GitHub user StevenLangbroek opened a pull request: https://github.com/apache/flink/pull/5395
[FLINK-8308] Remove explicit yajl-ruby dependency, update Jekyll to 3+ ## What is the purpose of the change The docs dependend on `yajl-ruby` 1.2, which had a security defect. Although we don't rely on ruby in our hosting infrastructure, it's best not to have contributors uninstall unsafe software. This PR updates Jekyll, and removes some explicit dependencies in favour of relying on built-in Jekyll dependencies. ## Brief change log * Update Jekyll to 3.7.2 * Remove ruby2 distinction. Docs now depend on ruby 2.1+. Ruby 1.9 is over 10 years old, and OS X ships with 2.3. Maintaining backwards compatibility seems undesirable to me. If you disagree with this assumption, please let me know and let's discuss how to move forward. ## Verifying this change This change is a trivial rework / code cleanup without any test coverage. You can merge this pull request into a Git repository by running: $ git pull https://github.com/StevenLangbroek/flink flink_8308_yajl_ruby_dependency Alternatively you can review and apply these changes as the patch at: https://github.com/apache/flink/pull/5395.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #5395 ---- commit 51713d207dd266479029d5847df1b4731612b540 Author: Steven Langbroek <steven@...> Date: 2018-01-31T16:26:28Z [FLINK-8308] Remove explicit yajl-ruby dependency, update Jekyll to 3+ ---- ---