Merge branch 'update-rack-attack-security' into 'master'
Bump Rack Attack to v4.3.1 for security fix https://github.com/kickstarter/rack-attack/releases/tag/v4.3.1 See merge request !2153
This commit is contained in:
commit
22e65944ee
|
@ -1,6 +1,7 @@
|
|||
Please view this file on the master branch, on stable branches it's out of date.
|
||||
|
||||
v 8.3.0 (unreleased)
|
||||
- Bump rack-attack to 4.3.1 for security fix (Stan Hu)
|
||||
- API support for starred projects for authorized user (Zeger-Jan van de Weg)
|
||||
- Add open_issues_count to project API (Stan Hu)
|
||||
- Expand character set of usernames created by Omniauth (Corey Hinshaw)
|
||||
|
|
2
Gemfile
2
Gemfile
|
@ -175,7 +175,7 @@ gem "sanitize", '~> 2.0'
|
|||
gem 'babosa', '~> 1.0.2'
|
||||
|
||||
# Protect against bruteforcing
|
||||
gem "rack-attack", '~> 4.3.0'
|
||||
gem "rack-attack", '~> 4.3.1'
|
||||
|
||||
# Ace editor
|
||||
gem 'ace-rails-ap', '~> 2.0.1'
|
||||
|
|
|
@ -507,7 +507,7 @@ GEM
|
|||
rack (1.6.4)
|
||||
rack-accept (0.4.5)
|
||||
rack (>= 0.4)
|
||||
rack-attack (4.3.0)
|
||||
rack-attack (4.3.1)
|
||||
rack
|
||||
rack-cors (0.4.0)
|
||||
rack-mount (0.8.3)
|
||||
|
@ -908,7 +908,7 @@ DEPENDENCIES
|
|||
poltergeist (~> 1.8.1)
|
||||
pry-rails
|
||||
quiet_assets (~> 1.0.2)
|
||||
rack-attack (~> 4.3.0)
|
||||
rack-attack (~> 4.3.1)
|
||||
rack-cors (~> 0.4.0)
|
||||
rack-oauth2 (~> 1.2.1)
|
||||
rails (= 4.2.4)
|
||||
|
|
Loading…
Reference in New Issue