Skip to content

[rb] Remove json version constraint #16436

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 16, 2025
Merged

[rb] Remove json version constraint #16436

merged 3 commits into from
Oct 16, 2025
+4 −6

Conversation

Earlopain
Copy link
Contributor

@Earlopain Earlopain commented Oct 15, 2025
edited by qodo-merge-pro bot
Loading

User description

This was a bug in the json gem, specific to the java flavor. There is no reason to restrict it for everybody else.
Just picking a more modern version in CI is good enough

🔗 Related Issues

Fixes #16385

💥 What does this PR do?

Removes the json version constraint.

🔧 Implementation Notes

Just remove it from the gemspec, there is no point in it being present there. json is a default gem.

🔄 Types of changes

  • Bug fix (backwards compatible)

PR Type

Bug fix

Description

  • Removed restrictive json gem version constraint from gemspec

  • Updated CI to use modern json version (2.15.1)

  • Addressed Java-specific bug without limiting other platforms

Diagram Walkthrough

flowchart LR
  A["selenium-webdriver.gemspec"] -- "Remove version constraint" --> B["json dependency"]
  C["MODULE.bazel"] -- "Update to version 2.15.1" --> D["CI configuration"]
Loading

File Walkthrough
Relevant files
Bug fix
selenium-webdriver.gemspec
Remove json version constraint from gemspec                           

rb/selenium-webdriver.gemspec

  • Removed the json gem version constraint (<= 2.13.2)
  • Allows json gem to use any compatible version as a default gem
 +0/-1     
Dependencies
MODULE.bazel
Update json gem to version 2.15.1 in CI                                   

MODULE.bazel

  • Updated json gem version from 2.13.2 to 2.15.1
  • Updated checksums for both standard and Java variants
 +2/-2     

@Earlopain
[rb] Remove json version constraint
42afc1d 
This was a bug in the json gem, specific to the java flavor. There is no reason
to restrict it for everybody else.
Just picking a more modern version in CI is good enough
@selenium-ci selenium-ci added C-rb Ruby Bindings B-build Includes scripting, bazel and CI integrations labels Oct 15, 2025
@qodo-merge-pro Qodo Merge Pro
Copy link
Contributor

qodo-merge-pro bot commented Oct 15, 2025
edited
Loading

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
Dependency upgrade risk

Description: Bumping third-party dependency 'json' to 2.15.1 (including Java variant) may reintroduce
previously avoided parser/runtime issues on JRuby; verify compatibility across supported
Ruby runtimes in CI.
MODULE.bazel [310-311]

Referred Code 
"json-2.15.1": "b1c1b2e7c116eb1903e0ce0c374783e6ead8747a0f9eca132d274018ebb80b89",
"json-2.15.1-java": "a6185eebe724a6937f60729e4998276d6b3de3ecc35be34f8e47c1eb40903ecf",
Ticket Compliance
🟡
🎫 #16385
🟢 Remove or relax the undocumented restriction in the Ruby gemspec that pins the json gem to
<= 2.13.2.
Update CI to use a modern json version that is known to work, avoiding unintended
downgrades by dependency managers.
Document or address the reason for the previous restriction, ensuring non-Java platforms
are not unnecessarily constrained.
Ensure the changelog or release reflects the change so users understand the resolution of
the restriction.
Codebase Duplication Compliance
Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance
No custom compliance provided

Follow the guide to enable custom compliance check.

  • Update
Compliance status legend 🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

@qodo-merge-pro Qodo Merge Pro
Copy link
Contributor

qodo-merge-pro bot commented Oct 15, 2025
edited
Loading

PR Code Suggestions ✨

Explore these optional code suggestions:

CategorySuggestion                                                                                                                                    Impact
Possible issue
Use a pessimistic version constraint

Instead of removing the version constraint for the json gem, re-add it with a
pessimistic constraint like ['~> 2.15'] to prevent future breaking changes.

rb/selenium-webdriver.gemspec [52-53]

 s.add_dependency 'base64', ['~> 0.2']
+s.add_dependency 'json', ['~> 2.15']
 s.add_dependency 'logger', ['~> 1.4']

[To ensure code accuracy, apply this suggestion manually]

Suggestion importance[1-10]: 7

__

Why: The suggestion correctly identifies the risk of removing the version constraint for the json gem and proposes using a safer pessimistic constraint, which improves the project's long-term stability.

Medium
  • Update

@Earlopain Earlopain mentioned this pull request Oct 15, 2025
Closed
diemol
diemol approved these changes Oct 16, 2025
View reviewed changes
Copy link
Member

@diemol diemol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for helping us with this!

@diemol diemol merged commit 627a283 into SeleniumHQ:trunk Oct 16, 2025
22 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@diemol diemol diemol approved these changes

Assignees

No one assigned

Labels

B-build Includes scripting, bazel and CI integrations C-rb Ruby Bindings Review effort 2/5

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[🐛 Bug]: Ruby - Undocumented restriction on json library to <= 2.13.2 in gemspec

4 participants

@Earlopain @diemol @selenium-ci @cgoldberg