I was asked an interview question on how I would keep an app’s gems up to date. Suppose there was a new gem because of some security issue for instance ?
Where I worked before, we locked the gems in the gem file with a particular version with the notation of something like:
gem ‘multi_json’ , ‘~> 1.8.2’
That way we would not get surprises when we updated the gems as changes could occur without our being able to know what they where and the app would be unstable. I’ve also found when some one gives you an app to work on and it has not been used for several months, if the gemfile has no versions on the gems then you will have a hard time figuring out why everything is broken or what gem version it used to work in.
I did not find there to be an easy answer to this question given that a gem file can contain many gems and knowing when to go to a new version is not clear. At a certain point in time between projects, we might try to update the gems. Is there a simple way to tell how far out of date the gems in the gemfile are using a command of some kind ?