Update omniauth-oauth2 dependency to 1.1.0 (security) #67

Closed
kitop opened this Issue Jul 6, 2012 · 1 comment

Comments

Projects
None yet
2 participants

kitop commented Jul 6, 2012

omniauth-oauth2 has been updated to prevent CSFR as described here: http://homakov.blogspot.com/2012/07/saferweb-most-common-oauth2.html
(Pull request: intridea/omniauth-oauth2#18 and Discussion: intridea/omniauth#612)

It would be good to update the gemspec dependency to support omniauth-oauth2 ~>1.1.0

Owner

mkdynamic commented Jul 7, 2012

Done. Version is 1.4.1.

mkdynamic closed this Jul 7, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment