在我的Gemfile中,我需要使用此行的自定义源中的gem:
gem 'very-secret-gem',source:'https://foo.example.com/'
捆绑安装完成正常:
$bundle install Fetching source index from https://foo.example.com/ Fetching source index from https://foo.example.com/ Fetching gem Metadata from https://rubygems.org/........ … Resolving dependencies... … Installing very-secret-gem 1.5.1 … Bundle complete! 47 Gemfile dependencies,116 gems now installed. Use `bundle show [gemname]` to see where a bundled gem is installed.
但运行使用ruby的命令失败(这里为空Rakefile):
$bundle exec rake -T Could not find gem 'very-secret-gem (>= 0) ruby' in rubygems repository https://foo.example.com/. Source does not contain any versions of 'very-secret-gem (>= 0) ruby' Run `bundle install` to install missing gems.
根据错误消息中的建议,此时运行bundle install将无济于事.
为什么,以及如何解决它?
如果我在源块中指定gem,它就会失败:
source 'https://foo.example.com/' do gem 'very-secret-gem' end
更有趣的是,如果我在文件的开头指定源,而不是绑定任何宝石,它可以正常工作:
source 'https://rubygems.org' source 'https://foo.example.com/' gem 'very-secret-gem'
…但捆绑者提出反对意见:
Warning: this Gemfile contains multiple primary sources. Using `source` more than once without a block is a security risk,and may result in installing unexpected gems. To resolve this warning,use a block to indicate which gems should come from the secondary source. To upgrade this warning to an error,run `bundle config disable_multisource true`.
版本:
$ruby -v # => ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-darwin14] $gem -v # => 2.4.5 $bundle -v # => Bundler version 1.8.2
更新
看起来像捆绑器bug.另一个宝石的存在:路径似乎是触发它的原因.测试应用程序在这里:https://github.com/kch/bundler-source-bug
捆绑商的GH问题在这里:https://github.com/bundler/bundler/issues/3417
解决方法
这应该在Bundler 1.8.3(今天发布)中修复.