diff options
author | Connor Shea <connor.james.shea@gmail.com> | 2016-05-19 21:55:25 +0300 |
---|---|---|
committer | Connor Shea <connor.james.shea@gmail.com> | 2016-05-30 22:51:21 +0300 |
commit | d287315dbf1a1493e3f2c2511e559204cc914ff8 (patch) | |
tree | e8ad832255adec67b700a73e4cf853392e27bbb8 /app/models/project_import_data.rb | |
parent | d47b2b92c9b5e80eb3430e2b4950e17646b8efd8 (diff) |
Upgrade attr_encrypted and encryptor
attr_encrypted (1.3.4 => 3.0.1) Changelog:
https://github.com/attr-encrypted/attr_encrypted/blob/master/CHANGELOG.m
d
attr_encrypted 2.x included a vulnerability, so that major version is
skipped. 3.x requires that the algorithm and mode used by each
encrypted attribute is specified explicitly.
`nil` is no longer a valid value for the encrypted_value_iv field, so
it’s changed to a randomly generated string.
Diffstat (limited to 'app/models/project_import_data.rb')
-rw-r--r-- | app/models/project_import_data.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/models/project_import_data.rb b/app/models/project_import_data.rb index e2f9ffb69ac..ca8a9b4217b 100644 --- a/app/models/project_import_data.rb +++ b/app/models/project_import_data.rb @@ -6,7 +6,8 @@ class ProjectImportData < ActiveRecord::Base key: Gitlab::Application.secrets.db_key_base, marshal: true, encode: true, - mode: :per_attribute_iv_and_salt + mode: :per_attribute_iv_and_salt, + algorithm: 'aes-256-cbc' serialize :data, JSON |