Skip to content

Commit 3ef7c7d

Browse files
pylapppylapp
committed
ci: move to Ruby 3.3.5
Closes https://github.com/Orange-OpenSource/ouds-ios/security/dependabot/5 Signed-off-by: Pierre-Yves Lapersonne <[email protected]>
1 parent e066257 commit 3ef7c7d

File tree

3 files changed

+16
-6
lines changed

3 files changed

+16
-6
lines changed

.github/DEVELOP.md

+10-4
Original file line numberDiff line numberDiff line change
@@ -52,15 +52,21 @@ brew install swiftformat
5252
```
5353

5454
Ensure you have the suitable _Ruby_ version. We recommend the use of [rbenv](https://github.com/rbenv/rbenv) to load the suitable version of ruby.
55-
We use here _Ruby 3_ (3.1.x).
55+
We use here _Ruby 3_ (>= 3.3).
5656
If you are not used to this tool:
5757

5858
```shell
59-
# List available local version of Ruby
59+
# List available local versions of Ruby
6060
rbenv install --list
6161

62-
# Apply the 3.1.2 version of Ruby (if listed previously)
63-
rbenv global 3.1.2
62+
# Apply the expected x.y.z version of Ruby (if listed previously with the command above)
63+
rbenv global 3.3.5
64+
65+
# If you don't have the expected x.y.z version of Ruby, run:
66+
# > brew update && brew upgrade ruby-build
67+
# > rbenv install x.y.z
68+
# then
69+
# > rbenv global x.y.z
6470

6571
# Check Ruby version
6672
ruby --version

.github/workflows/build-and-test.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ jobs:
4444
- name: Set up Ruby
4545
uses: ruby/setup-ruby@v1
4646
with:
47-
ruby-version: '3.1'
47+
ruby-version: '3.3'
4848

4949
- name: Install Fastlane
5050
run: |
@@ -69,7 +69,7 @@ jobs:
6969
- name: Set up Ruby
7070
uses: ruby/setup-ruby@v1
7171
with:
72-
ruby-version: '3.1'
72+
ruby-version: '3.3'
7373

7474
- name: Install Fastlane
7575
run: |

CHANGELOG.md

+4
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
5353
- [DemoApp] Remove duplicated section in color page for content on background values ([#236](https://github.com/Orange-OpenSource/ouds-ios/issues/236))
5454
- [DemoApp] Hide from Voice Over decorative image in theme selector (a11y)
5555

56+
### Security
57+
58+
- [Tool] Move to Ruby 3.3.5 to fix Dependabot alert about *REXML ReDoS vulnerability* (CVE-2024-49761) ([#5](https://github.com/Orange-OpenSource/ouds-ios/security/dependabot/5))
59+
5660
## [0.4.1](https://github.com/Orange-OpenSource/ouds-ios/compare/0.4.0...0.4.1) - 2024-10-21
5761

5862
### Fixed

0 commit comments

Comments
 (0)