I recently tried to update devise to the latest version specified in the gemfile without affecting its dependencies.
gemfile.lock:
devise (3.5.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 3.2.6, < 5)
responders
thread_safe (~> 0.1)
warden (~> 1.2.3)
thread_safe (0.3.5)
warden (1.2.4)
After I run bundle update --conservative devise i got:
gemfile.lock:
devise (3.6.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 3.2.6, < 5)
responders
thread_safe (~> 0.1)
warden (~> 1.2.3)
thread_safe (0.3.6) ---> changed from 0.3.5 to 0.3.6
warden (1.2.7) ---> changed from 1.2.4 to 1.2.7
I am aware that only "devise" gem version changed and not the dependencies but the gems that changed their verions too like thread_safe and warder are also part of the dependencies of devise but out of the scope. What do they rapresent and why have changed their versions?
There is an open issue about that on github.