Add a gem w/ a known security vulnerability

Yard v0.9.19 has a known security vulnerability. Making a pull request on this commit should invoke the needed test. Update pronto-bundler_audit version as well to try to get working functionality.
pdobb · Aug 1, 2019 · b3ed463 · b3ed463
1 parent bb374dc
commit b3ed463
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 3 deletions.
diff --git a/Gemfile b/Gemfile
@@ -9,7 +9,7 @@ gem 'sqlite3'
 gem 'bootsnap', '>= 1.1.0', require: false
 
 gem 'pronto'
-gem 'pronto-bundler_audit', '0.5.0.pre'
+gem 'pronto-bundler_audit', '0.5.0'
 # gem 'pronto-bundler_audit', github: 'pdobb/pronto-bundler_audit', branch: 'master'
 
 group :development do
@@ -18,3 +18,8 @@ group :development do
   gem 'pry-rails'
   gem 'listen', '>= 3.0.5', '< 3.2'
 end
+
+################################################################################
+
+# Gems with security advisories, for testing pronto-bundler_audit.
+gem 'yard', '0.9.19'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -103,7 +103,7 @@ GEM
       rainbow (>= 2.2, < 4.0)
       rugged (~> 0.24, >= 0.23.0)
       thor (~> 0.20.0)
-    pronto-bundler_audit (0.5.0.pre)
+    pronto-bundler_audit (0.5.0)
       bundler-audit (~> 0)
       pronto (~> 0)
     pry (0.12.2)
@@ -170,6 +170,7 @@ GEM
     websocket-driver (0.7.1)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.4)
+    yard (0.9.19)
 
 PLATFORMS
   ruby
@@ -179,11 +180,12 @@ DEPENDENCIES
   byebug
   listen (>= 3.0.5, < 3.2)
   pronto
-  pronto-bundler_audit (= 0.5.0.pre)
+  pronto-bundler_audit (= 0.5.0)
   pry-byebug
   pry-rails
   rails (~> 5.2.3)
   sqlite3
+  yard (= 0.9.19)
 
 BUNDLED WITH
    2.0.2