consider upating net-ldap to ~> 0.8.0 and rubyntlm to ~> 0.3.4

[pravi]

We try to ship only one version of a library in debian and we already updated net-ldap to 0.8.0 and
rubyntlm to 0.3.4

[grosser]

@pyu10055 can you update this or would you merge a PR to update it ?

[grosser]

Name: net-ldap
Version: 0.3.1
Advisory: OSVDB-106108
Criticality: Low
URL: http://osvdb.org/show/osvdb/106108
Title: Net::LDAP for Ruby lib/net/ldap/password.rb SSHA Password Generation Weak Salt
Solution: upgrade to >= 0.6.0

[stakach]

+1 for this

[grosser]

@balasankarc can you merge this please ?

[grosser]

@pyu10055 no longer has access to the repo

[balasankarc]

@grosser I also don't have access on this repo (I don't see a reason for me to have access)

[balasankarc]

If I had access I wouldn't have created a PR !64

[grosser]

damn ... I figured since you are listed under members you had access :D

[pravi]

@grosser if this repo is officially unmaintained, everyone can switch to https://rubygems.org/gems/gitlab_omniauth-ldap which is well maintained. It would be a good idea to ask the maintainers of this project to give access to gitlab folks, so they can maintain this repo.

[grosser]

That sounds like a good alternative, I reached out to their support, let's
see if someone responds :)

On Fri, Feb 5, 2016 at 10:16 PM, Praveen Arimbrathodiyil <
notifications@github.com> wrote:

@grosser https://github.com/grosser if this repo is officially
unmaintained, everyone can switch to
https://rubygems.org/gems/gitlab_omniauth-ldap which is well maintained.
It would be a good idea to ask the maintainers of this project to give
access to gitlab folks, so they can maintain this repo.

—
Reply to this email directly or view it on GitHub
#61 (comment)
.

[pravi]

@pyu1005 can you give access to rubygems.org omniauth-ldap project to gitlab_omniauth-ldap maintainers, so we can use gitlab_omniauth-ldap repo for pushing new versions. If you agree they could rename it to omniauth-ldap.

[pravi]

@grosser I work closely with gitlab folks for creating a native debian package of gitlab and they are very much responsive and helpful. In debian, we already include their patches.

[miketierney]

@grosser @pravi I've merged in a few of the open PRs and have a patch ready to go out. Unfortunately I don't have rubygems.org access (yet), but I hope to have that resolved later today. I'll look in to the remaining issues here to make sure we're on the right track.

Sorry for the delayed response.

[grosser]

❤️ thx for merging and taking the time to resolve this :)

[miketierney]

Released v1.0.5.

[grosser]

❤️ it finally happened :D