From b3ed4634e6a9f75bd12928cb4557b4a35b465621 Mon Sep 17 00:00:00 2001 From: Paul Dobbins Date: Sat, 13 Jul 2019 17:02:34 -0500 Subject: [PATCH] Add a gem w/ a known security vulnerability Yard v0.9.19 has a known security vulnerability. Making a pull request on this commit should invoke the needed test. Update pronto-bundler_audit version as well to try to get working functionality. --- Gemfile | 7 ++++++- Gemfile.lock | 6 ++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index e058f4f..85e94df 100644 --- a/Gemfile +++ b/Gemfile @@ -9,7 +9,7 @@ gem 'sqlite3' gem 'bootsnap', '>= 1.1.0', require: false gem 'pronto' -gem 'pronto-bundler_audit', '0.5.0.pre' +gem 'pronto-bundler_audit', '0.5.0' # gem 'pronto-bundler_audit', github: 'pdobb/pronto-bundler_audit', branch: 'master' group :development do @@ -18,3 +18,8 @@ group :development do gem 'pry-rails' gem 'listen', '>= 3.0.5', '< 3.2' end + +################################################################################ + +# Gems with security advisories, for testing pronto-bundler_audit. +gem 'yard', '0.9.19' diff --git a/Gemfile.lock b/Gemfile.lock index 46ade99..8d21396 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -103,7 +103,7 @@ GEM rainbow (>= 2.2, < 4.0) rugged (~> 0.24, >= 0.23.0) thor (~> 0.20.0) - pronto-bundler_audit (0.5.0.pre) + pronto-bundler_audit (0.5.0) bundler-audit (~> 0) pronto (~> 0) pry (0.12.2) @@ -170,6 +170,7 @@ GEM websocket-driver (0.7.1) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.4) + yard (0.9.19) PLATFORMS ruby @@ -179,11 +180,12 @@ DEPENDENCIES byebug listen (>= 3.0.5, < 3.2) pronto - pronto-bundler_audit (= 0.5.0.pre) + pronto-bundler_audit (= 0.5.0) pry-byebug pry-rails rails (~> 5.2.3) sqlite3 + yard (= 0.9.19) BUNDLED WITH 2.0.2