From 12f82de58b081780715e1900a5a34bd1cd9d798f Mon Sep 17 00:00:00 2001
From: Matteo Grassotti <matteo.grassotti@gmail.com>
Date: Tue, 6 Jun 2017 12:42:56 +0100
Subject: [PATCH] Avoid actioncable dependency on Rails 5

Specify single rails gems dependencies to avoid to include actioncable.
It has a security vulnerability which prevents `smart-answers`, which
rely on govuk_frontend_toolkit, to upgrade to rails 5.
---
 govuk_frontend_toolkit.gemspec | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/govuk_frontend_toolkit.gemspec b/govuk_frontend_toolkit.gemspec
index 3c11e18..c0da01c 100644
--- a/govuk_frontend_toolkit.gemspec
+++ b/govuk_frontend_toolkit.gemspec
@@ -11,7 +11,14 @@ Gem::Specification.new do |s|
   s.homepage     = 'https://github.com/alphagov/govuk_frontend_toolkit'
   s.license      = 'MIT'
 
-  s.add_dependency "rails", ">= 3.1.0"
+  s.add_dependency "activemodel", ">= 3.1.0" 
+  s.add_dependency "actionpack", ">= 3.1.0"
+  s.add_dependency "actionview", ">= 3.1.0"
+  s.add_dependency "activejob", ">= 3.1.0"
+  s.add_dependency "activesupport", ">= 3.1.0"
+  s.add_dependency "railties", ">= 3.1.0"
+  s.add_dependency "sprockets-rails", ">= 3.1.0"
+
   s.add_dependency "sass", ">= 3.2.0"
   s.add_development_dependency "rake", "0.9.2.2"