summaryrefslogtreecommitdiff
path: root/Gemfile
diff options
context:
space:
mode:
authorConnor Shea <connor.james.shea@gmail.com>2016-05-19 13:55:25 -0500
committerConnor Shea <connor.james.shea@gmail.com>2016-05-30 13:51:21 -0600
commitd287315dbf1a1493e3f2c2511e559204cc914ff8 (patch)
treee8ad832255adec67b700a73e4cf853392e27bbb8 /Gemfile
parentd47b2b92c9b5e80eb3430e2b4950e17646b8efd8 (diff)
downloadgitlab-ce-d287315dbf1a1493e3f2c2511e559204cc914ff8.tar.gz
Upgrade attr_encrypted and encryptor
attr_encrypted (1.3.4 => 3.0.1) Changelog: https://github.com/attr-encrypted/attr_encrypted/blob/master/CHANGELOG.m d attr_encrypted 2.x included a vulnerability, so that major version is skipped. 3.x requires that the algorithm and mode used by each encrypted attribute is specified explicitly. `nil` is no longer a valid value for the encrypted_value_iv field, so it’s changed to a randomly generated string.
Diffstat (limited to 'Gemfile')
-rw-r--r--Gemfile2
1 files changed, 1 insertions, 1 deletions
diff --git a/Gemfile b/Gemfile
index 98a594be1c7..268cba1d6d4 100644
--- a/Gemfile
+++ b/Gemfile
@@ -44,7 +44,7 @@ gem 'akismet', '~> 2.0'
# Two-factor authentication
gem 'devise-two-factor', '~> 3.0.0'
gem 'rqrcode-rails3', '~> 0.1.7'
-gem 'attr_encrypted', '~> 1.3.4'
+gem 'attr_encrypted', '~> 3.0.0'
# Browser detection
gem "browser", '~> 1.0.0'