Merge branch 'update-rack-attack-security' into 'master'

Bump Rack Attack to v4.3.1 for security fix https://github.com/kickstarter/rack-attack/releases/tag/v4.3.1 See merge request !2153

Merge branch 'update-rack-attack-security' into 'master'
Bump Rack Attack to v4.3.1 for security fix https://github.com/kickstarter/rack-attack/releases/tag/v4.3.1 See merge request !2153
22e65944 · Robert Speicher · 3f26d24f · f33cb184 · 22e65944 · 22e65944
Commit 22e65944 authored Dec 18, 2015 by Robert Speicher
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 3 deletions

CHANGELOG CHANGELOG +1 -0

Gemfile Gemfile +1 -1

Gemfile.lock Gemfile.lock +2 -2

No files found.
--- a/CHANGELOG
+++ b/CHANGELOG
 Please view this file on the master branch, on stable branches it's out of date.

 v 8.3.0 (unreleased)
+  - Bump rack-attack to 4.3.1 for security fix (Stan Hu)
  - API support for starred projects for authorized user (Zeger-Jan van de Weg)
  - Add open_issues_count to project API (Stan Hu)
  - Expand character set of usernames created by Omniauth (Corey Hinshaw)

--- a/Gemfile
+++ b/Gemfile
@@ -175,7 +175,7 @@ gem "sanitize", '~> 2.0'
 gem 'babosa', '~> 1.0.2'

 # Protect against bruteforcing
-gem "rack-attack", '~> 4.3.0'
+gem "rack-attack", '~> 4.3.1'

 # Ace editor
 gem 'ace-rails-ap', '~> 2.0.1'

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -507,7 +507,7 @@ GEM
    rack (1.6.4)
    rack-accept (0.4.5)
      rack (>= 0.4)
-    rack-attack (4.3.0)
+    rack-attack (4.3.1)
      rack
    rack-cors (0.4.0)
    rack-mount (0.8.3)
@@ -908,7 +908,7 @@ DEPENDENCIES
  poltergeist (~> 1.8.1)
  pry-rails
  quiet_assets (~> 1.0.2)
-  rack-attack (~> 4.3.0)
+  rack-attack (~> 4.3.1)
  rack-cors (~> 0.4.0)
  rack-oauth2 (~> 1.2.1)
  rails (= 4.2.4)