aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/actionview.gemspec
diff options
context:
space:
mode:
authorKasper Timm Hansen <kaspth@gmail.com>2018-11-06 22:42:07 +0100
committerGitHub <noreply@github.com>2018-11-06 22:42:07 +0100
commitbb11a9acab15b87d6074fb6af9405287942a7eee (patch)
treea269734b95d9c887f4c7d7ba441f2e8787852938 /actionview/actionview.gemspec
parent212c28ac86fec0f2baf57fbc21ceb8696092fe47 (diff)
parent1c11688b5624394c3792d1bb37599fd1e3452c9c (diff)
downloadrails-bb11a9acab15b87d6074fb6af9405287942a7eee.tar.gz
rails-bb11a9acab15b87d6074fb6af9405287942a7eee.tar.bz2
rails-bb11a9acab15b87d6074fb6af9405287942a7eee.zip
Merge pull request #34388 from gmcgibbon/gem_security_note
Add CVE note to security guide and gemspecs
Diffstat (limited to 'actionview/actionview.gemspec')
-rw-r--r--actionview/actionview.gemspec3
1 files changed, 3 insertions, 0 deletions
diff --git a/actionview/actionview.gemspec b/actionview/actionview.gemspec
index 49ee1a292b..938d8b4b90 100644
--- a/actionview/actionview.gemspec
+++ b/actionview/actionview.gemspec
@@ -2,6 +2,9 @@
version = File.read(File.expand_path("../RAILS_VERSION", __dir__)).strip
+# NOTE: There's no need to update dependencies for CVEs in minor
+# releases when users can simply run `bundle update vulnerable_gem`.
+
Gem::Specification.new do |s|
s.platform = Gem::Platform::RUBY
s.name = "actionview"