Remove `json` gem explicit dependency
64kramsystem opened this issue · comments
Saverio Miroddi commented
The project has an explicit dependency on the json
gem.
This is not necessary, since all the supported Ruby versions (including Ruby 2.7 and TruffleRuby) include it as system gem.
In addition to being redundant, depending on a system gem is problematic for applications using Bundler (essentially, all the applications 😄), for a few reasons:
- independently of the gem being included in the Gemfile, it will always be in the lockfile; if a Ruby upgrade includes an update to the gem, the application will still use the old version
- using in the application a version different from the one provided by the current Ruby, can cause activation errors, which can be very hairpulling
- even if one defines it in the Gemfile and takes care of upgrading it regularly, there can be troublesome mismatches in production, if the systems are setup to perform automatic Ruby patch updates
Removing the dependency solves the problems. Since the recaptcha
gemfile specification (appropriately) doesn't specify a json
gem version, by removing the gem one doesn't incur in version dependency problems.