Skip to content

Commit

Permalink
# bump rubyzip to 1.2.1, to address traversal CVE (rubyzip/rubyzip#315)
Browse files Browse the repository at this point in the history
  • Loading branch information
Josh Pencheon authored and Josh Pencheon committed Mar 8, 2017
1 parent b1c7383 commit c84ea01
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion code_safety.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,7 @@ file safety:
ndr_import.gemspec:
comments:
reviewed_by: josh.pencheon
safe_revision: 53cc0af4321b64746367231b65821fda0f8d8a0a
safe_revision: 9ce125b717abc3cc9b8f360ccf1651eef14212d4
test/file/base_test.rb:
comments:
reviewed_by: timgentry
Expand Down
2 changes: 1 addition & 1 deletion ndr_import.gemspec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
spec.add_dependency 'activesupport', '>= 3.2.18', '< 5.1'
spec.add_dependency 'ndr_support', '>= 4.1.2', '< 6'

spec.add_dependency 'rubyzip', '~> 1.1'
spec.add_dependency 'rubyzip', '~> 1.2', '>= 1.2.1'
spec.add_dependency 'roo', '~> 2.0'

spec.add_dependency 'nokogiri', '~> 1.6'
Expand Down

0 comments on commit c84ea01

Please sign in to comment.