diff options
author | Robert Speicher <rspeicher@gmail.com> | 2015-07-09 18:26:15 -0400 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2015-07-09 18:27:21 -0400 |
commit | d0095c3de67a4f16890e20e416096cd982cf0c1c (patch) | |
tree | cf8c979980d9c394d26eb177452235ab104b68b1 | |
parent | a14db6d3c063724a3ee76ba9a733ba09a4fdea73 (diff) | |
download | gitlab-ci-d0095c3de67a4f16890e20e416096cd982cf0c1c.tar.gz |
Bump rails, jquery-rails, sprockets, sass-rails versions
Addresses security advisories:
- https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY
- https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
-rw-r--r-- | Gemfile | 10 | ||||
-rw-r--r-- | Gemfile.lock | 81 |
2 files changed, 48 insertions, 43 deletions
@@ -8,11 +8,15 @@ def linux_only(require_as) RUBY_PLATFORM.include?('linux') && require_as end -gem 'rails', '4.1.11' +gem 'rails', '4.1.12' gem 'activerecord-deprecated_finders' gem 'activerecord-session_store' gem "nested_form" +# Specify a sprockets version due to security issue +# See https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY +gem 'sprockets', '~> 2.12.3' + # tag runners gem 'acts-as-taggable-on', '~> 3.4' @@ -69,10 +73,10 @@ gem 'hipchat', '~> 1.5.0' # Other gem 'rake' gem 'foreman' -gem 'jquery-rails' +gem 'jquery-rails', '~> 3.1.3' gem 'gitlab_ci_meta', '~> 4.0' -gem 'sass-rails', '~> 4.0.0' +gem 'sass-rails', '~> 4.0.5' gem 'coffee-rails', '~> 4.0.0' gem 'uglifier', '>= 1.0.3' diff --git a/Gemfile.lock b/Gemfile.lock index 51f520f..97b6d98 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,32 +2,32 @@ GEM remote: https://rubygems.org/ specs: CFPropertyList (2.3.1) - actionmailer (4.1.11) - actionpack (= 4.1.11) - actionview (= 4.1.11) + actionmailer (4.1.12) + actionpack (= 4.1.12) + actionview (= 4.1.12) mail (~> 2.5, >= 2.5.4) - actionpack (4.1.11) - actionview (= 4.1.11) - activesupport (= 4.1.11) + actionpack (4.1.12) + actionview (= 4.1.12) + activesupport (= 4.1.12) rack (~> 1.5.2) rack-test (~> 0.6.2) - actionview (4.1.11) - activesupport (= 4.1.11) + actionview (4.1.12) + activesupport (= 4.1.12) builder (~> 3.1) erubis (~> 2.7.0) - activemodel (4.1.11) - activesupport (= 4.1.11) + activemodel (4.1.12) + activesupport (= 4.1.12) builder (~> 3.1) - activerecord (4.1.11) - activemodel (= 4.1.11) - activesupport (= 4.1.11) + activerecord (4.1.12) + activemodel (= 4.1.12) + activesupport (= 4.1.12) arel (~> 5.0.0) activerecord-deprecated_finders (1.0.3) activerecord-session_store (0.1.0) actionpack (>= 4.0.0, < 5) activerecord (>= 4.0.0, < 5) railties (>= 4.0.0, < 5) - activesupport (4.1.11) + activesupport (4.1.12) i18n (~> 0.6, >= 0.6.9) json (~> 1.7, >= 1.7.7) minitest (~> 5.1) @@ -226,13 +226,13 @@ GEM ice_nine (0.11.0) inflecto (0.0.2) ipaddress (0.8.0) - jquery-rails (3.0.4) + jquery-rails (3.1.3) railties (>= 3.0, < 5.0) thor (>= 0.14, < 2.0) jquery-turbolinks (2.0.1) railties (>= 3.1.0) turbolinks - json (1.8.2) + json (1.8.3) jwt (1.2.0) kaminari (0.15.0) actionpack (>= 3.0.0) @@ -250,11 +250,11 @@ GEM mail (2.6.3) mime-types (>= 1.16, < 3) method_source (0.8.2) - mime-types (2.4.3) + mime-types (2.6.1) mimemagic (0.3.0) mini_portile (0.6.2) - minitest (5.5.1) - multi_json (1.11.0) + minitest (5.7.0) + multi_json (1.11.2) multi_xml (0.5.5) multipart-post (2.0.0) mysql2 (0.3.14) @@ -292,7 +292,7 @@ GEM slop (~> 3.4) quiet_assets (1.0.2) railties (>= 3.1, < 5.0) - rack (1.5.2) + rack (1.5.5) rack-accept (0.4.5) rack (>= 0.4) rack-mini-profiler (0.9.0) @@ -303,19 +303,19 @@ GEM rack rack-test (0.6.3) rack (>= 1.0) - rails (4.1.11) - actionmailer (= 4.1.11) - actionpack (= 4.1.11) - actionview (= 4.1.11) - activemodel (= 4.1.11) - activerecord (= 4.1.11) - activesupport (= 4.1.11) + rails (4.1.12) + actionmailer (= 4.1.12) + actionpack (= 4.1.12) + actionview (= 4.1.12) + activemodel (= 4.1.12) + activerecord (= 4.1.12) + activesupport (= 4.1.12) bundler (>= 1.3.0, < 2.0) - railties (= 4.1.11) + railties (= 4.1.12) sprockets-rails (~> 2.0) - railties (4.1.11) - actionpack (= 4.1.11) - activesupport (= 4.1.11) + railties (4.1.12) + actionpack (= 4.1.12) + activesupport (= 4.1.12) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) rainbow (2.0.0) @@ -362,10 +362,10 @@ GEM sexp_processor (~> 4.1) safe_yaml (0.9.7) sass (3.2.19) - sass-rails (4.0.3) + sass-rails (4.0.5) railties (>= 4.0.0, < 5.0) - sass (~> 3.2.0) - sprockets (~> 2.8, <= 2.11.0) + sass (~> 3.2.2) + sprockets (~> 2.8, < 3.0) sprockets-rails (~> 2.0) settingslogic (2.0.9) sexp_processor (4.5.0) @@ -394,12 +394,12 @@ GEM spring (1.3.6) spring-commands-rspec (1.0.4) spring (>= 0.9.1) - sprockets (2.11.0) + sprockets (2.12.4) hike (~> 1.2) multi_json (~> 1.0) rack (~> 1.0) tilt (~> 1.1, != 1.3.0) - sprockets-rails (2.2.4) + sprockets-rails (2.3.2) actionpack (>= 3.0) activesupport (>= 3.0) sprockets (>= 2.8, < 4.0) @@ -410,7 +410,7 @@ GEM tins (~> 0.8) terminal-table (1.4.5) thor (0.19.1) - thread_safe (0.3.4) + thread_safe (0.3.5) tilt (1.4.1) timers (1.1.0) tins (0.13.1) @@ -475,7 +475,7 @@ DEPENDENCIES haml-rails (~> 0.5.3) hipchat (~> 1.5.0) httparty (= 0.11.0) - jquery-rails + jquery-rails (~> 3.1.3) jquery-turbolinks kaminari letter_opener @@ -490,13 +490,13 @@ DEPENDENCIES pry quiet_assets rack-mini-profiler - rails (= 4.1.11) + rails (= 4.1.12) rake rb-fsevent rb-inotify rspec-rails rubocop (= 0.28.0) - sass-rails (~> 4.0.0) + sass-rails (~> 4.0.5) settingslogic shoulda-matchers sidekiq @@ -506,6 +506,7 @@ DEPENDENCIES slim spring (~> 1.3.6) spring-commands-rspec + sprockets (~> 2.12.3) stamp state_machine turbolinks |