We should be able to update minor versions of stable libs without breaking
gitlab Gemfile

--- a/Gemfile
+++ b/Gemfile
@@ -1,15 +1,15 @@
 source 'https://rubygems.org'
 
-gem 'rails', '4.2.8'
+gem 'rails', '~> 4.2.8'
 gem 'rails-deprecated_sanitizer', '~> 1.0.3'
 
 # Responders respond_to and respond_with
 gem 'responders', '~> 2.0'
 
-gem 'sprockets', '~> 3.7.0'
+gem 'sprockets', '~> 3.7'
 
 # Default values for AR models
-gem 'default_value_for', '~> 3.0.0'
+gem 'default_value_for', '~> 3.0'
 
 # Supported DBs
 gem 'mysql2', '~> 0.3.16', group: :mysql
@@ -21,38 +21,38 @@
 
 # Authentication libraries
 gem 'devise', '~> 4.2'
-gem 'doorkeeper', '~> 4.2.0'
-gem 'doorkeeper-openid_connect', '~> 1.1.0'
-gem 'omniauth', '~> 1.4.2'
-gem 'omniauth-auth0', '~> 1.4.1'
+gem 'doorkeeper', '~> 4.2'
+gem 'doorkeeper-openid_connect', '~> 1.1'
+gem 'omniauth', '~> 1.4', '>= 1.4.2'
+gem 'omniauth-auth0', '~> 1.4', '>= 1.4.1'
 gem 'omniauth-azure-oauth2', '~> 0.0.6'
-gem 'omniauth-cas3', '~> 1.1.2'
-gem 'omniauth-facebook', '~> 4.0.0'
-gem 'omniauth-github', '~> 1.1.1'
-gem 'omniauth-gitlab', '~> 1.0.2'
+gem 'omniauth-cas3', '~> 1.1', '>= 1.1.2'
+gem 'omniauth-facebook', '~> 4.0'
+gem 'omniauth-github', '~> 1.1', '>= 1.1.1'
+gem 'omniauth-gitlab', '~> 1.0', '>= 1.0.2'
 gem 'omniauth-google-oauth2', '~> 0.4.1'
 gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
 gem 'omniauth-oauth2-generic', '~> 0.2.2'
-gem 'omniauth-saml', '~> 1.7.0'
-gem 'omniauth-shibboleth', '~> 1.2.0'
-gem 'omniauth-twitter', '~> 1.2.0'
-gem 'omniauth_crowd', '~> 2.2.0'
+gem 'omniauth-saml', '~> 1.7'
+gem 'omniauth-shibboleth', '~> 1.2'
+gem 'omniauth-twitter', '~> 1.2'
+gem 'omniauth_crowd', '~> 2.2'
 gem 'omniauth-authentiq', '~> 0.3.0'
-gem 'rack-oauth2', '~> 1.2.1'
-gem 'jwt', '~> 1.5.6'
+gem 'rack-oauth2', '~> 1.2', '>= 1.2.1'
+gem 'jwt', '~> 1.5', '>= 1.5.6'
 
 # Spam and anti-bot protection
 gem 'recaptcha', '~> 3.0', require: 'recaptcha/rails'
 gem 'akismet', '~> 2.0'
 
 # Two-factor authentication
-gem 'devise-two-factor', '~> 3.0.0'
+gem 'devise-two-factor', '~> 3.0'
 gem 'rqrcode-rails3', '~> 0.1.7'
-gem 'attr_encrypted', '~> 3.0.0'
+gem 'attr_encrypted', '~> 3.0'
 gem 'u2f', '~> 0.2.1'
 
 # GitLab Pages
-gem 'validates_hostname', '~> 1.0.6'
+gem 'validates_hostname', '~> 1.0', '>= 1.0.6'
 
 # Browser detection
 gem 'browser', '~> 2.2'
@@ -60,7 +60,7 @@
 # LDAP Auth
 # GitLab fork with several improvements to original library. For full list of changes
 # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
-gem 'omniauth-ldap', '~> 1.0.4', require: "omniauth-ldap"
+gem 'omniauth-ldap', '~> 1.0', '>= 1.0.4', require: "omniauth-ldap"
 
 # Git Wiki
 # Required manually in config/initializers/gollum.rb to control load order
@@ -68,7 +68,7 @@
 gem 'gollum-rugged_adapter', '~> 0.4.4', require: false
 
 # Language detection
-gem 'github-linguist', '~> 4.7.0', require: 'linguist'
+gem 'github-linguist', '~> 4.7', require: 'linguist'
 
 # API
 gem 'grape', '~> 0.19.0'
@@ -82,7 +82,7 @@
 gem 'kaminari', '~> 0.17.0'
 
 # HAML
-gem 'hamlit', '~> 2.6.1'
+gem 'hamlit', '~> 2.6', '>= 2.6.1'
 
 # Files attachments
 gem 'carrierwave', '~> 1.0'
@@ -108,37 +108,37 @@
 gem 'seed-fu', '~> 2.3.5'
 
 # Markdown and HTML processing
-gem 'html-pipeline', '~> 1.11.0'
-gem 'deckar01-task_list', '1.0.6', require: 'task_list/railtie'
-gem 'gitlab-markup', '~> 1.5.1'
+gem 'html-pipeline', '~> 1.11'
+gem 'deckar01-task_list', '1.0', '>= 1.0.6', require: 'task_list/railtie'
+gem 'gitlab-markup', '~> 1.5','>= 1.5.1'
 gem 'redcarpet', '~> 3.4'
-gem 'RedCloth', '~> 4.3.2'
+gem 'RedCloth', '~> 4.3', '>= 4.3.2'
 gem 'rdoc', '~> 4.2'
 gem 'org-ruby', '~> 0.9.12'
 gem 'creole', '~> 0.5.0'
 gem 'wikicloth', '0.8.1'
-gem 'asciidoctor', '~> 1.5.2'
+gem 'asciidoctor', '~> 1.5','>= 1.5.2'
 gem 'asciidoctor-plantuml', '0.0.7'
 gem 'rouge', '~> 2.0'
 gem 'truncato', '~> 0.7.8'
 
 # See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
 # and https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
-gem 'nokogiri', '~> 1.6.7', '>= 1.6.7.2'
+gem 'nokogiri', '~> 1.6', '>= 1.6.7.2'
 
 # Diffs
-gem 'diffy', '~> 3.1.0'
+gem 'diffy', '~> 3.1'
 
 # Application server
 group :unicorn do
-  gem 'unicorn', '~> 5.1.0'
+  gem 'unicorn', '~> 5.1'
   gem 'unicorn-worker-killer', '~> 0.4.4'
 end
 
 # State machine
 gem 'state_machines-activerecord', '~> 0.4.0'
 # Run events after state machine commits
-gem 'after_commit_queue', '~> 1.3.0'
+gem 'after_commit_queue', '~> 1.3'
 
 # Issue tags
 gem 'acts-as-taggable-on', '~> 4.0'
@@ -146,49 +146,49 @@
 # Background jobs
 gem 'sidekiq', '~> 5.0'
 gem 'sidekiq-cron', '~> 0.4.4'
-gem 'redis-namespace', '~> 1.5.2'
+gem 'redis-namespace', '~> 1.5', '>= 1.5.2'
 gem 'sidekiq-limit_fetch', '~> 3.4'
 
 # Cron Parser
-gem 'rufus-scheduler', '~> 3.1.10'
+gem 'rufus-scheduler', '~> 3.1', '>= 3.1.10'
 
 # HTTP requests
 gem 'httparty', '~> 0.13.3'
 
 # Colored output to console
-gem 'rainbow', '~> 2.1.0'
+gem 'rainbow', '~> 2.1'
 
 # GitLab settings
-gem 'settingslogic', '~> 2.0.9'
+gem 'settingslogic', '~> 2.0', '>= 2.0.9'
 
 # Linear-time regex library for untrusted regular expressions
-gem 're2', '~> 1.0.0'
+gem 're2', '~> 1.0'
 
 # Misc
 
-gem 'version_sorter', '~> 2.1.0'
+gem 'version_sorter', '~> 2.1'
 
