Update Gems #42

ramu · 2019-03-12T12:25:00Z

目的

1 nokogiri vulnerability found in Gemfile.lock on 18 Jan
Remediation
Upgrade nokogiri to version 1.8.5 or later. For example:

gem "nokogiri", ">= 1.8.5"
Always verify the validity and compatibility of suggestions with your codebase.

上記指摘あり。Gemfile.lockの更新を行う。

kazweda · 2019-03-12T14:59:16Z

手元のフォーク先で bundle update したら同じ状態になったのでマージしました。
あと、ローカル環境で bundle を実行すると

The dependency tzinfo-data (>= 0) will be unused by any of the platforms Bundler
is installing for. Bundler is installing for ruby but the dependency is only for x86-mingw32,
x86-mswin32, x64-mingw32, java. To add those platforms to the bundle,
run bundle lock --add-platform x86-mingw32 x86-mswin32 x64-mingw32 java.

というメッセージが出たので、
https://pcl.solima.net/ror5/archives/21
この記事を参考に調整中です。
他に気がついたこともあるので、合わせて別途対応します。

ramu self-assigned this Mar 12, 2019

fix: update Gems

8859e84

ramu force-pushed the fix/update-nokogiri-version branch from 7f01302 to 8859e84 Compare March 12, 2019 12:33

ramu changed the title ~~[WIP] Update nokogiri version~~ [WIP] Update Gems Mar 12, 2019

ramu changed the title ~~[WIP] Update Gems~~ Update Gems Mar 12, 2019

ramu requested a review from kkd March 12, 2019 12:51

kazweda merged commit d80838f into master Mar 12, 2019

ramu deleted the fix/update-nokogiri-version branch March 12, 2019 15:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update Gems #42

Update Gems #42

ramu commented Mar 12, 2019 •

edited

Loading

kazweda commented Mar 12, 2019

Update Gems #42

Update Gems #42

Conversation

ramu commented Mar 12, 2019 • edited Loading

目的

kazweda commented Mar 12, 2019

ramu commented Mar 12, 2019 •

edited

Loading