Avoid actioncable dependency on Rails 5

Specify single rails gems dependencies to avoid to include actioncable. It has a security vulnerability which prevents `smart-answers`, which rely on govuk_frontend_toolkit, to upgrade to rails 5.
alphagov · Jun 13, 2017 · 12f82de · 12f82de
1 parent 9ebca47
commit 12f82de
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/govuk_frontend_toolkit.gemspec b/govuk_frontend_toolkit.gemspec
@@ -11,7 +11,14 @@ Gem::Specification.new do |s|
   s.homepage     = 'https://github.com/alphagov/govuk_frontend_toolkit'
   s.license      = 'MIT'
 
-  s.add_dependency "rails", ">= 3.1.0"
+  s.add_dependency "activemodel", ">= 3.1.0" 
+  s.add_dependency "actionpack", ">= 3.1.0"
+  s.add_dependency "actionview", ">= 3.1.0"
+  s.add_dependency "activejob", ">= 3.1.0"
+  s.add_dependency "activesupport", ">= 3.1.0"
+  s.add_dependency "railties", ">= 3.1.0"
+  s.add_dependency "sprockets-rails", ">= 3.1.0"
+
   s.add_dependency "sass", ">= 3.2.0"
   s.add_development_dependency "rake", "0.9.2.2"