From be55a82e3b2f73ad40b9bcddf5d5d12fc92db210 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aleksandar=20Simi=C4=87?=
 <alex.simic@digital.justice.gov.uk>
Date: Thu, 27 Aug 2015 14:28:32 +0100
Subject: [PATCH] Update uglifier gem due to vulnerability

See:

https://github.com/lautis/uglifier/pull/86
https://nodesecurity.io/advisories/uglifyjs_incorrectly_handles_non-boolean_comparisons
---
 Gemfile      | 2 +-
 Gemfile.lock | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Gemfile b/Gemfile
index 577a4483f..05e52c358 100644
--- a/Gemfile
+++ b/Gemfile
@@ -15,7 +15,7 @@ gem 'cancancan', '~> 1.10'
 # Use SCSS for stylesheets
 gem 'sass-rails', '>= 5.0.3'
 # Use Uglifier as compressor for JavaScript assets
-gem 'uglifier', '>= 1.3.0'
+gem 'uglifier', '>= 2.7.2'
 # Use CoffeeScript for .coffee assets and views
 gem 'coffee-rails', '~> 4.1.0'
 # See https://github.com/sstephenson/execjs#readme for more supported runtimes
diff --git a/Gemfile.lock b/Gemfile.lock
index cab4d4642..fcf0f8814 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -324,7 +324,7 @@ GEM
       coffee-rails
     tzinfo (1.2.2)
       thread_safe (~> 0.1)
-    uglifier (2.7.1)
+    uglifier (2.7.2)
       execjs (>= 0.3.0)
       json (>= 1.8.0)
     unf (0.1.4)
@@ -395,7 +395,7 @@ DEPENDENCIES
   spring
   teaspoon-jasmine
   timecop
-  uglifier (>= 1.3.0)
+  uglifier (>= 2.7.2)
   unicorn
   web-console (~> 2.1)
   webmock