From 1c11688b5624394c3792d1bb37599fd1e3452c9c Mon Sep 17 00:00:00 2001 From: Gannon McGibbon Date: Tue, 6 Nov 2018 14:17:23 -0500 Subject: Add CVE note to security guide and gemspecs [ci skip] --- activejob/activejob.gemspec | 3 +++ 1 file changed, 3 insertions(+) (limited to 'activejob/activejob.gemspec') diff --git a/activejob/activejob.gemspec b/activejob/activejob.gemspec index be6292f737..cc27deb338 100644 --- a/activejob/activejob.gemspec +++ b/activejob/activejob.gemspec @@ -2,6 +2,9 @@ version = File.read(File.expand_path("../RAILS_VERSION", __dir__)).strip +# NOTE: There's no need to update dependencies for CVEs in minor +# releases when users can simply run `bundle update vulnerable_gem`. + Gem::Specification.new do |s| s.platform = Gem::Platform::RUBY s.name = "activejob" -- cgit v1.2.3