New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow newer versions of rubyzip #490
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Because of rubyzip/rubyzip#384 when rubyzip is one of the bundled gems, some anti-virus solutions will flag the package as a security issue.
The issue was fixed in rubyzip 2.0.0, however because warbler requires rubyzip with
['~> 1.0', '< 1.4']
, upgrading rubyzip to a newer version is not an option AFAICS.rubyzip is used in ZipSupport which looks like it should still work with the latest version of the gem.
In this case just relaxing the requirement in warbler.gemspec to allow for newer versions of
rubyzip
might suffice.The text was updated successfully, but these errors were encountered: