Dependencies

Role of a dependencies

You might introduce a dependency when you need to reuse open source code or existing code in another project. The goal is to reduce the code you write and leverage code from libraries.

Location

• lib/
• Gemfile

Before adding a dependency

• Check if there is no current dependency already doing the job.
• Check the maturity of the gem (total downloads, Github stars, Github issues).
• Check the compatibility with the other gems you're using in the project.

Test and Gemfile.lock

• Commit and push the Gemfile.lock after introducing a new gem.
• Run the whole test suite to check the dependency is not breaking internal code. Some gems monkey patch models and classes, be careful about it and read the documentation for each gem carefully.
• Monitoring gems status: after intorudcing a gem, check the versions and security patch. A good pratice is to select the latest security version of your gem. In your Gemfile: gem "pg", "~> 0.20.0"