Dependabot couldn't create a PR for activesupport due to a version lock on tzinfo the gemfile.
After checking why the version was locked, I couldn't determine any reason why tzinfo shouldn't be updated to the latest, or at least the version required by the newer activesupport packages where the security vulnerability was fixed.
A deployment on my local machine with bundle exec jekyll serve -s ./docs -V (verbose build) shows no issues.
Dependabot couldn't create a PR for
activesupportdue to a version lock ontzinfothe gemfile.After checking why the version was locked, I couldn't determine any reason why
tzinfoshouldn't be updated to the latest, or at least the version required by the neweractivesupportpackages where the security vulnerability was fixed.A deployment on my local machine with
bundle exec jekyll serve -s ./docs -V(verbose build) shows no issues.