Update gon gem to 6.4.0 (!51210) · Merge requests · GitLab.org / GitLab

Igor Drozdov requested to merge id-bump-gon-version into master Jan 08, 2021

It fixes the 2.7 warnings that are more visible as: /builds/gitlab-org/gitlab/vendor/ruby/2.7.0/gems/devise-4.7.3/lib/devise/test/controller_helpers.rb:35

It also prevents a known security issue. Related issue https://gitlab.com/gitlab-org/gitlab/-/issues/259278

The old version of gon didn't propagate kwargs properly to Devise's process method:

6.2.0: https://github.com/gazay/gon/blob/v6.2.0/lib/gon/spec_helpers.rb

6.4.0: https://github.com/gazay/gon/blob/v6.4.0/lib/gon/spec_helpers.rb

CHANGELOG: https://github.com/gazay/gon/blob/master/CHANGELOG.md

Edited Apr 13, 2021 by Dominic Couture

Update gon gem to 6.4.0

Merge request reports