Skip to content

Commit

Permalink
updating gems & pegging mail gem to address security vunerability
Browse files Browse the repository at this point in the history 
see mikel/mail#1097

TODO: remove once mikel/mail#1116 is addressed
  • Loading branch information
@drewda
drewda committed Jun 1, 2017
1 parent c86ee52 commit b7cd327
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 18 deletions.
6 changes: 6 additions & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,3 +110,9 @@ gem 'unicorn', group: [:staging, :production]

# profiling
gem 'memory_profiler', group: [:test, :development]

# email
# temporarily pegging this version to address a security vunerability
# https://github.com/mikel/mail/pull/1097
# TODO: remove once https://github.com/mikel/mail/issues/1116 is addressed
gem 'mail', '2.6.6.rc1'
38 changes: 20 additions & 18 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,9 @@ GEM
activemodel (>= 4.1, < 6)
case_transform (>= 0.2)
jsonapi-renderer (>= 0.1.1.beta1, < 0.2)
active_record_doctor (1.3.0)
rails (>= 4.2, < 5.1)
active_record_doctor (1.3.1)
activerecord (>= 4.2)
railties (>= 4.2)
activejob (4.2.8)
activesupport (= 4.2.8)
globalid (>= 0.3.0)
Expand All @@ -66,7 +67,7 @@ GEM
tzinfo (~> 1.1)
addressable (2.5.1)
public_suffix (~> 2.0, >= 2.0.2)
airborne (0.2.12)
airborne (0.2.13)
activesupport
rack
rack-test (~> 0.6, >= 0.6.2)
Expand All @@ -76,13 +77,13 @@ GEM
activerecord (>= 3.2, < 6.0)
rake (>= 10.4, < 12.0)
arel (6.0.4)
aws-sdk (2.9.18)
aws-sdk-resources (= 2.9.18)
aws-sdk-core (2.9.18)
aws-sdk (2.9.27)
aws-sdk-resources (= 2.9.27)
aws-sdk-core (2.9.27)
aws-sigv4 (~> 1.0)
jmespath (~> 1.0)
aws-sdk-resources (2.9.18)
aws-sdk-core (= 2.9.18)
aws-sdk-resources (2.9.27)
aws-sdk-core (= 2.9.27)
aws-sigv4 (1.0.0)
bcrypt (3.1.11)
better_errors (2.1.1)
Expand Down Expand Up @@ -124,10 +125,10 @@ GEM
unf (>= 0.0.5, < 1.0.0)
email_validator (1.6.0)
activemodel
enumerize (2.1.1)
enumerize (2.1.2)
activesupport (>= 3.2)
erubis (2.7.0)
excon (0.55.0)
excon (0.56.0)
factory_girl (4.8.0)
activesupport (>= 3.0.0)
factory_girl_rails (4.8.0)
Expand All @@ -143,7 +144,7 @@ GEM
fog-json (~> 1.0)
fog-xml (~> 0.1)
ipaddress (~> 0.8)
fog-core (1.44.1)
fog-core (1.44.3)
builder
excon (~> 0.49)
formatador (~> 0.2)
Expand All @@ -161,7 +162,7 @@ GEM
hashdiff (0.3.4)
http-cookie (1.0.3)
domain_name (~> 0.5)
i18n (0.8.1)
i18n (0.8.4)
interception (0.5)
ipaddress (0.8.3)
jmespath (1.3.1)
Expand All @@ -178,7 +179,7 @@ GEM
request_store
loofah (2.0.3)
nokogiri (>= 1.5.9)
mail (2.6.5)
mail (2.6.6.rc1)
mime-types (>= 1.16, < 4)
marginalia (1.4.0)
actionpack (>= 2.3)
Expand All @@ -195,7 +196,7 @@ GEM
netrc (0.11.0)
nokogiri (1.7.2)
mini_portile2 (~> 2.1.0)
oj (3.0.7)
oj (3.0.10)
orm_adapter (0.5.0)
pg (0.20.0)
pghero (1.7.0)
Expand All @@ -218,7 +219,7 @@ GEM
binding_of_caller (>= 0.7)
pry (>= 0.9.11)
public_suffix (2.0.5)
rack (1.6.7)
rack (1.6.8)
rack-cors (0.4.1)
rack-protection (1.5.3)
rack
Expand All @@ -241,7 +242,7 @@ GEM
activesupport (>= 4.2.0.beta, < 5.0)
nokogiri (~> 1.6)
rails-deprecated_sanitizer (>= 1.0.1)
rails-erd (1.5.1)
rails-erd (1.5.2)
activerecord (>= 3.2)
activesupport (>= 3.2)
choice (~> 0.2.0)
Expand Down Expand Up @@ -318,7 +319,7 @@ GEM
ruby-progressbar (1.8.1)
rubyzip (1.2.1)
safe_yaml (1.0.4)
sentry-raven (2.4.0)
sentry-raven (2.5.1)
faraday (>= 0.7.6, < 1.0)
sidekiq (5.0.0)
concurrent-ruby (~> 1.0)
Expand All @@ -336,7 +337,7 @@ GEM
docile (~> 1.1.0)
json (>= 1.8, < 3)
simplecov-html (~> 0.10.0)
simplecov-html (0.10.0)
simplecov-html (0.10.1)
sinatra (1.4.8)
rack (~> 1.5)
rack-protection (~> 1.4)
Expand Down Expand Up @@ -410,6 +411,7 @@ DEPENDENCIES
json-schema
jwt
logstasher
mail (= 2.6.6.rc1)
marginalia
memory_profiler
oj
Expand Down

0 comments on commit b7cd327

Please sign in to comment.