Skip to content

Commit 75d4406

Browse files
iangmaiaiangmaia
authored
Merge pull request #675 from Automattic/pin-faraday-1.10.5
Pin faraday >= 1.10.5 for security fix
2 parents d948091 + e1c257d commit 75d4406

File tree

2 files changed

+7
-2
lines changed

2 files changed

+7
-2
lines changed

Gemfile

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,7 @@ gem 'danger-dangermattic', '~> 1.1'
66
gem 'fastlane', '~> 2.222'
77
gem 'fastlane-plugin-wpmreleasetoolkit', '~> 13.0'
88
gem 'rubocop', '~> 1.65'
9+
10+
# Security: https://github.com/lostisland/faraday/pull/1665
11+
# Faraday 2.0 is not compatible with Fastlane
12+
gem 'faraday', '~> 1.10', '>= 1.10.5'

Gemfile.lock

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ GEM
9595
drb (2.2.3)
9696
emoji_regex (3.2.3)
9797
excon (0.112.0)
98-
faraday (1.10.4)
98+
faraday (1.10.5)
9999
faraday-em_http (~> 1.0)
100100
faraday-em_synchrony (~> 1.0)
101101
faraday-excon (~> 1.1)
@@ -116,7 +116,7 @@ GEM
116116
faraday-http-cache (2.5.1)
117117
faraday (>= 0.8)
118118
faraday-httpclient (1.0.1)
119-
faraday-multipart (1.1.1)
119+
faraday-multipart (1.2.0)
120120
multipart-post (~> 2.0)
121121
faraday-net_http (1.0.2)
122122
faraday-net_http_persistent (1.2.0)
@@ -354,6 +354,7 @@ PLATFORMS
354354

355355
DEPENDENCIES
356356
danger-dangermattic (~> 1.1)
357+
faraday (~> 1.10, >= 1.10.5)
357358
fastlane (~> 2.222)
358359
fastlane-plugin-wpmreleasetoolkit (~> 13.0)
359360
rubocop (~> 1.65)

0 commit comments

Comments
 (0)