[Security] Bump devise from 2.2.8 to 3.5.10

Bumps [devise](https://github.com/plataformatec/devise) from 2.2.8 to 3.5.10. **This update includes a security fix.** - [Release notes](https://github.com/plataformatec/devise/releases) - [Changelog](https://github.com/plataformatec/devise/blob/v3.5.10/CHANGELOG.md) - [Commits](https://github.com/plataformatec/devise/compare/v2.2.8...v3.5.10) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2026-03-02 02:11:33 +00:00 · 2020-06-18 14:31:50 +00:00
parent bee7990c60
commit f7ee6ce6c5
2 changed files with 8 additions and 6 deletions
--- a/2
+++ b/2
@@ -49,7 +49,7 @@ gem 'stripe'
 # which is needed for Pin Payments (and possibly others).
 gem 'activemerchant', '~> 1.78.0'

-gem 'devise', '~> 3.0.1'
+gem 'devise', '~> 3.5.10'
 gem 'devise-encryptable'
 gem 'jwt', '~> 2.2'
 gem 'oauth2', '~> 1.4.4' # Used for Stripe Connect
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -148,8 +148,6 @@ GEM
      nokogiri (>= 1.4.4)
      uuidtools (~> 2.1)
    bcrypt (3.1.13)
-    bcrypt-ruby (3.1.5)
-      bcrypt (>= 3.1.3)
    bugsnag (6.14.0)
      concurrent-ruby (~> 1.0)
    builder (3.1.4)
@@ -219,10 +217,12 @@ GEM
      delayed_job (> 2.0.3)
      rack-protection (>= 1.5.5)
      sinatra (>= 1.4.4)
-    devise (3.0.4)
-      bcrypt-ruby (~> 3.0)
+    devise (3.5.10)
+      bcrypt (~> 3.0)
      orm_adapter (~> 0.1)
      railties (>= 3.2.6, < 5)
+      responders
+      thread_safe (~> 0.1)
      warden (~> 1.2.3)
    devise-encryptable (0.2.0)
      devise (>= 2.1.0)
@@ -555,6 +555,8 @@ GEM
    redcarpet (3.5.0)
    request_store (1.4.1)
      rack (>= 1.4)
+    responders (1.1.2)
+      railties (>= 3.2, < 4.2)
    rexml (3.2.4)
    roadie (3.4.0)
      css_parser (~> 1.4)
@@ -735,7 +737,7 @@ DEPENDENCIES
  debugger-linecache
  delayed_job_active_record
  delayed_job_web
-  devise (~> 3.0.1)
+  devise (~> 3.5.10)
  devise-encryptable
  dfc_provider!
  diffy