This repository has been archived by the owner on Dec 22, 2022. It is now read-only.
Rails 4.2 is unsupported release #2015
Labels
Comments
|
Rails 4.2 locks bundler <2.0 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Describe the bug
When a release series is no longer supported, it's your own responsibility to deal with bugs and security issues. We [Rails] may provide backports of the fixes and publish them to git, however there will be no new versions released. If you are not comfortable maintaining your own versions, you should upgrade to a supported version. https://guides.rubyonrails.org/maintenance_policy.html
Expected behavior
We should be on a release series that is at least getting security patches. https://guides.rubyonrails.org/maintenance_policy.html
Additional context
Github is warning us about a XSS vulnerability in ActionView. Currently we're not affected but a fix would require a monkey patch rather than accepting a version bump.
The text was updated successfully, but these errors were encountered: