From 1b034d66f529d662b0ae61cba1fb8622dac3169c Mon Sep 17 00:00:00 2001
From: Chad Wilson <chadw@thoughtworks.com>
Date: Sun, 4 Sep 2022 00:18:15 +0800
Subject: [ruby/psych] Bump snakeyaml from 1.28 to 1.31

Resolves CVE-2022-25857, among other fixes.

https://github.com/ruby/psych/commit/918cd25d37
---
 ext/psych/lib/psych/versions.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ext/psych')

diff --git a/ext/psych/lib/psych/versions.rb b/ext/psych/lib/psych/versions.rb
index 0fdead154c..f39d30ce5a 100644
--- a/ext/psych/lib/psych/versions.rb
+++ b/ext/psych/lib/psych/versions.rb
@@ -5,6 +5,6 @@ module Psych
   VERSION = '5.0.0.dev'
 
   if RUBY_ENGINE == 'jruby'
-    DEFAULT_SNAKEYAML_VERSION = '1.28'.freeze
+    DEFAULT_SNAKEYAML_VERSION = '1.31'.freeze
   end
 end
-- 
cgit v1.2.3