Bump Ruby to 3.1 #5447
Bump Ruby to 3.1 #5447
Conversation
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
8a22a29 to
5abda6f
Compare
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
2 times, most recently
from
74aba82 to
45d2f7c
Compare
| @@ -24,6 +24,8 @@ Gem::Specification.new do |spec| | |||
|
|
|||
| spec.add_dependency "dependabot-common", Dependabot::VERSION | |||
|
|
|||
| spec.add_development_dependency "webrick", ">= 1.7" | |||
There was a problem hiding this comment.
webrick was removed from the ruby 3.0 stdlib, so have to manually add it as a dependency.
| @@ -154,6 +154,8 @@ Style/HashExcept: | |||
| Enabled: true | |||
| Style/HashLikeCase: | |||
| Enabled: false | |||
| Style/HashSyntax: | |||
| EnforcedShorthandSyntax: either | |||
There was a problem hiding this comment.
This allows but doesn't require the new shorthand syntax sugar. The new syntax is a bit controversial... see detailed notes in the relevant commit message.
There was a problem hiding this comment.
Yeah this makes sense to me. I'm not quite sure how I feel about the new syntax, in js/ts I think it's fine so probably just takes a bit of getting used to. Either way I probably would avoid major syntax style changes in this upgrade, and once everything works, re-evaluate on that stuff
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
6dcb173 to
915b99d
Compare
common/dependabot-common.gemspec
Outdated
| spec.required_ruby_version = ">= 2.7.0" | ||
| spec.required_rubygems_version = ">= 2.7.3" | ||
| spec.required_ruby_version = ">= 3.1.0" | ||
| spec.required_rubygems_version = ">= 3.3.3" |
There was a problem hiding this comment.
This is the minimum rubygems version required by ruby 3.1.
There was a problem hiding this comment.
Yep, already bumped it there: https://github.com/dependabot/dependabot-core/pull/5447/files#diff-dd2c0eb6ea5cfc6c4bd4eac30934e2d5746747af48fef6da689e85b752f39557L74
The reason it's bumped here is because otherwise Rubocop complains that spec.required_ruby_version is not >= to TargetRubyVersion
There was a problem hiding this comment.
Just noticed your note about the past update... thx! We'll need to figure out what the root cause was as we have to bump rubygems in order to bump ruby... looks like #5044 (comment) and following discussion is a good place to start.
There was a problem hiding this comment.
My guess is that with #4973 these issues might no longer happen after upgrading RubyGems.
The rationale is that, if I understood correctly, those issues (and the RubyGems changes that caused them) were related to the implicit Bundler activation mechanism in RubyGems. However, with #4973 Dependabot will no longer rely on that, but will activate Bundler explicitly instead (through gem "bundler", "~> 1.17", for example).
I guess we need to try and see.
There was a problem hiding this comment.
I think the root cause of the updater specs failing is this bumping of Ruby gems... more specifically as outlined in #5513:
When upgrading RubyGems to 3.3+, RubyGems gets confused about which Bundler version to use when shelling out to native helpers.
Which is exactly the problem I observe in #5447 (comment).
There was a problem hiding this comment.
I split the ruby gems upgrade out into a separate PR that needs to land before this one: #5823
That way it's easier for us to debug any possible issues as Rubygems vs Ruby issues.
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
915b99d to
56626ec
Compare
| Style/MutableConstant: | ||
| Enabled: false | ||
| Style/RedundantFreeze: | ||
| Enabled: false |
There was a problem hiding this comment.
Opened #5468 to re-enable these checks and fix the existing violations.
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
2 times, most recently
from
4e9f055 to
943477a
Compare
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
2 times, most recently
from
0bc28ca to
03db314
Compare
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
03db314 to
658a82d
Compare
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
658a82d to
17ad190
Compare
|
I think the remaining CI failure might be related to rubygems/rubygems#5812... |
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
0a00758 to
d9e00a5
Compare
|
It looks like the failing test for bundler is because Heading to bed now, but tomorrow I'll check what this URL used to point at on |
|
I think that one will be fixed by 629d1f0! |
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
d9e00a5 to
d606e4b
Compare
|
I think you're on the right track, but unfortunately just cherry-picking that commit didn't fix it... I'll have to dig a little deeper. |
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
1fa5eb2 to
0add63d
Compare
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
from
0add63d to
6fe9497
Compare
|
The failing updater specs were caused by unable to find Bundler v1: Then The root cause turned out to be due to the Rubygems upgrade, which we have to do in order to bump to Ruby 3.1... it requires a Rubygems It turns out that #5513 solves that issue, so I split out the Rubygems upgrade into #5823. And then rebased this PR on top of that. The remaining test failure (#5447 (comment)) also occurs in #5823, so I suspect once we figure out the problem with the Rubygems upgrade, then that will unblock this PR as well. |
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
3 times, most recently
from
137c8d4 to
7f901f4
Compare
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
2 times, most recently
from
44c4d5a to
f3d9119
Compare
jeffwidman
force-pushed
the
bump-ruby-to-3.1
branch
2 times, most recently
from
0c98d6c to
b2f6bcc
Compare
This is necessary to unblock dependabot#5030, because Ubuntu `22.04` doesn't provide an older version of `openssl`, so need a new enough Ruby to work with the newer version of `openssl`. See dependabot#5030 (comment) for the gory details. And besides, we want to move to Ruby 3.1 anyway...
This dependency was added in dependabot#5086. However, `debase` doesn't currently support Ruby 3 or 3.1: ruby-debug/ruby-debug-ide#223 (comment) Ruby 3.1 now bundles the `debug` gem. This new `debug` gem has functionality that replaces `debase` + the `ruby-debug-ide` gem so I removed those as well. Even though the `debug` gem is bundled, we still need to pin it in the `gemspec` file because we use a customized `GEM_PATH`. The `debug` gem bundled with Ruby by default is no longer found since it lives in the default `GEM_PATH`.
`webrick` was removed from the `ruby` `3.0` stdlib, so must be manually installed. It's only needed by `pub`, and only as a dev server used in tests, so added it only for that specific ecosystem as a development dependency.
Ruby 3.1 added some syntax sugar for omitting hash values in certain cases. This results in more terse code, at the expense of readability. Like any good style change, this is obviously bikeshed worthy, and has generated a lot of controversy around the community: * https://batsov.com/articles/2022/01/20/bad-ruby-hash-value-omission/ * standardrb/standard#375 * Shopify/ruby-style-guide#393 * https://github.com/rubocop/ruby-style-guide#hash-literal-values Personally, I can see places where it's useful, but also places where it just makes the Ruby a bit more inscrutable. So set the Rubocop value to `either` to allow, but not require it.
Temp disable these two checks as they are flagging a _lot_ of violations. I plan to fix them, but prefer to do so in a follow-on PR in order to keep the diff of this PR small / focused on Ruby 3.1 changes.
mctofu
force-pushed
the
bump-ruby-to-3.1
branch
from
b2f6bcc to
925c43d
Compare
This is necessary to unblock #5030, because Ubuntu
22.04doesn't provide an older version ofopenssl, so need a newenough Ruby to work with the newer version of
openssl. See #5030 (comment) forthe gory details.
And besides, we want to move to Ruby 3.1 anyway...