Posted almost 6 years ago. Visible to the public. Repeats.

How to update a single gem conservatively

The problem

Calling bundle update GEMNAME will update a lot more gems than you think. E.g. when you do this:

Copy
bundle update cucumber-rails

… you might think this will only update cucumber-rails. But it actually updates cucumber-rails and all of its dependencies. This will explode in your face when one of these dependencies release a new version with breaking API changes. Which is all the time.

In the example above updating cucumber-rails will give you Capybara 2.0 (because capybara is a dependency of cucumber-rails), which will break all your tests.

The fix

Bundler >= 1.14 has a --conservative flag. Using the conservative flag allows bundle update GEM to update the version of GEM, but prevents Bundler from updating the versions of any of the gems that GEM depends on.

For the example above you would say:

Copy
bundle update cucumber-rails --conservative

Options for old versions of bundler

The options below might be relevant if you're stuck with Bundler < 1.14:

Option 1

This will work if all dependencies for the update are already satisfied.

  • Find out the version you want to update to
  • Change it directly in Gemfile.lock
  • Run bundle install and see if that worked

Option 2

This will work if the gem has no shared dependencies with other gems.

  • Find out the version you want to update to.
  • Add that version explicitly to the Gemfile with , '=1.2.3'
  • Run bundle install
  • Remove the explicit version number again
  • Run bundle install once more

Option 3

This should always work.

  • Run bundle update GEMNAME
  • Run git diff Gemfile.lock and notice all the updates you didn't want
  • Revert the unwanted changes to Gemfile.lock you don't want (manually or by staging changed lines one-by-one), leaving only the desired updates.
  • Run bundle install and see if that worked

Option 4

There are persistent rumors that you can update a single gem by calling bundle update --source GEMNAME. However no one seems to know how and why this works, it's not a documented feature of Bundler. It might be an unintended side effect of something else.

I believe this command will try to update GEMNAME and GEMNAME only. If this leads to unmatched dependencies to to other locked gems, it will fail.

If you use this option, be sure to git diff your Gemfile.lock to see if the changes are what you expected.

By refactoring problematic code and creating automated tests, makandra can vastly improve the maintainability of your Rails application.

Owner of this card:

Avatar
Henning Koch
Last edit:
7 months ago
by Henning Koch
Keywords:
bundler, bundle
About this deck:
We are makandra and do test-driven, agile Ruby on Rails software development.
License for source code
Posted by Henning Koch to makandra dev
This website uses cookies to improve usability and analyze traffic.
Accept or learn more