manageiq-style 1.5.7 → 1.5.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cdd5f5d5a452be065b331314f4b3a1e790905fcdab4136277a4b80035e5742d8
-  data.tar.gz: b8d1428103e0fd9561971c6c0e65f32514e532f7c1a130b2484d38888c1f4478
+  metadata.gz: 0bd98f853751ea933d11b67925a3b3a07dc1352258f1f0dbfa43ff161ab5dbbb
+  data.tar.gz: 129a0b2145e7c6cf7070dee40138d6c022fb939e877f1a4061c34340f74f1227
 SHA512:
-  metadata.gz: 33cf9650d3c42dc11cb077cebb99fa6ce1563f6a43936005b697b3e51b9c6e8965802ad2a28e12d12d74c4b76b44c592cbad765ef8e807f74f4efc96a82f66a9
-  data.tar.gz: 40507d235eb75ef4f764d2add9e998dc632b2bc57b609c1adc1f43dd20ff9dda7dd70c0bc79fd71729ebaf35482dce7bc4485c9e7e2c94f4699dd9a894b82fc4
+  metadata.gz: 7e3b5931ac2bd44de6d4592cc0e8d1658df061e70e3b5830c2fb9595e4c5355172243fd95674b54f306e9eb5ad44b96ed2dd99241f96f75a14cf5b85d96eb0de
+  data.tar.gz: 7064dbf3ddf3f6bff37da1cf5e1abcb89d0eedfb5c2a2187c31b36c04a64214bc90bd67c6f90912f7ca32daee761b0b8e45ab60ecd97e9c2c607f259381a3825

data/CHANGELOG.md

@@ -1,9 +1,14 @@
 # Change Log
+
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+## [1.5.8] - 2025-10-01
+### Changed
+- Bump minimum version for rack for CVE-2025-59830 [[#66](https://github.com/ManageIQ/manageiq-style/pull/66)]
+
 ## [1.5.7] - 2025-09-22
 ### Changed
 - Bump minimum for rexml for CVE-2025-58767 [[#65](https://github.com/ManageIQ/manageiq-style/pull/65)]
@@ -60,7 +65,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 ## [1.0.1] - 2020-06-19
 ## [1.0.0] - 2020-05-19
 
-[Unreleased]: https://github.com/ManageIQ/manageiq-style/compare/v1.5.7...HEAD
+[Unreleased]: https://github.com/ManageIQ/manageiq-style/compare/v1.5.8...HEAD
+[1.5.8]: https://github.com/ManageIQ/manageiq-style/compare/v1.5.7...v1.5.8
 [1.5.7]: https://github.com/ManageIQ/manageiq-style/compare/v1.5.6...v1.5.7
 [1.5.6]: https://github.com/ManageIQ/manageiq-style/compare/v1.5.5...v1.5.6
 [1.5.5]: https://github.com/ManageIQ/manageiq-style/compare/v1.5.4...v1.5.5

data/lib/manageiq/style/version.rb

@@ -1,5 +1,5 @@
 module ManageIQ
   module Style
-    VERSION = "1.5.7".freeze
+    VERSION = "1.5.8".freeze
   end
 end

data/manageiq-style.gemspec

@@ -32,12 +32,12 @@ Gem::Specification.new do |spec|
 
   spec.add_runtime_dependency "rexml", ">= 3.4.4"  # rubocop depends on rexml. Enforce a minimum for CVE-2025-58767
 
-  # rubocop-rails depends on rack. Enforce a minimum of 2.2.17, 3.0.18, or 3.1.16 for various CVEs
+  # rubocop-rails depends on rack. Enforce a minimum of 2.2.18 for various CVEs
   #
   # NOTE: Previously we locked down to exclude many specific versions, but due to
   # https://github.com/rubygems/rubygems.org/issues/5541 we can't release the gem.
   # For now, we just lock down to at least the minimum rack.
-  spec.add_runtime_dependency "rack", ">= 2.2.17", "< 4"
+  spec.add_runtime_dependency "rack", ">= 2.2.18", "< 4" # CVE-2025-59830 https://github.com/advisories/GHSA-625h-95r8-8xpm
 
   spec.add_development_dependency "rake",      "~> 12.0"
   spec.add_development_dependency "rspec",     "~> 3.0"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: manageiq-style
 version: !ruby/object:Gem::Version
-  version: 1.5.7
+  version: 1.5.8
 platform: ruby
 authors:
 - ManageIQ Authors
@@ -113,7 +113,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.2.17
+        version: 2.2.18
     - - "<"
       - !ruby/object:Gem::Version
         version: '4'
@@ -123,7 +123,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.2.17
+        version: 2.2.18
     - - "<"
       - !ruby/object:Gem::Version
         version: '4'