Skip to content

Can't run application with gem because of file lib/console.rb #29

Description

@maxprotasov

lib/console.rb breaks Rails apps by triggering Bundler.inline with invalid path

Environment:
Ruby: 3.2.x
Rails: 6.0.x
Bundler: 2.5.x
buttercms-ruby: 2.0
buttercms-rails: 1.2.x

Problem
The gem contains a file: lib/console.rb

with the following code:

require 'bundler/inline'

gemfile do
  source 'https://rubygems.org'
  gem 'buttercms-ruby', path: '../buttercms-ruby'
end

ButterCMS::api_token = ""
binding.irb

This file is intended as a demo / development console, but because it lives in lib/, it is added to $LOAD_PATH and can be loaded unintentionally by the application.

In our case, during Rails boot (after adding async and related gems), lib/console.rb is required implicitly, which causes:
Bundler::PathError: The path '/Users/.../buttercms-ruby' does not exist
because Bundler.inline tries to resolve a relative path: '../buttercms-ruby'.

This breaks rails console and application boot.

lib/console.rb has a very generic name.
Any require "console" (directly or indirectly from another gem) can resolve to this file.
The file executes Bundler.inline, which modifies dependencies at runtime.
It assumes a local directory structure (../buttercms-ruby) that usually does not exist in real projects.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions