Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vuln fixes #312

Merged
merged 8 commits into from
Mar 2, 2023
Merged

Vuln fixes #312

merged 8 commits into from
Mar 2, 2023

Commits on Feb 28, 2023

  1. Bump golang.org/x/sys in /buildpack-health-check 

    Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.0.0-20211214234402-4825e8c3871d to 0.1.0.
- [Release notes](https://github.com/golang/sys/releases)
- [Commits](https://github.com/golang/sys/commits/v0.1.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot @jtuttle
    dependabot[bot] authored and jtuttle committed Feb 28, 2023
    Configuration menu
    Copy the full SHA
    465b08a View commit details
    Browse the repository at this point in the history

  2. Bump activesupport from 6.1.7 to 6.1.7.1 

    Bumps [activesupport](https://github.com/rails/rails) from 6.1.7 to 6.1.7.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v7.0.4.1/activesupport/CHANGELOG.md)
- [Commits](rails/rails@v6.1.7...v6.1.7.1)

Signed-off-by: Andy Tinkham <andy.tinkham@cyberark.com>

---
updated-dependencies:
- dependency-name: activesupport
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot @jtuttle
    dependabot[bot] authored and jtuttle committed Feb 28, 2023
    Configuration menu
    Copy the full SHA
    b9bee9e View commit details
    Browse the repository at this point in the history

  3. Run bundle update

    @jtuttle
    jtuttle committed Feb 28, 2023
    Configuration menu
    Copy the full SHA
    f4677eb View commit details
    Browse the repository at this point in the history

  4. Manually fix NOTICES file

    @jtuttle
    jtuttle committed Feb 28, 2023
    Configuration menu
    Copy the full SHA
    d873ef7 View commit details
    Browse the repository at this point in the history

Commits on Mar 1, 2023

  1. Update Ruby version and Bundler version used by test app

    @doodlesbykumbi @jtuttle
    doodlesbykumbi authored and jtuttle committed Mar 1, 2023
    Configuration menu
    Copy the full SHA
    4fc2da9 View commit details
    Browse the repository at this point in the history

  2. Use Bundler version provided in latest Ruby buildpack 1.9.2

    @john-odonnell
    john-odonnell committed Mar 1, 2023
    Configuration menu
    Copy the full SHA
    31baf53 View commit details
    Browse the repository at this point in the history

Commits on Mar 2, 2023

  1. Add thin web server gem to Ruby 3 test app 

    Test app's prior Ruby version, 2.4.1, includes HTTP server
gem webrick by default - Ruby 3 does not.
    @john-odonnell
    john-odonnell committed Mar 2, 2023
    Configuration menu
    Copy the full SHA
    58ea2f9 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #314 from cyberark/johnodon-vuln-fixes 

    Add web server gem to Ruby test app
    @jtuttle
    jtuttle committed Mar 2, 2023
    Configuration menu
    Copy the full SHA
    c9b13ae View commit details
    Browse the repository at this point in the history