Merge branch 'fix-addressable-security' into 'master'

蔡耀賢 · 蔡耀賢 · commit 81461ec36f5d · 2026-04-14T19:32:24.000+08:00
Fix addressable security issue

See merge request kdanmobile/shared-code-base/gems/json_requester!25
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## [2.0.8] - 2026-04-08
+- Update `addressable` to `2.9.0` to fix Regular Expression Denial of Service in Addressable templates.
+
 ## [2.0.7] - 2026-03-30
 - Update RuboCop configuration to enforce double quotes for strings.
 - Add RuboCop lint stage to CI pipeline.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,14 +1,14 @@
 PATH
   remote: .
   specs:
-    json_requester (2.0.7)
+    json_requester (2.0.8)
       faraday (~> 2.0, >= 2.0.1)
       faraday-multipart (~> 1.2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.9)
+    addressable (2.9.0)
       public_suffix (>= 2.0.2, < 8.0)
     ast (2.4.3)
     bigdecimal (4.0.1)
diff --git a/VERSION.md b/VERSION.md
@@ -1 +1 @@
-2.0.7
+2.0.8
