When do I want to use Ruby On Rails submodules?

Question

I like the idea of using submodules, but I am worried that I am leaving my code in someone else's hands. The main issue is that every time I deploy with capistrano, a new copy of the submodule is checked out since I am using:

set :git_enable_submodules, 1

So what happens if someone commits broken code? Then I app breaks on deploy.

Are submodules generally a bad idea unless you control the repository?

If so, is it common practice to just keep a copy of every plugin in your local repo and under your SCM?

Thanks!

Answer 1

Yes, you should keep local copies of everything that may be updated without warning (such as git submodules or svn externals). Take no risk when it comes to deployment on production!

Some even argue you should freeze Rails and all your pure-Ruby gems to the vendor directory as well, so that they only get updated when you want to. You avoid having to install all dependencies on every server you deploy to. This is slightly less relevant now that Rails makes it really easy to install all required gems with a simple rake task, though (rake gems:install).