Merge branch 'sh-bump-gems-security' into 'master'
Bump nokogiri, loofah, and rack gems for security updates See merge request gitlab-org/gitlab-ce!23204
This commit is contained in:
commit
8a581d531b
2
Gemfile
2
Gemfile
|
@ -389,7 +389,7 @@ group :test do
|
|||
gem 'rails-controller-testing' if rails5? # Rails5 only gem.
|
||||
gem 'test_after_commit', '~> 1.1' unless rails5? # Remove this gem when migrated to rails 5.0. It's been integrated to rails 5.0.
|
||||
gem 'sham_rack', '~> 1.3.6'
|
||||
gem 'concurrent-ruby', '~> 1.0.5'
|
||||
gem 'concurrent-ruby', '~> 1.1'
|
||||
gem 'test-prof', '~> 0.2.5'
|
||||
gem 'rspec_junit_formatter'
|
||||
end
|
||||
|
|
18
Gemfile.lock
18
Gemfile.lock
|
@ -128,9 +128,9 @@ GEM
|
|||
concord (0.1.5)
|
||||
adamantium (~> 0.2.0)
|
||||
equalizer (~> 0.0.9)
|
||||
concurrent-ruby (1.0.5)
|
||||
concurrent-ruby-ext (1.0.5)
|
||||
concurrent-ruby (= 1.0.5)
|
||||
concurrent-ruby (1.1.3)
|
||||
concurrent-ruby-ext (1.1.3)
|
||||
concurrent-ruby (= 1.1.3)
|
||||
connection_pool (2.2.2)
|
||||
crack (0.4.3)
|
||||
safe_yaml (~> 1.0.0)
|
||||
|
@ -379,7 +379,7 @@ GEM
|
|||
json (~> 1.8)
|
||||
multi_xml (>= 0.5.2)
|
||||
httpclient (2.8.3)
|
||||
i18n (1.1.0)
|
||||
i18n (1.1.1)
|
||||
concurrent-ruby (~> 1.0)
|
||||
icalendar (2.4.1)
|
||||
ice_nine (0.11.2)
|
||||
|
@ -444,7 +444,7 @@ GEM
|
|||
activesupport (>= 4)
|
||||
railties (>= 4)
|
||||
request_store (~> 1.0)
|
||||
loofah (2.2.2)
|
||||
loofah (2.2.3)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.5.9)
|
||||
mail (2.7.0)
|
||||
|
@ -453,7 +453,7 @@ GEM
|
|||
memoist (0.16.0)
|
||||
memoizable (0.4.2)
|
||||
thread_safe (~> 0.3, >= 0.3.1)
|
||||
method_source (0.9.0)
|
||||
method_source (0.9.2)
|
||||
mime-types (3.2.2)
|
||||
mime-types-data (~> 3.2015)
|
||||
mime-types-data (3.2018.0812)
|
||||
|
@ -475,7 +475,7 @@ GEM
|
|||
net-ssh (5.0.1)
|
||||
netrc (0.11.0)
|
||||
nio4r (2.3.1)
|
||||
nokogiri (1.8.4)
|
||||
nokogiri (1.8.5)
|
||||
mini_portile2 (~> 2.3.0)
|
||||
nokogumbo (1.5.0)
|
||||
nokogiri
|
||||
|
@ -603,7 +603,7 @@ GEM
|
|||
get_process_mem (~> 0.2)
|
||||
puma (>= 2.7, < 4)
|
||||
pyu-ruby-sasl (0.0.3.3)
|
||||
rack (2.0.5)
|
||||
rack (2.0.6)
|
||||
rack-accept (0.4.5)
|
||||
rack (>= 0.4)
|
||||
rack-attack (4.4.1)
|
||||
|
@ -967,7 +967,7 @@ DEPENDENCIES
|
|||
chronic (~> 0.10.2)
|
||||
chronic_duration (~> 0.10.6)
|
||||
commonmarker (~> 0.17)
|
||||
concurrent-ruby (~> 1.0.5)
|
||||
concurrent-ruby (~> 1.1)
|
||||
connection_pool (~> 2.0)
|
||||
creole (~> 0.5.0)
|
||||
database_cleaner (~> 1.5.0)
|
||||
|
|
|
@ -125,9 +125,9 @@ GEM
|
|||
concord (0.1.5)
|
||||
adamantium (~> 0.2.0)
|
||||
equalizer (~> 0.0.9)
|
||||
concurrent-ruby (1.0.5)
|
||||
concurrent-ruby-ext (1.0.5)
|
||||
concurrent-ruby (= 1.0.5)
|
||||
concurrent-ruby (1.1.3)
|
||||
concurrent-ruby-ext (1.1.3)
|
||||
concurrent-ruby (= 1.1.3)
|
||||
connection_pool (2.2.2)
|
||||
crack (0.4.3)
|
||||
safe_yaml (~> 1.0.0)
|
||||
|
@ -441,7 +441,7 @@ GEM
|
|||
activesupport (>= 4)
|
||||
railties (>= 4)
|
||||
request_store (~> 1.0)
|
||||
loofah (2.2.2)
|
||||
loofah (2.2.3)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.5.9)
|
||||
mail (2.7.0)
|
||||
|
@ -471,7 +471,7 @@ GEM
|
|||
net-ldap (0.16.0)
|
||||
net-ssh (5.0.1)
|
||||
netrc (0.11.0)
|
||||
nokogiri (1.8.4)
|
||||
nokogiri (1.8.5)
|
||||
mini_portile2 (~> 2.3.0)
|
||||
nokogumbo (1.5.0)
|
||||
nokogiri
|
||||
|
@ -958,7 +958,7 @@ DEPENDENCIES
|
|||
chronic (~> 0.10.2)
|
||||
chronic_duration (~> 0.10.6)
|
||||
commonmarker (~> 0.17)
|
||||
concurrent-ruby (~> 1.0.5)
|
||||
concurrent-ruby (~> 1.1)
|
||||
connection_pool (~> 2.0)
|
||||
creole (~> 0.5.0)
|
||||
database_cleaner (~> 1.5.0)
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Bump nokogiri, loofah, and rack gems for security updates
|
||||
merge_request: 23204
|
||||
author:
|
||||
type: security
|
Loading…
Reference in New Issue