[
https://issues.apache.org/jira/browse/TAVERNA-1032?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16334320#comment-16334320
]
Stian Soiland-Reyes commented on TAVERNA-1032:
----------------------------------------------
I've had a go in
[https://github.com/apache/incubator-taverna-databundle-viewer/commit/2f4459201cc01f06dd79fc302a35a920da72ddda]
but would like some Ruby heads to have a go - I am unable to complete the
bundle install even before this fix, because of a webkit dependency - so I
don't know if the update worked or not.
Stefan, Denis, Alan, Stuart or Ian, any idea..?
(I seem to be spoiled by Maven in Java-land!)
> Update nokogiri dependency - security vulnerability
> ---------------------------------------------------
>
> Key: TAVERNA-1032
> URL: https://issues.apache.org/jira/browse/TAVERNA-1032
> Project: Apache Taverna
> Issue Type: Bug
> Components: Taverna Databundle Viewer
> Reporter: Stian Soiland-Reyes
> Priority: Major
>
> GitHub has notified us that incubator-taverna-databundle-viewer has:
> {quote}
> Known * critical severity* security vulnerability detected in nokogiri <
> 1.8.1 defined in Gemfile.lock
> {quote}
> We don't have a incubator-taverna-databundle-viewer release yet (why?) -- so
> it should be easy enough to update the nokogiri version. Might have to check
> if other bundle dependencies also need updated.
> Any Ruby volunteers..?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
