Skip to content
Snippets Groups Projects
Commit 0261c8f1 authored by Kamil Trzciński's avatar Kamil Trzciński
Browse files

Merge branch 'rs-issue-214' into 'master' 

Gem version updates

### Bump rails, jquery-rails, sprockets, sass-rails versions

Addresses security advisories:

- https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY
- https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc

---

### Bump coveralls version

Addresses security issues in its rest-client dependencies:

- https://github.com/rest-client/rest-client/issues/369
- http://www.osvdb.org/show/osvdb/117461

Closes #214

See merge request !194
parents a14db6d3 9891abd2
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Gemfile
+ 8
4
View file @ 0261c8f1
@@ -8,11 +8,15 @@ def linux_only(require_as)
RUBY_PLATFORM.include?('linux') && require_as
end
 
gem 'rails', '4.1.11'
gem 'rails', '4.1.12'
gem 'activerecord-deprecated_finders'
gem 'activerecord-session_store'
gem "nested_form"
 
# Specify a sprockets version due to security issue
# See https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
gem 'sprockets', '~> 2.12.3'
# tag runners
gem 'acts-as-taggable-on', '~> 3.4'
 
@@ -69,10 +73,10 @@ gem 'hipchat', '~> 1.5.0'
# Other
gem 'rake'
gem 'foreman'
gem 'jquery-rails'
gem 'jquery-rails', '~> 3.1.3'
gem 'gitlab_ci_meta', '~> 4.0'
 
gem 'sass-rails', '~> 4.0.0'
gem 'sass-rails', '~> 4.0.5'
gem 'coffee-rails', '~> 4.0.0'
 
gem 'uglifier', '>= 1.0.3'
@@ -121,7 +125,7 @@ group :development, :test do
gem 'rb-inotify', require: linux_only('rb-inotify')
 
gem "simplecov", require: false
gem 'coveralls', require: false
gem 'coveralls', '~> 0.8.2', require: false
gem 'rubocop', '0.28.0', require: false
end
 
