I have a gem that depends on Bcrypt and because I do not check in the Gemfile.lock for my gems my CI server just started failing. This failure may be truly on our side, but when I went to trace down my dependencies I found bcrypt and bcrypt-ruby; via Ruby Gems the source code links both point to this repo. The gems on disk are obviously not the same.

Can you explain a little about what is going on with the dependency between bcrypt and bcrypt-ruby (specifically for the java impl)? Right now if I change my gemspec to force bcrypt-ruby 3.1.2 everything passes, obviously pessimistic includes grab the change you just released (which looks safe).

I am using jruby and verified the same behavior on 1.7.8 - 10

I will do some more digging into this and see if there is a bug on my side (there probably is something with a require that we were getting lucky with), but I wanted to open a thread in case other people find similar issue. I'm happy to move this to a discussion group if you like.