After the announcements in the previous posts about the security vulnerabilities in Rails 3.0.3, you would like to update your application and deploy with the latest 3.0.4 version.
- Change your Gemfile to replace
gem 'rails', '3.0.3'
gem 'rails', '3.0.4'
bundle update rails
- Remove the old gems by using:
git rm name_of_3.0.3_gem
- Add the new gems to your git
git add vendor/cache
- Check in to your repository the new files
git commit vendor/cache -m 'upgrade to rails 3.0.4'
- Make sure that you also check in both your Gemfile and Gemfile.lock into your git repository
git commit Gemfile Gemfile.lock -m 'update Gemfiles to use 3.0.4'
otherwise when you try to deploy you will see the error:
You have modified your Gemfile in development but did not check the resulting snapshot (Gemfile.lock) into version control
- push everything to your git repository:
- Deploy your application with capistrano as usual:
- Your new gems for 3.0.4 should be installed on the share/bundle folder