Medium. Might break the command line functionality of ZAT as Thor, the library which powers the CLI, has been bumped by a major version. This should be easy to check though -- if one builds the gem manually and run ./bin/zat version, then things should still work.
Description
Adds tools for auditing vulnerabilities for ZAT. This is important in order to make sure that we ship secure code.
As part of this change I needed to bump the major version of Thor, which is a gem used to handle the command line functionality for ZAT.
When running bundler-audit-fix one can run
bundle exec bundler-audit-fix update .[1]This should address vulnerabilities identified by
bundler-audit.[1]: https://github.com/nobuyo/bundler-audit-fix:v:
/cc @zendesk/vegemite
Tasks
References
Risks
Medium. Might break the command line functionality of ZAT as Thor, the library which powers the CLI, has been bumped by a major version. This should be easy to check though -- if one builds the gem manually and run
./bin/zat version, then things should still work.