Closed OmriSama closed 4 years ago
Update Nokogiri to resolve CVE issues
Please provide the following information for bug reports:
Hi. There's CVE issue with Nokogiri and it's causing our CI pipeline to fail, specifically in our bundler-audit stage.
Webdrivers currently has the version of Nokogiri pinned. Would it be possible to update to the latest Nokogiri?
I've also opened a similar issue in the xpath repo: https://github.com/teamcapybara/xpath/issues/97
xpath
Nokogiri in master and 4.2.0 is only pinned to ~> 1.6 so nothing is stopping you upgrading nokogiri in the version you are using.
~> 1.6
Run bundle update nokogiri and you're fine.
bundle update nokogiri
Summary
Update Nokogiri to resolve CVE issues
Debug Info
Please provide the following information for bug reports:
Hi. There's CVE issue with Nokogiri and it's causing our CI pipeline to fail, specifically in our bundler-audit stage.
Webdrivers currently has the version of Nokogiri pinned. Would it be possible to update to the latest Nokogiri?
I've also opened a similar issue in the
xpath
repo: https://github.com/teamcapybara/xpath/issues/97