Closed torresga closed 4 months ago
Note: Currently Bike Index doesn't have any OAuth integrations (since Twitter broke their API).
Previously there were OAuth integrations and I would like to add OAuth integrations into something that is twitter like - and I think that this update will require some changes to our application code (see Resolving CVE 2015 9284)
This PR updates
omniauth
to fix the following security vulnerabilities in the current version:QA Notes:
bin/parallel_rspec
to ensure there are no spec failures related to the update.bundler-audit
if it's not already installed:gem install bundler-audit
.bundler-audit
and ensure thatomniauth
is not included in the list of vulnerabilities.