diff options
Diffstat (limited to 'activesupport/activesupport.gemspec')
| -rw-r--r-- | activesupport/activesupport.gemspec | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/activesupport/activesupport.gemspec b/activesupport/activesupport.gemspec index 75b38f3552..448a2eeebb 100644 --- a/activesupport/activesupport.gemspec +++ b/activesupport/activesupport.gemspec @@ -2,9 +2,6 @@ version = File.read(File.expand_path("../RAILS_VERSION", __dir__)).strip -# NOTE: There's no need to update dependencies for CVEs in minor -# releases when users can simply run `bundle update vulnerable_gem`. - Gem::Specification.new do |s| s.platform = Gem::Platform::RUBY s.name = "activesupport" @@ -30,6 +27,9 @@ Gem::Specification.new do |s| "changelog_uri" => "https://github.com/rails/rails/blob/v#{version}/activesupport/CHANGELOG.md" } + # NOTE: Please read our dependency guidelines before updating versions: + # https://edgeguides.rubyonrails.org/security.html#dependency-management-and-cves + s.add_dependency "i18n", ">= 0.7", "< 2" s.add_dependency "tzinfo", "~> 1.1" s.add_dependency "minitest", "~> 5.1" |