GitHub user StevenLangbroek opened a pull request:
https://github.com/apache/flink/pull/5395
[FLINK-8308] Remove explicit yajl-ruby dependency, update Jekyll to 3+
## What is the purpose of the change
The docs dependend on `yajl-ruby` 1.2, which had a security defect.
Although we don't rely on ruby in our hosting infrastructure, it's best not to
have contributors uninstall unsafe software. This PR updates Jekyll, and
removes some explicit dependencies in favour of relying on built-in Jekyll
dependencies.
## Brief change log
* Update Jekyll to 3.7.2
* Remove ruby2 distinction. Docs now depend on ruby 2.1+. Ruby 1.9 is over
10 years old, and OS X ships with 2.3. Maintaining backwards compatibility
seems undesirable to me. If you disagree with this assumption, please let me
know and let's discuss how to move forward.
## Verifying this change
This change is a trivial rework / code cleanup without any test coverage.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/StevenLangbroek/flink
flink_8308_yajl_ruby_dependency
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/flink/pull/5395.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #5395
----
commit 51713d207dd266479029d5847df1b4731612b540
Author: Steven Langbroek <steven@...>
Date: 2018-01-31T16:26:28Z
[FLINK-8308] Remove explicit yajl-ruby dependency, update Jekyll to 3+
----
---
