Upgrade doorkeeper to 5.0.2

We need to upgrade doorkeeper-openid_connect to > 1.5.4 to address the security vulnerability CVE-2019-9837. This update is dependent on doorkeeper 5.x so bump doorkeeper at the same time.

Upgrade doorkeeper to 5.0.2
We need to upgrade doorkeeper-openid_connect to > 1.5.4 to address the security vulnerability CVE-2019-9837. This update is dependent on doorkeeper 5.x so bump doorkeeper at the same time.
b20eea28 · Josianne Hyson · 37fc518c · b20eea28 · b20eea28
Commit b20eea28 authored Nov 29, 2019 by Josianne Hyson
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 7 deletions

Gemfile Gemfile +2 -2

Gemfile.lock Gemfile.lock +5 -5

No files found.
--- a/Gemfile
+++ b/Gemfile
@@ -26,8 +26,8 @@ gem 'marginalia', '~> 1.8.0'

 # Authentication libraries
 gem 'devise', '~> 4.6'
-gem 'doorkeeper', '~> 4.4.3'
-gem 'doorkeeper-openid_connect', '~> 1.5'
+gem 'doorkeeper', '~> 5.0.2'
+gem 'doorkeeper-openid_connect', '~> 1.6.3'
 gem 'omniauth', '~> 1.8'
 gem 'omniauth-auth0', '~> 2.0.0'
 gem 'omniauth-azure-oauth2', '~> 0.0.9'

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -243,10 +243,10 @@ GEM
    docile (1.3.1)
    domain_name (0.5.20180417)
      unf (>= 0.0.5, < 1.0.0)
-    doorkeeper (4.4.3)
+    doorkeeper (5.0.2)
      railties (>= 4.2)
-    doorkeeper-openid_connect (1.5.0)
-      doorkeeper (~> 4.3)
+    doorkeeper-openid_connect (1.6.3)
+      doorkeeper (>= 5.0, < 5.2)
      json-jwt (~> 1.6)
    ed25519 (1.2.4)
    elasticsearch (6.8.0)
@@ -1197,8 +1197,8 @@ DEPENDENCIES
  diff_match_patch (~> 0.1.0)
  diffy (~> 3.1.0)
  discordrb-webhooks-blackst0ne (~> 3.3)
-  doorkeeper (~> 4.4.3)
-  doorkeeper-openid_connect (~> 1.5)
+  doorkeeper (~> 5.0.2)
+  doorkeeper-openid_connect (~> 1.6.3)
  ed25519 (~> 1.2)
  elasticsearch-api (~> 6.8)
  elasticsearch-model (~> 6.1)