From c359ab23f9480a9e35c11b1c8a5152be277e0040 Mon Sep 17 00:00:00 2001 From: Oscar Richardson <116292912+oscar-richardson-softwire@users.noreply.github.com> Date: Thu, 12 Feb 2026 14:55:12 +0000 Subject: [PATCH] Bump faraday version (#3175) * Bump faraday version * CLDC-NONE: add an initializer include for openstruct seems some environments were having trouble loading it --------- Co-authored-by: Samuel Young --- Gemfile | 3 +++ Gemfile.lock | 8 ++++++-- config/initializers/ostruct.rb | 2 ++ 3 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 config/initializers/ostruct.rb diff --git a/Gemfile b/Gemfile index 0a3827cef..f6e7fdac5 100644 --- a/Gemfile +++ b/Gemfile @@ -117,3 +117,6 @@ gem "cssbundling-rails" gem "tzinfo-data", platforms: %i[mingw mswin x64_mingw jruby] gem "excon", "~> 0.111.0" + +# faraday is a transitive dependency, but we need to force the version to 2.14.1 to avoid a vulnerability. +gem "faraday", ">= 2.14.1" diff --git a/Gemfile.lock b/Gemfile.lock index 24d548464..34bfd3067 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -203,8 +203,10 @@ GEM railties (>= 5.0.0) faker (3.2.3) i18n (>= 1.8.11, < 2) - faraday (2.9.0) - faraday-net_http (>= 2.0, < 3.2) + faraday (2.14.1) + faraday-net_http (>= 2.0, < 3.5) + json + logger faraday-multipart (1.0.4) multipart-post (~> 2) faraday-net_http (3.1.0) @@ -242,6 +244,7 @@ GEM jmespath (1.6.2) jsbundling-rails (1.3.0) railties (>= 6.0.0) + json (2.18.1) json-schema (4.1.1) addressable (>= 2.8) jwt (2.8.0) @@ -568,6 +571,7 @@ DEPENDENCIES excon (~> 0.111.0) factory_bot_rails faker + faraday (>= 2.14.1) govuk-components (~> 5.7) govuk_design_system_formbuilder (~> 5.7) govuk_markdown diff --git a/config/initializers/ostruct.rb b/config/initializers/ostruct.rb new file mode 100644 index 000000000..d99ee977a --- /dev/null +++ b/config/initializers/ostruct.rb @@ -0,0 +1,2 @@ +# make OpenStruct available globally +require "ostruct"