The meaning of life is to explore the world

GitHub Dependabot alerts on old libraries

Posted on Aug 28, 2022 By Jason Liu

Problem:
GitHub Dependabot alerts on old libraries, pointing out security vulnerabilities.

gem names e.g.:
kramdown
nokogiri
addressable

Solution:
Add particular gem version in GEMFILE e.g.:
gem 'kramdown', '>= 2.3.0'

Update the libraries.
bundle update <gem name> for particular.
bundle update for all.