diff options
| author | Stan Hu <stanhu@gmail.com> | 2022-10-19 00:36:27 +0300 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2022-10-19 00:36:27 +0300 |
| commit | a764e8c4a333a50ed200ce6d102b21272d1b6332 (patch) | |
| tree | 5c35147764595e5f2c9a87c0be1ea9c59633f535 | |
| parent | 1c2e1293595d2a28690e8e9377b246663b5380c0 (diff) | |
Update google-protobuf to v3.21.7
This doesn't appear to have any Ruby-specific changes, but some
security scanners have picked up on a vulnerability in the Java
implementation.
Full diff:
https://github.com/protocolbuffers/protobuf/compare/v3.21.5...v3.21.7
GitLab Rails merge request request:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/101437
Relates to https://gitlab.com/gitlab-org/gitaly/-/issues/4534
Changelog: changed
| -rw-r--r-- | ruby/Gemfile | 2 | ||||
| -rw-r--r-- | ruby/Gemfile.lock | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/ruby/Gemfile b/ruby/Gemfile index 1da27d051..c0c965c71 100644 --- a/ruby/Gemfile +++ b/ruby/Gemfile @@ -19,7 +19,7 @@ gem 'gitlab-labkit', '~> 0.25' # This version needs to be in sync with GitLab CE/EE gem 'licensee', '~> 9.15' -gem 'google-protobuf', '~> 3.21.0' +gem 'google-protobuf', '~> 3.21.7' # Rails is currently blocked on the upgrade to the new major version for Redis, # so we don't upgrade either until the issue is resolved. This is an indirect diff --git a/ruby/Gemfile.lock b/ruby/Gemfile.lock index e497fe06d..061614c79 100644 --- a/ruby/Gemfile.lock +++ b/ruby/Gemfile.lock @@ -81,7 +81,7 @@ GEM with_env (= 1.1.0) xml-simple (~> 1.1.5) gitlab-markup (1.7.1) - google-protobuf (3.21.5) + google-protobuf (3.21.7) googleapis-common-protos-types (1.4.0) google-protobuf (~> 3.14) grpc (1.42.0) @@ -234,7 +234,7 @@ DEPENDENCIES gitlab-labkit (~> 0.25) gitlab-license_finder gitlab-markup (~> 1.7.1) - google-protobuf (~> 3.21.0) + google-protobuf (~> 3.21.7) grpc (~> 1.42.0) grpc-tools (~> 1.42.0) licensee (~> 9.15) |