Pin faraday >= 1.10.5 for security fix

mokagio · claude · mokagio · commit 83eae4271a44 · 2026-02-13T15:23:20.000+11:00
--- Generated with the help of Claude Code, https://code.claude.com Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
diff --git a/Gemfile b/Gemfile
@@ -8,3 +8,7 @@ gem 'fastlane', '~> 2.228'
 #
 # gem 'fastlane-plugin-wpmreleasetoolkit', git: 'https://github.com/wordpress-mobile/release-toolkit', ref: ''
 gem 'fastlane-plugin-wpmreleasetoolkit', '~> 13.8'
+
+# Security: https://github.com/lostisland/faraday/pull/1665
+# Faraday 2.0 is not compatible with Fastlane
+gem 'faraday', '~> 1.10', '>= 1.10.5'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -93,7 +93,7 @@ GEM
     drb (2.2.3)
     emoji_regex (3.2.3)
     excon (0.112.0)
-    faraday (1.10.4)
+    faraday (1.10.5)
       faraday-em_http (~> 1.0)
       faraday-em_synchrony (~> 1.0)
       faraday-excon (~> 1.1)
@@ -114,7 +114,7 @@ GEM
     faraday-http-cache (2.5.1)
       faraday (>= 0.8)
     faraday-httpclient (1.0.1)
-    faraday-multipart (1.1.1)
+    faraday-multipart (1.2.0)
       multipart-post (~> 2.0)
     faraday-net_http (1.0.2)
     faraday-net_http_persistent (1.2.0)
@@ -354,6 +354,7 @@ PLATFORMS
 
 DEPENDENCIES
   danger-dangermattic (~> 1.0)
+  faraday (~> 1.10, >= 1.10.5)
   fastlane (~> 2.228)
   fastlane-plugin-wpmreleasetoolkit (~> 13.8)
 

Original file line number	Diff line number	Diff line change
`@@ -8,3 +8,7 @@ gem 'fastlane', '~> 2.228'`
`8`	`8`	`#`
`9`	`9`	`# gem 'fastlane-plugin-wpmreleasetoolkit', git: 'https://github.com/wordpress-mobile/release-toolkit', ref: ''`
`10`	`10`	`gem 'fastlane-plugin-wpmreleasetoolkit', '~> 13.8'`
	`11`	`+`
	`12`	`+# Security: https://github.com/lostisland/faraday/pull/1665`
	`13`	`+# Faraday 2.0 is not compatible with Fastlane`
	`14`	`+gem 'faraday', '~> 1.10', '>= 1.10.5'`