Quick Tips: How to manage and upgrade dependencies in a Rails app
- See the version of a gem you are using with
bundle info <package-name>
- Don’t use version specifiers in the
Gemfile unless you have a specific reason to avoid some version of a gem (i.e. a known bug / incompatibility)
- If you do use a version specifier then include a comment in the
Gemfile describing why
- Regularly check for available updates
- Run
bundle outdated to see which gems have updates available
- Regularly upgrade each gem to the latest minor / patch version
- Perform weekly / monthly
- Run
bundle update --conservative --minor
- This upgrades all gems to the latest minor / patch version that is 1) allowed by your
Gemfile and 2) allowed by the other gems that depend on it
- Assuming each gem uses semantic versioning this should be relatively safe
- Perform basic testing
- Regularly upgrade each gem to it’s next major version
- Perform monthly / quarterly
- Upgrade each gem individually (if possible)
- Read the documentation for the gem to understand how to upgrade to the next major version (i.e. required code changes)
- If the gem is more than one major version behind you may want to add a version specifier so you can upgrade by just one major version at a time
- Run
bundle update --conservative <package-name>
- This upgrades the gem to the latest major version that is 1) allowed by your
Gemfile and 2) allowed by the other gems that depend on it
- Perform thorough testing
- Understand why a gem has not been upgraded
- After running a
bundle update command you may see a message like Bundler attempted to update <package> but its version stayed the same
- Similarly you may see that
bundle outdated continues to show the gem your tried to update as being outdated
- This may be because your
Gemfile or one of your dependencies has a version specifier that prevents the update
- Run
bundle exec gem dependency to see the complete gem dependency graph. This should help you understand which dependencies are preventing the upgrade