Summary
The fix for #65 (shipped in 1.1.6) resolves the warning for isolated loads of http/cookie or http/cookie_jar, but introduces the same warning in a different scenario: loading http/cookie_jar before http/cookie.
Minimal reproduction
$ ruby --version
ruby 4.0.1 (...) [x86_64-darwin25]
$ gem list http-cookie
http-cookie (1.1.6)
$ ruby -w -e 'require "http/cookie_jar"; require "http/cookie"'
warning: loading in progress, circular require considered harmful -
.../http-cookie-1.1.6/lib/http/cookie.rb
warning: Expected http/cookie to define HTTP::Cookie but it didn't
Why the 1.1.6 fix doesn't cover this
- Before 1.1.6:
cookie_jar.rb did require "http/cookie" eagerly, so loading cookie_jar first would fully load cookie before returning. No warning in this path.
- After 1.1.6 (commit 93bf8de):
cookie_jar.rb now does module HTTP; autoload :Cookie, "http/cookie"; end. The eager require is gone, so only the autoload registration persists.
- When
http/cookie is then required, cookie.rb:3 requires http/cookie/version, and version.rb:2 opens class Cookie inside module HTTP. Ruby resolves the Cookie constant, finds the registered autoload, and fires it for the still-loading http/cookie.rb — circular require warning.
Real-world impact
The http gem (>= 5) triggers this because lib/http.rb loads http/session before http/response:
http/session.rb:5 — require "http/cookie_jar" (registers the autoload)http/response.rb:11 — require "http/cookie" (triggers it)
So any require "http" under -w / Ruby 4.0 prints the warning.
Suggested direction
Defining HTTP::Cookie (even as an empty shell) at the top of cookie.rb before require 'http/cookie/version' would satisfy the autoload without cycling. Alternatively, moving the VERSION constant out of a class-reopen (e.g. assigning HTTP::Cookie::VERSION after the class is defined) sidesteps the constant lookup during load. Happy to send a PR if there's agreement on the approach.
Summary
The fix for #65 (shipped in 1.1.6) resolves the warning for isolated loads of
http/cookieorhttp/cookie_jar, but introduces the same warning in a different scenario: loadinghttp/cookie_jarbeforehttp/cookie.Minimal reproduction
Why the 1.1.6 fix doesn't cover this
cookie_jar.rbdidrequire "http/cookie"eagerly, so loadingcookie_jarfirst would fully loadcookiebefore returning. No warning in this path.cookie_jar.rbnow doesmodule HTTP; autoload :Cookie, "http/cookie"; end. The eager require is gone, so only the autoload registration persists.http/cookieis then required,cookie.rb:3requireshttp/cookie/version, andversion.rb:2opensclass Cookieinsidemodule HTTP. Ruby resolves theCookieconstant, finds the registered autoload, and fires it for the still-loadinghttp/cookie.rb— circular require warning.Real-world impact
The
httpgem (>= 5) triggers this becauselib/http.rbloadshttp/sessionbeforehttp/response:http/session.rb:5—require "http/cookie_jar"(registers the autoload)http/response.rb:11—require "http/cookie"(triggers it)So any
require "http"under-w/ Ruby 4.0 prints the warning.Suggested direction
Defining
HTTP::Cookie(even as an empty shell) at the top ofcookie.rbbeforerequire 'http/cookie/version'would satisfy the autoload without cycling. Alternatively, moving theVERSIONconstant out of a class-reopen (e.g. assigningHTTP::Cookie::VERSIONafter the class is defined) sidesteps the constant lookup during load. Happy to send a PR if there's agreement on the approach.