Now that Ruby 2.7.2 no longer throws deprecation warnings left and right
we should update InSpec to use the latest and greatest Ruby that we use
in Chef Infra Client and Workstation.
Signed-off-by: Tim Smith <tsmith@chef.io>
2.6.5 has 2 CVEs in it:
CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix)
CVE-2020-10933: Heap exposure vulnerability in the socket library
Signed-off-by: Tim Smith <tsmith@chef.io>
The comment about running `bundle exec rake dependencies:update_omnibus_gemfile_lock`
is copy-pasta from chef/chef. The inspec project does not commit any
Gemfile.lock files, including omnibus/Gemfile.lock, due to
`Gemfile.lock` being in the `.gitignore` file.
Signed-off-by: Bryan McLellan <btm@loftninjas.org>
Recent versions of Ruby have included Rubygems and Bundler, which they
did not always do. We also recently fixed some issues in Appbundler so
these software dependencies are no longer needed.
Signed-off-by: tyler-ball <tball@chef.io>
We thought we were riding the latest, but actually the overrides file wasn't wired up the same way it is in Chef. This properly sources that file and does a few other syncs from the chef config so we can diff things more easily.
Signed-off-by: Tim Smith <tsmith@chef.io>