I have added gemcutter.org to my Rubygems sources, and now I do not know how to remove it.
$ gem sources
*** CURRENT SOURCES ***
http://gemcutter.org
http://gems.rubyforge.org/
$ gem sources -r http://gemcutter.org
http://gemcutter.org removed from sources
$ gem sources
*** CURRENT SOURCES ***
http://gems.rubyforge.org/
In general you can find the syntax with
gem help *command*
So this shows the options you needed:
gem help sources
But what if the problem is that the default source causes gem install to hang on non-connected systems? (You think it's impossible?!?) If you run the command provided by the most popular answer, and this happens:
# gem sources -r https://rubygems.org
source https://rubygems.org not present in cache
Then to deal with this situation, you must modify source cringe:
sed -i '/[[:space:]]def self\.default_sources/a return []' \
$RUBYGEMS_DIR/rubygems/defaults.rb
This adds a line of code, namely return [] to return an empty array, after the method that returns "default sources". Run gem environment and you will see no nasty remote sources. Now you can go back and undo the sed command, or manually add the rubygems repo or whatever.
EDIT: Clarify, generalize.
Related
I'm creating a Makefile for my project:
build:
sudo gem install sass
Any time I build it's asking me for my superuser password. If I remove sudo it will not install at all, but throw an error instead, as I don't have permissions to install a gem.
So I came up with an idea, that I want to check whether the gem already exists, and run installing command only when it doesn't.
So the question is how to perform this check inside Makefile.
From the command line you can see if a gem is installed with gem list <gemname>. This prints out a list of installed gems that match <gemname>:
$ gem list sass
*** LOCAL GEMS ***
sass (3.4.13, 3.4.1, 3.2.19)
sass-rails (5.0.1, 4.0.3)
The argument is actually a regex, so you can be more specific, checking e.g. only the Sass gem itself:
$ gem list \^sass\$
*** LOCAL GEMS ***
sass (3.4.13, 3.4.1, 3.2.19)
The -i flag to list makes it produce output more usable in scripts, printing true or false, and having a suitable exit status:
$ gem list \^sass\$ -i
true
$ echo $?
0
$ gem list \^notsass\$ -i
false
$ echo $?
1
You can combine this with Make’s conditionals, and the shell function (assuming GNU make) to check if a gem is installed from your makefile:
ifeq ($(shell gem list \^sass\$$ -i), false)
gem install sass
endif
(The extra $ is needed to prevent make trying to expand it as a variable.)
It's now traditional in the Ruby community to use Bundler to manage / install dependencies. This will install Gems without you having sudo privs, and also will keep different Ruby project's gems separate.
If you must install the gem raw, look into RVM or rbenv which both install Ruby and any future gems in your home directory. There' some logic you'd have to add to your Makefile to get it to use the new Ruby in your home folder (rbenv may make this easier than rvm, although Idon't know for sure)... but it's not hard.
One quick way to accomplish the task is writing an .rb script and execute it from a Makefile. The simplest script I came up with goes as follows:
#!/usr/bin/env ruby
if !Gem::Specification::find_all_by_name('sass').any?
exec("sudo gem install sass")
end
find_all_by_name is always returning an array and doesn't raise an error when it can't find anything (as find_by_name does).
Makefile:
default:
./install.rb
Make sure install.rb is executable:
chmod +x install.rb
Run it using make.
We do have an internal gem server (http://my.gem.server) and at this server we store the gem foo-1.2.3.gem
Our users add this server to the gem source. Our gem source looks like::
*** CURRENT SOURCES ***
https://rubygems.org/
http://my.gem.server/
So far it was working wonderfully.
Then someone at the community created the foo-0.0.1.gem
Now, when our internal clients perform a gem install, the foo-0.0.1.gem from the community is installed instead of our foo-1.2.3.gem
We have tried putting our source before the standard rubygems.org but still get the same results.
Does anyone know how can I tell gem install to get the gem from our internal source?
It would be even better if it would just hit the community source if it does not find on ours.
