Skip to content

Commit

Permalink
Resolves gem vulnerability issues with Nokogiri (#2989)
Browse files Browse the repository at this point in the history
* Resolves gem vulnerability issues

Stems from:

A CVE for Nokogiri and all vets-api builds will fail until we upgrade nokogiri:

sparklemotion/nokogiri#1892
  • Loading branch information
hpjaj authored Apr 22, 2019
1 parent b22cb06 commit 8bb1e0d
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 7 deletions.
2 changes: 1 addition & 1 deletion Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ gem 'mail', '2.6.6'
gem 'memoist'
gem 'mini_magick'
gem 'net-sftp'
gem 'nokogiri', '1.8.5'
gem 'nokogiri', '~> 1.10', '>= 1.10.3'
gem 'octokit'
gem 'oj' # Amazon Linux `json` gem causes conflicts, but `multi_json` will prefer `oj` if installed
gem 'olive_branch'
Expand Down
12 changes: 6 additions & 6 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -727,8 +727,8 @@ GEM
faraday (>= 0.7.4, < 0.10)
multi_json (~> 1.0)
builder (3.2.3)
bundler-audit (0.5.0)
bundler (~> 1.2)
bundler-audit (0.6.1)
bundler (>= 1.2.0, < 3)
thor (~> 0.18)
byebug (8.2.2)
carrierwave (0.11.2)
Expand Down Expand Up @@ -864,7 +864,7 @@ GEM
mime-types-data (3.2018.0812)
mimemagic (0.3.2)
mini_magick (4.7.0)
mini_portile2 (2.3.0)
mini_portile2 (2.4.0)
minitest (5.11.3)
multi_json (1.13.1)
multipart-post (2.0.0)
Expand All @@ -873,8 +873,8 @@ GEM
net-ssh (>= 2.6.5)
net-ssh (4.1.0)
nio4r (2.3.1)
nokogiri (1.8.5)
mini_portile2 (~> 2.3.0)
nokogiri (1.10.3)
mini_portile2 (~> 2.4.0)
nori (2.6.0)
notiffany (0.0.8)
nenv (~> 0.1)
Expand Down Expand Up @@ -1189,7 +1189,7 @@ DEPENDENCIES
memoist
mini_magick
net-sftp
nokogiri (= 1.8.5)
nokogiri (~> 1.10, >= 1.10.3)
octokit
oj
olive_branch
Expand Down

0 comments on commit 8bb1e0d

Please sign in to comment.