Skip to content

Automated Dependency Updates for Bundler

Renovate supports updating Bundler dependencies.

File Matching

By default, Renovate will check any files matching the following regular expression: (^|/)Gemfile$.

For details on how to extend a manager's fileMatch value, please follow this link.

Supported datasources

This manager supports extracting the following datasources: rubygems, ruby-version.

References## Default config

{
  "fileMatch": [
    "(^|/)Gemfile$"
  ],
  "versioning": "ruby"
}

Additional Information

The bundler manager is used to extract dependencies from Gemfile and Gemfile.lock files.

Authenticating private registry

If you need Bundler to authenticate with a private registry - and it's not the same host as your GitHub/GitLab/etc - then you should do so with hostRules and be sure to set the hostType value to be "bundler". e.g.

{
  "hostRules": [
    {
      "matchHost": "private-registry.company.com",
      "hostType": "rubygems",
      "token": "abc123"
    }
  ]
}

Important notes regarding the above:

hostType is a required field, and you must provide a value. If you use Renovate v26 or higher, set hostType=rubygems. If you use Renovate v25 or lower, set hostType=bundler.

If the registry is used for multiple package types then you may need multiple hostRules.

Instead of token, you may also supply username and password instead.

If you don't want to commit raw secrets to your repository, either:

  • If self hosting, add the hostRules to your bot's configuration file rather than the repository's configuration file, or
  • If using the hosted Mend Renovate app, make use of the encrypted capability

Open items

The below list of features and bugs were current when this page was generated on March 30, 2023.

Feature requests

  • Support Nexus repository manager for RubyGems #15459
  • Bundler: Support inline gemfile declaration and dependencies #14017
  • Bundler/Rubygems: support registries with incomplete releases lists #12618
  • Update vendored gems when updating with bundler #11004
  • Parse gemspec files #10616
  • bundler with geminabox #6184
  • Bundler extract and update github dependency #4789
  • Bundler compatibility checks #3098

Bug reports

  • Renovate should not update PLATFORMS during lock file maintenance #19134
  • Renovate gives up after first failed update of Ruby Bundler package #4747