Skip to content

chore: fix security vulnerabilities for gems#309

Merged
hurali97 merged 5 commits intomainfrom
chore/fix-gems
Apr 23, 2026
Merged

chore: fix security vulnerabilities for gems#309
hurali97 merged 5 commits intomainfrom
chore/fix-gems

Conversation

@hurali97
Copy link
Copy Markdown
Member

@hurali97 hurali97 commented Apr 22, 2026

Summary

This fixes the security vulnerabilities reported for activesupport and addressable Gems.

Test plan

CI passes - ✅

Copilot AI review requested due to automatic review settings April 22, 2026 10:26
@hurali97 hurali97 changed the title chore: fix security vunlerabilities for gems chore: fix security vulnerabilities for gems Apr 22, 2026
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates Ruby dependencies for the React Native demo app’s iOS toolchain to address reported vulnerabilities in activesupport and addressable.

Changes:

  • Bump activesupport to 7.2.3.1 (and update transitive dependencies in the lockfile).
  • Update addressable to 2.9.0 via Gemfile.lock resolution.
  • Change Gemfile constraint from a range to an exact activesupport pin.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 3 comments.

File Description
apps/RNApp/Gemfile Pins activesupport to 7.2.3.1 to remediate vulnerabilities.
apps/RNApp/Gemfile.lock Records the updated resolved gem set, including addressable 2.9.0 and new activesupport dependencies.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread apps/RNApp/Gemfile Outdated
Comment thread apps/RNApp/Gemfile Outdated
Comment thread apps/RNApp/Gemfile Outdated
@hurali97 hurali97 merged commit 92c3f36 into main Apr 23, 2026
14 checks passed
@hurali97 hurali97 deleted the chore/fix-gems branch April 23, 2026 08:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants