[FEATURE] copy the Gemfile.lock as Gemfile.next.lock before running #24
Description
When we create a Gemfile.next.lock from scratch, it uses the latest versions for all dependencies without explicit versions. This applies to dependencies of dependencies too.
Silently updating versions in the Gemfile.next.lock can create bugs that are really hard to debug.
We should always copy the Gemfile.lock as Gemfile.next.lock before running next bundle install for the first time.
By adding an extra step to next --init we can make sure that no unintentional version jumps are made.
We add the extra copy step like this:
cp Gemfile.lock Gemfile.next.lock
For context:
to illustrate the problem, we found that issue in an upgrade today, the client started
the upgrade and there was a dependency on the RestClient gem with > 1.6 , the
Gemfile.lock sets 1.6.9, but since the Gemfile.next.lock was created from scratch,
it was using the latest 2.x... version, which includes breaking changes! and it was
pretty hard to debug because it was not related to the things that were updated explicitly