yajl-ruby high severity security vulnerability

decaporg / jekyll-decap-cms

A starter template for Jekyll and Decap CMS

149 stars 108 forks source link

yajl-ruby high severity security vulnerability #13

Closed stevemoser closed 6 years ago

stevemoser commented 6 years ago

I found this warning message after forking the repo.

We found a potential security vulnerability in one of your dependencies.
The yajl-ruby dependency defined in Gemfile.lock has a known high severity security vulnerability in version range < 1.3.1 and should be updated.

erquhart commented 6 years ago

Would definitely take a PR for this. I spent some time trying to get a patch up, but I'm having major issues with Ruby package management (specifically getting ffi to install, even after following all of the solutions I could find).

cc/ @calavera

erquhart commented 6 years ago

Fixed in #20.