From 03fd77b03e61e64669734d8699ba418726d40360 Mon Sep 17 00:00:00 2001
From: Miles Gould <miles@assyrian.org.uk>
Date: Fri, 4 Jan 2013 12:33:22 +0000
Subject: [PATCH 1/2] Upgrade to Rails 3.2.10

 - there was a SQL injection bug in 3.2.8
 - also fixed the version of therubyracer, to avoid dependency on native
   v8.
 - we need therubyracer to build bootstrap stuff.
---
 Gemfile      |  4 +--
 Gemfile.lock | 95 ++++++++++++++++++++++++++--------------------------
 2 files changed, 49 insertions(+), 50 deletions(-)

diff --git a/Gemfile b/Gemfile
index 5aaa03561..a19e4ca4f 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,7 +2,7 @@ source 'https://rubygems.org'
 
 gem 'bundler', '>=1.1.5'
 
-gem 'rails', '3.2.8'
+gem 'rails', '3.2.10'
 
 gem 'haml'
 
@@ -21,7 +21,7 @@ group :assets do
 
   # See https://github.com/sstephenson/execjs#readme for more supported runtimes
   # long term, we'll probably want node.js for performance, but this will do for now as it's easier for new people to install
-  gem 'therubyracer', :platforms => :ruby
+  gem 'therubyracer', '~> 0.10.2', :platforms => :ruby
   gem "less-rails"
   gem "twitter-bootstrap-rails"
 
diff --git a/Gemfile.lock b/Gemfile.lock
index c6c3b4fd1..b45d48d16 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,38 +1,38 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (3.2.8)
-      actionpack (= 3.2.8)
+    actionmailer (3.2.10)
+      actionpack (= 3.2.10)
       mail (~> 2.4.4)
-    actionpack (3.2.8)
-      activemodel (= 3.2.8)
-      activesupport (= 3.2.8)
+    actionpack (3.2.10)
+      activemodel (= 3.2.10)
+      activesupport (= 3.2.10)
       builder (~> 3.0.0)
       erubis (~> 2.7.0)
       journey (~> 1.0.4)
       rack (~> 1.4.0)
       rack-cache (~> 1.2)
       rack-test (~> 0.6.1)
-      sprockets (~> 2.1.3)
-    activemodel (3.2.8)
-      activesupport (= 3.2.8)
+      sprockets (~> 2.2.1)
+    activemodel (3.2.10)
+      activesupport (= 3.2.10)
       builder (~> 3.0.0)
-    activerecord (3.2.8)
-      activemodel (= 3.2.8)
-      activesupport (= 3.2.8)
+    activerecord (3.2.10)
+      activemodel (= 3.2.10)
+      activesupport (= 3.2.10)
       arel (~> 3.0.2)
       tzinfo (~> 0.3.29)
-    activeresource (3.2.8)
-      activemodel (= 3.2.8)
-      activesupport (= 3.2.8)
-    activesupport (3.2.8)
+    activeresource (3.2.10)
+      activemodel (= 3.2.10)
+      activesupport (= 3.2.10)
+    activesupport (3.2.10)
       i18n (~> 0.6)
       multi_json (~> 1.0)
     arel (3.0.2)
     bcrypt-ruby (3.0.1)
     bluecloth (2.2.0)
     builder (3.0.4)
-    cape (1.5.0)
+    cape (1.6.0)
     capistrano (2.13.5)
       highline
       net-scp (>= 1.0.0)
@@ -80,10 +80,10 @@ GEM
     hike (1.2.1)
     i18n (0.6.1)
     journey (1.0.4)
-    jquery-rails (2.1.3)
-      railties (>= 3.1.0, < 5.0)
-      thor (~> 0.14)
-    json (1.7.5)
+    jquery-rails (2.1.4)
+      railties (>= 3.0, < 5.0)
+      thor (>= 0.14, < 2.0)
+    json (1.7.6)
     less (2.2.2)
       commonjs (~> 0.2.6)
     less-rails (2.2.6)
@@ -95,15 +95,15 @@ GEM
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     mime-types (1.19)
-    multi_json (1.3.7)
+    multi_json (1.5.0)
     net-scp (1.0.4)
       net-ssh (>= 1.99.1)
     net-sftp (2.0.5)
       net-ssh (>= 2.0.9)
-    net-ssh (2.6.1)
+    net-ssh (2.6.2)
     net-ssh-gateway (1.1.0)
       net-ssh (>= 1.99.1)
-    nokogiri (1.5.5)
+    nokogiri (1.5.6)
     orm_adapter (0.4.0)
     passenger (3.0.18)
       daemon_controller (>= 1.0.0)
@@ -119,47 +119,46 @@ GEM
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (3.2.8)
-      actionmailer (= 3.2.8)
-      actionpack (= 3.2.8)
-      activerecord (= 3.2.8)
-      activeresource (= 3.2.8)
-      activesupport (= 3.2.8)
+    rails (3.2.10)
+      actionmailer (= 3.2.10)
+      actionpack (= 3.2.10)
+      activerecord (= 3.2.10)
+      activeresource (= 3.2.10)
+      activesupport (= 3.2.10)
       bundler (~> 1.0)
-      railties (= 3.2.8)
-    railties (3.2.8)
-      actionpack (= 3.2.8)
-      activesupport (= 3.2.8)
+      railties (= 3.2.10)
+    railties (3.2.10)
+      actionpack (= 3.2.10)
+      activesupport (= 3.2.10)
       rack-ssl (~> 1.3.2)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
       thor (>= 0.14.6, < 2.0)
-    rake (10.0.2)
+    rake (10.0.3)
     rdoc (3.12)
       json (~> 1.4)
-    rspec (2.11.0)
-      rspec-core (~> 2.11.0)
-      rspec-expectations (~> 2.11.0)
-      rspec-mocks (~> 2.11.0)
-    rspec-core (2.11.1)
-    rspec-expectations (2.11.3)
+    rspec-core (2.12.2)
+    rspec-expectations (2.12.1)
       diff-lcs (~> 1.1.3)
-    rspec-mocks (2.11.3)
-    rspec-rails (2.11.4)
+    rspec-mocks (2.12.1)
+    rspec-rails (2.12.0)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec (~> 2.11.0)
+      rspec-core (~> 2.12.0)
+      rspec-expectations (~> 2.12.0)
+      rspec-mocks (~> 2.12.0)
     rvm-capistrano (1.2.7)
       capistrano (>= 2.0.0)
-    sass (3.2.2)
+    sass (3.2.4)
     sass-rails (3.2.5)
       railties (~> 3.2.0)
       sass (>= 3.1.10)
       tilt (~> 1.3)
     spork (0.9.2)
-    sprockets (2.1.3)
+    sprockets (2.2.2)
       hike (~> 1.2)
+      multi_json (~> 1.0)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
     sqlite3 (1.3.6)
@@ -170,7 +169,7 @@ GEM
     treetop (1.4.12)
       polyglot
       polyglot (>= 0.3.1)
-    twitter-bootstrap-rails (2.1.6)
+    twitter-bootstrap-rails (2.1.9)
       actionpack (>= 3.1)
       execjs
       railties (>= 3.1)
@@ -207,14 +206,14 @@ DEPENDENCIES
   less-rails
   passenger
   pg
-  rails (= 3.2.8)
+  rails (= 3.2.10)
   rake (>= 10.0.0)
   rspec-rails
   rvm-capistrano
   sass-rails (~> 3.2.3)
   spork (~> 0.9.0.rc)
   sqlite3
-  therubyracer
+  therubyracer (~> 0.10.2)
   twitter-bootstrap-rails
   uglifier (>= 1.0.3)
   watchr

