diff options
| author | Gannon McGibbon <gannon.mcgibbon@gmail.com> | 2018-11-06 14:17:23 -0500 |
|---|---|---|
| committer | Gannon McGibbon <gannon.mcgibbon@gmail.com> | 2018-11-06 14:25:36 -0500 |
| commit | 1c11688b5624394c3792d1bb37599fd1e3452c9c (patch) | |
| tree | a269734b95d9c887f4c7d7ba441f2e8787852938 /activesupport | |
| parent | 212c28ac86fec0f2baf57fbc21ceb8696092fe47 (diff) | |
| download | rails-1c11688b5624394c3792d1bb37599fd1e3452c9c.tar.gz rails-1c11688b5624394c3792d1bb37599fd1e3452c9c.tar.bz2 rails-1c11688b5624394c3792d1bb37599fd1e3452c9c.zip | |
Add CVE note to security guide and gemspecs
[ci skip]
Diffstat (limited to 'activesupport')
| -rw-r--r-- | activesupport/activesupport.gemspec | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/activesupport/activesupport.gemspec b/activesupport/activesupport.gemspec index aa695c98b2..75b38f3552 100644 --- a/activesupport/activesupport.gemspec +++ b/activesupport/activesupport.gemspec @@ -2,6 +2,9 @@ version = File.read(File.expand_path("../RAILS_VERSION", __dir__)).strip +# NOTE: There's no need to update dependencies for CVEs in minor +# releases when users can simply run `bundle update vulnerable_gem`. + Gem::Specification.new do |s| s.platform = Gem::Platform::RUBY s.name = "activesupport" |