Should i check in gemfile.lock

If rails 4. If you update your Gemfile , and your system already has all of the needed dependencies, bundler will transparently update the Gemfile.

For instance, if you add mysql to your Gemfile and have already installed it in your system, you can boot your application without running bundle install , and bundler will persist the "last known good" configuration to the Gemfile.

This can come in handy when adding or updating gems with minimal dependencies database drivers, wirble , ruby-debug. It will probably fail if you update gems with significant dependencies rails , or that a lot of gems depend on rack. If a transparent update fails, your application will fail to boot, and bundler will print out an error instructing you to run bundle install.

Sometimes, you want to update a dependency without modifying the Gemfile. For example, you might want to update to the latest version of rack-cache.

Because you did not declare a specific version of rack-cache in the Gemfile , you might want to periodically get the latest version of rack-cache. To do this, you want to use the bundle update command:.

This command will update rack-cache and its dependencies to the latest version allowed by the Gemfile in this case, the latest version available. It will not modify any other dependencies. It will, however, update dependencies of other gems if necessary. If bundler needs to update a gem that another gem depends on, it will let you know after the update has completed. This will resolve dependencies from scratch, ignoring the Gemfile. If you do this, keep git reset --hard and your test suite in your back pocket.

Resolving all dependencies from scratch can have surprising results, especially if a number of the third-party packages you depend on have released new versions since you last did a full update. When you first create a Rails application, it already comes with a Gemfile. For another kind of application such as Sinatra , run:. Next, add any gems that your application depends on.

The text was updated successfully, but these errors were encountered:. Yes, the official recommendation is to commit the Gemfile. Sorry, something went wrong. Skip to content. This repository has been archived by the owner.

It is now read-only. The Gemfile should have versions set and this should prevent problems, right? So two answers to the two parts of the question:.

The same can be said for using a CI before a deploy which should be testing with a new bundle install on every run and thus get the same dependencies as a new developer would and find any bugs. This would theoretically sort out any problems but requires the tests to be complete raise your hand if you completely trust your tests.

It looks like Rails is tracking the Gemfile. Tracking the Gemfile. Without the Gemfile. However, this new failing code will not be associated with a commit and thus will be harder to track down than a failing test that had been introduced and committed. It looks like Bundler has changed their tune as well. At first, they gitignored the Gemfile. It is now recommended for all Gems created with Bundler to check in their Gemfile.

You should always include your Gemfile. The community seems to largely agree that you should include it in any Gems you create as well. This downloads gem information all at once, instead of making many small HTTP requests. Read about Gemfiles in gems from the Bundler in gems page and the How to create a gem with Bundler guide. A : Yes, you should commit it.

We believe this makes repositories more friendly towards new and existing contributors. A : The main advantage of not checking in your Gemfile. Instead of forcing every fresh checkout and possible new contributor to encounter broken builds, the Bundler team recommends either using a tool like Dependabot to automatically create a PR and run the test suite any time your dependencies release new versions. If you don't want to use a dependency monitoring bot, we suggest creating an additional daily CI build that deletes the Gemfile.

That way you, and others monitoring your CI status, will be the first to know about any failures from dependency changes. Toggle navigation Bundler. Edit this document on GitHub if you caught an error or noticed something was missing. Docs Team Blog Repository.