Skip to content

Upgrade excon >= 1.5.0 to address CVE-2026-54171 (breaking: drops Ruby < 3.1)#12

Closed
layonferreira wants to merge 1 commit into
jamesruston:masterfrom
layonferreira:excon-1.x
Closed

Upgrade excon >= 1.5.0 to address CVE-2026-54171 (breaking: drops Ruby < 3.1)#12
layonferreira wants to merge 1 commit into
jamesruston:masterfrom
layonferreira:excon-1.x

Conversation

@layonferreira

Copy link
Copy Markdown
Contributor

excon 1.5.0 fixes GHSA-48rx-c7pg-q66r (medium — header redaction on redirects) but requires Ruby >= 3.1. This drops support for Ruby 2.6, 2.7, and 3.0, all of which are end-of-life.

Changes:

  • gemspec: excon ~> 0.39 → >= 1.5.0, required_ruby_version >= 3.1
  • CI matrix: 2.6/2.7/3.0 → 3.1/3.2/3.3
  • gem-push workflow: Ruby 2.6 → 3.1

…y < 3.1)

excon 1.5.0 fixes GHSA-48rx-c7pg-q66r (medium — header redaction on
redirects) but requires Ruby >= 3.1. This drops support for Ruby 2.6,
2.7, and 3.0, all of which are end-of-life.

Changes:
- gemspec: excon ~> 0.39 → >= 1.5.0, required_ruby_version >= 3.1
- CI matrix: 2.6/2.7/3.0 → 3.1/3.2/3.3
- gem-push workflow: Ruby 2.6 → 3.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant