Skip to content

Commit

Permalink
Update Sidekiq to enable rack upgrade (#4499)
Browse files Browse the repository at this point in the history
  • Loading branch information
@johnpaulashenfelter
johnpaulashenfelter authored Jul 9, 2020
1 parent ec04481 commit ea5cbdd
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 26 deletions.
10 changes: 5 additions & 5 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,7 @@ GEM
config (2.2.1)
deep_merge (~> 1.2, >= 1.2.1)
dry-validation (~> 1.0, >= 1.0.0)
connection_pool (2.2.2)
connection_pool (2.2.3)
content_disposition (1.0.0)
cork (0.3.0)
colored2 (~> 3.1)
Expand Down Expand Up @@ -547,7 +547,7 @@ GEM
pundit (1.1.0)
activesupport (>= 3.0.0)
raabro (1.1.6)
rack (2.0.9)
rack (2.2.3)
rack-attack (6.2.2)
rack (>= 1.0, < 3)
rack-cors (1.1.1)
Expand Down Expand Up @@ -692,11 +692,11 @@ GEM
shrine-memory (0.2.2)
down
shrine (~> 2.0)
sidekiq (5.2.8)
sidekiq (5.2.9)
connection_pool (~> 2.2, >= 2.2.2)
rack (< 2.1.0)
rack (~> 2.0)
rack-protection (>= 1.5.0)
redis (>= 3.3.5, < 5)
redis (>= 3.3.5, < 4.2)
sidekiq-ent (1.8.1)
einhorn (= 0.7.4)
sidekiq (>= 5.2.3)
Expand Down
20 changes: 0 additions & 20 deletions config/initializers/rack-CVE-2020-8184.rb
View file

This file was deleted.

2 changes: 1 addition & 1 deletion rakelib/security.rake
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ task security: :environment do

puts 'running bundle-audit to check for insecure dependencies...'
exit!(1) unless ShellCommand.run('bundle-audit update')
audit_result = ShellCommand.run('bundle-audit check --ignore CVE-2020-8161 CVE-2020-8184')
audit_result = ShellCommand.run('bundle-audit check')

puts "\n"
if brakeman_result && audit_result
Expand Down

0 comments on commit ea5cbdd

Please sign in to comment.