Lock solidus_core.gemspec to ransack '< 4.2'

Solidus core's gemspec already required that ransack be '~> 4.0', but the latest version of ransack, v4.2.0, released July 10 2024, introduces a bug. The previous implementation was taking for granted that every predicate would respond to #value, which doesn't seem to be the case when the predicate is an instance of a Arel::SelectManager. This has already been flagged by @spaghetticode in his PR against ransack: activerecord-hackery/ransack#1468 Since there has been little movement on this PR since January, we should lock to a version that works for us since currently many of our product specs are failing. (eg. spec/models/spree/product_spec.rb:659) We can remove this lock once the PR is merged and once the above test (and the others that are failing) are able to pass in ransack v4.2.0 or subsequent versions.
solidusio · Aug 8, 2024 · 1664d10 · 1664d10
1 parent 7176948
commit 1664d10
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/core/solidus_core.gemspec b/core/solidus_core.gemspec
@@ -43,7 +43,9 @@ Gem::Specification.new do |s|
   s.add_dependency 'monetize', '~> 1.8'
   s.add_dependency 'kt-paperclip', ['>= 6.3', '< 8']
   s.add_dependency 'psych', ['>= 4.0.1', '< 6.0']
-  s.add_dependency 'ransack', '~> 4.0'
+  # @note ransack 4.2 contains a bug which has not yet been addressed.
+  # @see https://github.com/activerecord-hackery/ransack/pull/1468
+  s.add_dependency 'ransack', ['~> 4.0', '< 4.2']
   s.add_dependency 'sprockets-rails', '!= 3.5.0'
   s.add_dependency 'state_machines-activerecord', '~> 0.6'
   s.add_dependency 'omnes', '~> 0.2.2'