Upgrade to RubyZip 1.1.0 to resolve installation problems with newer gems. #183
Comments
|
I'm not sure why the RubyZip version was downgraded - 2d2d62a |
|
Ya, we need to figure this out, I can't remember why we reverted it. |
|
I made pull request #185 to upgrade rubyzip, but I'm a little weary since I don't know the reason why it was downgraded in the first place. |
|
FWIW, rubyzip <= 1.2.0 has a serious security vulnerability: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5946 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
IronWorker uses an ancient and exact version of
RubyZip 0.9.9(released June 17, 2012). Most recent gems need RubyZip 1.0.x (released Aug, 2013) or higher. This results in installation problems when the IronWorker gem is to be used with such gems.Lets upgrade this gem to use the
RubyZip ~> 1.1.0The text was updated successfully, but these errors were encountered: