Search code examples
ruby-on-railsruby-on-rails-4rubygemsbundler

Why does updating rails gem also update few non runtime dependency gems?

I’m trying to update my rails 4.2.11 gem to a new patch 4.2.11.1

When I run bundle update rails ( I have changed the rails version to 4.2.11.1 in my Gemfile) there are few other gems that are part of my app that also get updated. Referring to this I can see that there are ten dependency gems so they get updated which is fine.

The gems that are getting updated to newer version are :

  • rake 12.3.2 (was initially 12.3.1),
  • concurrent-ruby 1.1.5 (was 1.1.3),
  • mini_portile2 2.4.0 (was 2.3.0),
  • nokogiri 1.10.1 (was 1.8.5)
  • globalid 0.4.2 (was 0.4.1) )

Note: Few of them are recursive dependensies like railaities -> rake, but the version specified in railties-4.2.11.1 is lower than what I initially had

I want to understand why and how these are getting updated.

current versions : ruby - 2.5.3, rails- 4.2.11, bundler - 1.17.1

Solution

  • Per bundler's documentation, https://bundler.io/man/bundle-update.1.html#DESCRIPTION, bundle update ignores your Gemfile.lock and therefore will install the latest version of any dependencies of the gem being updated (while adhering to the updating gem's .gemspec).

    If you do not want any shared dependencies to get updated, use the --conservative option. https://bundler.io/man/bundle-update.1.html#OPTIONS

    bundle update rails --conservative