I have been a lone programmer on a particular project, but now someone else has joined as collaborator. With just me in the picture, bundlerupdates have been smooth, and I never thought twice about Gemfile.lockbeing tracked by Git.

我一直是一个特定项目的孤独程序员，但现在其他人作为合作者加入了。只有我在图片中，bundler更新一直很顺利，我从来没有想过Gemfile.lock被 Git 跟踪。

The new collaborator ran bundle installafter cloning the repo, and Gemfile.lockwas updated as follows:

新的合作者bundle install在克隆 repo 后运行，并Gemfile.lock更新如下：

Gemfile.lock

Gemfile.lock

@@ -141,7 +141,7 @@ GEM
       rack-ssl (~> 1.3.2)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
-      thor (< 2.0, >= 0.14.6)
+      thor (>= 0.14.6, < 2.0)
     raindrops (0.10.0)
     rake (0.9.2.2)
     rdoc (3.12)
@@ -164,7 +164,7 @@ GEM
     sprockets (2.1.3)
       hike (~> 1.2)
       rack (~> 1.0)
-      tilt (!= 1.3.0, ~> 1.1)
+      tilt (~> 1.1, != 1.3.0)
     thor (0.16.0)
     tilt (1.3.3)
     treetop (1.4.10)
@@ -175,7 +175,7 @@ GEM
     tzinfo (0.3.33)
     uglifier (1.3.0)
       execjs (>= 0.3.0)
-      multi_json (>= 1.0.2, ~> 1.0)
+      multi_json (~> 1.0, >= 1.0.2)
     unicorn (4.3.1)
       kgio (~> 2.6)
       rack

This change was pushed into a named branch off master. How am I supposed to deal with this change?

此更改被推送到 master 的命名分支中。我该如何应对这种变化？

Thinking out loud: Do I merge the Pull Request on GitHub? Do I just pull from upstream without a Pull Request at first? Do I run a particular bundler command to sync things up with the other collaborator's Gemfile.lock? Is there something the other collaborator could have done differently, so that they did not cause any gems to update (rather, just to download the gems specified in the existing Gemfile.lock)? What are the best practices around this situation?

大声思考：我是否在 GitHub 上合并 Pull Request？一开始我是否只是从上游拉取而没有拉取请求？我是否运行特定的 bundler 命令来与其他协作者的同步Gemfile.lock？是否有其他合作者可以做一些不同的事情，以便他们不会导致任何 gem 更新（相反，只是下载现有 中指定的 gem Gemfile.lock）？解决这种情况的最佳做法是什么？