Feature #11162

Upgrade to Rails 3.2.6

Added by Jean-Philippe Lang over 5 years ago. Updated over 5 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Rails support
Target version:2.0.3
Resolution:

Description

Rails 3.2.6 includes several security fixes.

Associated revisions

Revision 9830
Added by Jean-Philippe Lang over 5 years ago

Upgrade to Rails 3.2.6 (#11162).

History

#1 Updated by Alex Shulgin over 5 years ago

Ugh, why not specify in Gemfile:

gem 'rails', '~> 3.2.x'

Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)

Redmine doesn't include Gemfile.lock in the repository, so you can't guarantee that the end users use exactly the same versions of every gem, so why restrict the version of rails used?

#2 Updated by Etienne Massip over 5 years ago

Alex Shulgin wrote:

Do we really have to release a new Redmine version per every security update in Rails? What about other gems we depend on (or their dependencies?)

Yes. Upgrade to 3.2.5 from 3.2.3, for example, broke some tests and required some code adjustments.

#3 Updated by Jean-Philippe Lang over 5 years ago

  • Status changed from New to Closed

Also available in: Atom PDF