Bump json-jwt to a min of 1.11.0 for security fix

Sourced from The GitHub Security Advisory Database. > Moderate severity vulnerability that affects json-jwt > The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. > Affected versions: < 1.11.0
RamseyInHouse · Nov 14, 2019 · 27e82ae · 27e82ae
1 parent acc8b5d
commit 27e82ae
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/rack-oauth2.gemspec b/rack-oauth2.gemspec
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'httpclient'
   s.add_runtime_dependency 'activesupport'
   s.add_runtime_dependency 'attr_required'
-  s.add_runtime_dependency 'json-jwt', '>= 1.9.0'
+  s.add_runtime_dependency 'json-jwt', '>= 1.11.0'
   s.add_development_dependency 'rake'
   s.add_development_dependency 'simplecov'
   s.add_development_dependency 'rspec'