Should Gemfile lock be included in gitignore

Question

I m sort of new to bundler and the files it generates  I have a copy of a git repo from GitHub that is being contributed to by many people so I was surprised to find that bundler created a file that didn t exist in the repo and wasn t in the  gitignore list   Since I have forked it  I know adding it to the repo won t break anything for the main repo  but if I do a pull request  will it cause a problem   Should Gemfile lock be included in the repository

User · Answer

The other answers here are correct  Yes  your Ruby app  not your Ruby gem  should include Gemfile lock in the repo   To expand on why it should do this  read on  I was under the mistaken notion that each env  development  test  staging  prod     each did a bundle install to build their own Gemfile lock  My assumption was based on the fact that Gemfile lock does not contain any grouping data  such as  test   prod  etc  This assumption was wrong  as I found out in a painful local problem  Upon closer investigation  I was confused why my Jenkins build showed fetching a particular gem  ffaker  FWIW  successfully  but when the app loaded and required ffaker  it said file not found  WTF  A little more investigation and experimenting showed what the two files do  First it uses Gemfile lock to go fetch all the gems  even those that won t be used in this particular env  Then it uses Gemfile to choose which of those fetched gems to actually use in this env  So  even though it fetched the gem in the first step based on Gemfile lock  it did NOT include in my  test environment  based on the groups in Gemfile  The fix  in my case  was to move gem  ffaker  from the  development group to the main group  so all env s could use it   Or  add it only to  development   test  as appropriate

User · Answer

Assuming you re not writing a rubygem  Gemfile lock should be in your repository  It s used as a snapshot of all your required gems and their dependencies  This way bundler doesn t have to recalculate all the gem dependencies each time you deploy  etc   From cowboycoded s comment below      If you are working on a gem  then DO NOT check in your Gemfile lock  If you are working on a Rails app  then DO check in your Gemfile lock    Here s a nice article explaining what the lock file is

User · Answer

My workmates and I have different Gemfile lock  because we use different platforms  windows and mac  and our server is linux    We decide to remove Gemfile lock in repo and create Gemfile lock server in git repo  just like database yml  Then before deploy it on server  we copy Gemfile lock server to Gemfile lock on server using cap deploy hook

User · Answer

Agreeing with r-dub  keep it in source control  but to me  the real benefit is this   collaboration in identical environments  disregarding the windohs and linux mac stuff   Before Gemfile lock  the next dude to install the project might see all kinds of confusing errors  blaming himself  but he was just that lucky guy getting the next version of super gem  breaking existing dependencies   Worse  this happened on the servers  getting untested version unless being disciplined and install exact version  Gemfile lock makes this explicit  and it will explicitly tell you that your versions are different   Note  remember to group stuff  as  development and  test

User · Answer

A little late to the party  but answers still took me time and foreign reads to understand this problem  So I want to summarize what I have find out about the Gemfile lock   When you are building a Rails App  you are using certain versions of gems in your local machine  If you want to avoid errors in the production mode and other branches  you have to use that one Gemfile lock file everywhere and tell bundler to bundle for rebuilding gems every time it changes   If Gemfile lock has changed on your production machine and Git doesn t let you git pull  you should write git reset --hard to avoid that file change and write git pull again

User · Answer

No Gemfile lock means    new contributors cannot run tests because weird things fail  so they won t contribute or get failing PRs     bad first experience   you cannot go back to a x year old project and fix a bug without having to update rewrite the project if you lost your local Gemfile lock   -  Always check in Gemfile lock  make travis delete it if you want to be extra thorough https   grosser it 2015 08 14 check-in-your-gemfile-lock

User · Answer

The real problem happens when you are working on an open-source Rails app that needs to have a configurable database adapter  I m developing the Rails 3 branch of Fat Free CRM   My preference is postgres  but we want the default database to be mysql2    In this case  Gemfile lock still needs be checked in with the default set of gems  but I need to ignore changes that I have made to it on my machine  To accomplish this  I run   git update-index --assume-unchanged Gemfile lock   and to reverse   git update-index --no-assume-unchanged Gemfile lock   It is also useful to include something like the following code in your Gemfile  This loads the appropriate database adapter gem  based on your database yml     Loads the database adapter gem based on config database yml  Default  mysql2    ----------------------------------------------------------------------------- db gems     mysql2        gt    mysql2     gt   0 2 6                postgresql    gt    pg         gt   0 9 0                sqlite3       gt    sqlite3    adapter   if File exists  db config   File join File dirname   FILE     config   database yml      db   YAML load file db config      Fetch the first configured adapter from config database yml    db  production      db  development      db  test     adapter   else    mysql2  end gem  db gems adapter    -----------------------------------------------------------------------------   I can t say if this is an established best practice or not  but it works well for me

User · Answer

The Bundler docs address this question as well   ORIGINAL  http   gembundler com v1 3 rationale html  EDIT  http   web archive org web 20160309170442 http   bundler io v1 3 rationale html  See the section called  Checking Your Code into Version Control       After developing your application for a while  check in the   application together with the Gemfile and Gemfile lock snapshot  Now    your repository has a record of the exact versions of all of the gems   that you used the last time you know for sure that the application   worked  Keep in mind that while your Gemfile lists only three gems    with varying degrees of version strictness   your application depends   on dozens of gems  once you take into consideration all of the   implicit requirements of the gems you depend on       This is important  the Gemfile lock makes your application a single   package of both your own code and the third-party code it ran the last   time you know for sure that everything worked  Specifying exact   versions of the third-party code you depend on in your Gemfile would   not provide the same guarantee  because gems usually declare a range   of versions for their dependencies       The next time you run bundle install on the same machine  bundler will   see that it already has all of the dependencies you need  and skip the   installation process       Do not check in the  bundle directory  or any of the files inside it    Those files are specific to each particular machine  and are used to   persist installation options between runs of the bundle install   command       If you have run bundle pack  the gems  although not the git gems    required by your bundle will be downloaded into vendor cache  Bundler   can run without connecting to the internet  or the RubyGems server  if   all the gems you need are present in that folder and checked in to   your source control  This is an optional step  and not recommended    due to the increase in size of your source control repository

[ruby] Should Gemfile.lock be included in .gitignore?

Examples related to ruby

Examples related to git

Examples related to version-control

Examples related to bundler

Examples related to gemfile