Feature #11162
closed
Ugh, why not specify in Gemfile:
gem 'rails', '~> 3.2.x'
Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)
Redmine doesn't include Gemfile.lock in the repository, so you can't guarantee that the end users use exactly the same versions of every gem, so why restrict the version of rails used?
Alex Shulgin wrote:
Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)
Yes. Upgrade to 3.2.5 from 3.2.3, for example, broke some tests and required some code adjustments.
- Status changed from New to Closed
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by