A bit of a clarification and reminder from an answer on Stack Overflow, as to what the difference is between Gemfile and Gemfile.lock:
Gemfile is where you specify which gems you want to use, and lets you specify which versions.
Gemfile.lock file is where Bundler records the exact versions that were installed. This way, when the same library/project is loaded on another machine, running
bundle install will look at the
Gemfile.lock and install the exact same versions, rather than just using the
Gemfile and installing the most recent versions. (Running different versions on different machines could lead to broken tests, etc.) You shouldn’t ever have to directly edit the lock file.
Check out Bundler’s Purpose and Rationale, specifically the Checking Your Code into Version Control section.