 # Cache
-gem 'redis-rails', '~> 5.0.1'
+gem 'redis-rails', '~> 5.0', '>= 5.0.1'
 
 # Redis
 gem 'redis', '~> 3.2'
 gem 'connection_pool', '~> 2.0'
 
 # HipChat integration
-gem 'hipchat', '~> 1.5.0'
+gem 'hipchat', '~> 1.5'
 
 # JIRA integration
-gem 'jira-ruby', '~> 1.1.2'
+gem 'jira-ruby', '~> 1.1', '>= 1.1.2'
 
 # Flowdock integration
-gem 'gitlab-flowdock-git-hook', '~> 1.0.1'
+gem 'gitlab-flowdock-git-hook', '~> 1.0', '>= 1.0.1'
 
 # Gemnasium integration
 gem 'gemnasium-gitlab-service', '~> 0.2'
 
 # Slack integration
-gem 'slack-notifier', '~> 1.5.1'
+gem 'slack-notifier', '~> 1.5', '>= 1.5.1'
 
 # Asana integration
 gem 'asana', '~> 0.6.0'
@@ -197,38 +197,38 @@
 gem 'ruby-fogbugz', '~> 0.2.1'
 
 # Kubernetes integration
-gem 'kubeclient', '~> 2.2.0'
+gem 'kubeclient', '~> 2.2'
 
 # d3
-gem 'd3_rails', '~> 3.5.0'
+gem 'd3_rails', '~> 3.5'
 
 # underscore-rails
-gem 'underscore-rails', '~> 1.8.0'
+gem 'underscore-rails', '~> 1.8'
 
 # Sanitize user input
 gem 'sanitize', '~> 2.0'
-gem 'babosa', '~> 1.0.2'
+gem 'babosa', '~> 1.0', '>= 1.0.2'
 
 # Sanitizes SVG input
-gem 'loofah', '~> 2.0.3'
+gem 'loofah', '~> 2.0', '>= 2.0.3'
 
 # Working with license
-gem 'licensee', '~> 8.7.0'
+gem 'licensee', '~> 8.7'
 
 # Protect against bruteforcing
-gem 'rack-attack', '~> 4.4.1'
+gem 'rack-attack', '~> 4.4', '>= 4.4.1'
 
 # Ace editor
-gem 'ace-rails-ap', '~> 4.1.0'
+gem 'ace-rails-ap', '~> 4.1'
 
 # Keyboard shortcuts
-gem 'mousetrap-rails', '~> 1.4.6'
+gem 'mousetrap-rails', '~> 1.4', '>= 1.4.6'
 
 # Detect and convert string character encoding
 gem 'charlock_holmes', '~> 0.7.3'
 
 # Faster JSON
-gem 'oj', '~> 2.17.4'
+gem 'oj', '~> 2.17', '>= 2.17.4'
 
 # Parse time & duration
 gem 'chronic', '~> 0.10.2'
@@ -237,32 +237,32 @@
 gem 'webpack-rails', '~> 0.9.10'
 gem 'rack-proxy', '~> 0.6.0'
 
-gem 'sass-rails', '~> 5.0.6'
-gem 'coffee-rails', '~> 4.1.0'
-gem 'uglifier', '~> 2.7.2'
+gem 'sass-rails', '~> 5.0', '>= 5.0.6'
+gem 'coffee-rails', '~> 4.1'
+gem 'uglifier', '~> 2.7', '>= 2.7.2'
 
-gem 'addressable', '~> 2.3.8'
-gem 'bootstrap-sass', '~> 3.3.0'
+gem 'addressable', '~> 2.3', '>= 2.3.8'
+gem 'bootstrap-sass', '~> 3.3'
 gem 'font-awesome-rails', '~> 4.7'
 gem 'gemojione', '~> 3.0'
-gem 'gon', '~> 6.1.0'
-gem 'jquery-atwho-rails', '~> 1.3.2'
-gem 'jquery-rails', '~> 4.1.0'
+gem 'gon', '~> 6.1'
+gem 'jquery-atwho-rails', '~> 1.3', '>= 1.3.2'
+gem 'jquery-rails', '~> 4.1'
 gem 'request_store', '~> 1.3'
-gem 'select2-rails', '~> 3.5.9'
-gem 'virtus', '~> 1.0.1'
-gem 'net-ssh', '~> 3.0.1'
+gem 'select2-rails', '~> 3.5', '>= 3.5.9'
+gem 'virtus', '~> 1.0', '>= 1.0.1'
+gem 'net-ssh', '~> 3.0', '>= 3.0.1'
 gem 'base32', '~> 0.3.0'
 
 # Sentry integration
-gem 'sentry-raven', '~> 2.4.0'
+gem 'sentry-raven', '~> 2.4'
 
-gem 'premailer-rails', '~> 1.9.0'
+gem 'premailer-rails', '~> 1.9'
 
 # I18n
-gem 'ruby_parser', '~> 3.8.4', require: false
-gem 'gettext_i18n_rails', '~> 1.8.0'
-gem 'gettext_i18n_rails_js', '~> 1.2.0'
+gem 'ruby_parser', '~> 3.8', '>= 3.8.4', require: false
+gem 'gettext_i18n_rails', '~> 1.8'
+gem 'gettext_i18n_rails_js', '~> 1.2'
 gem 'gettext', '~> 3.2.2', require: false, group: :development
 
 # Metrics