You have two options:
Specify the source in the command
gem install --source http://my.gem.server/ install foo
Edit the ${HOME}/.gemrc file
change
:sources:
- http://rubygems.org
- http://my.gem.server
to
:sources:
- http://my.gem.server
- http://rubygems.org
In your Gemfile, separate all gems into source blocks:
source "http://my.gem.server/" do
gem "foo"
end
source "https://rubygems.org/" do
gem "rails"
end
Having global source lines and/or using :source to disambiguate can open you to security issues, as these don't actually work the way you would expect:
http://collectiveidea.com/blog/archives/2016/10/06/bundlers-multiple-source-security-vulnerability/
Any internal gem name might get claimed on rubygems.org and suddenly get installed instead.
To add on to #ptierno's answer, if you have a Gemfile or .gemspec you can use the :source parameter.
gem 'foo', :source => 'http://my.gem.server'
Which gives priority to that server for that gem only.
I am trying to run the gem command to install/update some gems, but due to some network restrictions in this area, I get this error:
ERROR: While executing gem ... (OpenSSL::SSL::SSLError)
SSL_connect returned=6 errno=0 state=SSLv3 read finished A
(I think) this is mainly because of tampering with the SSL certificates.
Is there anyway to tell gem not to use SSL, to avoid the error?
Use HTTP instead of HTTPS if you are unable to solve the certs issue:
$ gem install rails --source http://rubygems.org
To avoid repeating this every time, either edit your ~/.gemrc or edit the file through the command line, like this:
$ gem sources --add http://rubygems.org
$ gem sources --remove https://rubygems.org
$ gem sources --list
*** CURRENT SOURCES ***
http://rubygems.org
Also, en every Gemfile you will need to change the first line from:
source 'https://rubygems.org'
To:
source 'http://rubygems.org'
Of course it would be much better if you manage to solve the certs issue as #p11y suggested on his comment.
The accepted answer didn't work for me. The following, however, did.
Edit .gemrc file
On Windows c:\Users\yourusername\.gemrc
Specifically %HOMEPATH% in the event your path is different.
Thanks goes out to #AaronChristiansen for pointing this out.
add:
:ssl_verify_mode: 0
It displayed the SSL errors but the install was successful.
while installing any Gem or doing any listing of gem gzip related error comes as shown below:-
C:\Documents and Settings\gangunra>gem install rhosync -v 2.0.0.beta7 --pre
ERROR: While executing gem ... (Zlib::GzipFile::Error)
not in gzip format
C:\Documents and Settings\gangunra>gem list rails -r
*** REMOTE GEMS ***
ERROR: While executing gem ... (Zlib::GzipFile::Error)
not in gzip format
Please help me out how to reslove this
Looks like rubygems.org (or any gem source you have defined) is down.
Not sure if your error was happening in tar_input.rb or ruby_core_source.rb.
Most people solved tar_input.rb error, by cleaning up cache files. I solved the one for ruby_core_source.rb:57 'initialize' : not in gzip format
and here is the description and workaround:
The problem was because "sometimes" the ruby source file in the ftp server is not probably tar + gzip. So sometimes the source file is incorrect.
I just gone through the source code, and the code expects a .tar.gz in the ftp server (e.g. http ://ftp.ruby-lang.org/pub/ruby/1.9/xxx.tar.gz). But the file found was only tar, but not gzip-ed.
The workaround is to modify the code in your gem directory.
I am looking for ppl who knows why the file hosted in ruby-lang.org is not properly gzip-ed. Hope that can solve forever.
Here is the detail description of my finding:
http://ru05team.blogspot.com/2011/08/solving-workaround-initialize-not-in.html
Here is the workaround, source code that you have to change:
https://gist.github.com/1183048
Make sure you are using the right Gem sources.
$ gem sources
should display http://rubygems.org/ as the first source.
If missing, add http://rubygems.org/ as the main source. Otherwise, it might be a temporary issue with RubyGems index.
Also make sure you are using the latest RubyGems (library) version.
