Running bundle or bundle update could not solve the problem. I've tried removing the Gemfile.lock. Seems weird that bundler could not decide that jwt (~> 2.1) should satisfy jwt (~> 1.5).
Bundler could not find compatible versions for gem "jwt":
In Gemfile:
knock was resolved to 2.1.1, which depends on
jwt (~> 1.5)
pusher-chatkit-server (~> 1.1.0) was resolved to 1.1.0, which depends on
pusher-platform (~> 0.11.2) was resolved to 0.11.2, which depends on
jwt (~> 2.1)
Related
I don't understand what's the problem here while installing gem. Here are the details of error log
Bundler could not find compatible versions for gem "faraday":
In snapshot (Gemfile.lock):
faraday (= 0.12.1)
In Gemfile:
faraday
mailchimp3 (= 1.3.1) was resolved to 1.3.1, which depends on
faraday (~> 0.9.1)
stripe was resolved to 2.10.0, which depends on
faraday (~> 0.9)
FYI: I'm using rails 5, ruby 2.4.1.
I'm trying to upgrade Nokogiri to version 1.7:
gem 'nokogiri', '~> 1.7'
but when I run:
bundle update --source nokogiri
I get:
Fetching gem metadata from https://rubygems.org/...........
Fetching version metadata from https://rubygems.org/...
Fetching dependency metadata from https://rubygems.org/..
Resolving dependencies.............
Bundler could not find compatible versions for gem "nokogiri":
This is in my Gemfile:
nokogiri (~> 1.7)
activemerchant (~> 1.58.0) was resolved to 1.58.0, which depends on
nokogiri (~> 1.4)
activemerchant (~> 1.58.0) was resolved to 1.58.0, which depends on
nokogiri (~> 1.4)
capybara was resolved to 2.7.0, which depends on
nokogiri (>= 1.3.3)
cucumber-rails was resolved to 1.4.3, which depends on
nokogiri (~> 1.5)
haml-rails was resolved to 0.9.0, which depends on
html2haml (>= 1.0.1) was resolved to 2.0.0, which depends on
nokogiri (~> 1.6.0)
haml-rails was resolved to 0.9.0, which depends on
html2haml (>= 1.0.1) was resolved to 2.0.0, which depends on
nokogiri (~> 1.6.0)
rails (>= 4.2.6, ~> 4.2) was resolved to 4.2.6, which depends on
actionmailer (= 4.2.6) was resolved to 4.2.6, which depends on
actionview (= 4.2.6) was resolved to 4.2.6, which depends on
rails-html-sanitizer (>= 1.0.2, ~> 1.0) was resolved to 1.0.3, which depends on
loofah (~> 2.0) was resolved to 2.0.3, which depends on
nokogiri (>= 1.5.9)
roo (~> 2.4.0) was resolved to 2.4.0, which depends on
nokogiri (~> 1)
roo-xls was resolved to 1.0.0, which depends on
nokogiri
capybara was resolved to 2.7.0, which depends on
xpath (~> 2.0) was resolved to 2.0.0, which depends on
nokogiri (~> 1.3)
Does anyone have an idea why it can't find it? I see on rubygems.org that the current version is 1.7.1 as well as on github. Do I need to specify the github source?
The problem is here:
haml-rails was resolved to 0.9.0, which depends on
html2haml (>= 1.0.1) was resolved to 2.0.0, which depends on
nokogiri (~> 1.6.0)
As you can see, html2haml depends on nokogiri (~> 1.6.0), that is not 1.7. You either need to update html2haml (so it dependency becomes nokogiri (~> 1.6)) or use nokogiri, ~> 1.6.
You could try deleting your Gemfile.lock file and running bundle install again, but i will only recommend doing it if you are not yet in production.
I think other gems are depedent on Nokogiri, so
try bundle update.
bundle update will resolve a dependency tree and try and install versions that satisfy all the other gems dependencies.
I need help understanding this bundler error message:
Bundler could not find compatible versions for gem "faraday":
In Gemfile:
metainspector (= 5.4.1) was resolved to 5.4.1, which depends on
faraday-http-cache (~> 2.0) was resolved to 2.0.0, which depends on
faraday (~> 0.8)
metainspector (= 5.4.1) was resolved to 5.4.1, which depends on
faraday_middleware (~> 0.11) was resolved to 0.11.0.1, which depends on
faraday (< 1.0, >= 0.7.4)
instagram-continued (= 1.2.1) was resolved to 1.2.1, which depends on
faraday (~> 0.9.2)
metainspector (= 5.4.1) was resolved to 5.4.1, which depends on
faraday (~> 0.11)
sendgrid-ruby (= 1.1.6) was resolved to 1.1.6, which depends on
faraday (~> 0.9)
Maybe I’m not understanding it correctly, but I don’t see where the issue is with faraday. All these dependencies seem to require a faraday version greater or equal than 0.7.4 but less than 1.0. My current version is 0.9.2. I've always understood the ~> pointer to indicate greater than or equal to. Is that incorrect?
