When the Prod/Dev team sets up a new project, it’s created using the latest versions of frameworks, databases, and external libraries available. All these tools, components, and programming languages are part of our project, which ultimately makes them dependencies for our application. While developing the application, the dependencies used can become obsolete, and few of them get a chance to be updated. In the short term, we can accept that our application does not use the latest version of the database or Ruby Gem, but over time these dependencies become a compounding problem, whether it's for developers to set up a project on their local development environments, or at best, we want use a new feature that was added recently in the latest version.

Our team recently had to upgrade to the most recent version of the Rails framework. We had to update parts of the applications to leverage new features available in latest versions. We learned a ton and I would like to share our recommendations on how to facilitate the process of upgrading applications. With the upcoming Rails 6 release, this article will be a great resource to plan for the future.


What is a dependency?

An application dependency is a library, plugin, database, or cache storage, as well as third-party service that is used by an application. It is a component or part of the application functionality without which is partially or completely impossible. For example, if you use RMagick gem for image processing, in this case, both RMagick and ImageMagick, a set of console tools for image processing, will be application dependencies.

Why you should upgrade dependencies?

There could be a variety of reasons to upgrade a dependency. These reasons can include security issues fixes, usage of new features, performance improvements, reducing maintenance of an old version, etc. Most likely, you will have your own strong reasons why you should upgrade a specific dependency.

However, application dependency upgrades can become a time consuming process that starts with upgrading one specific library and ends up with upgrading a half of all libraries used by your application. In such cases, the goal is not to resolve version conflicts of dependency, and to have a new version of the library, but to keep your application working and functioning as it used to be.

What to start from?

There are general recommendations for upgrading dependencies of an application, which are applicable in most cases. For detailed information on upgrading a specific dependency, I recommend you read the documentation of that dependency.

1. Learn About the New Version of the Dependency

As I noted above, if you upgrade the RMagick gem to the latest version, you may need the most recent version of ImageMagick. Review the RMagick and/or ImageMagick changelogs. The necessary change may have been made in an earlier version and an upgrade to minor version will be sufficient to achieve a goal. If a major update is still required, see the Requirements and Breaking Changes sections in the dependency documentation. One of the requirements could be a specific version of the operating system or OS kernel.

In some cases, dependency developers may recommend gradually upgrading the dependency from version to version, thereby allowing you to gradually make the necessary changes to your application with each upgrade. Learning the method of upgrades will help to approximately indicate what tasks you have to achieve the upgrade.

2. Hardware and Network Requirements

A dependency has minimum requirements to function. Since new features are introduced in a new version, this dependency may require more resources to operate. It is important to make sure that hardware and network resources are sufficient for stable operation before making upgrades on servers.

3. Plan Upgrade on Servers

Upgrading dependency on your local machine can differ from how it must be done on the server. For example, if you are a macOS user you might use brew tool to install and upgrade libraries and external tools. On a server running the Ubuntu or CentOS operating system, brew command is not available. You need to learn how to install or upgrade the necessary version of the dependency on the server. This can be a package manager, compiling source code or running an upgrade script. Never learn and try to run scripts from this step on the production server.  As  you can damage the current version, making changes to the configuration of the application or operating system, which will lead to negative consequences. These steps are recommended to be explored on a separate copy of the production server or on a new server.

3. Upgrade Timing

If it’s safe and possible to upgrade dependencies on an existing server, it is recommended to estimate the time of how long it will take to roll out the upgrade. If an upgrade requires stopping or restarting your application or server, it may be worthwhile to think about how to temporarily redirect traffic to a failover group or reduce downtime. It is very important to consider that your script or upgrade may fail, and in this case you need to have a plan to roll back changes to the operational state of the application in reasonable time. One of the recommendations is the use of a new server and traffic redirection. The goal is to protect the current state from changes and reduce the time to switch between the old and the upgraded server.

4. Log Actions

Document and log all your actions. This will help you in writing scripts or documenting a dependency upgrade for your colleagues, so that they can make upgrades on their dev machines. The log can provide links to articles or documentation that are important for that upgrade and also be used when you start upgrading other applications.

Upgrading is a Must

Upgrading dependencies is often desired by developers, but not always supported by the business. Staying on top of gap intelligence's cutting edge of technology is important to the Product Development team and we are always looking to implement new features into our application. We aim to deliver the very best to our customers and to make their experience better than it was before.

For more than 16 years, gap intelligence has served manufacturers and sellers by providing world-class services monitoring, reporting, and analyzing the 4Ps: prices, promotions, placements, and products. Email us at info@gapintelligence.com or call us at 619-574-1100 to learn more.