Merge pull request #25 from cyberark/bundler-2.2.18

Upgrade bundler to 2.2.18 to resolve CVE-2020-36327 and CVE-2019-3881
cyberark · May 26, 2021 · 639f4ac · 639f4ac
2 parents 49ad7e6 + acf13c6
commit 639f4ac
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -18,7 +18,7 @@ pipeline {
     // Only publish to RubyGems if the HEAD is
     // tagged with the same version as in version.rb
     stage('Publish to RubyGems') {
-      agent { label 'releaser-v2' }
+      agent { label 'executor-v2' }
 
       when {
         expression { currentBuild.resultIsBetterOrEqualTo('SUCCESS') }

diff --git a/conjur-rack.gemspec b/conjur-rack.gemspec
@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "conjur-api", "< 6"
   spec.add_dependency "rack", "~> 2"
 
-  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "bundler", "~> 2.2.18"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "rspec"
   spec.add_development_dependency 'ci_reporter_rspec'

diff --git a/test.sh b/test.sh
@@ -1,6 +1,6 @@
 #!/bin/bash -e
 
-TEST_IMAGE='ruby:2.3.4'
+TEST_IMAGE='ruby:2.5'
 
 rm -f Gemfile.lock
 
@@ -9,4 +9,4 @@ docker run --rm \
   -w /usr/src/app \
   -e CONJUR_ENV=ci \
   $TEST_IMAGE \
-  bash -c "gem update --system && gem uninstall -i /usr/local/lib/ruby/gems/2.3.0 bundler && gem install bundler -v 1.16.0 && bundle update && bundle exec rake spec"
+  bash -c "gem update --system && gem install bundler:2.2.18 && bundle update && bundle exec rake spec"