$ gem update --system
Find out where your ruby is configured to look for sources:
C:\>gem sources
*** CURRENT SOURCES ***
http://gems.rubyforge.org/
If it is pointed at gems.rubyforge.org (which it is when first installed for older installation binaries) then you’re pointed at the old web server so when ruby tries to get updates it gets an HTTP redirect (302) as a response instead of the expected data in GZIP format. It apparently doesn’t have an error handler configured to detect the redirect so it just gives up.
To fix it you have to update the list of sources. First add the correct source:
C:\>gem sources -a http://rubygems.org/
http://rubygems.org/ added to sources
Then remove the deprecated one:
C:\>gem sources -r http://gems.rubyforge.org/
http://gems.rubyforge.org/ removed from sources
C:\>gem sources
*** CURRENT SOURCES ***
http://rubygems.org/
Next update your ruby system:
C:\>gem update --system
Updating RubyGems
Updating rubygems-update
Successfully installed rubygems-update-1.3.7
:0:Warning: Gem::SourceIndex#search support for String patterns is deprecated
Updating RubyGems to 1.3.7
Installing RubyGems 1.3.7
RubyGems 1.3.7 installed
=== 1.3.7 / 2010-05-13
NOTE:
http://rubygems.org is now the default source for downloading gems.
You may have sources set via ~/.gemrc, so you should replace
http://gems.rubyforge.org with http://rubygems.org
http://gems.rubyforge.org will continue to work for the forseeable future.
...
Note that update verifies that the old source URL is no longer valid…
You should now be able to continue your installation, which in my case was rake.
I ran into this problem when using a network that requires phase 2 authentication. I had forgotten to authenticate in the browser so any web request was redirected to a local authentication page. It would appear that gem does not check whether the response it receives is actually from the actual rubygems.org server (and it's can't based on the address lookup alone unless you used an ssl certificate). Rather than telling you it couldn't reach the real rubygems server, it simply tells you the payload it receives is not in the proper format (zipped). Presumable if you ran a malicious DNS server that redirected rubygems.org to your own service, you could inject anything you wanted into the gems....
I ran "gem sources -c" so that I have to deliberately specify where I want to install a gem from since I now have 3 different sources for gem installs - RubyForge, Github and Gemcutter.
C:\>gem sources -c
*** Removed specs cache ***
*** Removed user source cache ***
*** Removed latest user source cache ***
*** Removed system source cache ***
*** Removed latest system source cache ***
After running this command I again ran gem sources to make sure I no longer have any default sources and I get this:
C:\>gem sources
*** CURRENT SOURCES ***
http://gems.rubyforge.org
http://gems.github.com
http://gems.rubyforge.org/
http://gemcutter.org
In other words, nothing has changed.
Looking at the help for gem sources -c below it seems to be the correct command to remove all gem sources at once:
-c, --clear-all Remove all sources (clear the cache)
Otherwise, it seems you have to remove them one by one. Not a big deal since I only have 4 but I wonder what I actually deleted by doing "gem sources -c".
C:\>gem sources --help
Usage: gem sources [options]
Options:
-a, --add SOURCE_URI Add source
-l, --list List sources
-r, --remove SOURCE_URI Remove source
-c, --clear-all Remove all sources (clear the cache)
-u, --update Update source cache
Local/Remote Options:
-p, --[no-]http-proxy [URL] Use HTTP proxy for remote operations
Common Options:
-h, --help Get help on this command
-V, --[no-]verbose Set the verbose level of output
-q, --quiet Silence commands
--config-file FILE Use this config file instead of default
--backtrace Show stack backtrace on errors
--debug Turn on Ruby debugging
For each source rubygems keeps local caches of information about gems hosted at each source etc to speed up operations and that command just clears those caches.
Looking at the rubygems source, on my system it for example removes
C:/Users/Kris/.gem/specs
C:/Users/Kris/.gem/source_cache
C:/Users/Kris/.gem/latest_source_cache
C:/Ruby/lib/ruby/gems/1.8/source_cache
C:/Ruby/lib/ruby/gems/1.8/latest_source_cache
You'll still have to remove the actual sources yourself.