gala icon indicating copy to clipboard operation
gala copied to clipboard
verified publisher icon spreedly

Remove `openssl` dep constraint

Open smathy opened this issue 1 year ago • 2 comments

Your explicit pin to openssl 3.1.0 prevents any upgrade of this gem to pick up bug/CVE/exploit fixes. Are there really such exotic things that gala is doing which require such an extreme approach as pinning a stdlib?

smathy avatar Feb 27 '25 17:02 smathy

@DeeMeyers could we please get this pin for openssl removed?

fz-ryanbigg avatar Sep 16 '25 01:09 fz-ryanbigg

Hey @fz-ryanbigg @smathy - we are not actively maintaining this project, but I have circulated this request internally to see if any team has ownership or capacity to support the requested changes. Candidly, forking might be the best option if you prefer to continue using this tool.

naashton avatar Sep 18 '25 13:09 naashton