Here is the relevant portion of my Gemfile:
gem 'instagram-continued', '1.2.1', require: "instagram"
gem 'metainspector', '5.4.1'
I am using various omniauth gems and after I added PayPal I get this error when running bundle or bundle update:
Bundler could not find compatible versions for gem "omniauth-oauth2":
In Gemfile:
omniauth-dribbble (~> 0.0.1) x86-mingw32 was resolved to 0.0.1, which
depends on
omniauth-oauth2 (~> 1.1) x86-mingw32
omniauth-dribbble (~> 0.0.1) x86-mingw32 was resolved to 0.0.1, which
depends on
omniauth-oauth2 (~> 1.1) x86-mingw32
omniauth-facebook (~> 4.0) x86-mingw32 was resolved to 4.0.0, which depends
on
omniauth-oauth2 (~> 1.2) x86-mingw32
omniauth-google-oauth2 (~> 0.4.1) x86-mingw32 was resolved to 0.4.1, which
depends on
omniauth-oauth2 (>= 1.3.1) x86-mingw32
omniauth-paypal (~> 1.2) x86-mingw32 was resolved to 1.2, which depends on
omniauth-oauth2 (~> 1.1.0) x86-mingw32
Is there a way to circumvent this and still use the Omniauth PayPal Gem?
EDIT:
The PayPal Gem does conflict with the Google Omniauth solution. I cannot have them both. Why?
You can't have them both because paypal depends on omniauth 1.1 and google-oath2 depends on omniauth 1.3. You should wait until paypal uses omniauth 1.3.
First make sure you are using the more recent version of the gems and bundle update. If this does not work.
Then you can fork the gems. Change the dependency for "omniauth-oauth2" and refer to your forked gems. This way both gems refer to the same dependent gem.
bundle-audit reports:
Name: rest-client
Version: 1.6.8
Advisory: CVE-2015-1820
Criticality: Unknown
URL: https://github.com/rest-client/rest-client/issues/369
Title: rubygem-rest-client: session fixation vulnerability via Set-Cookie headers in 30x redirection responses
Solution: upgrade to >= 1.8.0
But when I try to update to 1.8.0, I find there are all kinds of dependencies that can't go to 1.8.0
What am I missing? My Google-foo got me nowhere.
Additional context:
In a moment of security-mindedness, I installed bundle-audit this AM and ran it against the only app I have in prod. It's not used by anyone but my wife, but I would like it secure (the vulnerability in my case would probably require a login, which is unlikely, but still). bundle-audit reported two vulnerabilities with rest-client, and suggests upgrading to 1.8.0. Bundle update keeps pulling in version 1.6.8. I have reviewed my Gemfile, and there doesn't appear to be any explicit version requirement for any of the gems that pull in rest-client. (There is no reference to rest-client at all in the Gemfile.) gem dependency rest-client 1.6.8 shows webmock and mime-types as dependent:
gem rest-client-1.6.8
mime-types (~> 1.16)
pry (>= 0, development)
rake (~> 10.0, development)
rdoc (>= 2.4.2)
rspec (~> 2.4, development)
webmock (~> 1.4, development)
Gem rest-client-1.8.0
http-cookie (< 2.0, >= 1.0.2)
mime-types (< 3.0, >= 1.16)
netrc (~> 0.7)
pry (>= 0, development)
pry-doc (>= 0, development)
rdoc (< 5.0, >= 2.4.2, development)
rspec (~> 2.4, development)
webmock (~> 1.4, development)
When I attempt to remove rest-client 1.68, gem complains differently though:
ast-2.1.0 depends on rest-client (~> 1.6.7, development)
heroku-3.42.36 depends on rest-client (= 1.6.8)
heroku-3.42.33 depends on rest-client (= 1.6.8)
heroku-3.42.21 depends on rest-client (= 1.6.8)
heroku-3.8.4 depends on rest-client (~> 1.6.1)
heroku-3.8.3 depends on rest-client (~> 1.6.1)
heroku-3.8.2 depends on rest-client (~> 1.6.1)
heroku-3.8.1 depends on rest-client (~> 1.6.1)
heroku-3.6.0 depends on rest-client (~> 1.6.1)
heroku-3.3.0 depends on rest-client (~> 1.6.1)
heroku-3.2.3 depends on rest-client (~> 1.6.1)
heroku-3.0.1 depends on rest-client (~> 1.6.1)
parser-2.2.3.0 depends on rest-client (~> 1.6.7, development)
parser-2.2.2.6 depends on rest-client (~> 1.6.7, development)
parser-2.2.0.3 depends on rest-client (~> 1.6.7, development)
If you remove this gem, these dependencies will not be met.
When I remove it, it just gets pulled in again.
BTW, why does the removal cause additional dependencies beyond those reported by 'gem dependency' to popup? (Are they indirect?)
Thanks.
I know you posted this a year ago, but I was having the same issue so I came across it. With me the issue was that in my Gemfile I had:
gem "rest-client", "1.6.7"
I just removed the version:
gem "rest-client"
and then ran bundle update rest-client