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Resolve duplicates and redundant of code and commands
  • 49.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Migration RubyGems and Bundler in the future Update Install Commands Bundler.definition Extended classes of RubyGems Resolver Resolver Engine PubGrub Update Commands Install Gem::Specification Request::Set Etc...
  • 50.
    Copyright Ā© 2020Present ANDPAD Inc. This information is confidential and was prepared by ANDPAD Inc. for the use of our client. It is not to be relied on by and 3rd party. Proprietary & Confidential ē„”ę–­č»¢č¼‰ćƒ»ē„”ę–­č¤‡č£½ć®ē¦ę­¢ Conclusion ā€¢ I talked about... ā€¢ Knowledge RubyGems, Bundler and Package Manager. ā€¢ How works Bundler modify LOAD_PATH of Ruby ā€¢ How works PubGrub and Bundler < Ruby is a programmer's best friend