Project

General

Profile

Actions
Copy link

Feature #11162

closed

Upgrade to Rails 3.2.6

Added by Jean-Philippe Lang over 12 years ago. Updated over 12 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Rails support
Target version:
2.0.3
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:

Description

Rails 3.2.6 includes several security fixes.

Actions
Copy link
 #1

Updated by Alex Shulgin over 12 years ago

Ugh, why not specify in Gemfile:

gem 'rails', '~> 3.2.x'

Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)

Redmine doesn't include Gemfile.lock in the repository, so you can't guarantee that the end users use exactly the same versions of every gem, so why restrict the version of rails used?

Actions
Copy link
 #2

Updated by Etienne Massip over 12 years ago

Alex Shulgin wrote:

Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)

Yes. Upgrade to 3.2.5 from 3.2.3, for example, broke some tests and required some code adjustments.

Actions
Copy link
 #3

Updated by Jean-Philippe Lang over 12 years ago

  • Status changed from New to Closed
Actions
Copy link

Also available in: Atom PDF