I was asked an interview question on how I would keep an app's gems up to
date. Suppose there was a new gem because of some security issue for
instance ?

  Where I worked before, we locked the gems in the gem file with a
particular version with the notation of something like:
gem 'multi_json' , '~> 1.8.2'

That way we would not get surprises when we updated the gems as changes
could occur without our being able to know what they where and the app
would be unstable. I've also found when some one gives you an app to work
on and it has not been used for several months, if the gemfile has no
versions on the gems then you will have a hard time figuring out why
everything is broken or what gem version it used to work in.

  I did not find there to be an easy answer to this question given that a
gem file can contain many gems and knowing when to go to a new version is
not clear. At a certain point in time between projects, we might try to
update the gems. Is there a simple way to tell how far out of date the gems
in the gemfile are using a command of some kind ?



--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/7e24d354-2b61-403f-967e-9cc19d3f5dc4%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

  • Koulikoff at Mar 1, 2014 at 9:16 pm
    bundle outdated
    On Sunday, March 2, 2014 12:18:39 AM UTC+4, Jedrin wrote:


    I was asked an interview question on how I would keep an app's gems up to
    date. Suppose there was a new gem because of some security issue for
    instance ?

    Where I worked before, we locked the gems in the gem file with a
    particular version with the notation of something like:
    gem 'multi_json' , '~> 1.8.2'

    That way we would not get surprises when we updated the gems as changes
    could occur without our being able to know what they where and the app
    would be unstable. I've also found when some one gives you an app to work
    on and it has not been used for several months, if the gemfile has no
    versions on the gems then you will have a hard time figuring out why
    everything is broken or what gem version it used to work in.

    I did not find there to be an easy answer to this question given that a
    gem file can contain many gems and knowing when to go to a new version is
    not clear. At a certain point in time between projects, we might try to
    update the gems. Is there a simple way to tell how far out of date the gems
    in the gemfile are using a command of some kind ?


    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/def04ccd-fbd3-44f9-90a6-d46619d6ed2d%40googlegroups.com.
    For more options, visit https://groups.google.com/groups/opt_out.
  • Gurpreet Luthra at Mar 2, 2014 at 12:43 pm
    Check this:
    https://gemnasium.com/features

    For instance Capybara project on github shows the status of dependencies
    with a green button in Readme file.
    https://github.com/jnicklas/capybara

    Regards
    Gurpreet


    On 2 March 2014 02:45, koulikoff wrote:

    bundle outdated

    On Sunday, March 2, 2014 12:18:39 AM UTC+4, Jedrin wrote:


    I was asked an interview question on how I would keep an app's gems up
    to date. Suppose there was a new gem because of some security issue for
    instance ?

    Where I worked before, we locked the gems in the gem file with a
    particular version with the notation of something like:
    gem 'multi_json' , '~> 1.8.2'

    That way we would not get surprises when we updated the gems as changes
    could occur without our being able to know what they where and the app
    would be unstable. I've also found when some one gives you an app to work
    on and it has not been used for several months, if the gemfile has no
    versions on the gems then you will have a hard time figuring out why
    everything is broken or what gem version it used to work in.

    I did not find there to be an easy answer to this question given that a
    gem file can contain many gems and knowing when to go to a new version is
    not clear. At a certain point in time between projects, we might try to
    update the gems. Is there a simple way to tell how far out of date the gems
    in the gemfile are using a command of some kind ?



    --
    You received this message because you are subscribed to the Google Groups
    "Ruby on Rails: Talk" group.
    To unsubscribe from this group and stop receiving emails from it, send an
    email to rubyonrails-talk+unsubscribe@googlegroups.com.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To view this discussion on the web visit
    https://groups.google.com/d/msgid/rubyonrails-talk/def04ccd-fbd3-44f9-90a6-d46619d6ed2d%40googlegroups.com
    .

    For more options, visit https://groups.google.com/groups/opt_out.
    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAHKR60z3KXDnmAEpcWaF2CFemxTJ%2BJ4m%3DghspsJ57GRvvjapxQ%40mail.gmail.com.
    For more options, visit https://groups.google.com/groups/opt_out.
  • Mike at Mar 2, 2014 at 2:39 pm

    On Saturday, March 1, 2014 3:18:39 PM UTC-5, Jedrin wrote:

    I was asked an interview question on how I would keep an app's gems up to
    date. Suppose there was a new gem because of some security issue for
    instance ?

    Where I worked before, we locked the gems in the gem file with a
    particular version with the notation of something like:
    gem 'multi_json' , '~> 1.8.2'

    That way we would not get surprises when we updated the gems as changes
    could occur without our being able to know what they where and the app
    would be unstable. I've also found when some one gives you an app to work
    on and it has not been used for several months, if the gemfile has no
    versions on the gems then you will have a hard time figuring out why
    everything is broken or what gem version it used to work in.

    I did not find there to be an easy answer to this question given that a
    gem file can contain many gems and knowing when to go to a new version is
    not clear. At a certain point in time between projects, we might try to
    update the gems. Is there a simple way to tell how far out of date the gems
    in the gemfile are using a command of some kind ?



    A couple of things. First, when you initially install gems, the system
    automatically locks the version of the gem, whether you specify a version
    in the Gemfile or not. If you inherit an old application, the file
    Gemfile.lock will tell you what gems it is using and what versions of those
    gems. When you run bundle install, it will stick to those versions, even
    if a newer version is available.

    If you want to see if there are newer versions of the gem than the ones the
    application is using, run "bundle outdated" as the above post indicates.
      That will list all of the gems used by your application that are outdated.

    If you want to update a gem to a newer version, you run "bundle update
    [gemname]" If you don't include a gem name with the command, it will
    update everything (in other words, ignore the Gemfile.lock).

    Hope this helps.

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/17d5fed9-d1d7-4b67-bd36-3efb7232cc6b%40googlegroups.com.
    For more options, visit https://groups.google.com/groups/opt_out.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedMar 1, '14 at 8:18p
activeMar 2, '14 at 2:39p
posts4
users4
websiterubyonrails.org
irc#RubyOnRails

People

Translate

site design / logo © 2021 Grokbase