When my coworker runs "bundle install", will he install the newest gems or the ones in Gemfile.lock?

That's because on gembundler.com, it says:

Make sure to add Gemfile.lock to your repository. This will ensure that other developers on your app, as well as your deployment environment, use exactly the same third-party code as you just install开发者_运维百科ed.

so, suppose I just say

gem 'rails'

so when my coworker does a bundle install 3 months later, when Rails 3.0.6 or later is released, will he install 3.0.6, or the one in Gemfile.lock? (which is 3.0.5 as of right now)

If everything must be according exactly to Gemfile.lock, then what is the procedure to update Gemfile.lock? Make sure all the tests pass, and then somehow tell bunlder to upgrade all the gems to the latest versions, and run the tests again and make sure they pass, and then commit that newest Gemfile.lock?

bundle install will install gems versions found in Gemfile.lock. To update to newest allowed versions you should run bundle update (it also updates Gemfile.lock). If something goes wrong after update (e.g. tests fail) you can fall back to previous version of Gemfile.lock in repository and run bundle install again to get previously working versions of gems. Also, individual gems may be updated by bundle update <gem_name>, e.g. bundle update rails (that also resolves dependencies and updates Gemfile.lock).

The gembundler.com website has a lot of answers. You should check out the rationale page.