From 940d689d1851540dfbe1d8c4861cf0bc129426fe Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Tue, 1 Mar 2016 18:25:10 -0500
Subject: [PATCH] Bump sprockets to `~> 3.3.5`
Closes #6069
---
Gemfile | 6 +++---
Gemfile.lock | 12 ++++--------
2 files changed, 7 insertions(+), 11 deletions(-)
diff --git a/Gemfile b/Gemfile
index 76357d2b67..134646cf80 100644
--- a/Gemfile
+++ b/Gemfile
@@ -6,9 +6,9 @@ gem 'rails-deprecated_sanitizer', '~> 1.0.3'
# Responders respond_to and respond_with
gem 'responders', '~> 2.0'
-# Specify a sprockets version due to security issue
-# See https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
-gem 'sprockets', '~> 2.12.3'
+# Specify a sprockets version due to increased performance
+# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
+gem 'sprockets', '~> 3.3.5'
# Default values for AR models
gem "default_value_for", "~> 3.0.0"
diff --git a/Gemfile.lock b/Gemfile.lock
index 29563b18db..e048e2f5a5 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -407,7 +407,6 @@ GEM
railties (>= 4.0.1)
hashie (3.4.3)
highline (1.7.8)
- hike (1.2.3)
hipchat (1.5.2)
httparty
mimemagic
@@ -771,11 +770,8 @@ GEM
spring (>= 0.9.1)
spring-commands-teaspoon (0.0.2)
spring (>= 0.9.1)
- sprockets (2.12.4)
- hike (~> 1.2)
- multi_json (~> 1.0)
- rack (~> 1.0)
- tilt (~> 1.1, != 1.3.0)
+ sprockets (3.3.5)
+ rack (> 1, < 3)
sprockets-rails (2.3.3)
actionpack (>= 3.0)
activesupport (>= 3.0)
@@ -807,7 +803,7 @@ GEM
rack (~> 1.0)
thor (0.19.1)
thread_safe (0.3.5)
- tilt (1.4.1)
+ tilt (2.0.2)
timfel-krb5-auth (0.8.3)
tinder (1.10.1)
eventmachine (~> 1.0)
@@ -1024,7 +1020,7 @@ DEPENDENCIES
spring-commands-rspec (~> 1.0.4)
spring-commands-spinach (~> 1.0.0)
spring-commands-teaspoon (~> 0.0.2)
- sprockets (~> 2.12.3)
+ sprockets (~> 3.3.5)
state_machines-activerecord (~> 0.3.0)
task_list (~> 1.0.2)
teaspoon (~> 1.0.0)
--
2.30.9