Hi I am building a gem which depends on the multi_json gem, which is basically adapters to all other json encoder/decoders out there.
So an user filed an issue on my gem. He has issues because multi_json has a small bug in one of the adapters, which is later fixed on multi_json's end, so it is not really my issue.
I am wondering if I should change my gemspec to hardcode the dependency to the fixed version of multi_json. I thought it would be easier to just tell the user to explicitly specify to use the fixed version of multi_json. This way my dependency won't be too strict and conflict with other gems which use multi_json.
What are the thoughts on this?
You don't have to lock dependency version entirely, just make sure that you have release that have above-mentioned bug fixed. For instance,
gem 'multi_json', '> 1.9.1'
It will be on rubygems sooner or later and you're definitely not interested in encountering the same bug twice.
My opinion is that the reliability of your library in the present is more important than future development inconveniences, which may or may not occur.
As for what to tell your users, they should've already heard (and if they haven't you could remind them of this in the
README.md) that most of the critical problems usually are solved within the day and can be found in
master. So if they want to take advantage of the latest fixes (and the freshest new bugs), they could specify
github as a source:
gem 'your_gem', github: 'lulalala/your_gem'