Update Rake to resolve CVE-2020-8130

GHSA-jppv-gw3r-w3q8
sugarcrm · Dec 11, 2024 · 6c093aa · 6c093aa
1 parent 25271d7
commit 6c093aa
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Changed
+- upgrade Rake to v12 to resolve [CVE-2020-8130](https://github.com/advisories/GHSA-jppv-gw3r-w3q8)
+
 ## 0.2.0 - 2018-07-12
 ### Changed
 - Rescue Exceptions from the subject in the its_side_effects_are helper, so

diff --git a/rspec-side_effects.gemspec b/rspec-side_effects.gemspec
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency     'rspec-core', '>= 2.99.0'
 
   spec.add_development_dependency 'bundler', '~> 1.14'
-  spec.add_development_dependency 'rake',    '~> 10.0'
+  spec.add_development_dependency 'rake',    '~> 12.3'
   spec.add_development_dependency 'rspec',   '~> 3.0'
 
   # Dependencies whose APIs we do not really depend upon, and can be upgraded