From 6c093aa350bbd5c1e8759a6d395c26be8020d9b5 Mon Sep 17 00:00:00 2001
From: Andrew Sullivan Cant <acant@sugarcrm.com>
Date: Tue, 10 Dec 2024 21:51:36 -0500
Subject: [PATCH] Update Rake to resolve CVE-2020-8130

https://github.com/advisories/GHSA-jppv-gw3r-w3q8
---
 CHANGELOG.md               | 3 +++
 rspec-side_effects.gemspec | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6ccf3a0..b4a7b4a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Changed
+- upgrade Rake to v12 to resolve [CVE-2020-8130](https://github.com/advisories/GHSA-jppv-gw3r-w3q8)
+
 ## 0.2.0 - 2018-07-12
 ### Changed
 - Rescue Exceptions from the subject in the its_side_effects_are helper, so
diff --git a/rspec-side_effects.gemspec b/rspec-side_effects.gemspec
index 9364c4f..fba6e1d 100644
--- a/rspec-side_effects.gemspec
+++ b/rspec-side_effects.gemspec
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency     'rspec-core', '>= 2.99.0'
 
   spec.add_development_dependency 'bundler', '~> 1.14'
-  spec.add_development_dependency 'rake',    '~> 10.0'
+  spec.add_development_dependency 'rake',    '~> 12.3'
   spec.add_development_dependency 'rspec',   '~> 3.0'
 
   # Dependencies whose APIs we do not really depend upon, and can be upgraded