Skip to content

Automated Dependency Updates for Bundler

Categories: ruby

Renovate supports updating Bundler dependencies.

File Matching

By default, Renovate will check any files matching the following regular expression: (^|/)Gemfile$.

For details on how to extend a manager's fileMatch value, please follow this link.

Supported datasources

This manager supports extracting the following datasources: rubygems, ruby-version.

Default config

{
  "fileMatch": [
    "(^|/)Gemfile$"
  ],
  "versioning": "ruby"
}

Additional Information

The bundler manager is used to extract dependencies from Gemfile and Gemfile.lock files.

Authenticating private registry

If you need Bundler to authenticate with a private registry - and it's not the same host as your GitHub/GitLab/etc - then you should do so with hostRules and be sure to set the hostType value to be "bundler". e.g.

{
  "hostRules": [
    {
      "matchHost": "private-registry.company.com",
      "hostType": "rubygems",
      "token": "abc123"
    }
  ]
}

Important notes regarding the above:

hostType is a required field, and you must provide a value. If you use Renovate v26 or higher, set hostType=rubygems. If you use Renovate v25 or lower, set hostType=bundler.

If the registry is used for multiple package types then you may need multiple hostRules.

Instead of token, you may also supply username and password instead.

If you don't want to commit raw secrets to your repository, either:

  • If self hosting, add the hostRules to your bot's configuration file rather than the repository's configuration file, or
  • If using the Mend Renovate App, make use of the encrypted capability

Open items

The below list of features were current when this page was generated on September 22, 2023.

Feature requests

  • Bundler: Support for multi Gemfiles with a single lock file #22725
  • Bundler: Support inline gemfile declaration and dependencies #14017
  • Bundler/Rubygems: support registries with incomplete releases lists #12618
  • Update vendored gems when updating with bundler #11004
  • Parse gemspec files #10616
  • bundler with geminabox #6184
  • Bundler extract and update github dependency #4789