Gemfile.lock
+ 65
57
View file @ 0261c8f1
@@ -2,32 +2,32 @@ GEM
remote: https://rubygems.org/
specs:
CFPropertyList (2.3.1)
actionmailer (4.1.11)
actionpack (= 4.1.11)
actionview (= 4.1.11)
actionmailer (4.1.12)
actionpack (= 4.1.12)
actionview (= 4.1.12)
mail (~> 2.5, >= 2.5.4)
actionpack (4.1.11)
actionview (= 4.1.11)
activesupport (= 4.1.11)
actionpack (4.1.12)
actionview (= 4.1.12)
activesupport (= 4.1.12)
rack (~> 1.5.2)
rack-test (~> 0.6.2)
actionview (4.1.11)
activesupport (= 4.1.11)
actionview (4.1.12)
activesupport (= 4.1.12)
builder (~> 3.1)
erubis (~> 2.7.0)
activemodel (4.1.11)
activesupport (= 4.1.11)
activemodel (4.1.12)
activesupport (= 4.1.12)
builder (~> 3.1)
activerecord (4.1.11)
activemodel (= 4.1.11)
activesupport (= 4.1.11)
activerecord (4.1.12)
activemodel (= 4.1.12)
activesupport (= 4.1.12)
arel (~> 5.0.0)
activerecord-deprecated_finders (1.0.3)
activerecord-session_store (0.1.0)
actionpack (>= 4.0.0, < 5)
activerecord (>= 4.0.0, < 5)
railties (>= 4.0.0, < 5)
activesupport (4.1.11)
activesupport (4.1.12)
i18n (~> 0.6, >= 0.6.9)
json (~> 1.7, >= 1.7.7)
minitest (~> 5.1)
@@ -85,12 +85,12 @@ GEM
colored (1.2)
columnize (0.9.0)
connection_pool (1.2.0)
coveralls (0.7.0)
multi_json (~> 1.3)
rest-client
simplecov (>= 0.7)
term-ansicolor
thor
coveralls (0.8.2)
json (~> 1.8)
rest-client (>= 1.6.8, < 2)
simplecov (~> 0.10.0)
term-ansicolor (~> 1.3)
thor (~> 0.19.1)
crack (0.4.1)
safe_yaml (~> 0.9.0)
database_cleaner (1.3.0)
@@ -100,7 +100,9 @@ GEM
descendants_tracker (0.0.4)
thread_safe (~> 0.3, >= 0.3.1)
diff-lcs (1.2.5)
docile (1.1.1)
docile (1.1.5)
domain_name (0.5.24)
unf (>= 0.0.5, < 1.0.0)
dotenv (0.9.0)
email_spec (1.5.0)
launchy (~> 2.1)
@@ -219,6 +221,8 @@ GEM
hipchat (1.5.0)
httparty
mimemagic
http-cookie (1.0.2)
domain_name (~> 0.5)
httparty (0.11.0)
multi_json (~> 1.0)
multi_xml (>= 0.5.2)
@@ -226,13 +230,13 @@ GEM
ice_nine (0.11.0)
inflecto (0.0.2)
ipaddress (0.8.0)
jquery-rails (3.0.4)
jquery-rails (3.1.3)
railties (>= 3.0, < 5.0)
thor (>= 0.14, < 2.0)
jquery-turbolinks (2.0.1)
railties (>= 3.1.0)
turbolinks
json (1.8.2)
json (1.8.3)
jwt (1.2.0)
kaminari (0.15.0)
actionpack (>= 3.0.0)
@@ -250,11 +254,11 @@ GEM
mail (2.6.3)
mime-types (>= 1.16, < 3)
method_source (0.8.2)
mime-types (2.4.3)
mime-types (2.6.1)
mimemagic (0.3.0)
mini_portile (0.6.2)
minitest (5.5.1)
multi_json (1.11.0)
minitest (5.7.0)
multi_json (1.11.2)
multi_xml (0.5.5)
multipart-post (2.0.0)
mysql2 (0.3.14)
@@ -262,6 +266,7 @@ GEM
net-scp (1.2.1)
net-ssh (>= 2.6.5)
net-ssh (2.9.2)
netrc (0.10.3)
nokogiri (1.6.6.2)
mini_portile (~> 0.6.0)
nprogress-rails (0.1.2.3)
@@ -292,7 +297,7 @@ GEM
slop (~> 3.4)
quiet_assets (1.0.2)
railties (>= 3.1, < 5.0)
rack (1.5.2)
rack (1.5.5)
rack-accept (0.4.5)
rack (>= 0.4)
rack-mini-profiler (0.9.0)
@@ -303,19 +308,19 @@ GEM
rack
rack-test (0.6.3)
rack (>= 1.0)
rails (4.1.11)
actionmailer (= 4.1.11)
actionpack (= 4.1.11)
actionview (= 4.1.11)
activemodel (= 4.1.11)
activerecord (= 4.1.11)
activesupport (= 4.1.11)
rails (4.1.12)
actionmailer (= 4.1.12)
actionpack (= 4.1.12)
actionview (= 4.1.12)
activemodel (= 4.1.12)
activerecord (= 4.1.12)
activesupport (= 4.1.12)
bundler (>= 1.3.0, < 2.0)
railties (= 4.1.11)
railties (= 4.1.12)
sprockets-rails (~> 2.0)
railties (4.1.11)
actionpack (= 4.1.11)
activesupport (= 4.1.11)
railties (4.1.12)
actionpack (= 4.1.12)
activesupport (= 4.1.12)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rainbow (2.0.0)
@@ -331,8 +336,10 @@ GEM
redis (3.0.6)
redis-namespace (1.4.1)
redis (~> 3.0.4)
rest-client (1.6.7)
mime-types (>= 1.16)
rest-client (1.8.0)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 3.0)
netrc (~> 0.7)
rspec (2.14.1)
rspec-core (~> 2.14.0)
rspec-expectations (~> 2.14.0)
@@ -362,10 +369,10 @@ GEM
sexp_processor (~> 4.1)
safe_yaml (0.9.7)
sass (3.2.19)
sass-rails (4.0.3)
sass-rails (4.0.5)
railties (>= 4.0.0, < 5.0)
sass (~> 3.2.0)
sprockets (~> 2.8, <= 2.11.0)
sass (~> 3.2.2)
sprockets (~> 2.8, < 3.0)
sprockets-rails (~> 2.0)
settingslogic (2.0.9)
sexp_processor (4.5.0)
@@ -377,11 +384,11 @@ GEM
json
redis (>= 3.0.4)
redis-namespace (>= 1.3.1)
simplecov (0.8.2)
simplecov (0.10.0)
docile (~> 1.1.0)
multi_json
simplecov-html (~> 0.8.0)
simplecov-html (0.8.0)
json (~> 1.8)
simplecov-html (~> 0.10.0)
simplecov-html (0.10.0)
sinatra (1.4.4)
rack (~> 1.4)
rack-protection (~> 1.4)
@@ -394,26 +401,26 @@ GEM
spring (1.3.6)
spring-commands-rspec (1.0.4)
spring (>= 0.9.1)
sprockets (2.11.0)
sprockets (2.12.4)
hike (~> 1.2)
multi_json (~> 1.0)
rack (~> 1.0)
tilt (~> 1.1, != 1.3.0)
sprockets-rails (2.2.4)
sprockets-rails (2.3.2)
actionpack (>= 3.0)
activesupport (>= 3.0)
sprockets (>= 2.8, < 4.0)
stamp (0.5.0)
state_machine (1.2.0)
temple (0.6.7)
term-ansicolor (1.2.2)
tins (~> 0.8)
term-ansicolor (1.3.2)
tins (~> 1.0)
terminal-table (1.4.5)
thor (0.19.1)
thread_safe (0.3.4)
thread_safe (0.3.5)
tilt (1.4.1)
timers (1.1.0)
tins (0.13.1)
tins (1.5.4)
trollop (2.1.2)
turbolinks (2.0.0)
coffee-rails
@@ -458,7 +465,7 @@ DEPENDENCIES
capybara
coffee-rails (~> 4.0.0)
colored
coveralls
coveralls (~> 0.8.2)
database_cleaner
default_value_for (~> 3.0.0)
email_spec
@@ -475,7 +482,7 @@ DEPENDENCIES
haml-rails (~> 0.5.3)
hipchat (~> 1.5.0)
httparty (= 0.11.0)
jquery-rails
jquery-rails (~> 3.1.3)
jquery-turbolinks
kaminari
letter_opener
@@ -490,13 +497,13 @@ DEPENDENCIES
pry
quiet_assets
rack-mini-profiler
rails (= 4.1.11)
rails (= 4.1.12)
rake
rb-fsevent
rb-inotify
rspec-rails
rubocop (= 0.28.0)
sass-rails (~> 4.0.0)
sass-rails (~> 4.0.5)
settingslogic
shoulda-matchers
sidekiq
@@ -506,6 +513,7 @@ DEPENDENCIES
slim
spring (~> 1.3.6)
spring-commands-rspec
sprockets (~> 2.12.3)
stamp
state_machine
turbolinks
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment