i’m not at all a ruby user so this is being stored away for future reference. of particular note, pay attention to the “checking your code into version control” section …

specifically regarding the gemfile.lock and what to do …

This is important: the Gemfile.lock makes your application a single package of both your own code and the third-party code it ran the last time you know for sure that everything worked. Specifying exact versions of the third-party code you depend on in your Gemfile would not provide the same guarantee, because gems usually declare a range of versions for their dependencies.

bundler’s purpose and rationale