This will use a Gemfile
as an example but could be done with different versioning systems.
Say your project uses the following:
source 'https://rubygems.org' do
gem 'nokogiri'
gem 'rails', '5.0.0'
gem 'rack', '>=1.0'
gem 'thin', '~>1.1'
end
This will install:
- The latest version of nokogiri
- Version 5.0.0 of rails only
- The latest version of rack from 1.0.0 on
- The latest version of thin from 1.1.0 up to but not including 2.0.0
Although occasional specific exceptions happen, I generally would change this to:
source 'https://rubygems.org' do
gem 'nokogiri', '~>1.7.0'
gem 'rails', '~>5.0.0'
gem 'rack', '~>1.0.0'
gem 'thin', '~>1.1.0'
end
Instead, this will install:
- The latest version of nokogiri from 1.7.0 up to but not including 1.8.0
- The latest version of rails from 5.0.0 up to but not including 5.1.0
- The latest version of rack from 1.0.0 up to but not including 1.1.0
- The latest version of thin from 1.1.0 up to but not including 1.2.0
This locks packages at the minor version, which allows for frequent, safe updates just by running bundle update
. It can then be run at any time and will only upgrade patch versions.
Typically I upgrade minor and major versions "manually", when we notice a version is updated and we've confirmed it works. To upgrade to new minor versions when potential upgrades are unknown I will:
- Edit the
Gemfile
to look like:
source 'https://rubygems.org' do
gem 'nokogiri', '~>1.7'
gem 'rails'
gem 'rack', '~>1.0'
gem 'thin', '~>1.1'
end
This will install:
- The latest version of nokogiri from 1.7.0 up to but not including 2.0.0
- The latest version of rails
- The latest version of rack from 1.0.0 up to but not including 2.0.0
- The latest version of thin from 1.1.0 up to but not including 2.0.0
This shows how to upgrade both to the latest minor version, major-locked, and to the latest major version.
Then, after running bundle update
, I edit the Gemfile
back to specifying a full version string such as ~>1.8.0
, if, say, nokogiri
was updated to version 1.8.4
. Specify the exact major and minor versions and replace the patch version with 0
.
I use either console output from the update or git diff Gemfile.lock
to determine the new, latest versions.
This version of the Gemfile
is the one I commit back to the repo, after temporarily, manually editing it for the update.