fix(security): bump crass to 1.0.7
1.0.6 has four known DoS advisories (stack overflow / excessive CPU and memory on crafted CSS input) that were failing the bundler-audit CI job.
Seto Elkahfi committed
Jul 5, 2026 at 09:45 UTC
9d028b57c9569527c26464304ef3db26ce6a17d0
1 file changed
+1
-1
Gemfile.lock
+1
-1
index b80ffd0..3302873 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -94,7 +94,7 @@ GEM
logger (~> 1.5)
concurrent-ruby (1.3.7)
connection_pool (3.0.2)
- crass (1.0.6)
+ crass (1.0.7)
date (3.5.1)
debug (1.11.1)
irb (~> 1.10)