From: Lucas Di Pentima <ldipentima@veritasgenetics.com>
Date: Tue, 14 May 2019 14:15:50 +0000 (-0300)
Subject: 14988: Upgrades bootstrap-sass to deal with CVE-2019-8331.
X-Git-Tag: 1.4.0~18^2~3
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/9ae6b8faa3e5b2293511e992c032c05d1232997a

14988: Upgrades bootstrap-sass to deal with CVE-2019-8331.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima@veritasgenetics.com>
---

diff --git a/apps/workbench/Gemfile b/apps/workbench/Gemfile
index 0be9a3a412..ce2a1377d7 100644
--- a/apps/workbench/Gemfile
+++ b/apps/workbench/Gemfile
@@ -62,7 +62,7 @@ group :test, :performance do
 end
 
 gem 'jquery-rails'
-gem 'bootstrap-sass', '~> 3.1.0'
+gem 'bootstrap-sass', '~> 3.4.1'
 gem 'bootstrap-x-editable-rails'
 gem 'bootstrap-tab-history-rails'
 
diff --git a/apps/workbench/Gemfile.lock b/apps/workbench/Gemfile.lock
index e39f207760..548da1dc04 100644
--- a/apps/workbench/Gemfile.lock
+++ b/apps/workbench/Gemfile.lock
@@ -80,8 +80,11 @@ GEM
       addressable (>= 2.3.1)
       extlib (>= 0.9.15)
       multi_json (>= 1.0.0)
-    bootstrap-sass (3.1.1.1)
-      sass (~> 3.2)
+    autoprefixer-rails (9.5.1.1)
+      execjs
+    bootstrap-sass (3.4.1)
+      autoprefixer-rails (>= 5.2.1)
+      sassc (>= 2.0.0)
     bootstrap-tab-history-rails (0.1.0)
       railties (>= 3.1)
     bootstrap-x-editable-rails (1.5.1.1)
@@ -318,7 +321,7 @@ DEPENDENCIES
   andand
   angularjs-rails (~> 1.3.8)
   arvados (>= 0.1.20150511150219)
-  bootstrap-sass (~> 3.1.0)
+  bootstrap-sass (~> 3.4.1)
   bootstrap-tab-history-rails
   bootstrap-x-editable-rails
   byebug