From 99edc1164ea49cc8b7922e191fa7ab59520523c2 Mon Sep 17 00:00:00 2001 From: Alex Coles Date: Thu, 20 Aug 2015 10:11:38 +0200 Subject: [PATCH] Bump Rails to 4.2.4 Signed-off-by: Alex Coles --- Gemfile | 10 ++---- Gemfile.lock | 97 ++++++++++++++++++++++++++++++++-------------------- 2 files changed, 61 insertions(+), 46 deletions(-) diff --git a/Gemfile b/Gemfile index 92f5fe8a4fd..7288bcd989a 100644 --- a/Gemfile +++ b/Gemfile @@ -28,7 +28,7 @@ source 'https://rubygems.org' -gem 'rails', '4.1.13' +gem 'rails', '4.2.4' gem 'protected_attributes' gem 'actionpack-action_caching' gem 'activerecord-session_store' @@ -125,12 +125,6 @@ gem 'cocaine' # also, better than thin since we can control worker concurrency. gem 'unicorn' -# Security fixes -# Gems we don't depend directly on, but specify here to make sure we don't use a vulnerable -# version. Please add a link to a security advisory when adding a Gem here. - -gem 'rack', '~> 1.5.4' # CVE-2015-3225 - gem 'nokogiri', '~> 1.6.6' gem 'carrierwave', '~> 0.10.0' @@ -224,7 +218,7 @@ platforms :jruby do end group :opf_plugins do - gem 'openproject-translations', git: 'https://github.com/opf/openproject-translations.git', branch: 'dev' + gem 'openproject-translations', git:'https://github.com/myabc/openproject-translations.git', branch: 'feature/rails4.2' end # Load Gemfile.local, Gemfile.plugins and plugins' Gemfiles diff --git a/Gemfile.lock b/Gemfile.lock index 662d346f1d0..425fac16b33 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -29,14 +29,14 @@ GIT rspec-example_disabler (0.0.1) GIT - remote: https://github.com/opf/openproject-translations.git - revision: b270647adbd4e82817fae953d184532e64843b17 - branch: dev + remote: https://github.com/myabc/openproject-translations.git + revision: d2de1c51b536c6731f65746f449ef90bcc0c3a9f + branch: feature/rails4.2 specs: openproject-translations (5.0.0.pre.alpha) crowdin-api (~> 0.2.4) mixlib-shellout (~> 2.1.0) - rails (~> 4.1.11) + rails (~> 4.2.3) rubyzip GIT @@ -48,39 +48,48 @@ GIT GEM remote: https://rubygems.org/ specs: - actionmailer (4.1.13) - actionpack (= 4.1.13) - actionview (= 4.1.13) + actionmailer (4.2.4) + actionpack (= 4.2.4) + actionview (= 4.2.4) + activejob (= 4.2.4) mail (~> 2.5, >= 2.5.4) - actionpack (4.1.13) - actionview (= 4.1.13) - activesupport (= 4.1.13) - rack (~> 1.5.2) + rails-dom-testing (~> 1.0, >= 1.0.5) + actionpack (4.2.4) + actionview (= 4.2.4) + activesupport (= 4.2.4) + rack (~> 1.6) rack-test (~> 0.6.2) + rails-dom-testing (~> 1.0, >= 1.0.5) + rails-html-sanitizer (~> 1.0, >= 1.0.2) actionpack-action_caching (1.1.1) actionpack (>= 4.0.0, < 5.0) - actionview (4.1.13) - activesupport (= 4.1.13) + actionview (4.2.4) + activesupport (= 4.2.4) builder (~> 3.1) erubis (~> 2.7.0) - activemodel (4.1.13) - activesupport (= 4.1.13) + rails-dom-testing (~> 1.0, >= 1.0.5) + rails-html-sanitizer (~> 1.0, >= 1.0.2) + activejob (4.2.4) + activesupport (= 4.2.4) + globalid (>= 0.3.0) + activemodel (4.2.4) + activesupport (= 4.2.4) builder (~> 3.1) - activerecord (4.1.13) - activemodel (= 4.1.13) - activesupport (= 4.1.13) - arel (~> 5.0.0) + activerecord (4.2.4) + activemodel (= 4.2.4) + activesupport (= 4.2.4) + arel (~> 6.0) activerecord-session_store (0.1.1) actionpack (>= 4.0.0, < 5) activerecord (>= 4.0.0, < 5) railties (>= 4.0.0, < 5) activerecord-tableless (1.3.4) activerecord (>= 2.3.0) - activesupport (4.1.13) - i18n (~> 0.6, >= 0.6.9) + activesupport (4.2.4) + i18n (~> 0.7) json (~> 1.7, >= 1.7.7) minitest (~> 5.1) - thread_safe (~> 0.1) + thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) acts_as_list (0.3.0) activerecord (>= 3.0) @@ -88,7 +97,7 @@ GEM airbrake (4.1.0) builder multi_json - arel (5.0.1.20140414130214) + arel (6.0.3) ast (2.0.0) astrolabe (1.3.0) parser (>= 2.2.0.pre.3, < 3.0) @@ -216,6 +225,8 @@ GEM activerecord (>= 4.0.0) gherkin (2.12.2) multi_json (~> 1.3) + globalid (0.3.6) + activesupport (>= 4.1.0) globalize (4.0.3) activemodel (>= 4.0.0, < 5) activerecord (>= 4.0.0, < 5) @@ -251,6 +262,8 @@ GEM addressable (~> 2.3) letter_opener (1.3.0) launchy (~> 2.2) + loofah (2.0.3) + nokogiri (>= 1.5.9) mail (2.6.3) mime-types (>= 1.16, < 3) method_source (0.8.2) @@ -304,7 +317,7 @@ GEM railties (>= 3.1, < 5.0) rabl (0.9.3) activesupport (>= 2.3.14) - rack (1.5.5) + rack (1.6.4) rack-accept (0.4.5) rack (>= 0.4) rack-attack (4.2.0) @@ -316,23 +329,32 @@ GEM rack_session_access (0.1.1) builder (>= 2.0.0) rack (>= 1.0.0) - rails (4.1.13) - actionmailer (= 4.1.13) - actionpack (= 4.1.13) - actionview (= 4.1.13) - activemodel (= 4.1.13) - activerecord (= 4.1.13) - activesupport (= 4.1.13) + rails (4.2.4) + actionmailer (= 4.2.4) + actionpack (= 4.2.4) + actionview (= 4.2.4) + activejob (= 4.2.4) + activemodel (= 4.2.4) + activerecord (= 4.2.4) + activesupport (= 4.2.4) bundler (>= 1.3.0, < 2.0) - railties (= 4.1.13) - sprockets-rails (~> 2.0) + railties (= 4.2.4) + sprockets-rails + rails-deprecated_sanitizer (1.0.3) + activesupport (>= 4.2.0.alpha) + rails-dom-testing (1.0.7) + activesupport (>= 4.2.0.beta, < 5.0) + nokogiri (~> 1.6.0) + rails-deprecated_sanitizer (>= 1.0.1) + rails-html-sanitizer (1.0.2) + loofah (~> 2.0) rails-observers (0.1.2) activemodel (~> 4.0) rails_autolink (1.1.6) rails (> 3.1) - railties (4.1.13) - actionpack (= 4.1.13) - activesupport (= 4.1.13) + railties (4.2.4) + actionpack (= 4.2.4) + activesupport (= 4.2.4) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) rainbow (2.0.0) @@ -528,12 +550,11 @@ DEPENDENCIES pry-stack_explorer quiet_assets rabl (= 0.9.3) - rack (~> 1.5.4) rack-attack rack-protection! rack-test (~> 0.6.2) rack_session_access - rails (= 4.1.13) + rails (= 4.2.4) rails-observers rails_autolink (~> 1.1.6) rb-readline (~> 0.5.1)