Skip to content

Commit

Permalink
bump mail to get rid of gemnasium security warning (#5643)
Browse files Browse the repository at this point in the history 
OP is not affected by the vulnerability as:
* We limit the length of mail fields
* 2.6.x is not vulnerable at all (mikel/mail#1097 (comment))

But gemnasium complains and this produces a red badge which looks bad.

The rc has been around for some time now, so it should be stable enough.

I expect to bump the version once the official 2.6.6 has been released.
[ci skip]
  • Loading branch information
@ulferts @oliverguenther
ulferts authored and oliverguenther committed Jun 14, 2017
1 parent e64adff commit f5ce00b
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
3 changes: 3 additions & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,9 @@ gem 'activerecord-session_store', '~> 1.0.0'
gem 'rails', '~> 5.0.3'
gem 'responders', '~> 2.4'

# TODO: remove once 2.6.6 has been released
gem 'mail', '~> 2.6.6.rc1'

gem 'coderay', '~> 1.1.0'
gem 'rubytree', git: 'https://github.com/dr0verride/RubyTree.git', ref: '06f53ee'
gem 'rdoc', '>= 2.4.2'
Expand Down
3 changes: 2 additions & 1 deletion Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -356,7 +356,7 @@ GEM
tilt
loofah (2.0.3)
nokogiri (>= 1.5.9)
mail (2.6.5)
mail (2.6.6)
mime-types (>= 1.16, < 4)
method_source (0.8.2)
mime-types (2.99.3)
Expand Down Expand Up @@ -666,6 +666,7 @@ DEPENDENCIES
launchy (~> 2.4.3)
letter_opener
livingstyleguide (~> 2.0.1)
mail (~> 2.6.6.rc1)
multi_json (~> 1.12.1)
mysql2 (~> 0.4.4)
net-ldap (~> 0.16.0)
Expand Down

0 comments on commit f5ce00b

Please sign in to comment.