Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

I just patched a project by updating the Gemfile with the latest Rails version and "bundle update rails" updated the json gem along with it.


I think it depends a lot on your particular configuration, since json is only an indirect dependency in rails (i.e. it's not part of rails's gemspec). It's clear that it won't get updated for everyone, which is why this warning (to make sure json gets updated and possibly add the dependency if needed) has gone out on the rails security mailing list.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: