From dd5591bbfdd3e016f61ab2da3215bf6440c63452 Mon Sep 17 00:00:00 2001
From: Artur Beljajev <artur.beljajev@internet.ee>
Date: Tue, 19 Mar 2019 21:23:26 +0200
Subject: [PATCH] Update `devise` gem

Addresses CVE-2019-5421
https://github.com/plataformatec/devise/issues/4981
---
 Gemfile      |  2 +-
 Gemfile.lock | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/Gemfile b/Gemfile
index b15577feb..8b654400c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -51,7 +51,7 @@ gem 'liquid',           '3.0.6'   # for email templates
 
 # rights
 gem 'cancancan', '1.11.0' # autharization
-gem 'devise',    '4.4.3'  # authenitcation
+gem 'devise', '~> 4.0'
 
 gem 'grape'
 gem 'jbuilder', '2.2.16'  # json api
diff --git a/Gemfile.lock b/Gemfile.lock
index 87d4bb82b..aa1608c18 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -126,7 +126,7 @@ GEM
       descendants_tracker (~> 0.0.4)
       ice_nine (~> 0.11.0)
       thread_safe (~> 0.3, >= 0.3.1)
-    bcrypt (3.1.11)
+    bcrypt (3.1.12)
     bootstrap-sass (3.4.1)
       autoprefixer-rails (>= 5.2.1)
       sassc (>= 2.0.0)
@@ -170,7 +170,7 @@ GEM
     database_cleaner (1.6.1)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
-    devise (4.4.3)
+    devise (4.6.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0, < 6.0)
@@ -337,9 +337,9 @@ GEM
       polyamorous (~> 1.1)
     rdoc (4.3.0)
     request_store (1.1.0)
-    responders (2.4.0)
-      actionpack (>= 4.2.0, < 5.3)
-      railties (>= 4.2.0, < 5.3)
+    responders (2.4.1)
+      actionpack (>= 4.2.0, < 6.0)
+      railties (>= 4.2.0, < 6.0)
     rest-client (2.0.1)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
@@ -470,7 +470,7 @@ DEPENDENCIES
   daemons-rails (= 1.2.1)
   data_migrate!
   database_cleaner
-  devise (= 4.4.3)
+  devise (~> 4.0)
   digidoc_client!
   epp (= 1.5.0)!
   epp-xml (= 1.1.0)!