Force bundle install to use https:// instead of git:// for GitHub-based gems

Question

I am trying to build a rails project and because the host I am working on doesn't have access to the Internet for the the git:// protocol (port 9418) I get errors like

Fetching git://github.com/pivotal/jasmine.git
fatal: unable to connect to github.com:
github.com[0: 192.30.252.130]: errno=Connection refused

when running bundle install.

The relevant line in the GemFile doesn't specify git:// as a protocol, it just points to GitHub as the source for the gem

gem 'jasmine', :github => 'pivotal/jasmine-gem'

What do I have to do to make bundler to use https:// rather than git:// for pulling gems from GitHub?

Edit:

Is there a way other than editing every affected line in the GemFile? I'd prefer to avoid any merging issues down the line if the project's GemFile is updated.

possible duplicate of [git:// protocol blocked by company, how can I get around that?](http://stackoverflow.com/questions/4891527/git-protocol-blocked-by-company-how-can-i-get-around-that) — Athafoud, Nov 18 '14 at 10:49

score 73 · Answer 1 · answered Dec 29 '16 at 15:11

73

Use bundle config github.https true

answered Dec 29 '16 at 15:11

Sam Kah Chiin

4,375
5
25
30

4

Best answer for this!! Thank you – ZedTuX Dec 01 '17 at 17:32
1

Agreed. Much better than the accepted answer, since the question is _ruby bundler_ related, not git as a whole. – paulodiovani Dec 27 '17 at 14:57
1

This change could mess up your production deployment if you don't have the same settings there. – KARASZI István Apr 21 '18 at 12:52
Does not seem to have any effect in alpine docker container. – Nakilon Aug 21 '23 at 05:44

score 58 · Accepted Answer · answered Jan 21 '14 at 18:13

58

Git provides URL rewriting functionality using the url..insteadOf configuration option.

So to make all connections to github.com use https:// rather than git://

git config --global url."https://github.com".insteadOf git://github.com

The --global switch sets the config option for all git operations by the current user, so there are times where it may be too intrusive. But it does avoid changing the git config in the current project.

answered Jan 21 '14 at 18:13

Bell

17,907
4
23
25

3

excellent answer! I didn't want to have change up every line in the Gemfile just to get things running on one particular customer site – Dave Smylie Jul 29 '14 at 03:29
@sam-kah-chiin answer (https://stackoverflow.com/a/41382363/1712589) is much better for this, since the question os about _ruby bundler_ and not git as a whole. – paulodiovani Dec 27 '17 at 14:58
This was super useful for forcing `bundle install` to use the temporary SSH key I'd generated, just for use from w/in a test container, in an env where it was a hassle to get the `gh` binary for authing PATs. Ended up running `git config --global url."git://github.com".insteadOf https://github.com` Had initially tried running `bundle config github.https false` but that had no effect. – Meredith Feb 16 '22 at 06:38

Agis · Answer 3 · 2015-09-03T07:33:49.957

38

You can do:

gem 'jasmine', git: 'https://github.com/pivotal/jasmine-gem.git'

edited Sep 03 '15 at 07:33

answered Jan 21 '14 at 14:21

Agis

32,639
3
73
81

1

I just need to do it in a single place, and don't want it sneaked away in a per-server config, so this was right for me. – Alien Life Form Jul 14 '15 at 21:26

matthias · Answer 4 · 2016-09-18T22:53:12.373

15

If you want this just for all the gems in one Gemfile you can add these lines at the top of the file:

git_source(:github) do |repo_name|
  repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
  "https://github.com/#{repo_name}.git"
end

Alternatively you can use bundle config github.https true. But this affects only your current environment.

This won't be necessary anymore with Bundler 2.0.

edited Sep 18 '16 at 22:53

answered Aug 28 '16 at 10:06

matthias

275
2
10

Note that this option requires bundler 1.13.2+. – Luca Spiller Oct 07 '16 at 07:56
2

**DON'T DO** `bundle config github.https true` if your production environment lives on heroku! – Michael Johnston Dec 05 '16 at 19:28
5

@MichaelJohnston why not? – Gabe Kopley Jan 05 '17 at 19:55
You can add some like this for your future self. `Bundler.ui.warn('You are using Bundler 2.0 or greater, you don\'t need this hack any more') if Bundler.bundler_major_version > 1` – blackjid Aug 23 '18 at 16:25
Rails 6 new includes this oneliner into Gemfile: `git_source(:github) { |repo| "https://github.com/#{repo}.git" }` – mlt Nov 04 '18 at 01:14
@GabeKopley setting this value to true exposes your application directories to recursive search by an attacker. AVOID THIS SETTING OR LOSE YOUR DATA. I've seen this happen on Heroku. – zero_cool Sep 26 '20 at 15:41

score 10 · Answer 5 · answered Dec 24 '16 at 05:25

if you're deploying to heroku, you can just add BUNDLE_GITHUB__HTTPS (note the double underscore) as an environment variable and set it to true (in your heroku app's dashboard under the Settings tab in the Config Vars section). this will switch the protocol from git:// to https:// for all such requests.

score 3 · Answer 6 · answered Jan 21 '14 at 14:22

3

You should be able to put a complete Git URL in your Gemfile. For example:

gem 'jasmine', :git => 'https://github.com/pivotal/jasmine-gem.git'

answered Jan 21 '14 at 14:22

James Frost

6,960
1
33
42

score 0 · Answer 7 · answered May 02 '19 at 09:01

If a solution that requires a special obscure setting to be performed on every installation you make for just a teeny weeny bit of syntactic sugar isn't a solution.

That's why I'm proposing this as an answer:

just use :https & report a security bug with bundler that the unencrypted protocol is default.

Force bundle install to use https:// instead of git:// for GitHub-based gems

7 Answers7

Linked