summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKamil Trzciński <ayufan@ayufan.eu>2015-07-10 08:39:16 +0000
committerKamil Trzciński <ayufan@ayufan.eu>2015-07-10 08:39:16 +0000
commit0261c8f1672d75ec5aaf3108476e655cdd93ad3b (patch)
treedffaf40da9a50f5f4b1c309cccd2f6db551d3178
parenta14db6d3c063724a3ee76ba9a733ba09a4fdea73 (diff)
parent9891abd292787e695cf17fa36ef5f699299caad0 (diff)
downloadgitlab-ci-0261c8f1672d75ec5aaf3108476e655cdd93ad3b.tar.gz
Merge branch 'rs-issue-214' into 'master'
Gem version updates ### Bump rails, jquery-rails, sprockets, sass-rails versions Addresses security advisories: - https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY - https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc --- ### Bump coveralls version Addresses security issues in its rest-client dependencies: - https://github.com/rest-client/rest-client/issues/369 - http://www.osvdb.org/show/osvdb/117461 Closes #214 See merge request !194
Diffstat
-rw-r--r--Gemfile12
-rw-r--r--Gemfile.lock122
2 files changed, 73 insertions, 61 deletions
diff --git a/Gemfile b/Gemfile
index 46384fc..94e06a8 100644
--- a/Gemfile
+++ b/Gemfile
@@ -8,11 +8,15 @@ def linux_only(require_as)
RUBY_PLATFORM.include?('linux') && require_as
end
-gem 'rails', '4.1.11'
+gem 'rails', '4.1.12'
gem 'activerecord-deprecated_finders'
gem 'activerecord-session_store'
gem "nested_form"
+# Specify a sprockets version due to security issue
+# See https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
+gem 'sprockets', '~> 2.12.3'
+
# tag runners
gem 'acts-as-taggable-on', '~> 3.4'
@@ -69,10 +73,10 @@ gem 'hipchat', '~> 1.5.0'
# Other
gem 'rake'
gem 'foreman'
-gem 'jquery-rails'
+gem 'jquery-rails', '~> 3.1.3'
gem 'gitlab_ci_meta', '~> 4.0'
-gem 'sass-rails', '~> 4.0.0'
+gem 'sass-rails', '~> 4.0.5'
gem 'coffee-rails', '~> 4.0.0'
gem 'uglifier', '>= 1.0.3'
@@ -121,7 +125,7 @@ group :development, :test do
gem 'rb-inotify', require: linux_only('rb-inotify')
gem "simplecov", require: false
- gem 'coveralls', require: false
+ gem 'coveralls', '~> 0.8.2', require: false
gem 'rubocop', '0.28.0', require: false
end
diff --git a/Gemfile.lock b/Gemfile.lock
index 51f520f..0c8adab 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -2,32 +2,32 @@ GEM
remote: https://rubygems.org/
specs:
CFPropertyList (2.3.1)
- actionmailer (4.1.11)
- actionpack (= 4.1.11)
- actionview (= 4.1.11)
+ actionmailer (4.1.12)
+ actionpack (= 4.1.12)
+ actionview (= 4.1.12)
mail (~> 2.5, >= 2.5.4)
- actionpack (4.1.11)
- actionview (= 4.1.11)
- activesupport (= 4.1.11)
+ actionpack (4.1.12)
+ actionview (= 4.1.12)
+ activesupport (= 4.1.12)
rack (~> 1.5.2)
rack-test (~> 0.6.2)
- actionview (4.1.11)
- activesupport (= 4.1.11)
