First up, thanks for all your work on GDI. You are awesome, and so are the rest of the team .Consistently so impressed by what you do.
I noticed some out-of-date dependencies in the Gemfile and Gemfile.lock for this repo, and some of them are insecure (sprockets and nokogiri are the two I immediately noticed). Would you be up for using a tool I built to keep them up-to-date automatically? It's called Dependabot, is totally free for open source, and shouldn't take more than 30 seconds to get set up. You can run it in "security updates only" mode, or use it to create PRs any time there's any kind of update available.
Hey @leekinney,
First up, thanks for all your work on GDI. You are awesome, and so are the rest of the team .Consistently so impressed by what you do.
I noticed some out-of-date dependencies in the
GemfileandGemfile.lockfor this repo, and some of them are insecure (sprocketsandnokogiriare the two I immediately noticed). Would you be up for using a tool I built to keep them up-to-date automatically? It's called Dependabot, is totally free for open source, and shouldn't take more than 30 seconds to get set up. You can run it in "security updates only" mode, or use it to create PRs any time there's any kind of update available.