Skip to content

Commit 2fb146b

Browse files
chelnakchelnak
committed
(MAINT) Remove version constraint for rake
Prior to this commit the version of rake installed with this project was vulnerable to an OS command injection attach. The CVE ID for this is: CVE-2020-8130 This commit fixes the above by removing the version constraint and ensuring that the latest version of rake is always pulled.
1 parent 1d1f170 commit 2fb146b

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

Gemfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ group :development do
2424

2525
gem 'pry', require: false
2626
gem 'pry-byebug', require: false
27-
gem 'pry-stack_explorer', require: false
27+
gem 'pry-stack_explorer', require: false
2828
gem 'puppetlabs_spec_helper'
29-
30-
gem 'rake', '~> 10.0'
29+
30+
gem 'rake'
3131
gem 'rspec', '~> 3.1'
3232
gem 'rspec-its', '~> 1.0'
3333
gem 'rubocop', '~> 1.6.1', require: false

0 commit comments

Comments
 (0)