From 26f83674303837cd7d4fccc49c9fd089e39db2e4 Mon Sep 17 00:00:00 2001
From: Miles Gould <miles@assyrian.org.uk>
Date: Fri, 4 Jan 2013 12:45:00 +0000
Subject: [PATCH 2/2] Fix version of Twitter bootstrap to avoid dependency
 hell.

Bootstrap 2.1.9 depends on therubyracer 0.11 which depends on native v8
which requires root access.
---
 Gemfile      | 2 +-
 Gemfile.lock | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Gemfile b/Gemfile
index a19e4ca4f..b6de25afb 100644
--- a/Gemfile
+++ b/Gemfile
@@ -23,7 +23,7 @@ group :assets do
   # long term, we'll probably want node.js for performance, but this will do for now as it's easier for new people to install
   gem 'therubyracer', '~> 0.10.2', :platforms => :ruby
   gem "less-rails"
-  gem "twitter-bootstrap-rails"
+  gem "twitter-bootstrap-rails", '2.1.6'
 
   gem 'uglifier', '>= 1.0.3'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index b45d48d16..07415b83d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -169,7 +169,7 @@ GEM
     treetop (1.4.12)
       polyglot
       polyglot (>= 0.3.1)
-    twitter-bootstrap-rails (2.1.9)
+    twitter-bootstrap-rails (2.1.6)
       actionpack (>= 3.1)
       execjs
       railties (>= 3.1)
@@ -214,7 +214,7 @@ DEPENDENCIES
   spork (~> 0.9.0.rc)
   sqlite3
   therubyracer (~> 0.10.2)
-  twitter-bootstrap-rails
+  twitter-bootstrap-rails (= 2.1.6)
   uglifier (>= 1.0.3)
   watchr
   webrat