+ actionview (4.1.12)
+ activesupport (= 4.1.12)
builder (~> 3.1)
erubis (~> 2.7.0)
- activemodel (4.1.11)
- activesupport (= 4.1.11)
+ activemodel (4.1.12)
+ activesupport (= 4.1.12)
builder (~> 3.1)
- activerecord (4.1.11)
- activemodel (= 4.1.11)
- activesupport (= 4.1.11)
+ activerecord (4.1.12)
+ activemodel (= 4.1.12)
+ activesupport (= 4.1.12)
arel (~> 5.0.0)
activerecord-deprecated_finders (1.0.3)
activerecord-session_store (0.1.0)
actionpack (>= 4.0.0, < 5)
activerecord (>= 4.0.0, < 5)
railties (>= 4.0.0, < 5)
- activesupport (4.1.11)
+ activesupport (4.1.12)
i18n (~> 0.6, >= 0.6.9)
json (~> 1.7, >= 1.7.7)
minitest (~> 5.1)
@@ -85,12 +85,12 @@ GEM
colored (1.2)
columnize (0.9.0)
connection_pool (1.2.0)
- coveralls (0.7.0)
- multi_json (~> 1.3)
- rest-client
- simplecov (>= 0.7)
- term-ansicolor
- thor
+ coveralls (0.8.2)
+ json (~> 1.8)
+ rest-client (>= 1.6.8, < 2)
+ simplecov (~> 0.10.0)
+ term-ansicolor (~> 1.3)
+ thor (~> 0.19.1)
crack (0.4.1)
safe_yaml (~> 0.9.0)
database_cleaner (1.3.0)
@@ -100,7 +100,9 @@ GEM
descendants_tracker (0.0.4)
thread_safe (~> 0.3, >= 0.3.1)
diff-lcs (1.2.5)
- docile (1.1.1)
+ docile (1.1.5)
+ domain_name (0.5.24)
+ unf (>= 0.0.5, < 1.0.0)
dotenv (0.9.0)
email_spec (1.5.0)
launchy (~> 2.1)
@@ -219,6 +221,8 @@ GEM
hipchat (1.5.0)
httparty
mimemagic
+ http-cookie (1.0.2)
+ domain_name (~> 0.5)
httparty (0.11.0)
multi_json (~> 1.0)
multi_xml (>= 0.5.2)
@@ -226,13 +230,13 @@ GEM
ice_nine (0.11.0)
inflecto (0.0.2)
ipaddress (0.8.0)
- jquery-rails (3.0.4)
+ jquery-rails (3.1.3)
railties (>= 3.0, < 5.0)
thor (>= 0.14, < 2.0)
jquery-turbolinks (2.0.1)
railties (>= 3.1.0)
turbolinks
- json (1.8.2)
+ json (1.8.3)
jwt (1.2.0)
kaminari (0.15.0)
actionpack (>= 3.0.0)
@@ -250,11 +254,11 @@ GEM
mail (2.6.3)
mime-types (>= 1.16, < 3)
method_source (0.8.2)
- mime-types (2.4.3)
+ mime-types (2.6.1)
mimemagic (0.3.0)
mini_portile (0.6.2)
- minitest (5.5.1)
- multi_json (1.11.0)
+ minitest (5.7.0)
+ multi_json (1.11.2)
multi_xml (0.5.5)
multipart-post (2.0.0)
mysql2 (0.3.14)
@@ -262,6 +266,7 @@ GEM
net-scp (1.2.1)
net-ssh (>= 2.6.5)
net-ssh (2.9.2)
+ netrc (0.10.3)
nokogiri (1.6.6.2)
mini_portile (~> 0.6.0)
nprogress-rails (0.1.2.3)
@@ -292,7 +297,7 @@ GEM
slop (~> 3.4)
quiet_assets (1.0.2)
railties (>= 3.1, < 5.0)
- rack (1.5.2)
+ rack (1.5.5)
rack-accept (0.4.5)
rack (>= 0.4)
rack-mini-profiler (0.9.0)
@@ -303,19 +308,19 @@ GEM
rack
rack-test (0.6.3)
rack (>= 1.0)
- rails (4.1.11)
- actionmailer (= 4.1.11)
- actionpack (= 4.1.11)
- actionview (= 4.1.11)
- activemodel (= 4.1.11)
- activerecord (= 4.1.11)
- activesupport (= 4.1.11)
+ rails (4.1.12)
+ actionmailer (= 4.1.12)
+ actionpack (= 4.1.12)
+ actionview (= 4.1.12)
+ activemodel (= 4.1.12)
