Upgrade json-jwt to v1.11.0

This fixes CVE-2019-18848 and brings in a number of minor fixes: https://github.com/nov/json-jwt/compare/v1.9.4..v1.11.0 Closes https://gitlab.com/gitlab-org/gitlab/issues/39148

Upgrade json-jwt to v1.11.0
This fixes CVE-2019-18848 and brings in a number of minor fixes: https://github.com/nov/json-jwt/compare/v1.9.4..v1.11.0 Closes https://gitlab.com/gitlab-org/gitlab/issues/39148
d597dc90 · Stan Hu · ff30cda5 · d597dc90 · d597dc90
Commit d597dc90 authored Jan 03, 2020 by Stan Hu
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 2 deletions

Gemfile.lock Gemfile.lock +2 -2

changelogs/unreleased/sh-bump-json-jwt.yml changelogs/unreleased/sh-bump-json-jwt.yml +5 -0

No files found.
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -532,8 +532,8 @@ GEM
      regexp_parser (~> 1.1)
      regexp_property_values (~> 0.3)
    json (1.8.6)
-    json-jwt (1.9.4)
-      activesupport
+    json-jwt (1.11.0)
+      activesupport (>= 4.2)
      aes_key_wrap
      bindata
    json-schema (2.8.0)

--- a/changelogs/unreleased/sh-bump-json-jwt.yml
+++ b/changelogs/unreleased/sh-bump-json-jwt.yml
+---
+title: Upgrade json-jwt to v1.11.0
+merge_request: 22440
+author:
+type: security