Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fpm: fix vulnerable dependency (for 16.09) #22511

Closed
wants to merge 1 commit into from
Closed

fpm: fix vulnerable dependency (for 16.09) #22511

wants to merge 1 commit into from

Conversation

peterhoeg
Copy link
Member

Motivation for this change

Further to #22374, thanks @joachifm

Only tested on unstable.

Things done
  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • Linux
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@mention-bot
Copy link

@peterhoeg, thanks for your PR! By analyzing the history of the files in this pull request, we identified @vcunat to be a potential reviewer.

@peterhoeg peterhoeg changed the title fpm: fix vulnerable dependency fpm: fix vulnerable dependency (for 16.09) Feb 7, 2017
joachifm pushed a commit that referenced this pull request Feb 8, 2017
@joachifm
fpm: fix vulnerable dependency
82a6c83 
(cherry picked from commit 4494720)

Closes #22511
@joachifm
Copy link
Contributor

joachifm commented Feb 8, 2017

Picked to release at 82a6c83

@joachifm joachifm closed this Feb 8, 2017
@peterhoeg
Copy link
Member Author

@joachifm, thanks, but I edited Gemfile.lock to adjust the bundler version so that there are no complaints from bundler.

@peterhoeg peterhoeg deleted the f/fpm branch February 8, 2017 05:16
@joachifm
Copy link
Contributor

joachifm commented Feb 8, 2017

So it's not a cherry-pick? I can revert & apply this instead, but please do mention stuff like that in the future :)

@peterhoeg
Copy link
Member Author

It was not a cherry-pick, no, that's why I opened a separate PR with a different commit. The difference is a warning by bundler, but no errors as such.

@joachifm
Copy link
Contributor

joachifm commented Feb 8, 2017

Well, people open new PRs without remembering to do do cherry-pick -x quite often, so ...

@peterhoeg
Copy link
Member Author

people open new PRs without remembering to do do cherry-pick -x

That would include me it seems... ;-) Thanks for handling this!

@joachifm
Copy link
Contributor

joachifm commented Feb 8, 2017

:)

@peterhoeg peterhoeg restored the f/fpm branch February 8, 2017 11:03
adrianpk added a commit to adrianpk/nixpkgs that referenced this pull request May 31, 2024
@adrianpk
fpm: fix vulnerable dependency
e7178c6 
(cherry picked from commit 4494720)

Closes NixOS#22511
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@peterhoeg @mention-bot @joachifm