Depfu Error: Found both *.gemspec and Gemfile.lock
depfu opened this issue · comments
Hello,
We've tried to activate or update your repository on Depfu and found something odd:
Your repo contains both a *.gemspec
file and a Gemfile.lock
.
Depfu can't really handle that right now, unfortunately, and it's also not best practice:
If your repo contains a *.gemspec
that usually means it is meant to be used as a Gem, or put differently, a library. Locking dependencies on a library (via Gemfile.lock
) doesn't really make sense, especially since the Gemfile.lock
can't and won't be honored when building and installing the gem.
Instead, you should declare your dependencies as specifically as needed (but as loose as possible) in the *.gemspec
and add the Gemfile.lock
to your .gitignore
.
By checking in the Gemfile.lock
, you will not only break Depfu (which we might fix at some point, maybe), but you will also keep your CI from testing against real life sets of dependencies.
This is an automated issue by Depfu. You're getting it because someone configured Depfu to automatically update dependencies on this project.