Merge branch 'fix-mcp-gem-security' into 'master'

蔡耀賢 · 蔡耀賢 · commit a8dc6414481b · 2026-03-30T11:55:21.000+08:00
Bump mcp gem version to 0.9.2 for security fix

See merge request kdanmobile/shared-code-base/gems/json_requester!23
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## [2.0.6] - 2026-03-30
+- Update mcp to version `0.9.2` for [Github GHSA-qvqr-5cv7-wh35](https://github.com/advisories/GHSA-qvqr-5cv7-wh35) security vulnerability warning.
+
 ## [2.0.5] - 2026-03-19
 - Update json to version `2.19.2` for `CVE-2026-33210` format string injection vulnerability mitigation.
 - Move development dependencies from `gemspec` to `Gemfile`.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    json_requester (2.0.5)
+    json_requester (2.0.6)
       faraday (~> 2.0, >= 2.0.1)
       faraday-multipart (~> 1.2.0)
 
@@ -34,7 +34,7 @@ GEM
     language_server-protocol (3.17.0.5)
     lint_roller (1.1.0)
     logger (1.7.0)
-    mcp (0.8.0)
+    mcp (0.9.2)
       json-schema (>= 4.1)
     method_source (1.1.0)
     multipart-post (2.4.1)
diff --git a/VERSION.md b/VERSION.md
@@ -1 +1 @@
-2.0.5
+2.0.6
