Actions
Bug #35663
closedRelax JWT pin to get newer versions of the gem
Description
JWT is a security relevant gem, but we're currently pinning it to a rather old version (~> 2.2.2, which resolves to 2.2.3 April 2021 currently).
The latest version is 2.5.0 (from August 2022) and while I couldn't find any explicit issues in the changelog that would affect us, any security updates that would come now, would come for that branch, not 2.2.z.
Updated by The Foreman Bot almost 2 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/9479 added
Updated by Evgeni Golov almost 2 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset foreman|ab0aa35a6e373f1ce0967e73aafec942f285674b.
Updated by Ewoud Kohl van Wijngaarden almost 2 years ago
- Category changed from Authentication to Packaging
- Triaged changed from No to Yes
Actions