+ activerecord (= 4.1.12)
+ activesupport (= 4.1.12)
bundler (>= 1.3.0, < 2.0)
- railties (= 4.1.11)
+ railties (= 4.1.12)
sprockets-rails (~> 2.0)
- railties (4.1.11)
- actionpack (= 4.1.11)
- activesupport (= 4.1.11)
+ railties (4.1.12)
+ actionpack (= 4.1.12)
+ activesupport (= 4.1.12)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rainbow (2.0.0)
@@ -331,8 +336,10 @@ GEM
redis (3.0.6)
redis-namespace (1.4.1)
redis (~> 3.0.4)
- rest-client (1.6.7)
- mime-types (>= 1.16)
+ rest-client (1.8.0)
+ http-cookie (>= 1.0.2, < 2.0)
+ mime-types (>= 1.16, < 3.0)
+ netrc (~> 0.7)
rspec (2.14.1)
rspec-core (~> 2.14.0)
rspec-expectations (~> 2.14.0)
@@ -362,10 +369,10 @@ GEM
sexp_processor (~> 4.1)
safe_yaml (0.9.7)
sass (3.2.19)
- sass-rails (4.0.3)
+ sass-rails (4.0.5)
railties (>= 4.0.0, < 5.0)
- sass (~> 3.2.0)
- sprockets (~> 2.8, <= 2.11.0)
+ sass (~> 3.2.2)
+ sprockets (~> 2.8, < 3.0)
sprockets-rails (~> 2.0)
settingslogic (2.0.9)
sexp_processor (4.5.0)
@@ -377,11 +384,11 @@ GEM
json
redis (>= 3.0.4)
redis-namespace (>= 1.3.1)
- simplecov (0.8.2)
+ simplecov (0.10.0)
docile (~> 1.1.0)
- multi_json
- simplecov-html (~> 0.8.0)
- simplecov-html (0.8.0)
+ json (~> 1.8)
+ simplecov-html (~> 0.10.0)
+ simplecov-html (0.10.0)
sinatra (1.4.4)
rack (~> 1.4)
rack-protection (~> 1.4)
@@ -394,26 +401,26 @@ GEM
spring (1.3.6)
spring-commands-rspec (1.0.4)
spring (>= 0.9.1)
- sprockets (2.11.0)
+ sprockets (2.12.4)
hike (~> 1.2)
multi_json (~> 1.0)
rack (~> 1.0)
tilt (~> 1.1, != 1.3.0)
- sprockets-rails (2.2.4)
+ sprockets-rails (2.3.2)
actionpack (>= 3.0)
activesupport (>= 3.0)
sprockets (>= 2.8, < 4.0)
stamp (0.5.0)
state_machine (1.2.0)
temple (0.6.7)
- term-ansicolor (1.2.2)
- tins (~> 0.8)
+ term-ansicolor (1.3.2)
+ tins (~> 1.0)
terminal-table (1.4.5)
thor (0.19.1)
- thread_safe (0.3.4)
+ thread_safe (0.3.5)
tilt (1.4.1)
timers (1.1.0)
- tins (0.13.1)
+ tins (1.5.4)
trollop (2.1.2)
turbolinks (2.0.0)
coffee-rails
@@ -458,7 +465,7 @@ DEPENDENCIES
capybara
coffee-rails (~> 4.0.0)
colored
- coveralls
+ coveralls (~> 0.8.2)
database_cleaner
default_value_for (~> 3.0.0)
email_spec
@@ -475,7 +482,7 @@ DEPENDENCIES
haml-rails (~> 0.5.3)
hipchat (~> 1.5.0)
httparty (= 0.11.0)
- jquery-rails
+ jquery-rails (~> 3.1.3)
jquery-turbolinks
kaminari
letter_opener
@@ -490,13 +497,13 @@ DEPENDENCIES
pry
quiet_assets
rack-mini-profiler
- rails (= 4.1.11)
+ rails (= 4.1.12)
rake
rb-fsevent
rb-inotify
rspec-rails
rubocop (= 0.28.0)
- sass-rails (~> 4.0.0)
+ sass-rails (~> 4.0.5)
settingslogic
shoulda-matchers
sidekiq
@@ -506,6 +513,7 @@ DEPENDENCIES
slim
spring (~> 1.3.6)
spring-commands-rspec
+ sprockets (~> 2.12.3)
stamp
state_machine
turbolinks
View Lorry Controller Status