我应该在我的Gemfile中指定确切的版本吗? [英] Should I specify exact versions in my Gemfile?
问题描述
我注意到在rubygems.org上有很多宝石建议你用主版本而不是确切版本来指定它们。例如...
haml-rails gem ...
gemhaml-rails,〜> 0.3.4#$ bundle安装将获得1.0之前的
#最新版本。
但是,根据 Bundler文档听起来对我来说,最好能找到像这样的确切版本......
gemhaml-rails,0.3.4
你的haml-rails宝石和它的所有依赖不会向前漂移。如果几星期后在另一台机器上签出项目并运行 $ bundle install ,那么您将拥有与指定的所有内容完全相同的版本。
我已经看到了点发布的细节,我认为Bundler的整个想法的一部分是 Bundle.lock 全部你的宝石版本。
但是在rubygems.org上,他们使用〜>很多,所以我可能错过了什么?
任何澄清都将对我理解Bundler和宝石管理非常有帮助。
这就是为什么Gemfile.lock文件 - 运行带有Gemfile.lock存在的 bundle install 只会使用其中列出的依赖项进行安装;它不会重新解析Gemfile。要更新依赖项/更新gem版本,您必须明确地执行 bundle update ,它将更新您的Gemfile.lock文件。
如果没有Gemfile.lock,将代码部署到生产中将是一个主要问题,因为如您所述,依赖关系和gem版本可能会发生变化。
简而言之,rubygems.org建议您使用悲观版本约束运算符(
〜> ),通常应该是安全的。请确保在执行 bundle update 之后重新运行测试,以确保没有任何事情发生。 耶胡达卡茨的好文章,有一个关于Gemfile.lock的更多信息。
I've noticed that on rubygems.org a lot of the gems suggest you specify them by major version rather than exact version. For example...
gem "haml-rails", "~> 0.3.4" # "$ bundle install" will acquire the
# latest version before 1.0.
However, based on the Bundler docs it sounded to me like it would be better to nail down the exact version like this...
gem "haml-rails", "0.3.4"
So there's your haml-rails gem and all its dependencies won't drift forward. If you check out the project on a different machine a few weeks later and run $ bundle install you'll have precisely the same versions of everything you specified.
I've seen point releases break stuff, and I thought part of the whole idea of Bundler was to "Bundle.lock" all your gem versions.
But on rubygems.org they use "~>" a lot so maybe I'm missing something?
Any clarification would be very helpful to me in understanding Bundler and gem management.
This is the purpose of the Gemfile.lock file - running bundle install with a Gemfile.lock present only installs using the dependencies listed in there; it doesn't re-resolve the Gemfile. To update dependencies / update gem versions, you then have to explicitly do a bundle update, which will update your Gemfile.lock file.
If there wasn't a Gemfile.lock, deploying code to production would be a major issue because, as you mention, the dependencies and gem versions could change.
In short, you should be generally safe using the pessimistic version constraint operator (~>) as rubygems.org advises. Just be sure to re-run your tests after you do a bundle update to make sure nothing breaks.
There's a nice article by Yehuda Katz that has a little more info on Gemfile.lock.
这篇关于我应该在我的Gemfile中指定确切的版本吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
