Actions
Feature #11162
closedUpgrade to Rails 3.2.6
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Description
Rails 3.2.6 includes several security fixes.
Updated by Alex Shulgin over 12 years ago
Ugh, why not specify in Gemfile:
gem 'rails', '~> 3.2.x'
Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)
Redmine doesn't include Gemfile.lock in the repository, so you can't guarantee that the end users use exactly the same versions of every gem, so why restrict the version of rails used?
Updated by Etienne Massip over 12 years ago
Alex Shulgin wrote:
Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)
Yes. Upgrade to 3.2.5 from 3.2.3, for example, broke some tests and required some code adjustments.
Updated by Jean-Philippe Lang over 12 years ago
- Status changed from New to Closed
Actions