Skip to content

Commit

Permalink
Bump yajl-ruby version for security reasons.
Browse files Browse the repository at this point in the history 
Make sure to use version 1.3.1 or later to include fix in brianmario/yajl-ruby#178.
  • Loading branch information
Matt Amos committed Nov 29, 2017
1 parent 6aad9a5 commit 2fed19f
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
3 changes: 3 additions & 0 deletions Gemfile
View file
Expand Up @@ -7,3 +7,6 @@ gem 'foodcritic' , '= 4.0.0'
gem 'rainbow' , '= 2.0.0'
gem 'rubocop' , '= 0.24.0'
gem 'kitchen-vagrant'

# force upgrade of yajl-ruby to 1.3.1 or later to fix security issue
gem 'yajl-ruby', '~> 1.3', '>= 1.3.1'
5 changes: 3 additions & 2 deletions Gemfile.lock
View file
Expand Up @@ -213,7 +213,7 @@ GEM
buff-extensions (~> 1.0)
hashie (>= 2.0.2, < 4.0.0)
wmi-lite (1.0.0)
yajl-ruby (1.2.1)
yajl-ruby (1.3.1)

PLATFORMS
ruby
Expand All @@ -226,6 +226,7 @@ DEPENDENCIES
rainbow (= 2.0.0)
rubocop (= 0.24.0)
test-kitchen
yajl-ruby (~> 1.3, >= 1.3.1)

BUNDLED WITH
1.11.2
1.16.0

0 comments on commit 2fed19f

Please sign in to comment.