Refactor Gemfile / update dependecies

[mnquintana]

Our Gemfile currently references very few version numbers, and this is a problem because anytime someone inadvertently updates Gemfile.lock (like in #535) we inadvertently upgrade Reservations' dependencies.

We should use the appropriate version identifiers (see http://bundler.io/v1.6/gemfile.html) - for example:

gem 'capybara', '~> 2.0.0'

We only want to automatically upgrade to service releases for capybara, ie. versions between 2.0.0 and 2.1.

[squidgetx]

I think this can wait until 4.0.0, at which point we should just go on a massive updating spree. FontAwesome 4, cancancan, Spring, the works. After that we can then go and specify version numbers for everything

[orenyk]

We should try to get this done before we hand this off... Gemnasium says we have 39 out-of-date dependencies. Obviously one of our biggest ones is Bootstrap (see #245), but once that's done I'll try to update the remaining gems one at a time to get us up-to-date.

[mnquintana]

For future reference, we should really be in the habit of updating individual dependencies regularly (which Gemnasium should help us do), instead of leaving them all to a mega PR like this will end up being. Especially because in a lot of cases we don't know if an upgrade will be a drop-in replacement or not, and if it isn't, there could be a lot of code changes necessary to make it work.

(Kinda like how Facilities lets some buildings languish for years and then all of a sudden they have a multi-year, multi-million dollar renovation on their hands, whereas if they'd just been doing regular maintenance the whole time they would've saved a lot of time and money)

[orenyk]

Agreed, I would argue we should do it before every minor release. #600 is hopefully our several thousand dollar renovation in the hopes of avoiding the multimillion dollar one :-P.

[orenyk]

As suggested in #1116, we're going to use this issue to update Rails to 4.1.9 and Ruby to 2.1.5. I'll also go through Gemnasium and try to update most of our other dependencies.

[mnquintana]

@orenyk IMO we should probably do one PR per dependency update, just to keep them manageable

[orenyk]

Yea, we could do that; I don't think we need to open up multiple issues though. I'm hoping (perhaps naively) that most of our outdated dependencies won't be too much trouble 😛

[orenyk]

woot we can stop getting the permanent_records gem from the Git repository 😆

[orenyk]

I'm chaining a series of branches together so we can sequentially run the PR's. I've opened the first one for Rails (#1157) and can open up successive ones once it's merged in. After all the gems are updated I think we should also update to the latest Ruby version (2.1.x) as well.

[orenyk]

Note that I've been checking the changelogs when possible and haven't noticed any potentially breaking changes in any gem updates I've performed.

[orenyk]

I'm going to just get everything up-to-date and then I'll review all the gems and see if there are any we're not using any more that can be removed.

[orenyk]

Ok, all the gems have versions specified and are up-to-date (see #1158). Final step is checking to see if we have any we're no longer using that should be removed, after which we can close this issue.

[orenyk]

Alright, I removed the yajl-ruby gem and added a comment to the Gemfile. Now that all the dependencies have been updated I think we're good to go!