What happened to version 1.2.8 of the logger gem?


(Sean Hussey) #1

Hi everyone,

The logger gem, which has been at version 1.2.8 for 7.5 years, was yanked
from rubygems.org today (2018-12-04) and replaced with version 1.2.7:

https://rubygems.org/gems/logger/versions/1.2.8

This library was not a gem before 1.2.8. The gemspec was added on
2011-05-11:

There has never been an official release of a 1.2.7 version, as told by the
release history on GitHub:

There have been no commits to this repo for more than 6 years. If a 1.2.7
version of the library was built as a gem, it was done so from a different
source repo. I see no evidence that the nahi repo has been superseded by
any other repo.

Does anyone know what happened? At this point, we're going to set the
source for this gem to the 1.2.8 release commit on GitHub until there's
some official word on this.

Thanks very much for your help.

Sean

P.S. SO question posted here:


(Sean Hussey) #2

Hi everyone,

Ok, this has been resolved. Details can be found in the comments here:

In short, there was nothing nefarious going on (like with the recent npm
issue). There is a new official repo. I think it was a mistake to yank
1.2.8, but at least 1.3.0 has been pushed to fix the problem of the version
numbers going in the wrong direction.

Sean

ยทยทยท

On Tue, Dec 4, 2018 at 11:50 PM Sean Hussey <seanhussey@gmail.com> wrote:

Hi everyone,

The logger gem, which has been at version 1.2.8 for 7.5 years, was yanked
from rubygems.org today (2018-12-04) and replaced with version 1.2.7:

https://rubygems.org/gems/logger/versions/1.2.8

This library was not a gem before 1.2.8. The gemspec was added on
2011-05-11:

https://github.com/nahi/logger/commit/af96ca8fbf9ca1a20812a222c27d5c1ccf5d297e

There has never been an official release of a 1.2.7 version, as told by
the release history on GitHub:

https://github.com/nahi/logger/releases

There have been no commits to this repo for more than 6 years. If a 1.2.7
version of the library was built as a gem, it was done so from a different
source repo. I see no evidence that the nahi repo has been superseded by
any other repo.

Does anyone know what happened? At this point, we're going to set the
source for this gem to the 1.2.8 release commit on GitHub until there's
some official word on this.

Thanks very much for your help.

Sean

P.S. SO question posted here:
https://stackoverflow.com/questions/53625347/what-happened-to-version-1-2-8-of-the-logger-gem