Merge pull request #377 from twitter/rubocop-vuln-critical-sev0-breach

oreoshake · web-flow · commit 2d198d4f5ad6 · 2017-11-29T10:26:03.000-10:00
upgrade some test dependencies because the GitHub UI said
diff --git a/.ruby-version b/.ruby-version
@@ -1 +1 @@
-2.4.1
+2.4.2
diff --git a/.travis.yml b/.travis.yml
@@ -2,9 +2,9 @@ language: ruby
 
 rvm:
   - ruby-head
-  - 2.4.1
-  - 2.3.4
-  - 2.2
+  - 2.4.2
+  - 2.3.5
+  - 2.2.8
   - jruby-head
 
 env:
diff --git a/Gemfile b/Gemfile
@@ -5,14 +5,14 @@ gemspec
 
 group :test do
   gem "coveralls"
-  gem "json", "~> 1"
+  gem "json"
   gem "pry-nav"
-  gem "rack", "~> 1"
+  gem "rack"
   gem "rspec"
-  gem "rubocop", "~> 0.47.0"
+  gem "rubocop"
   gem "rubocop-github"
-  gem "term-ansicolor", "< 1.4"
-  gem "tins", "~> 1.6.0" # 1.7 requires ruby 2.0
+  gem "term-ansicolor"
+  gem "tins"
 end
 
 group :guard do
diff --git a/lib/secure_headers/configuration.rb b/lib/secure_headers/configuration.rb
@@ -308,7 +308,7 @@ def generate_csp_headers(headers)
     def generate_csp_headers_for_config(headers, header_key, csp_config)
       unless csp_config.opt_out?
         headers[header_key] = {}
-        ContentSecurityPolicy::VARIATIONS.each do |name, _|
+        ContentSecurityPolicy::VARIATIONS.each_key do |name|
           csp = ContentSecurityPolicy.make_header(csp_config, UserAgent.parse(name))
           headers[header_key][name] = csp.freeze
         end
